Solved \\.\PhysicalDrive0 Win7

Status
Not open for further replies.
Welcome aboard
yahooo.gif


You need to state your computer issues.

Then...

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running tools or applying updates other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Please, read the first sentence "in red" from my previous reply and then, re-read my instructions.
 
Logs

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5195

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/26/2010 9:50:57 PM
mbam-log-2010-11-26 (21-50-57).txt

Scan type: Quick scan
Objects scanned: 156256
Time elapsed: 5 minute(s), 22 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 4
Files Infected: 12

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\Software\IEBarProperties (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestBrowser (Adware.QuestBrowser) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowser (Adware.QuestBrowser) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestBrowser Service (Adware.QuestBrowser) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85bc0cb7-e967-4e2c-be92-fedd0a5d0a31} (Adware.Tango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{85bc0cb7-e967-4e2c-be92-fedd0a5d0a31} (Adware.Tango) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.tangosearch.com/?useie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.tangosearch.com/?useie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6} (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\chrome (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\defaults (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\defaults\preferences (Adware.QuestBrowser) -> Quarantined and deleted successfully.

Files Infected:
C:\Users\Juan Felipe\Desktop\fff-ea208.exe (Trojan.Orsam) -> Quarantined and deleted successfully.
C:\Windows\System32\7b78.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Windows\System32\windpy32.rom (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\Windows\System32\winplk32.rom (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\Windows\System32\winvus32.rom (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\Users\Juan Felipe\downloads\keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\chrome.manifest (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\install.rdf (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\chrome\questbrowser.jar (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\defaults\preferences\prefs.js (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Users\Public\Desktop\Streaming Music - MediaPass.lnk (Adware.Trace) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\7b78.dll (Adware.Tango) -> Quarantined and deleted successfully.
 
DDS (Ver_10-11-26.01) - NTFS_AMD64
Run by Juan Felipe at 22:06:41.12 on Fri 11/26/2010
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_22
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.3957.2617 [GMT -5:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
C:\Windows\system32\FBAgent.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
C:\Program Files\ATKGFNEX\GFNEXSrv.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\SysWOW64\svchost.exe -k Akamai
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\lxdncoms.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Webroot\Security\current\plugins\antimalware\AEI.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Gaming Mouse\hid.exe
C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Webroot\Security\Current\Framework\WRFrame.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Users\Juan Felipe\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://asus.msn.com
uSearch Bar = hxxp://www.google.com
mSearch Bar = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files (x86)\Megaupload\Mega Manager\MegaIEMn.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Tango: {85bc0cb6-e967-4e2c-be92-fedd0a5d0a31} - C:\Windows\SysWow64\7b78.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [AdobeBridge]
mRun: [HControlUser] "C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
mRun: [ATKOSD2] "C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
mRun: [ATKMEDIA] "C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe" /r
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [BDRegion] "C:\Program Files (x86)\Cyberlink\Shared files\brs.exe"
mRun: [ADSMTray] "C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe"
mRun: [Gaming Mouse Hid] "C:\Program Files (x86)\Gaming Mouse\hid.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [WebrootTrayApp] "C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe"
mRun: [SwitchBoard] "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files\Logitech\SetPoint\SetPoint.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download all with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlall.htm
IE: Download Link Using Mega Manager... - C:\Program Files (x86)\Megaupload\Mega Manager\mm_file.htm
IE: Download selected with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://C:\Program Files (x86)\Free Download Manager\dllink.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: alteriw.net
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
TCP: {EA19388F-6B87-4A96-B7A0-75F74B472515} = 200.13.249.101,200.13.224.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} -
TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB-X64: {85BC0CB6-E967-4E2C-BE92-FEDD0A5D0A31} - No File
mRun-x64: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun-x64: [RunDLLEntry] "C:\Windows\system32\RunDLL32.exe" C:\Windows\system32\AmbRunE.dll,RunDLLEntry
mRun-x64: [Kernel and Hardware Abstraction Layer] "KHALMNPR.EXE"
mRun-x64: [lxdnmon.exe] "C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe"
mRun-x64: [EzPrint] "C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe"
mRun-x64: [RtHDVCpl] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
mRun-x64: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
Hosts: 74.208.10.249 gs.apple.com

================= FIREFOX ===================

FF - ProfilePath - C:\Users\JUANFE~1\AppData\Roaming\Mozilla\Firefox\Profiles\mxgpxhcd.default\
FF - component: C:\Program Files (x86)\Free Download Manager\Firefox\Extension\components\vmsfdmff.dll
FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Juan Felipe\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Users\Juan Felipe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\Juan Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\mxgpxhcd.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

---- FIREFOX POLICIES ----
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 600000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.firstrequest - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0

============= SERVICES / DRIVERS ===============

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2009-12-22 55280]
R1 bckd;bckd;C:\Windows\System32\drivers\bckd.sys [2009-12-4 93808]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\System32\drivers\vwififlt.sys [2009-7-13 59904]
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2010/07/18 21:08:44];C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [2010-4-2 146928]
R2 AFBAgent;AFBAgent;C:\Windows\System32\FBAgent.exe [2009-12-22 359552]
R2 Akamai;Akamai NetSession Interface;C:\Windows\System32\svchost.exe -k Akamai [2009-7-13 27136]
R2 ASMMAP64;ASMMAP64;C:\Program Files\ATKGFNEX\ASMMAP64.sys [2009-12-22 14904]
R2 bckwfs;Blue Coat K9 Web Protection;C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2009-12-4 3505264]
R2 lxdn_device;lxdn_device;C:\Windows\system32\lxdncoms.exe -service --> C:\Windows\system32\lxdncoms.exe -service [?]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimspe64.sys [2009-12-22 60416]
R2 rixdpcie;rixdpcie;C:\Windows\System32\drivers\rixdpe64.sys [2009-12-22 55808]
R2 ssfmonm;ssfmonm;C:\Windows\System32\drivers\ssfmonm.sys [2010-9-26 55360]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-10-16 369256]
R2 TeamViewer5;TeamViewer 5;C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-10-17 2002728]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-22 2314240]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;C:\Program Files (x86)\Webroot\Security\Current\Plugins\AntiMalware\AEI.exe [2010-9-26 3872776]
R2 WRConsumerService;Webroot Client Service;C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe [2010-8-26 3066528]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-12-22 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-10-25 151936]
R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-28 58368]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2010-10-26 155752]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-6-27 136176]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2009-12-22 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-12-22 79360]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-18 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 GETPADD64;GETPADD64;C:\Program Files (x86)\ASUS\WinFlash\GETPADD64.sys [2007-9-4 13880]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 skfiltv;skfiltv;C:\Windows\System32\drivers\skfiltv.sys [2008-8-14 24064]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2010-9-28 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-23 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]

=============== Created Last 30 ================

2010-11-27 02:39:48 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\Malwarebytes
2010-11-27 02:39:41 38224 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2010-11-27 02:39:40 24664 ----a-w- C:\Windows\System32\drivers\mbam.sys
2010-11-27 02:39:40 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2010-11-27 02:39:40 -------- d-----w- C:\PROGRA~3\Malwarebytes
2010-11-26 14:35:08 -------- d-----w- C:\Program Files\iPod
2010-11-26 14:35:06 -------- d-----w- C:\Program Files\iTunes
2010-11-26 14:35:06 -------- d-----w- C:\Program Files (x86)\iTunes
2010-11-26 14:27:22 -------- d-----w- C:\Users\Juan Felipe\.shsh
2010-11-23 20:50:44 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll
2010-11-23 20:50:44 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll
2010-11-22 02:08:58 42776 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2010-11-22 02:08:53 588096 ----a-w- C:\PROGRA~3\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2010-11-20 18:15:16 36864 ----a-w- C:\Windows\SysWow64\SDDEVMGR.dll
2010-11-18 02:29:00 -------- d-----w- C:\JD
2010-11-18 02:28:00 -------- d-----w- C:\Program Files (x86)\JDownloader
2010-11-18 02:09:08 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\Free Download Manager
2010-11-18 02:09:01 -------- d-----w- C:\PROGRA~3\FreeDownloadManager.ORG
2010-11-18 02:09:00 -------- d-----w- C:\Program Files (x86)\Free Download Manager
2010-11-14 20:16:31 -------- d-----w- C:\Users\JUANFE~1\AppData\Local\bizarre creations
2010-11-08 22:49:11 -------- d-----w- C:\Program Files (x86)\Nero
2010-11-08 22:49:03 -------- d-----w- C:\PROGRA~3\Nero
2010-11-08 02:32:29 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\Sports Interactive
2010-11-08 02:02:41 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\r2 Studios
2010-11-08 02:02:41 -------- d-----w- C:\PROGRA~3\r2 Studios
2010-11-08 02:02:05 -------- d-----w- C:\Program Files (x86)\r2 Studios
2010-11-06 16:37:34 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2010-11-06 16:37:34 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2010-11-04 21:46:27 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\Megaupload
2010-11-04 21:37:51 -------- d-----w- C:\Program Files (x86)\Megaupload
2010-11-04 03:17:05 -------- d-----w- C:\Users\JUANFE~1\AppData\Local\ApplicationHistory
2010-11-04 03:12:16 61440 ----a-r- C:\Users\JUANFE~1\AppData\Roaming\Microsoft\Installer\{6CC56991-D80B-42EB-B2AF-85D6F822D8EA}\NewShortcut2_6CC56991D80B42EBB2AF85D6F822D8EA_5.exe
2010-11-04 03:12:14 61440 ----a-r- C:\Users\JUANFE~1\AppData\Roaming\Microsoft\Installer\{6CC56991-D80B-42EB-B2AF-85D6F822D8EA}\NewShortcut1_6CC56991D80B42EBB2AF85D6F822D8EA_5.exe
2010-11-04 03:12:13 -------- d-----w- C:\Program Files (x86)\Bagatrix
2010-11-04 02:00:58 -------- d-----w- C:\Windows\SysWow64\URTTEMP
2010-11-03 23:38:47 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2010-11-03 23:38:47 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\Adobe Mini Bridge CS5
2010-11-01 14:22:13 -------- d-----w- C:\Users\JUANFE~1\AppData\Local\LucasArts
2010-11-01 01:40:18 -------- d-----w- C:\Program Files\Bonjour
2010-10-29 20:16:17 -------- d-----w- C:\Users\JUANFE~1\AppData\Roaming\Azureus
2010-10-29 20:15:14 -------- d-----w- C:\Program Files (x86)\Vuze
2010-10-29 19:53:04 -------- d-----w- C:\Program Files (x86)\FileASSASSIN

==================== Find3M ====================

2010-11-25 11:53:18 45056 ----a-w- C:\Windows\System32\acovcnt.exe
2010-10-29 19:20:34 233960 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2010-10-29 18:53:21 233960 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2010-10-16 18:13:46 5901416 ----a-w- C:\Windows\System32\nvcpl.dll
2010-10-16 18:13:26 2590824 ----a-w- C:\Windows\System32\nvsvc64.dll
2010-10-16 18:13:26 116328 ----a-w- C:\Windows\System32\nvmctray.dll
2010-10-16 18:13:24 989800 ----a-w- C:\Windows\System32\nvvsvc.exe
2010-10-16 18:13:24 61032 ----a-w- C:\Windows\System32\nvshext.dll
2010-10-16 18:13:24 302184 ----a-w- C:\Windows\System32\nvhotkey.dll
2010-10-16 18:13:24 1881704 ----a-w- C:\Windows\System32\nvsvcr.dll
2010-10-06 21:48:00 2828 --sha-w- C:\PROGRA~3\KGyGaAvL.sys
2010-10-06 21:45:12 88 --sh--r- C:\PROGRA~3\BCAE6404D7.sys
2010-10-01 23:01:26 75064 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2010-09-28 20:44:52 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys
2010-09-28 20:44:52 4184352 ----a-w- C:\Windows\System32\usbaaplrc.dll
2010-09-23 05:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2010-09-23 05:36:48 48488 ----a-w- C:\Windows\System32\drivers\fssfltr.sys
2010-09-23 05:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR
2010-09-21 19:49:02 252800 ----a-w- C:\Windows\System32\LIVESSP.DLL
2010-09-21 19:03:14 208768 ----a-w- C:\Windows\SysWow64\LIVESSP.DLL
2010-09-15 09:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2010-09-10 05:35:44 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2010-09-10 05:35:43 347648 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2010-09-08 16:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2010-09-08 16:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2010-09-08 05:36:17 1192960 ----a-w- C:\Windows\System32\wininet.dll
2010-09-08 05:34:34 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2010-09-08 04:30:04 978432 ----a-w- C:\Windows\SysWow64\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2010-09-08 04:16:38 482816 ----a-w- C:\Windows\System32\html.iec
2010-09-08 03:35:30 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2010-09-08 03:22:31 386048 ----a-w- C:\Windows\SysWow64\html.iec
2010-09-08 02:48:16 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2010-09-07 20:09:02 29288 ----a-w- C:\Windows\System32\nvhdap64.dll
2010-09-07 20:08:55 155752 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2010-09-07 20:08:54 1308776 ----a-w- C:\Windows\System32\nvgenco64.dll
2010-09-04 03:14:23 178800 ----a-w- C:\Windows\SysWow64\CmdLineExt_x64.dll
2010-09-01 05:12:09 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2010-09-01 04:23:49 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2010-09-01 02:58:34 3123712 ----a-w- C:\Windows\System32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll
2010-08-30 22:15:18 3791352 ----a-w- C:\Windows\SysWow64\GameMon.des

============= FINISH: 22:07:39.39 ===============
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-11-26.01)

Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 6/20/2010 6:40:33 AM
System Uptime: 11/26/2010 9:52:23 PM (1 hours ago)

Motherboard: PEGATRON CORPORATION | | G60JX
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz | Socket 989 | 2267/533mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 446 GiB total, 30.331 GiB free.
D: is Removable
E: is CDROM ()
F: is CDROM ()
G: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP159: 11/23/2010 4:21:37 PM - Windows Update

==== Installed Programs ======================

µTorrent
Acrobat.com
Adobe AIR
Adobe Community Help
Adobe Digital Editions
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader 9.4.1 MUI
Adobe Shockwave Player 11.5
Algebra Solved!
Apple Application Support
Apple Software Update
Ares 2.1.5
Assassin's Creed
Assassin's Creed II
ASUS AI Recovery
ASUS AP Bank
ASUS Data Security Manager
ASUS FancyStart
ASUS LifeFrame3
ASUS Live Update
ASUS SmartLogon
ASUS Splendid Video Enhancement Technology
ASUS Virtual Camera
ASUS_ScreenSaver_GSeries
Atheros Client Installation Program
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATK Generic Function Service
ATK Hotkey
ATK Media
ATKOSD2
Audacity 1.3.12 (Unicode)
AviSynth 2.5
Best Buy Software Installer
calibre
Call of Duty(R) 4 - Modern Warfare(TM) 1.2 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
CamStudio
Canon Digital Camera USB WIA Driver
CCleaner
Clone Wars
CloneDVD2
Compatibility Pack for the 2007 Office system
ControlDeck
Creative MediaSource 5
CyberLink PowerDVD 10
D3DX10
Definition update for Microsoft Office 2010 (KB982726)
erLT
Express Gate
FileASSASSIN
Football Manager 2010 Demo
Fraps (remove only)
Free Download Manager 3.0
Game Booster
Gaming Mouse
Google Chrome
Google Earth
Google Earth Pro
Google Update Helper
ImgBurn
Intel(R) Management Engine Components
Intel(R) Turbo Boost Technology Driver
InterActual Player
James Bond 007(TM) - Blood Stone
Java Auto Updater
Java(TM) 6 Update 22
JDownloader
Junk Mail filter update
Logitech SetPoint
Malwarebytes' Anti-Malware
McAfee Security Scan Plus
Mega Manager
MemTurbo 4
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Search Enhancement Pack
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Microsoft WSE 3.0 Runtime
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Mozilla Firefox (3.6.10)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
Nero Burning ROM 10
Nero BurningROM 10 Help (CHM)
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
Pando Media Booster
PDF Settings CS5
PFPortChecker 1.0.36
Portforward Static IP Address 1.0.44
Prism Video File Converter
PunkBuster Services
QuickTime
Rapid Tools 2.2.7.0
REACTOR
Realtek High Definition Audio Driver
RICOH R5U230 Media Driver ver.2.05.02.02
Roxio Burn
Roxio Roxio Burn
Roxio Update Manager
Safari
SDFormatter
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Ship Simulator Extremes Demo
Skype Toolbars
Skype™ 5.0
Soldier Front
Sound Blaster Audigy HD
Speccy
SPORE™
Stanza
Star Wars - Jedi Knight II: Jedi Outcast
Star Wars Battlefront II
Star Wars Battlefront II PC Server
Star Wars Empire at War
Star Wars Empire at War Forces of Corruption
Star Wars: The Force Unleashed 2
Startup Delayer v2.5 (build 138)
Steam
Switch Sound File Converter
System Requirements Lab
System Requirements Lab CYRI
Tango
TeamViewer 5
The Sims 2 Family Fun Stuff
The Sims 2 Glamour Life Stuff
The Sims 2 Open For Business
The Sims 2 Pets
The Sims 2 Seasons
The Sims 2 University
The Sims™ 2 Apartment Life
The Sims™ 2 Bon Voyage
The Sims™ 2 Celebration! Stuff
The Sims™ 2 Deluxe
The Sims™ 2 FreeTime
The Sims™ 2 H&M® Fashion Stuff
The Sims™ 2 IKEA® Home Stuff
The Sims™ 2 Kitchen & Bath Interior Design Stuff
The Sims™ 2 Mansion and Garden Stuff
The Sims™ 2 Teen Style Stuff
The Sims™ 3
The Sims™ 3 Ambitions
Ubisoft Game Launcher
Unity Web Player
Videora iPod touch Converter 6
VLC media player 1.0.3
Vuze
Webroot Software
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Encoder 9 Series
Windows Media Player Firefox Plugin
WinFlash
Wireless Console 3
Xfire (remove only)

==== Event Viewer Messages From Past Week ========

11/26/2010 9:54:16 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/26/2010 9:52:39 PM, Error: volmgr [46] - Crash dump initialization failed!
11/26/2010 9:34:12 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
11/26/2010 9:33:12 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/26/2010 9:32:44 AM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
11/26/2010 3:18:14 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
11/26/2010 3:18:14 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/26/2010 11:20:52 AM, Error: Service Control Manager [7000] - The NPPTNT2 service failed to start due to the following error: The system cannot find the file specified.
11/26/2010 11:20:47 AM, Error: Application Popup [1060] - \??\C:\ijji\ENGLISH\u_sf\GameGuard\dump_wmimmc.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/23/2010 8:13:19 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer MARCELA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{EA19388F-6B87-4A96-B7A0-75F74B472515}. The master browser is stopping or an election is being forced.
11/22/2010 5:23:07 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Akamai NetSession Interface service, but this action failed with the following error: An instance of the service is already running.
11/22/2010 5:23:06 PM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
11/19/2010 9:13:19 PM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

==== End Of File ===========================
 
cannot access internet in infected computer
Just happened?

Since you're a new member, some of your logs have to be approved. That's why you didn't see them being posted. You should be fine now.

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
 
2010/11/26 23:19:35.0995 TDSS rootkit removing tool 2.4.9.0 Nov 26 2010 15:38:31
2010/11/26 23:19:35.0995 ================================================================================
2010/11/26 23:19:35.0996 SystemInfo:
2010/11/26 23:19:35.0996
2010/11/26 23:19:35.0996 OS Version: 6.1.7600 ServicePack: 0.0
2010/11/26 23:19:35.0996 Product type: Workstation
2010/11/26 23:19:35.0996 ComputerName: GAMING1-PC
2010/11/26 23:19:35.0997 UserName: Juan Felipe
2010/11/26 23:19:35.0997 Windows directory: C:\Windows
2010/11/26 23:19:35.0997 System windows directory: C:\Windows
2010/11/26 23:19:35.0997 Running under WOW64
2010/11/26 23:19:35.0997 Processor architecture: Intel x64
2010/11/26 23:19:35.0997 Number of processors: 4
2010/11/26 23:19:35.0997 Page size: 0x1000
2010/11/26 23:19:35.0997 Boot type: Normal boot
2010/11/26 23:19:35.0997 ================================================================================
2010/11/26 23:19:35.0997 Utility is running under WOW64
2010/11/26 23:19:38.0145 Initialize success
2010/11/26 23:19:41.0906 ================================================================================
2010/11/26 23:19:41.0906 Scan started
2010/11/26 23:19:41.0906 Mode: Manual;
2010/11/26 23:19:41.0906 ================================================================================
2010/11/26 23:19:45.0811 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
2010/11/26 23:19:45.0865 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
2010/11/26 23:19:45.0919 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
2010/11/26 23:19:46.0008 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2010/11/26 23:19:46.0173 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2010/11/26 23:19:46.0260 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2010/11/26 23:19:46.0349 AFD (b9384e03479d2506bc924c16a3db87bc) C:\Windows\system32\drivers\afd.sys
2010/11/26 23:19:46.0429 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
2010/11/26 23:19:46.0541 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
2010/11/26 23:19:46.0607 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
2010/11/26 23:19:46.0691 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2010/11/26 23:19:46.0810 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2010/11/26 23:19:46.0898 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
2010/11/26 23:19:46.0992 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2010/11/26 23:19:47.0053 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
2010/11/26 23:19:47.0141 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
2010/11/26 23:19:47.0252 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2010/11/26 23:19:47.0315 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2010/11/26 23:19:47.0378 AsDsm (88fbc8bebfd38566235eaa5e4dbc4e05) C:\Windows\system32\drivers\AsDsm.sys
2010/11/26 23:19:47.0487 ASMMAP64 (2db34edd17d3a8da7105a19c95a3dd68) C:\Program Files\ATKGFNEX\ASMMAP64.sys
2010/11/26 23:19:47.0647 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/26 23:19:47.0695 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
2010/11/26 23:19:47.0761 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
2010/11/26 23:19:47.0912 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2010/11/26 23:19:48.0009 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2010/11/26 23:19:48.0117 bckd (401bac15b0ee62a49df411b7d0eabf1f) C:\Windows\system32\drivers\bckd.sys
2010/11/26 23:19:48.0171 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2010/11/26 23:19:48.0229 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2010/11/26 23:19:48.0299 bowser (91ce0d3dc57dd377e690a2d324022b08) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/26 23:19:48.0351 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2010/11/26 23:19:48.0414 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2010/11/26 23:19:48.0480 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2010/11/26 23:19:48.0543 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2010/11/26 23:19:48.0659 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2010/11/26 23:19:48.0750 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2010/11/26 23:19:48.0830 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2010/11/26 23:19:48.0915 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/26 23:19:48.0989 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/26 23:19:49.0059 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2010/11/26 23:19:49.0136 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2010/11/26 23:19:49.0206 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/26 23:19:49.0256 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
2010/11/26 23:19:49.0310 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
2010/11/26 23:19:49.0351 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/26 23:19:49.0403 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
2010/11/26 23:19:49.0464 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2010/11/26 23:19:49.0598 dc3d (76e02db615a03801d698199a2bc4a06a) C:\Windows\system32\DRIVERS\dc3d.sys
2010/11/26 23:19:49.0651 DfsC (3f1dc527070acb87e40afe46ef6da749) C:\Windows\system32\Drivers\dfsc.sys
2010/11/26 23:19:49.0692 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2010/11/26 23:19:49.0746 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2010/11/26 23:19:49.0825 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2010/11/26 23:19:49.0996 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/26 23:19:50.0255 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2010/11/26 23:19:50.0415 ElbyCDIO (a14d6e3ef78f6d6ac42f98d633f2400a) C:\Windows\system32\Drivers\ElbyCDIO.sys
2010/11/26 23:19:50.0501 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2010/11/26 23:19:50.0590 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
2010/11/26 23:19:50.0796 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2010/11/26 23:19:50.0846 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2010/11/26 23:19:50.0900 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/26 23:19:50.0961 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2010/11/26 23:19:50.0993 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2010/11/26 23:19:51.0039 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/26 23:19:51.0131 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
2010/11/26 23:19:51.0177 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2010/11/26 23:19:51.0260 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2010/11/26 23:19:51.0373 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/26 23:19:51.0484 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
2010/11/26 23:19:51.0554 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2010/11/26 23:19:51.0640 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/11/26 23:19:51.0752 GETPADD64 (94279bd1723eb6c8dd452717331f652b) C:\Program Files (x86)\ASUS\WinFlash\GETPADD64.SYS
2010/11/26 23:19:51.0908 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
2010/11/26 23:19:51.0975 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2010/11/26 23:19:52.0066 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
2010/11/26 23:19:52.0129 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/26 23:19:52.0174 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
2010/11/26 23:19:52.0226 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2010/11/26 23:19:52.0294 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2010/11/26 23:19:52.0357 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2010/11/26 23:19:52.0421 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/26 23:19:52.0486 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
2010/11/26 23:19:52.0595 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
2010/11/26 23:19:52.0687 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
2010/11/26 23:19:52.0733 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/26 23:19:52.0805 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys
2010/11/26 23:19:52.0864 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
2010/11/26 23:19:52.0936 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2010/11/26 23:19:53.0002 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
2010/11/26 23:19:53.0108 IntcAzAudAddService (52d9171838bb92319f23656f502916e9) C:\Windows\system32\drivers\RTKVHD64.sys
2010/11/26 23:19:53.0169 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
2010/11/26 23:19:53.0247 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/26 23:19:53.0315 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/26 23:19:53.0391 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
2010/11/26 23:19:53.0476 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2010/11/26 23:19:53.0597 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2010/11/26 23:19:53.0646 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
2010/11/26 23:19:53.0738 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/26 23:19:53.0807 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/26 23:19:53.0858 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/26 23:19:53.0923 kbfiltr (e63ef8c3271d014f14e2469ce75fecb4) C:\Windows\system32\DRIVERS\kbfiltr.sys
2010/11/26 23:19:53.0959 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/26 23:19:54.0008 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
2010/11/26 23:19:54.0049 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2010/11/26 23:19:54.0100 L1C (01c711667abedf8148998f3ac91991db) C:\Windows\system32\DRIVERS\L1C62x64.sys
2010/11/26 23:19:54.0204 LHidFilt (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
2010/11/26 23:19:54.0254 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/26 23:19:54.0291 LMouFilt (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
2010/11/26 23:19:54.0357 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2010/11/26 23:19:54.0420 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2010/11/26 23:19:54.0476 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2010/11/26 23:19:54.0556 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2010/11/26 23:19:54.0636 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2010/11/26 23:19:54.0690 LUsbFilt (9d9714e78eac9e5368208649489c920e) C:\Windows\system32\Drivers\LUsbFilt.Sys
2010/11/26 23:19:54.0793 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2010/11/26 23:19:54.0857 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2010/11/26 23:19:54.0936 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2010/11/26 23:19:54.0991 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/26 23:19:55.0029 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/26 23:19:55.0089 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/26 23:19:55.0115 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
2010/11/26 23:19:55.0165 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
2010/11/26 23:19:55.0217 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/26 23:19:55.0271 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
2010/11/26 23:19:55.0324 mrxsmb (767a4c3bcf9410c286ced15a2db17108) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/26 23:19:55.0364 mrxsmb10 (920ee0ff995fcfdeb08c41605a959e1c) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/26 23:19:55.0405 mrxsmb20 (740d7ea9d72c981510a5292cf6adc941) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/26 23:19:55.0443 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
2010/11/26 23:19:55.0490 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
2010/11/26 23:19:55.0558 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2010/11/26 23:19:55.0620 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2010/11/26 23:19:55.0656 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
2010/11/26 23:19:55.0714 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/26 23:19:55.0822 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/26 23:19:55.0872 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2010/11/26 23:19:55.0912 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
2010/11/26 23:19:55.0946 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/26 23:19:55.0980 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2010/11/26 23:19:56.0012 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2010/11/26 23:19:56.0063 MTsensor (032d35c996f21d19a205a7c8f0b76f3c) C:\Windows\system32\DRIVERS\ATK64AMD.sys
2010/11/26 23:19:56.0093 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2010/11/26 23:19:56.0136 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/26 23:19:56.0187 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
2010/11/26 23:19:56.0251 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2010/11/26 23:19:56.0303 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/26 23:19:56.0334 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/26 23:19:56.0365 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/26 23:19:56.0402 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
2010/11/26 23:19:56.0428 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/26 23:19:56.0459 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/26 23:19:56.0554 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2010/11/26 23:19:56.0621 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2010/11/26 23:19:56.0738 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/26 23:19:56.0796 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
2010/11/26 23:19:56.0864 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
2010/11/26 23:19:56.0886 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2010/11/26 23:19:56.0952 NVHDA (ed9380f201c8126425c09bed96dbe1e5) C:\Windows\system32\drivers\nvhda64v.sys
2010/11/26 23:19:57.0238 nvlddmkm (bbe872a814b00798c2d568d46c42a71b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2010/11/26 23:19:57.0355 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
2010/11/26 23:19:57.0395 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
2010/11/26 23:19:57.0461 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
2010/11/26 23:19:57.0510 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/26 23:19:57.0615 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2010/11/26 23:19:57.0674 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
2010/11/26 23:19:57.0755 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
2010/11/26 23:19:57.0781 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2010/11/26 23:19:57.0828 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2010/11/26 23:19:57.0871 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2010/11/26 23:19:57.0944 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2010/11/26 23:19:58.0095 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/26 23:19:58.0133 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2010/11/26 23:19:58.0188 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/26 23:19:58.0225 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2010/11/26 23:19:58.0319 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2010/11/26 23:19:58.0379 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2010/11/26 23:19:58.0429 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/26 23:19:58.0468 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/26 23:19:58.0535 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2010/11/26 23:19:58.0574 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/26 23:19:58.0611 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/26 23:19:58.0665 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/26 23:19:58.0705 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/26 23:19:58.0751 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2010/11/26 23:19:58.0782 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/26 23:19:58.0827 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/26 23:19:58.0873 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2010/11/26 23:19:58.0909 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
2010/11/26 23:19:58.0946 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
2010/11/26 23:19:58.0994 rimspci (e20b1907fc72a3664ece21e3c20fc63d) C:\Windows\system32\DRIVERS\rimspe64.sys
2010/11/26 23:19:59.0032 rixdpcie (6a1cd4674505e6791390a1ab71da1fbe) C:\Windows\system32\DRIVERS\rixdpe64.sys
2010/11/26 23:19:59.0085 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/26 23:19:59.0132 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
2010/11/26 23:19:59.0161 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
2010/11/26 23:19:59.0211 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/26 23:19:59.0255 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/11/26 23:19:59.0304 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2010/11/26 23:19:59.0365 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2010/11/26 23:19:59.0398 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2010/11/26 23:19:59.0500 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
2010/11/26 23:19:59.0564 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
2010/11/26 23:19:59.0617 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
2010/11/26 23:19:59.0676 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2010/11/26 23:19:59.0745 SiSGbeLH (1bc348cf6baa90ec8e533ef6e6a69933) C:\Windows\system32\DRIVERS\SiSG664.sys
2010/11/26 23:19:59.0802 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2010/11/26 23:19:59.0859 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2010/11/26 23:19:59.0938 skfiltv (01acb9228c303de1fff82b807d28b2b0) C:\Windows\system32\drivers\skfiltv.sys
2010/11/26 23:19:59.0977 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2010/11/26 23:20:00.0073 SNP2UVC (7aec460dbdd193680f0e77724e40e7b6) C:\Windows\system32\DRIVERS\snp2uvc.sys
2010/11/26 23:20:00.0116 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2010/11/26 23:20:00.0210 sptd (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
2010/11/26 23:20:00.0211 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
2010/11/26 23:20:00.0217 sptd - detected Locked file (1)
2010/11/26 23:20:00.0266 srv (de6f5658da951c4bc8e498570b5b0d5f) C:\Windows\system32\DRIVERS\srv.sys
2010/11/26 23:20:00.0314 srv2 (4d33d59c0b930c523d29f9bd40cda9d2) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/26 23:20:00.0349 srvnet (5a663fd67049267bc5c3f3279e631ffb) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/26 23:20:00.0421 ssfmonm (2c8842ac3fb749423311d934a3746fe2) C:\Windows\system32\DRIVERS\ssfmonm.sys
2010/11/26 23:20:00.0450 ssidrv (4a69c76bba285745a45045c4672f89c7) C:\Windows\system32\DRIVERS\ssidrv.sys
2010/11/26 23:20:00.0526 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2010/11/26 23:20:00.0588 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/26 23:20:00.0646 SynTP (0faa1933fbcf916c301ff94acc623031) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/26 23:20:00.0736 Tcpip (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\drivers\tcpip.sys
2010/11/26 23:20:00.0828 TCPIP6 (90a2d722cf64d911879d6c4a4f802a4d) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/26 23:20:00.0874 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/26 23:20:00.0921 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2010/11/26 23:20:00.0980 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2010/11/26 23:20:01.0035 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/26 23:20:01.0095 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/26 23:20:01.0173 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/26 23:20:01.0218 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/26 23:20:01.0262 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2010/11/26 23:20:01.0300 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/26 23:20:01.0364 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
2010/11/26 23:20:01.0414 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/26 23:20:01.0487 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2010/11/26 23:20:01.0610 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
2010/11/26 23:20:01.0690 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
2010/11/26 23:20:01.0758 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/26 23:20:01.0805 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
2010/11/26 23:20:01.0842 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/26 23:20:01.0884 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/26 23:20:01.0923 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2010/11/26 23:20:02.0017 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2010/11/26 23:20:02.0142 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2010/11/26 23:20:02.0171 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/26 23:20:02.0204 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/26 23:20:02.0269 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
2010/11/26 23:20:02.0322 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
2010/11/26 23:20:02.0378 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/26 23:20:02.0416 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2010/11/26 23:20:02.0461 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
2010/11/26 23:20:02.0492 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
2010/11/26 23:20:02.0530 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
2010/11/26 23:20:02.0565 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
2010/11/26 23:20:02.0598 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
2010/11/26 23:20:02.0650 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2010/11/26 23:20:02.0701 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2010/11/26 23:20:02.0729 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2010/11/26 23:20:02.0756 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2010/11/26 23:20:02.0790 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/26 23:20:02.0805 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/26 23:20:02.0878 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2010/11/26 23:20:02.0930 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/26 23:20:03.0028 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2010/11/26 23:20:03.0077 WimFltr (52ded146e4797e6ccf94799e8e22bb2a) C:\Windows\system32\DRIVERS\wimfltr.sys
2010/11/26 23:20:03.0104 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2010/11/26 23:20:03.0194 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
2010/11/26 23:20:03.0258 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/26 23:20:03.0335 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/26 23:20:03.0391 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
2010/11/26 23:20:03.0453 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/26 23:20:03.0535 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC} (74983addca2d9618512c088d856d6615) C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
2010/11/26 23:20:03.0615 \HardDisk0 - detected Rootkit.Win32.TDSS.tdl4 (0)
2010/11/26 23:20:03.0619 ================================================================================
2010/11/26 23:20:03.0619 Scan finished
2010/11/26 23:20:03.0619 ================================================================================
2010/11/26 23:20:03.0631 Detected object count: 2
2010/11/26 23:20:17.0884 Locked file(sptd) - User select action: Skip
2010/11/26 23:20:17.0917 \HardDisk0 - will be cured after reboot
2010/11/26 23:20:17.0918 Rootkit.Win32.TDSS.tdl4(\HardDisk0) - User select action: Cure
2010/11/26 23:20:25.0901 Deinitialize success
 
For the antivirus scan I have Webroot with Spysweeper. I "deleted" the virus, re-scanned and the virus is there again!
 
We're far from being done...

Does your Webroot have antivirus part?

Download MBRCheck to your desktop

Double click MBRCheck.exe to run (Vista and Windows 7 users, right click and select Run as Administrator).
It will show a black screen with some data on it.
Enter N to exit.
A report called MBRcheckxxxx.txt will be on your desktop
Open this report and post its content in your next reply.

=====================================================================

Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/


  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here: http://www.superantispyware.com/definitions.html.)
  • Close SUPERAntiSpyware.
Restart computer in Safe Mode.
To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen

  • Open SUPERAntiSpyware.
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.

Post SUPERAntiSpyware log.
 
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: (build 7600), 64-bit
Base Board Manufacturer: PEGATRON CORPORATION
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK Computer Inc.
System Product Name: G60JX
Logical Drives Mask: 0x00000074

Kernel Drivers (total 172):
0x0340E000 \SystemRoot\system32\ntoskrnl.exe
0x039EA000 \SystemRoot\system32\hal.dll
0x00BA7000 \SystemRoot\system32\kdcom.dll
0x00C2D000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x00C71000 \SystemRoot\system32\PSHED.dll
0x00C85000 \SystemRoot\system32\CLFS.SYS
0x00CE3000 \SystemRoot\system32\CI.dll
0x00E7D000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00F21000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x01083000 \SystemRoot\System32\Drivers\spoh.sys
0x011A9000 \SystemRoot\System32\Drivers\WMILIB.SYS
0x011B2000 \SystemRoot\System32\Drivers\SCSIPORT.SYS
0x01000000 \SystemRoot\system32\DRIVERS\ACPI.sys
0x01057000 \SystemRoot\system32\DRIVERS\msisadrv.sys
0x01061000 \SystemRoot\system32\DRIVERS\vdrvroot.sys
0x00F30000 \SystemRoot\system32\DRIVERS\pci.sys
0x0106E000 \SystemRoot\System32\drivers\partmgr.sys
0x00F63000 \SystemRoot\system32\DRIVERS\ssidrv.sys
0x011E1000 \SystemRoot\system32\DRIVERS\compbatt.sys
0x011EA000 \SystemRoot\system32\DRIVERS\BATTC.SYS
0x00F89000 \SystemRoot\system32\DRIVERS\volmgr.sys
0x00F9E000 \SystemRoot\System32\drivers\volmgrx.sys
0x011F6000 \SystemRoot\system32\drivers\pciide.sys
0x00E00000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00E10000 \SystemRoot\System32\drivers\mountmgr.sys
0x01282000 \SystemRoot\system32\DRIVERS\iaStor.sys
0x0148A000 \SystemRoot\system32\DRIVERS\atapi.sys
0x01493000 \SystemRoot\system32\DRIVERS\ataport.SYS
0x014BD000 \SystemRoot\system32\DRIVERS\msahci.sys
0x014C8000 \SystemRoot\system32\DRIVERS\amdxata.sys
0x014D3000 \SystemRoot\system32\drivers\fltmgr.sys
0x0151F000 \SystemRoot\system32\drivers\fileinfo.sys
0x01533000 \SystemRoot\System32\Drivers\AsDsm.sys
0x01540000 \SystemRoot\System32\Drivers\PxHlpa64.sys
0x01655000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0154C000 \SystemRoot\System32\Drivers\msrpc.sys
0x01600000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01200000 \SystemRoot\System32\Drivers\cng.sys
0x0161A000 \SystemRoot\System32\drivers\pcw.sys
0x0162B000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x018AC000 \SystemRoot\system32\drivers\ndis.sys
0x0199E000 \SystemRoot\system32\drivers\NETIO.SYS
0x01800000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x01A01000 \SystemRoot\System32\drivers\tcpip.sys
0x0182B000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x015AA000 \SystemRoot\system32\DRIVERS\volsnap.sys
0x01875000 \SystemRoot\System32\Drivers\spldr.sys
0x0187D000 \SystemRoot\system32\DRIVERS\sbp2port.sys
0x00E2A000 \SystemRoot\System32\drivers\rdyboost.sys
0x0189A000 \SystemRoot\System32\Drivers\mup.sys
0x01635000 \SystemRoot\System32\drivers\hwpolicy.sys
0x00DA3000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x0163E000 \SystemRoot\system32\DRIVERS\disk.sys
0x01CBF000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
0x01CFD000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x01D27000 \SystemRoot\System32\Drivers\Null.SYS
0x01D30000 \SystemRoot\System32\Drivers\Beep.SYS
0x01D37000 \SystemRoot\System32\drivers\vga.sys
0x01D45000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x01D6A000 \SystemRoot\System32\drivers\watchdog.sys
0x01D7A000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01D83000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01D8C000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01D95000 \SystemRoot\System32\Drivers\Msfs.SYS
0x01DA0000 \SystemRoot\System32\Drivers\Npfs.SYS
0x01DB1000 \SystemRoot\system32\DRIVERS\tdx.sys
0x01DCF000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x01DDC000 \SystemRoot\system32\drivers\bckd.sys
0x01C00000 \SystemRoot\system32\drivers\afd.sys
0x03031000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03076000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x0307F000 \SystemRoot\system32\DRIVERS\pacer.sys
0x030A5000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x030BB000 \SystemRoot\system32\DRIVERS\netbios.sys
0x030CA000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x030E5000 \SystemRoot\system32\DRIVERS\termdd.sys
0x030F9000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x0314A000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03156000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03161000 \SystemRoot\System32\Drivers\ElbyCDIO.sys
0x0316C000 \SystemRoot\System32\drivers\discache.sys
0x0317B000 \SystemRoot\System32\Drivers\dfsc.sys
0x03199000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x031AA000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x04C0D000 \SystemRoot\system32\DRIVERS\nvlddmkm.sys
0x057E7000 \SystemRoot\system32\DRIVERS\nvBridge.kmd
0x04266000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x0435A000 \SystemRoot\System32\drivers\dxgmms1.sys
0x043A0000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x043C4000 \SystemRoot\system32\DRIVERS\HECIx64.sys
0x043D5000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x04200000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x04469000 \SystemRoot\system32\DRIVERS\athrx.sys
0x045E6000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x04400000 \SystemRoot\system32\DRIVERS\sdbus.sys
0x04420000 \SystemRoot\system32\DRIVERS\rimspe64.sys
0x0466E000 \SystemRoot\system32\DRIVERS\rixdpe64.sys
0x046C4000 \SystemRoot\system32\DRIVERS\1394ohci.sys
0x04702000 \SystemRoot\system32\DRIVERS\L1C62x64.sys
0x04715000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x04733000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x0477F000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x04781000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x04790000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x04798000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x047A7000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
0x047B4000 \SystemRoot\system32\DRIVERS\Impcd.sys
0x04600000 \SystemRoot\System32\Drivers\az6urhlo.SYS
0x04645000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x0464A000 \SystemRoot\system32\DRIVERS\intelppm.sys
0x04660000 \SystemRoot\system32\DRIVERS\ATK64AMD.sys
0x047DA000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x047EA000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04439000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0445D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x031D0000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x03000000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x01C8A000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x043E6000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x04668000 \SystemRoot\system32\DRIVERS\swenum.sys
0x05A3B000 \SystemRoot\system32\DRIVERS\ks.sys
0x05A7E000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05A90000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x05AEA000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x05AFF000 \SystemRoot\system32\drivers\nvhda64v.sys
0x05B28000 \SystemRoot\system32\drivers\portcls.sys
0x05B65000 \SystemRoot\system32\drivers\drmk.sys
0x05B87000 \SystemRoot\system32\drivers\ksthunk.sys
0x06404000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x05B8D000 \SystemRoot\system32\DRIVERS\cdfs.sys
0x05BAA000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x0681F000 \SystemRoot\system32\DRIVERS\snp2uvc.sys
0x069D7000 \SystemRoot\system32\DRIVERS\STREAM.SYS
0x069E8000 \SystemRoot\system32\DRIVERS\sncduvc.SYS
0x00090000 \SystemRoot\System32\win32k.sys
0x069F1000 \SystemRoot\System32\drivers\Dxapi.sys
0x06800000 \SystemRoot\System32\Drivers\LUsbFilt.Sys
0x06810000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05BC7000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x065F4000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05BE0000 \SystemRoot\system32\DRIVERS\LHidFilt.Sys
0x05BF3000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x05A00000 \SystemRoot\system32\DRIVERS\LMouFilt.Sys
0x05A22000 \SystemRoot\system32\DRIVERS\monitor.sys
0x00590000 \SystemRoot\System32\TSDDD.dll
0x00770000 \SystemRoot\System32\cdd.dll
0x00860000 \SystemRoot\System32\ATMFD.DLL
0x00DDD000 \SystemRoot\system32\drivers\luafv.sys
0x04256000 \SystemRoot\system32\DRIVERS\ssfmonm.sys
0x00C00000 \SystemRoot\system32\drivers\WudfPf.sys
0x057E9000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x03CB1000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x03D04000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x03D17000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x03D2F000 \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys
0x03D36000 \SystemRoot\system32\drivers\HTTP.sys
0x03C00000 \SystemRoot\system32\DRIVERS\bowser.sys
0x03C1E000 \SystemRoot\System32\drivers\mpsdrv.sys
0x03C36000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x03C63000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x06C26000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x06C49000 \SystemRoot\system32\drivers\peauth.sys
0x06CEF000 \SystemRoot\System32\Drivers\secdrv.SYS
0x06CFA000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x06D27000 \SystemRoot\System32\drivers\tcpipreg.sys
0x06D39000 \??\C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl
0x06D64000 \SystemRoot\System32\DRIVERS\srv2.sys
0x092E1000 \SystemRoot\System32\DRIVERS\srv.sys
0x09377000 \SystemRoot\System32\Drivers\fastfat.SYS
0x77240000 \Windows\System32\ntdll.dll
0x48170000 \Windows\System32\smss.exe
0xFF560000 \Windows\System32\apisetschema.dll

Processes (total 96):
0 System Idle Process
4 System
336 C:\Windows\System32\smss.exe
516 csrss.exe
580 C:\Windows\System32\wininit.exe
600 csrss.exe
648 C:\Windows\System32\services.exe
672 C:\Windows\System32\winlogon.exe
684 C:\Windows\System32\lsass.exe
692 C:\Windows\System32\lsm.exe
796 C:\Windows\System32\svchost.exe
860 C:\Program Files (x86)\Webroot\Security\Current\Framework\WRConsumerService.exe
904 C:\Windows\System32\nvvsvc.exe
948 C:\Windows\System32\svchost.exe
1016 C:\Windows\System32\svchost.exe
592 C:\Windows\System32\svchost.exe
744 C:\Windows\System32\svchost.exe
1144 C:\Windows\System32\svchost.exe
1228 C:\Windows\System32\svchost.exe
1520 C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
1532 C:\Windows\System32\nvvsvc.exe
1648 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
1668 C:\Windows\System32\FBAgent.exe
1688 C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
1716 C:\Program Files\ATKGFNEX\GFNEXSrv.exe
1860 C:\Windows\System32\spoolsv.exe
1888 C:\Windows\System32\svchost.exe
1996 C:\Windows\SysWOW64\svchost.exe
2016 C:\Windows\System32\svchost.exe
2040 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1932 C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
812 C:\Program Files (x86)\Bonjour\mDNSResponder.exe
2084 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
2120 C:\Windows\System32\lxdncoms.exe
2144 C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
2444 C:\Windows\System32\taskhost.exe
2544 C:\Windows\System32\dwm.exe
2568 C:\Windows\explorer.exe
2712 C:\Windows\System32\taskeng.exe
2752 C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2776 C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2784 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
2792 C:\Program Files\P4G\BatteryLife.exe
2800 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
2808 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2864 C:\Windows\SysWOW64\ACEngSvr.exe
2884 C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
2928 C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
2936 C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
2944 C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
2264 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
2276 C:\Windows\System32\rundll32.exe
2288 C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe
2308 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
2500 C:\Program Files\Logitech\SetPoint\SetPoint.exe
3184 C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
3192 C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
3204 C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
3216 C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
3268 C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
3276 C:\Program Files (x86)\CyberLink\Shared files\brs.exe
3292 C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
3300 C:\Program Files (x86)\Gaming Mouse\hid.exe
3348 C:\Program Files (x86)\Webroot\Security\Current\Framework\WRTray.exe
3440 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
3472 C:\Program Files (x86)\iTunes\iTunesHelper.exe
3564 C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
3612 C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
3176 C:\Windows\SysWOW64\PnkBstrA.exe
3096 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
3820 C:\Windows\System32\taskeng.exe
4000 C:\Program Files\Windows Sidebar\sidebar.exe
3764 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
3804 C:\Windows\System32\svchost.exe
3368 C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
3996 C:\Windows\System32\svchost.exe
3980 C:\Program Files (x86)\Webroot\Security\Current\Plugins\AntiMalware\AEI.exe
4540 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
4668 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
4332 C:\Windows\System32\svchost.exe
4432 C:\Program Files\iPod\bin\iPodService.exe
4988 C:\Windows\System32\svchost.exe
5480 C:\Program Files\Windows Media Player\wmpnetwk.exe
5540 SSU.exe
6012 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
4532 C:\Users\Juan Felipe\AppData\Local\Google\Chrome\Application\chrome.exe
3000 C:\Users\Juan Felipe\AppData\Local\Google\Chrome\Application\chrome.exe
5032 C:\Users\Juan Felipe\AppData\Local\Google\Chrome\Application\chrome.exe
344 C:\Users\Juan Felipe\AppData\Local\Google\Chrome\Application\chrome.exe
4188 C:\Users\Juan Felipe\AppData\Local\Google\Chrome\Application\chrome.exe
1868 C:\Windows\System32\audiodg.exe
784 dllhost.exe
1584 dllhost.exe
6004 C:\Users\Juan Felipe\Desktop\MBRCheck.exe
5188 C:\Windows\System32\conhost.exe
5880 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000004`e22cec00 (NTFS)

PhysicalDrive0 Model Number: ST9500420AS, Rev: 0002SDM1

Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 2008 MBR code detected
SHA1: 8DF43F2BDE2D9451948FA14B5279969C777A7979


Done!
 
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/27/2010 at 10:02 AM

Application Version : 4.46.1000

Core Rules Database Version : 5919
Trace Rules Database Version: 3731

Scan type : Complete Scan
Total Scan Time : 01:50:04

Memory items scanned : 364
Memory threats detected : 0
Registry items scanned : 14705
Registry threats detected : 0
File items scanned : 278748
File threats detected : 2

Trojan.Agent/Gen-TDSS
C:\PROGRAM FILES (X86)\QUESTBROWSER\QUESTBROWSER.DLL

Trojan.Agent/Gen-FakeAlert
C:\USERS\JUAN FELIPE\APPDATA\LOCAL\VIRTUALSTORE\WINDOWS\SYSWOW64\WINDFH32.ROM
 
Status
Not open for further replies.
Back