SVCHOST.exe trojan.agent

[DBWJY]

I was looking on the forums and saw that many people are also having problems with trojan.agent

malwarebytes detects it on a quick scan, but when i restart it comes back

here is the dds and attach

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\IDT\WDM\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe

C:\Program Files\mcafee.com\agent\mcagent.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local;<local>

uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111220165435.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

TB: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [<NO NAME>]

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

mRunOnce: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

mRunOnce: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

mRunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

dRun: [dplaysvr] C:\Windows\system32\config\systemprofile\AppData\Local\dplaysvr.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODEME~1.LNK - C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

TCP: Interfaces\{640F5CD8-7908-429D-A865-54141A862025} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{640F5CD8-7908-429D-A865-54141A862025}\84F6C6964616970294E6E6025487072756373702449636B637F6E6C2020514 : DhcpNameServer = 8.8.8.8 8.8.4.4 208.67.222.222

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\msc\McSnIePl.dll

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

BHO-X64: Conduit Engine - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20111220165435.dll

BHO-X64: scriptproxy - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

BHO-X64: Vuze Remote - No File

BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

BHO-X64: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

BHO-X64: Ask Toolbar BHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll"

TB-X64: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

TB-X64: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll

TB-X64: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [(Default)]

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe

mRunOnce-x64: [DSUpdateLauncher] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe" /NOCONSOLE /D="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate" /RUNAS "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe"

mRunOnce-x64: [sTToasterLauncher] C:\Program Files (x86)\Dell DataSafe Local Backup\toasterLauncher.exe

mRunOnce-x64: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL

Hosts: 94.63.147.14 www.google.com

Hosts: 94.63.147.15 www.bing.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\John's\AppData\Roaming\Mozilla\Firefox\Profiles\ta9ls0hq.default\

FF - prefs.js: network.proxy.type - 4

FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll

FF - plugin: C:\Users\John's\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-2-2 18656]

R2 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-6-15 249648]

R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2011-7-6 2304912]

R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-5 13336]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-1-31 652360]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-8-26 249936]

R2 McShield;McAfee McShield;C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe [2010-12-5 199272]

R2 mfevtp;McAfee Validation Trust Protection Service;C:\Program Files\Common Files\mcafee\systemcore\mfevtps.exe [2010-12-5 161168]

R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-5 2320920]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 BcmVWL;Broadcom Virtual Wireless;C:\Windows\system32\DRIVERS\bcmvwl64.sys --> C:\Windows\system32\DRIVERS\bcmvwl64.sys [?]

R3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]

R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]

R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]

R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]

R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-23 136176]

S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-8-26 249936]

S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-8-26 249936]

S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-7-7 195336]

S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-10-30 1431888]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-8-23 136176]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S4 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2010-12-5 89600]

S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

S4 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2011-8-26 249936]

S4 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2010-12-5 208536]

S4 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2011-9-6 386344]

S4 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-12-5 689472]

S4 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2011-5-18 62184]

.

=============== File Associations ===============

.

.scr=AutoCADScriptFile

.

=============== Created Last 30 ================

.

2012-02-05 16:47:33 20480 ----a-w- C:\Windows\svchost.exe

2012-02-01 03:37:53 -------- d-----w- C:\Users\John's\AppData\Roaming\Malwarebytes

2012-02-01 03:37:39 -------- d-----w- C:\ProgramData\Malwarebytes

2012-02-01 03:37:37 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-02-01 03:37:35 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-25 15:00:14 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\74C0.tmp

2012-01-25 15:00:14 6656 ----a-w- C:\ProgramData\Microsoft\Windows\DRM\7491.tmp

2012-01-18 01:05:52 -------- d-----w- C:\Program Files\Steinberg

2012-01-10 23:17:34 1572864 ----a-w- C:\Windows\System32\quartz.dll

2012-01-10 23:17:34 1328640 ----a-w- C:\Windows\SysWow64\quartz.dll

2012-01-10 23:17:33 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll

2012-01-10 23:17:33 366592 ----a-w- C:\Windows\System32\qdvd.dll

2012-01-10 23:17:29 1739160 ----a-w- C:\Windows\System32\ntdll.dll

2012-01-10 23:17:29 1292592 ----a-w- C:\Windows\SysWow64\ntdll.dll

2012-01-10 23:17:25 77312 ----a-w- C:\Windows\System32\packager.dll

2012-01-10 23:17:25 67072 ----a-w- C:\Windows\SysWow64\packager.dll

2012-01-07 23:00:15 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll

2012-01-07 23:00:15 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll

2012-01-07 23:00:15 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll

2012-01-07 23:00:15 45016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll

2012-01-07 22:56:38 0 ----a-w- C:\Windows\SysWow64\sho41C2.tmp

.

==================== Find3M ====================

.

2011-12-19 02:41:46 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll

2011-12-19 02:41:46 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll

2011-11-24 05:00:47 3141632 ----a-w- C:\Windows\System32\win32k.sys

2011-11-17 07:17:03 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2011-11-17 07:17:02 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2011-11-17 07:15:08 460296 ----a-w- C:\Windows\System32\drivers\cng.sys

2011-11-17 07:12:02 395776 ----a-w- C:\Windows\System32\webio.dll

2011-11-17 07:11:33 28672 ----a-w- C:\Windows\System32\sspisrv.dll

2011-11-17 07:11:33 136192 ----a-w- C:\Windows\System32\sspicli.dll

2011-11-17 07:11:02 28160 ----a-w- C:\Windows\System32\secur32.dll

2011-11-17 07:10:58 340992 ----a-w- C:\Windows\System32\schannel.dll

2011-11-17 07:08:18 1446912 ----a-w- C:\Windows\System32\lsasrv.dll

2011-11-17 07:05:16 31232 ----a-w- C:\Windows\System32\lsass.exe

2011-11-17 05:39:28 314368 ----a-w- C:\Windows\SysWow64\webio.dll

2011-11-17 05:39:21 224768 ----a-w- C:\Windows\SysWow64\schannel.dll

2011-11-17 05:39:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2011-11-17 05:35:13 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2011-11-10 10:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

.

============= FINISH: 16:06:11.80 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 12/22/2010 9:06:59 PM

System Uptime: 2/5/2012 2:50:25 PM (2 hours ago)

.

Motherboard: Dell Inc. | | 0G62V9

Processor: Intel® Core i3 CPU M 370 @ 2.40GHz | CPU 1 | 2394/533mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 451 GiB total, 277.289 GiB free.

D: is CDROM ()

E: is CDROM ()

G: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP166: 1/22/2012 7:00:07 PM - Windows Backup

RP167: 1/26/2012 12:03:06 PM - Restore Operation

RP168: 1/29/2012 7:35:56 PM - Windows Backup

RP169: 1/30/2012 5:40:55 PM - Installed Java 6 Update 30

RP170: 1/31/2012 3:39:01 PM - Windows Update

.

==== Installed Programs ======================

.

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader X (10.1.2)

Advanced Audio FX Engine

AoA Audio Extractor

Apple Application Support

Apple Software Update

ASIO4ALL

Ask Toolbar

Authorizer 1.0.5

Autodesk Content Service

Autodesk Material Library 2012

Autodesk Material Library Base Resolution Image Library 2012

Battlefield Play4Free

Best Buy pc app

Bing Bar

BoutCheetah 15

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-core-static

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Conduit Engine

Consumer In-Home Service Agreement

Cozi

CraftBukkit

CyberLink PowerDirector

CyberLink WaveEditor

Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell DataSafe Online

Dell Dock

Dell Getting Started Guide

Dell Support Center (Support Software)

Dell Webcam Central

Dragon Age II Demo

EA Download Manager

Fallout 3 - Game of the Year Edition

FARO LS 1.1.406.58

FIFA 11 Demo

FL Studio 10

G-Force

Google Chrome

Google Earth Plug-in

Google Update Helper

GoToAssist 8.0.0.514

IL Download Manager

Intel® Control Center

Intel® Management Engine Components

Intel® Rapid Storage Technology

Internet TV for Windows Media Center

Java Auto Updater

Java 6 Update 30

Junk Mail filter update

Just Cause 2 Demo

Line 6 Uninstaller

Little Fighter 2 version 2.0a

Live! Cam Avatar Creator

LoJack Factory Installer

Lyrics Plugin for iTunes

Lyrics Plugin for Windows Media Player

Malwarebytes Anti-Malware version 1.60.1.1000

MapleStory

McAfee Security Scan Plus

McAfee SecurityCenter

Microsoft Choice Guard

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office 2010

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Click-to-Run 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Starter 2010 - English

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Microsoft_VC90_CRT_x86

Mozilla Firefox 10.0 (x86 en-US)

MSVCRT

MSVCRT Redists

Need For Speed™ World

Nexon Game Manager

ooVoo

Pando Media Booster

Portal

Project64 1.6

PunkBuster Services

QuickTime

Roxio Burn

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Skype Toolbars

Skype™ 4.2

SmartSound Quicktracks 5

Spore

Spore: Galactic Adventures

Steam

Team Fortress 2

TeamSpeak 3 Client

TuneUp Companion 2.2.3

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

Vegas Pro 10.0

VLC media player 1.1.11

Vuze

Vuze Remote Toolbar

WildTangent Games

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Upload Tool

Windows Live Writer

Windows Media Center Add-in for Flash

WinRAR 4.00 (32-bit)

Xobni

Xobni Core

.

==== Event Viewer Messages From Past Week ========

.

2/5/2012 3:04:38 PM, Error: BTHUSB [17] - The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

2/5/2012 11:47:32 AM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143.

2/5/2012 11:46:43 AM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

2/5/2012 11:46:42 AM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.

2/5/2012 11:46:42 AM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

2/5/2012 11:46:41 AM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

2/5/2012 11:46:37 AM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

2/1/2012 5:39:42 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

1/29/2012 11:13:12 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the CodeMeter Runtime Server service to connect.

.

==== End Of File ===========================

thank you for the help

[Elise]

Hello and

Lets see if we can clean that up.

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

• Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  Vista/Windows 7 users right-click and select Run As Administrator.
  
• If TDSSKiller does not run, try renaming it.
  
• To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  
• Click the Start Scan button.
  
• Do not use the computer during the scan
  
• If the scan completes with nothing found, click Close to exit.
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  
• Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
• A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  
• Copy and paste the contents of that file in your next reply.

[DBWJY]

I had downloaded TDSSKiller.exe and ran it. the scan found a rootkit and i picked the cure option. It completed and my computer rebooted but was unable to start windows. I was forced to choose the windows startup recovery option and it ran and restarted again but windows still did not start. I am on another computer right now. Please help me

[Elise]

Please restart the computer and tap F10 until the Edit Boot Menu options come up.

Look between the brackets for /MININT and if it is present, delete it.

If you are not sure what to delete, just post me everything present between the brackets ([.... ]).

[DBWJY]

i press f10 and this is what i get

[ /noexecute=optin /minint ]

ther is a lot of space between/minint and the end bracket but nothing there

[Elise]

You need to delete the /minint part (use backspace). Then press enter, which should get you in Windows.

To make the change permanent, click Start > All Programs > Accessories, right click on Command Prompt and select "run as administrator".

Type the following line and press enter:

bcdedit /set {default} winpe no

After doing this, please let me know how everything is running.

[DBWJY]

15:10:16.0422 4820 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49

15:10:16.0750 4820 ============================================================

15:10:16.0750 4820 Current date / time: 2012/02/06 15:10:16.0750

15:10:16.0750 4820 SystemInfo:

15:10:16.0750 4820

15:10:16.0750 4820 OS Version: 6.1.7600 ServicePack: 0.0

15:10:16.0750 4820 Product type: Workstation

15:10:16.0765 4820 ComputerName: JOHNS-PC

15:10:16.0765 4820 UserName: John's

15:10:16.0765 4820 Windows directory: C:\Windows

15:10:16.0765 4820 System windows directory: C:\Windows

15:10:16.0765 4820 Running under WOW64

15:10:16.0765 4820 Processor architecture: Intel x64

15:10:16.0765 4820 Number of processors: 4

15:10:16.0765 4820 Page size: 0x1000

15:10:16.0765 4820 Boot type: Normal boot

15:10:16.0765 4820 ============================================================

15:10:24.0815 4820 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

15:10:24.0831 4820 \Device\Harddisk0\DR0:

15:10:24.0831 4820 MBR used

15:10:24.0831 4820 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C000

15:10:24.0831 4820 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1D7E800, BlocksNum 0x38607030

15:10:24.0878 4820 Initialize success

15:10:24.0878 4820 ============================================================

15:10:35.0019 4868 ============================================================

15:10:35.0019 4868 Scan started

15:10:35.0019 4868 Mode: Manual;

15:10:35.0019 4868 ============================================================

15:10:39.0402 4868 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\Windows\system32\DRIVERS\1394ohci.sys

15:10:39.0480 4868 1394ohci - ok

15:10:39.0605 4868 ACPI (794ff35015209b9d44f1360c42c9776d) C:\Windows\system32\DRIVERS\ACPI.sys

15:10:39.0621 4868 ACPI - ok

15:10:39.0855 4868 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys

15:10:39.0870 4868 AcpiPmi - ok

15:10:40.0260 4868 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

15:10:40.0291 4868 adp94xx - ok

15:10:40.0494 4868 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

15:10:40.0510 4868 adpahci - ok

15:10:40.0619 4868 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

15:10:40.0635 4868 adpu320 - ok

15:10:40.0931 4868 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys

15:10:41.0009 4868 AFD - ok

15:10:41.0259 4868 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys

15:10:41.0274 4868 agp440 - ok

15:10:41.0446 4868 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys

15:10:41.0461 4868 aliide - ok

15:10:41.0539 4868 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys

15:10:41.0539 4868 amdide - ok

15:10:41.0633 4868 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

15:10:41.0649 4868 AmdK8 - ok

15:10:42.0663 4868 amdkmdag (79a11cb10ff02a8425dabbb040249f7d) C:\Windows\system32\DRIVERS\atikmdag.sys

15:10:42.0975 4868 amdkmdag - ok

15:10:43.0099 4868 amdkmdap (6f6d47246fbb0cf65619684a0f89179e) C:\Windows\system32\DRIVERS\atikmpag.sys

15:10:43.0177 4868 amdkmdap - ok

15:10:43.0349 4868 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

15:10:43.0365 4868 AmdPPM - ok

15:10:43.0645 4868 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys

15:10:43.0708 4868 amdsata - ok

15:10:43.0989 4868 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

15:10:44.0004 4868 amdsbs - ok

15:10:44.0207 4868 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys

15:10:44.0285 4868 amdxata - ok

15:10:44.0535 4868 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys

15:10:44.0550 4868 AppID - ok

15:10:45.0034 4868 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

15:10:45.0034 4868 arc - ok

15:10:45.0112 4868 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

15:10:45.0127 4868 arcsas - ok

15:10:45.0237 4868 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

15:10:45.0252 4868 AsyncMac - ok

15:10:45.0408 4868 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys

15:10:45.0408 4868 atapi - ok

15:10:45.0533 4868 AtiHdmiService (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys

15:10:45.0642 4868 AtiHdmiService - ok

15:10:46.0266 4868 atikmdag (79a11cb10ff02a8425dabbb040249f7d) C:\Windows\system32\DRIVERS\atikmdag.sys

15:10:46.0297 4868 atikmdag - ok

15:10:46.0594 4868 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

15:10:46.0641 4868 b06bdrv - ok

15:10:46.0921 4868 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

15:10:46.0953 4868 b57nd60a - ok

15:10:47.0124 4868 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys

15:10:47.0187 4868 BCM42RLY - ok

15:10:47.0592 4868 BCM43XX (8b5d16d20774fc3727f44e161be2c0ac) C:\Windows\system32\DRIVERS\bcmwl664.sys

15:10:47.0623 4868 BCM43XX - ok

15:10:47.0889 4868 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys

15:10:47.0982 4868 BcmVWL - ok

15:10:48.0247 4868 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

15:10:48.0263 4868 Beep - ok

15:10:48.0450 4868 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

15:10:48.0466 4868 blbdrive - ok

15:10:48.0669 4868 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys

15:10:48.0731 4868 bowser - ok

15:10:48.0981 4868 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

15:10:48.0996 4868 BrFiltLo - ok

15:10:49.0059 4868 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

15:10:49.0059 4868 BrFiltUp - ok

15:10:49.0152 4868 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

15:10:49.0183 4868 Brserid - ok

15:10:49.0246 4868 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

15:10:49.0246 4868 BrSerWdm - ok

15:10:49.0324 4868 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

15:10:49.0339 4868 BrUsbMdm - ok

15:10:49.0386 4868 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

15:10:49.0402 4868 BrUsbSer - ok

15:10:49.0511 4868 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

15:10:49.0527 4868 BthEnum - ok

15:10:49.0605 4868 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

15:10:49.0605 4868 BTHMODEM - ok

15:10:49.0729 4868 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

15:10:49.0745 4868 BthPan - ok

15:10:50.0026 4868 BTHPORT (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys

15:10:50.0088 4868 BTHPORT - ok

15:10:50.0244 4868 BTHUSB (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys

15:10:50.0307 4868 BTHUSB - ok

15:10:50.0369 4868 btusbflt (d3466f77c2c49c6e393ba5fba963a33e) C:\Windows\system32\drivers\btusbflt.sys

15:10:50.0416 4868 btusbflt - ok

15:10:50.0572 4868 btwaudio (af838d8029ae7c27470862d63fa54d24) C:\Windows\system32\drivers\btwaudio.sys

15:10:50.0634 4868 btwaudio - ok

15:10:50.0743 4868 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys

15:10:50.0806 4868 btwavdt - ok

15:10:50.0915 4868 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

15:10:50.0993 4868 btwl2cap - ok

15:10:51.0180 4868 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys

15:10:51.0258 4868 btwrchid - ok

15:10:51.0414 4868 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

15:10:51.0430 4868 cdfs - ok

15:10:51.0555 4868 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys

15:10:51.0555 4868 cdrom - ok

15:10:51.0664 4868 cfwids (ed0263b2eb24f0f4e3898036fa1d28a1) C:\Windows\system32\drivers\cfwids.sys

15:10:51.0726 4868 cfwids - ok

15:10:51.0804 4868 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

15:10:51.0820 4868 circlass - ok

15:10:51.0929 4868 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

15:10:51.0960 4868 CLFS - ok

15:10:52.0101 4868 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

15:10:52.0116 4868 CmBatt - ok

15:10:52.0147 4868 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys

15:10:52.0147 4868 cmdide - ok

15:10:52.0225 4868 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys

15:10:52.0272 4868 CNG - ok

15:10:52.0428 4868 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

15:10:52.0428 4868 Compbatt - ok

15:10:52.0506 4868 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys

15:10:52.0522 4868 CompositeBus - ok

15:10:52.0709 4868 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

15:10:52.0725 4868 crcdisk - ok

15:10:53.0052 4868 CtClsFlt (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys

15:10:53.0130 4868 CtClsFlt - ok

15:10:53.0302 4868 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys

15:10:53.0395 4868 DfsC - ok

15:10:53.0442 4868 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

15:10:53.0458 4868 discache - ok

15:10:53.0614 4868 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

15:10:53.0629 4868 Disk - ok

15:10:53.0754 4868 dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys

15:10:53.0754 4868 dot4 - ok

15:10:53.0832 4868 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys

15:10:53.0832 4868 Dot4Print - ok

15:10:53.0895 4868 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys

15:10:53.0895 4868 dot4usb - ok

15:10:53.0957 4868 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

15:10:53.0973 4868 drmkaud - ok

15:10:54.0035 4868 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys

15:10:54.0113 4868 DXGKrnl - ok

15:10:54.0207 4868 EagleX64 - ok

15:10:54.0628 4868 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

15:10:54.0768 4868 ebdrv - ok

15:10:54.0909 4868 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

15:10:54.0940 4868 elxstor - ok

15:10:55.0018 4868 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys

15:10:55.0033 4868 ErrDev - ok

15:10:55.0174 4868 esgiguard - ok

15:10:55.0470 4868 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

15:10:55.0533 4868 exfat - ok

15:10:55.0611 4868 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

15:10:55.0611 4868 fastfat - ok

15:10:55.0735 4868 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

15:10:55.0735 4868 fdc - ok

15:10:55.0845 4868 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

15:10:55.0860 4868 FileInfo - ok

15:10:55.0891 4868 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

15:10:55.0907 4868 Filetrace - ok

15:10:56.0141 4868 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

15:10:56.0157 4868 flpydisk - ok

15:10:56.0266 4868 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys

15:10:56.0328 4868 FltMgr - ok

15:10:56.0391 4868 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

15:10:56.0391 4868 FsDepends - ok

15:10:56.0422 4868 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

15:10:56.0422 4868 Fs_Rec - ok

15:10:56.0547 4868 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys

15:10:56.0625 4868 fvevol - ok

15:10:56.0718 4868 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

15:10:56.0734 4868 gagp30kx - ok

15:10:56.0843 4868 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

15:10:56.0905 4868 GEARAspiWDM - ok

15:10:57.0061 4868 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

15:10:57.0061 4868 hcw85cir - ok

15:10:57.0139 4868 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys

15:10:57.0155 4868 HdAudAddService - ok

15:10:57.0280 4868 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys

15:10:57.0280 4868 HDAudBus - ok

15:10:57.0405 4868 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys

15:10:57.0467 4868 HECIx64 - ok

15:10:57.0670 4868 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

15:10:57.0670 4868 HidBatt - ok

15:10:57.0748 4868 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

15:10:57.0748 4868 HidBth - ok

15:10:57.0810 4868 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

15:10:57.0810 4868 HidIr - ok

15:10:57.0935 4868 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys

15:10:57.0951 4868 HidUsb - ok

15:10:58.0075 4868 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys

15:10:58.0075 4868 HpSAMD - ok

15:10:58.0185 4868 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys

15:10:58.0231 4868 HTTP - ok

15:10:58.0309 4868 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys

15:10:58.0309 4868 hwpolicy - ok

15:10:58.0434 4868 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

15:10:58.0434 4868 i8042prt - ok

15:10:58.0512 4868 iaStor (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\DRIVERS\iaStor.sys

15:10:58.0528 4868 iaStor - ok

15:10:58.0887 4868 iaStorV (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys

15:10:58.0980 4868 iaStorV - ok

15:10:59.0261 4868 igfx (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys

15:10:59.0433 4868 igfx - ok

15:10:59.0542 4868 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

15:10:59.0542 4868 iirsp - ok

15:10:59.0589 4868 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys

15:10:59.0604 4868 intelide - ok

15:10:59.0667 4868 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

15:10:59.0667 4868 intelppm - ok

15:10:59.0729 4868 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys

15:10:59.0745 4868 IpFilterDriver - ok

15:10:59.0791 4868 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys

15:10:59.0807 4868 IPMIDRV - ok

15:10:59.0885 4868 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

15:10:59.0901 4868 IPNAT - ok

15:11:00.0150 4868 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

15:11:00.0150 4868 IRENUM - ok

15:11:00.0228 4868 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys

15:11:00.0228 4868 isapnp - ok

15:11:00.0291 4868 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys

15:11:00.0291 4868 iScsiPrt - ok

15:11:00.0369 4868 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

15:11:00.0369 4868 kbdclass - ok

15:11:00.0447 4868 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys

15:11:00.0447 4868 kbdhid - ok

15:11:00.0556 4868 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys

15:11:00.0618 4868 KSecDD - ok

15:11:00.0681 4868 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys

15:11:00.0743 4868 KSecPkg - ok

15:11:00.0805 4868 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

15:11:00.0805 4868 ksthunk - ok

15:11:00.0930 4868 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

15:11:00.0930 4868 lltdio - ok

15:11:01.0071 4868 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

15:11:01.0086 4868 LSI_FC - ok

15:11:01.0117 4868 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

15:11:01.0133 4868 LSI_SAS - ok

15:11:01.0180 4868 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

15:11:01.0180 4868 LSI_SAS2 - ok

15:11:01.0273 4868 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

15:11:01.0289 4868 LSI_SCSI - ok

15:11:01.0383 4868 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

15:11:01.0398 4868 luafv - ok

15:11:01.0539 4868 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

15:11:01.0617 4868 MBAMProtector - ok

15:11:02.0053 4868 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

15:11:02.0053 4868 megasas - ok

15:11:02.0131 4868 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

15:11:02.0147 4868 MegaSR - ok

15:11:02.0287 4868 mfeapfk (ef3acfb7e3f82d5f7cde9ef5f0a4e2e2) C:\Windows\system32\drivers\mfeapfk.sys

15:11:02.0287 4868 mfeapfk - ok

15:11:02.0350 4868 mfeavfk (e7a60bdb4365b561d896019b82fb7dd0) C:\Windows\system32\drivers\mfeavfk.sys

15:11:02.0428 4868 mfeavfk - ok

15:11:02.0553 4868 mfeavfk01 - ok

15:11:02.0755 4868 mfefirek (670dffe55e2f9ab99d9169c428bcece9) C:\Windows\system32\drivers\mfefirek.sys

15:11:02.0833 4868 mfefirek - ok

15:11:03.0145 4868 mfehidk (1892616b7f9291fd77c3fa0a5811fe9f) C:\Windows\system32\drivers\mfehidk.sys

15:11:03.0270 4868 mfehidk - ok

15:11:03.0910 4868 mfenlfk (1721261c77f6e7a9e0cb51b7d9f31b60) C:\Windows\system32\DRIVERS\mfenlfk.sys

15:11:03.0988 4868 mfenlfk - ok

15:11:04.0331 4868 mferkdet (65776bd8029e409935b90de30bf99526) C:\Windows\system32\drivers\mferkdet.sys

15:11:04.0409 4868 mferkdet - ok

15:11:04.0737 4868 mfewfpk (4f17d8b85b903d96ef7033bb6ef50516) C:\Windows\system32\drivers\mfewfpk.sys

15:11:04.0846 4868 mfewfpk - ok

15:11:05.0220 4868 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

15:11:05.0236 4868 Modem - ok

15:11:05.0626 4868 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

15:11:05.0626 4868 monitor - ok

15:11:05.0922 4868 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

15:11:05.0922 4868 mouclass - ok

15:11:06.0109 4868 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

15:11:06.0125 4868 mouhid - ok

15:11:06.0468 4868 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys

15:11:06.0484 4868 mountmgr - ok

15:11:06.0796 4868 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys

15:11:06.0811 4868 mpio - ok

15:11:07.0108 4868 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

15:11:07.0123 4868 mpsdrv - ok

15:11:07.0373 4868 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys

15:11:07.0389 4868 MRxDAV - ok

15:11:07.0669 4868 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys

15:11:07.0747 4868 mrxsmb - ok

15:11:08.0200 4868 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys

15:11:08.0465 4868 mrxsmb10 - ok

15:11:08.0839 4868 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys

15:11:08.0917 4868 mrxsmb20 - ok

15:11:09.0136 4868 msahci (bccf16d5fb1109162380e3e28dc9e4e5) C:\Windows\system32\DRIVERS\msahci.sys

15:11:09.0245 4868 msahci - ok

15:11:09.0463 4868 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys

15:11:09.0463 4868 msdsm - ok

15:11:10.0009 4868 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

15:11:10.0025 4868 Msfs - ok

15:11:10.0431 4868 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

15:11:10.0431 4868 mshidkmdf - ok

15:11:10.0680 4868 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys

15:11:10.0696 4868 msisadrv - ok

15:11:10.0961 4868 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

15:11:10.0977 4868 MSKSSRV - ok

15:11:11.0367 4868 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

15:11:11.0382 4868 MSPCLOCK - ok

15:11:11.0881 4868 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

15:11:11.0881 4868 MSPQM - ok

15:11:12.0178 4868 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys

15:11:12.0209 4868 MsRPC - ok

15:11:12.0443 4868 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

15:11:12.0443 4868 mssmbios - ok

15:11:12.0771 4868 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

15:11:12.0786 4868 MSTEE - ok

15:11:13.0067 4868 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

15:11:13.0083 4868 MTConfig - ok

15:11:13.0582 4868 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

15:11:13.0597 4868 Mup - ok

15:11:13.0972 4868 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

15:11:14.0034 4868 NativeWifiP - ok

15:11:14.0518 4868 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys

15:11:14.0565 4868 NDIS - ok

15:11:14.0783 4868 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

15:11:14.0799 4868 NdisCap - ok

15:11:15.0111 4868 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

15:11:15.0126 4868 NdisTapi - ok

15:11:15.0750 4868 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys

15:11:15.0766 4868 Ndisuio - ok

15:11:16.0047 4868 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys

15:11:16.0062 4868 NdisWan - ok

15:11:16.0421 4868 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys

15:11:16.0437 4868 NDProxy - ok

15:11:16.0686 4868 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

15:11:16.0702 4868 NetBIOS - ok

15:11:16.0983 4868 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys

15:11:16.0998 4868 NetBT - ok

15:11:17.0919 4868 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

15:11:17.0934 4868 nfrd960 - ok

15:11:18.0402 4868 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

15:11:18.0418 4868 Npfs - ok

15:11:18.0683 4868 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

15:11:18.0699 4868 nsiproxy - ok

15:11:19.0541 4868 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys

15:11:20.0040 4868 Ntfs - ok

15:11:20.0274 4868 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

15:11:20.0290 4868 Null - ok

15:11:20.0555 4868 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys

15:11:20.0633 4868 nvraid - ok

15:11:20.0992 4868 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys

15:11:21.0054 4868 nvstor - ok

15:11:21.0163 4868 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys

15:11:21.0179 4868 nv_agp - ok

15:11:21.0257 4868 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys

15:11:21.0257 4868 ohci1394 - ok

15:11:21.0850 4868 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

15:11:21.0850 4868 Parport - ok

15:11:21.0897 4868 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys

15:11:21.0912 4868 partmgr - ok

15:11:21.0943 4868 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys

15:11:21.0943 4868 pci - ok

15:11:21.0975 4868 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys

15:11:21.0975 4868 pciide - ok

15:11:22.0021 4868 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

15:11:22.0037 4868 pcmcia - ok

15:11:22.0053 4868 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

15:11:22.0053 4868 pcw - ok

15:11:22.0099 4868 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

15:11:22.0115 4868 PEAUTH - ok

15:11:22.0302 4868 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys

15:11:22.0318 4868 PptpMiniport - ok

15:11:22.0365 4868 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

15:11:22.0380 4868 Processor - ok

15:11:22.0458 4868 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys

15:11:22.0474 4868 Psched - ok

15:11:22.0521 4868 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys

15:11:22.0583 4868 PxHlpa64 - ok

15:11:22.0926 4868 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

15:11:23.0004 4868 ql2300 - ok

15:11:23.0098 4868 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

15:11:23.0098 4868 ql40xx - ok

15:11:23.0145 4868 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

15:11:23.0160 4868 QWAVEdrv - ok

15:11:23.0301 4868 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

15:11:23.0301 4868 RasAcd - ok

15:11:23.0550 4868 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

15:11:23.0550 4868 RasAgileVpn - ok

15:11:23.0628 4868 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys

15:11:23.0644 4868 Rasl2tp - ok

15:11:23.0753 4868 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

15:11:23.0753 4868 RasPppoe - ok

15:11:23.0800 4868 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

15:11:23.0815 4868 RasSstp - ok

15:11:23.0847 4868 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys

15:11:23.0862 4868 rdbss - ok

15:11:23.0893 4868 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

15:11:23.0909 4868 rdpbus - ok

15:11:23.0987 4868 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

15:11:23.0987 4868 RDPCDD - ok

15:11:24.0034 4868 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

15:11:24.0049 4868 RDPENCDD - ok

15:11:24.0112 4868 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

15:11:24.0112 4868 RDPREFMP - ok

15:11:24.0190 4868 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys

15:11:24.0205 4868 RDPWD - ok

15:11:24.0330 4868 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys

15:11:24.0346 4868 rdyboost - ok

15:11:24.0471 4868 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

15:11:24.0486 4868 RFCOMM - ok

15:11:24.0627 4868 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

15:11:24.0642 4868 rspndr - ok

15:11:24.0720 4868 RSUSBSTOR (30f463768d5143bfd7b2df822b53cf4d) C:\Windows\system32\Drivers\RtsUStor.sys

15:11:24.0798 4868 RSUSBSTOR - ok

15:11:24.0985 4868 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\Windows\system32\DRIVERS\Rt64win7.sys

15:11:25.0063 4868 RTL8167 - ok

15:11:25.0188 4868 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys

15:11:25.0204 4868 sbp2port - ok

15:11:25.0297 4868 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys

15:11:25.0313 4868 scfilter - ok

15:11:25.0687 4868 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

15:11:25.0687 4868 secdrv - ok

15:11:25.0812 4868 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

15:11:25.0812 4868 Serenum - ok

15:11:25.0906 4868 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

15:11:25.0906 4868 Serial - ok

15:11:25.0968 4868 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

15:11:25.0968 4868 sermouse - ok

15:11:26.0062 4868 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys

15:11:26.0062 4868 sffdisk - ok

15:11:26.0311 4868 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys

15:11:26.0327 4868 sffp_mmc - ok

15:11:26.0514 4868 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys

15:11:26.0577 4868 sffp_sd - ok

15:11:26.0811 4868 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

15:11:26.0811 4868 sfloppy - ok

15:11:26.0982 4868 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys

15:11:27.0060 4868 Sftfs - ok

15:11:27.0201 4868 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys

15:11:27.0279 4868 Sftplay - ok

15:11:27.0653 4868 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys

15:11:27.0731 4868 Sftredir - ok

15:11:27.0903 4868 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys

15:11:27.0981 4868 Sftvol - ok

15:11:28.0230 4868 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:11:28.0230 4868 SiSRaid2 - ok

15:11:28.0417 4868 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

15:11:28.0417 4868 SiSRaid4 - ok

15:11:28.0511 4868 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

15:11:28.0511 4868 Smb - ok

15:11:28.0683 4868 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

15:11:28.0683 4868 spldr - ok

15:11:28.0823 4868 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys

15:11:28.0917 4868 srv - ok

15:11:29.0026 4868 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys

15:11:29.0104 4868 srv2 - ok

15:11:29.0229 4868 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys

15:11:29.0291 4868 srvnet - ok

15:11:29.0494 4868 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

15:11:29.0494 4868 stexstor - ok

15:11:29.0619 4868 STHDA (4304b75094e106fb5423a290c95841e5) C:\Windows\system32\DRIVERS\stwrt64.sys

15:11:29.0712 4868 STHDA - ok

15:11:29.0790 4868 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

15:11:29.0790 4868 swenum - ok

15:11:29.0884 4868 SynTP (8a3fbcb3d6d4710730d27da4392a4863) C:\Windows\system32\DRIVERS\SynTP.sys

15:11:29.0962 4868 SynTP - ok

15:11:30.0102 4868 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys

15:11:30.0274 4868 Tcpip - ok

15:11:30.0508 4868 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys

15:11:30.0523 4868 TCPIP6 - ok

15:11:30.0617 4868 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys

15:11:30.0633 4868 tcpipreg - ok

15:11:30.0789 4868 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

15:11:30.0804 4868 TDPIPE - ok

15:11:30.0867 4868 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

15:11:30.0867 4868 TDTCP - ok

15:11:30.0976 4868 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys

15:11:30.0991 4868 tdx - ok

15:11:31.0069 4868 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys

15:11:31.0085 4868 TermDD - ok

15:11:31.0210 4868 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys

15:11:31.0210 4868 tssecsrv - ok

15:11:31.0475 4868 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys

15:11:31.0491 4868 tunnel - ok

15:11:31.0553 4868 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

15:11:31.0553 4868 uagp35 - ok

15:11:31.0725 4868 udfs (31ba4a33afab6a69ea092b18017f737f) C:\Windows\system32\DRIVERS\udfs.sys

15:11:31.0803 4868 udfs - ok

15:11:31.0990 4868 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys

15:11:31.0990 4868 uliagpkx - ok

15:11:32.0255 4868 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys

15:11:32.0255 4868 umbus - ok

15:11:32.0380 4868 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

15:11:32.0395 4868 UmPass - ok

15:11:32.0614 4868 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

15:11:32.0645 4868 USBAAPL64 - ok

15:11:32.0848 4868 usbaudio (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys

15:11:32.0863 4868 usbaudio - ok

15:11:33.0082 4868 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys

15:11:33.0160 4868 usbccgp - ok

15:11:33.0534 4868 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys

15:11:33.0534 4868 usbcir - ok

15:11:33.0628 4868 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys

15:11:33.0690 4868 usbehci - ok

15:11:33.0862 4868 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys

15:11:33.0924 4868 usbhub - ok

15:11:34.0033 4868 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys

15:11:34.0080 4868 usbohci - ok

15:11:34.0158 4868 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

15:11:34.0158 4868 usbprint - ok

15:11:34.0236 4868 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:11:34.0314 4868 USBSTOR - ok

15:11:34.0455 4868 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys

15:11:34.0501 4868 usbuhci - ok

15:11:34.0595 4868 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys

15:11:34.0642 4868 usbvideo - ok

15:11:34.0813 4868 VClone (fd911873c0bb6945fa38c16e9a2b58f9) C:\Windows\system32\DRIVERS\VClone.sys

15:11:34.0860 4868 VClone - ok

15:11:34.0985 4868 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys

15:11:34.0985 4868 vdrvroot - ok

15:11:35.0016 4868 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

15:11:35.0016 4868 vga - ok

15:11:35.0047 4868 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

15:11:35.0047 4868 VgaSave - ok

15:11:35.0079 4868 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys

15:11:35.0079 4868 vhdmp - ok

15:11:35.0157 4868 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys

15:11:35.0157 4868 viaide - ok

15:11:35.0297 4868 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys

15:11:35.0313 4868 volmgr - ok

15:11:35.0437 4868 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys

15:11:35.0484 4868 volmgrx - ok

15:11:35.0515 4868 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys

15:11:35.0531 4868 volsnap - ok

15:11:35.0593 4868 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

15:11:35.0609 4868 vsmraid - ok

15:11:35.0640 4868 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

15:11:35.0640 4868 vwifibus - ok

15:11:35.0656 4868 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

15:11:35.0671 4868 vwififlt - ok

15:11:35.0703 4868 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

15:11:35.0703 4868 WacomPen - ok

15:11:35.0796 4868 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:11:35.0812 4868 WANARP - ok

15:11:35.0812 4868 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys

15:11:35.0827 4868 Wanarpv6 - ok

15:11:35.0921 4868 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

15:11:35.0937 4868 Wd - ok

15:11:35.0983 4868 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

15:11:36.0015 4868 Wdf01000 - ok

15:11:36.0108 4868 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

15:11:36.0108 4868 WfpLwf - ok

15:11:36.0202 4868 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys

15:11:36.0264 4868 WimFltr - ok

15:11:36.0358 4868 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

15:11:36.0373 4868 WIMMount - ok

15:11:36.0545 4868 WinUsb (4d52c872018af7e18d078978dcc3f6f2) C:\Windows\system32\DRIVERS\WinUsb.sys

15:11:36.0592 4868 WinUsb - ok

15:11:36.0763 4868 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys

15:11:36.0763 4868 WmiAcpi - ok

15:11:36.0857 4868 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

15:11:36.0873 4868 ws2ifsl - ok

15:11:36.0935 4868 WudfPf (c63907207b837a5c05cf6d1606aa0008) C:\Windows\system32\drivers\WudfPf.sys

15:11:36.0982 4868 WudfPf - ok

15:11:37.0075 4868 WUDFRd (d885a873d733020f8b9b9ff4b1666158) C:\Windows\system32\DRIVERS\WUDFRd.sys

15:11:37.0138 4868 WUDFRd - ok

15:11:37.0309 4868 yukonw7 (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys

15:11:37.0341 4868 yukonw7 - ok

15:11:37.0590 4868 MBR (0x1B8) (4f67409277c79a1c33061decc087f711) \Device\Harddisk0\DR0

15:11:37.0637 4868 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected

15:11:37.0637 4868 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)

15:11:37.0684 4868 Boot (0x1200) (b4a651ea79a9998884da67ecffb5e2e7) \Device\Harddisk0\DR0\Partition0

15:11:37.0684 4868 \Device\Harddisk0\DR0\Partition0 - ok

15:11:37.0699 4868 Boot (0x1200) (9353cf31a6ec515e78353d1600509a2f) \Device\Harddisk0\DR0\Partition1

15:11:37.0715 4868 \Device\Harddisk0\DR0\Partition1 - ok

15:11:37.0715 4868 ============================================================

15:11:37.0715 4868 Scan finished

15:11:37.0715 4868 ============================================================

15:11:37.0731 2648 Detected object count: 1

15:11:37.0731 2648 Actual detected object count: 1

15:12:11.0193 2648 \Device\Harddisk0\DR0\# - copied to quarantine

15:12:11.0208 2648 \Device\Harddisk0\DR0 - copied to quarantine

15:12:11.0349 2648 \Device\Harddisk0\DR0\TDLFS\ph.dll - copied to quarantine

15:12:19.0008 2648 \Device\Harddisk0\DR0\TDLFS\phx.dll - copied to quarantine

15:12:19.0071 2648 \Device\Harddisk0\DR0\TDLFS\phd - copied to quarantine

15:12:24.0437 2648 \Device\Harddisk0\DR0\TDLFS\phdx - copied to quarantine

15:12:29.0555 2648 \Device\Harddisk0\DR0\TDLFS\phs - copied to quarantine

15:12:29.0555 2648 \Device\Harddisk0\DR0\TDLFS\phdata - copied to quarantine

15:12:29.0571 2648 \Device\Harddisk0\DR0\TDLFS\phld - copied to quarantine

15:12:29.0586 2648 \Device\Harddisk0\DR0\TDLFS\phln - copied to quarantine

15:12:34.0687 2648 \Device\Harddisk0\DR0\TDLFS\phlx - copied to quarantine

15:12:39.0757 2648 \Device\Harddisk0\DR0\TDLFS\phm - copied to quarantine

15:12:39.0820 2648 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot

15:12:39.0820 2648 \Device\Harddisk0\DR0 - ok

15:12:39.0820 2648 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure

15:13:12.0283 3464 Deinitialize success

disregard that post, i had misread. I deleted /minint and windows booted fine, but before i had done a system restore in windows startup repair.

here is the log from TDSSKILLER

[Elise]

If something goes wrong, best is to post back here, not to try fixes on your own, that may complicate matters.

COMBOFIX

---------------

Please download ComboFix from one of these locations:

• 
  

Bleepingcomputer
ForoSpyware

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  
• Double click on Combofix.exe and follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\Combofix.txt in your next reply.

[screen317]

Are you still with us? This topic will be closed in a few days if we do not hear back from you.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!