Infected computer and logs

[anttler]

I have a problem with all search engine links being redirected to a differtn site. Also I suspect that I have more problems as internet exploreer runs very slow and crashes often. In the past I have been able to clean my own computer fairly well, looks as though I am falling behind in my abilities since eveyting I have tried fails. I hope someone here is will and able to assist me. I have attached the logs. Thank you

ark.txt

Attach.txt

DDS.txt

[kahdah]

Hello anttler

Welcome to Malwarebytes.

=====================

One or more of the identified infections is a backdoor trojan or rootkit.

This type of infection has the capabilities to allows hacker to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

How Do I Handle Possible Identity Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do.

If you still want to clean it please do the following

===================

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
  
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
• If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  

========

Note before running Combofix you will need to uninstall AVG before it will run.

If you cannot get it to uninstall then use the removal tool found

here

Download ComboFix from one of these locations:

Link 1

Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
• Double click on ComboFix.exe & follow the prompts.
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

[anttler]

Thank you!

I am going to attempt to remove the infection. I do not bank on this computer and am not all that worried about it being comprimised. I shall follow the directions. Is there anything else I need to do?

[anttler]

2010/12/31 14:39:31.0169 TDSS rootkit removing tool 2.4.12.0 Dec 16 2010 09:46:46

2010/12/31 14:39:31.0169 ================================================================================

2010/12/31 14:39:31.0169 SystemInfo:

2010/12/31 14:39:31.0169

2010/12/31 14:39:31.0169 OS Version: 6.1.7600 ServicePack: 0.0

2010/12/31 14:39:31.0169 Product type: Workstation

2010/12/31 14:39:31.0169 ComputerName: SCOTT-PC

2010/12/31 14:39:31.0169 UserName: Scott

2010/12/31 14:39:31.0169 Windows directory: C:\windows

2010/12/31 14:39:31.0169 System windows directory: C:\windows

2010/12/31 14:39:31.0169 Processor architecture: Intel x86

2010/12/31 14:39:31.0169 Number of processors: 2

2010/12/31 14:39:31.0169 Page size: 0x1000

2010/12/31 14:39:31.0169 Boot type: Normal boot

2010/12/31 14:39:31.0169 ================================================================================

2010/12/31 14:39:31.0715 Initialize success

2010/12/31 14:39:40.0887 ================================================================================

2010/12/31 14:39:40.0887 Scan started

2010/12/31 14:39:40.0887 Mode: Manual;

2010/12/31 14:39:40.0887 ================================================================================

2010/12/31 14:39:42.0728 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\windows\system32\DRIVERS\1394ohci.sys

2010/12/31 14:39:42.0915 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\windows\system32\DRIVERS\ACPI.sys

2010/12/31 14:39:43.0071 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\windows\system32\DRIVERS\acpipmi.sys

2010/12/31 14:39:43.0321 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys

2010/12/31 14:39:43.0524 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys

2010/12/31 14:39:43.0711 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys

2010/12/31 14:39:43.0914 AFD (ddc040fdb01ef1712a6b13e52afb104c) C:\windows\system32\drivers\afd.sys

2010/12/31 14:39:44.0070 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\DRIVERS\agp440.sys

2010/12/31 14:39:44.0241 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys

2010/12/31 14:39:44.0444 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\DRIVERS\aliide.sys

2010/12/31 14:39:44.0600 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\DRIVERS\amdagp.sys

2010/12/31 14:39:44.0741 amdide (cd5914170297126b6266860198d1d4f0) C:\windows\system32\DRIVERS\amdide.sys

2010/12/31 14:39:44.0912 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys

2010/12/31 14:39:45.0146 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys

2010/12/31 14:39:45.0365 amdsata (2101a86c25c154f8314b24ef49d7fbc2) C:\windows\system32\DRIVERS\amdsata.sys

2010/12/31 14:39:45.0521 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys

2010/12/31 14:39:45.0599 amdxata (b81c2b5616f6420a9941ea093a92b150) C:\windows\system32\DRIVERS\amdxata.sys

2010/12/31 14:39:45.0786 AppID (feb834c02ce1e84b6a38f953ca067706) C:\windows\system32\drivers\appid.sys

2010/12/31 14:39:45.0989 arc (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys

2010/12/31 14:39:46.0129 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys

2010/12/31 14:39:46.0285 AsUpIO (e67493490466b5f04b58c22d2590e8ca) C:\windows\system32\drivers\AsUpIO.sys

2010/12/31 14:39:46.0410 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys

2010/12/31 14:39:46.0566 atapi (338c86357871c167a96ab976519bf59e) C:\windows\system32\DRIVERS\atapi.sys

2010/12/31 14:39:46.0769 athr (b01751cc563aecac09bbe36aaa21fbef) C:\windows\system32\DRIVERS\athr.sys

2010/12/31 14:39:47.0018 AVGIDSDriver (1ca8e5fe74efd5826bbd76c0470e6ae4) C:\windows\system32\DRIVERS\AVGIDSDriver.Sys

2010/12/31 14:39:47.0174 AVGIDSEH (b9b6e535b9b49c463f68f4bcdd232944) C:\windows\system32\DRIVERS\AVGIDSEH.Sys

2010/12/31 14:39:47.0330 AVGIDSFilter (32a76fd3fc12d09c586730ef63b4b20b) C:\windows\system32\DRIVERS\AVGIDSFilter.Sys

2010/12/31 14:39:47.0502 AVGIDSShim (84431da40330cdfd84a7b92bcf0d4a05) C:\windows\system32\DRIVERS\AVGIDSShim.Sys

2010/12/31 14:39:47.0689 Avgldx86 (5fe5a2c2330c376a1d8dcff8d2680a2d) C:\windows\system32\DRIVERS\avgldx86.sys

2010/12/31 14:39:47.0876 Avgmfx86 (54f1a9b4c9b540c2d8ac4baa171696b1) C:\windows\system32\DRIVERS\avgmfx86.sys

2010/12/31 14:39:48.0032 Avgrkx86 (8da3b77993c5f354cc2977b7ea06d03a) C:\windows\system32\DRIVERS\avgrkx86.sys

2010/12/31 14:39:48.0251 Avgtdix (660788ec46f10ece80274d564fa8b4aa) C:\windows\system32\DRIVERS\avgtdix.sys

2010/12/31 14:39:48.0453 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys

2010/12/31 14:39:48.0609 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys

2010/12/31 14:39:48.0812 Beep (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys

2010/12/31 14:39:48.0999 blbdrive (ca4aea0fcd049598620b615a10411ff0) C:\windows\system32\DRIVERS\blbdrive.sys

2010/12/31 14:39:49.0015 Suspicious file (Forged): C:\windows\system32\DRIVERS\blbdrive.sys. Real md5: ca4aea0fcd049598620b615a10411ff0, Fake md5: 2287078ed48fcfc477b05b20cf38f36f

2010/12/31 14:39:49.0031 blbdrive - detected Rootkit.Win32.TDSS.tdl3 (0)

2010/12/31 14:39:49.0202 bowser (fcafaef6798d7b51ff029f99a9898961) C:\windows\system32\DRIVERS\bowser.sys

2010/12/31 14:39:49.0343 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys

2010/12/31 14:39:49.0436 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys

2010/12/31 14:39:49.0561 Brserid (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys

2010/12/31 14:39:49.0717 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys

2010/12/31 14:39:49.0779 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys

2010/12/31 14:39:49.0920 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys

2010/12/31 14:39:50.0060 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\DRIVERS\BthEnum.sys

2010/12/31 14:39:50.0169 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys

2010/12/31 14:39:50.0279 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys

2010/12/31 14:39:50.0435 BTHPORT (4a34888e13224678dd062466afec4240) C:\windows\system32\Drivers\BTHport.sys

2010/12/31 14:39:50.0684 BTHUSB (fa04c63916fa221dbb91fce153d07a55) C:\windows\system32\Drivers\BTHUSB.sys

2010/12/31 14:39:51.0776 camvid20 (6b67131a4fe1fcd3f40c184c978b907f) C:\windows\system32\DRIVERS\camdrv21.sys

2010/12/31 14:39:51.0979 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys

2010/12/31 14:39:52.0197 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\windows\system32\DRIVERS\cdrom.sys

2010/12/31 14:39:52.0369 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys

2010/12/31 14:39:52.0509 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys

2010/12/31 14:39:52.0634 CmBatt (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys

2010/12/31 14:39:52.0759 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\DRIVERS\cmdide.sys

2010/12/31 14:39:52.0946 CNG (1b675691ed940766149c93e8f4488d68) C:\windows\system32\Drivers\cng.sys

2010/12/31 14:39:53.0102 Compbatt (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys

2010/12/31 14:39:53.0461 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\windows\system32\DRIVERS\CompositeBus.sys

2010/12/31 14:39:53.0633 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys

2010/12/31 14:39:53.0867 DfsC (8e09e52ee2e3ceb199ef3dd99cf9e3fb) C:\windows\system32\Drivers\dfsc.sys

2010/12/31 14:39:54.0007 discache (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys

2010/12/31 14:39:54.0179 Disk (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys

2010/12/31 14:39:54.0381 Dot4 (b5e479eb83707dd698f66953e922042c) C:\windows\system32\DRIVERS\Dot4.sys

2010/12/31 14:39:54.0537 Dot4Print (c25fea07a8e7767e8b89ab96a3b96519) C:\windows\system32\DRIVERS\Dot4Prt.sys

2010/12/31 14:39:54.0647 dot4usb (cf491ff38d62143203c065260567e2f7) C:\windows\system32\DRIVERS\dot4usb.sys

2010/12/31 14:39:54.0787 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys

2010/12/31 14:39:54.0927 DsiUsb (fa5880ae0f5f57502a9a8db94330fddf) C:\windows\system32\DRIVERS\DsiUsb.sys

2010/12/31 14:39:55.0115 DXGKrnl (8b6c3464d7fac176500061dbfff42ad4) C:\windows\System32\drivers\dxgkrnl.sys

2010/12/31 14:39:55.0411 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys

2010/12/31 14:39:55.0692 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys

2010/12/31 14:39:55.0848 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\DRIVERS\errdev.sys

2010/12/31 14:39:56.0035 exfat (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys

2010/12/31 14:39:56.0113 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys

2010/12/31 14:39:56.0300 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys

2010/12/31 14:39:56.0394 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys

2010/12/31 14:39:56.0534 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys

2010/12/31 14:39:56.0675 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys

2010/12/31 14:39:56.0784 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys

2010/12/31 14:39:56.0971 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys

2010/12/31 14:39:57.0111 fssfltr (574cea4d3510ec905c0163c42d305ba5) C:\windows\system32\DRIVERS\fssfltr.sys

2010/12/31 14:39:57.0189 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\windows\system32\drivers\Fs_Rec.sys

2010/12/31 14:39:57.0345 fvevol (5592f5dba26282d24d2b080eb438a4d7) C:\windows\system32\DRIVERS\fvevol.sys

2010/12/31 14:39:57.0501 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys

2010/12/31 14:39:57.0657 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\windows\system32\DRIVERS\GEARAspiWDM.sys

2010/12/31 14:39:57.0829 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\windows\system32\drivers\grmnusb.sys

2010/12/31 14:39:57.0923 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys

2010/12/31 14:39:58.0079 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\windows\system32\drivers\HdAudio.sys

2010/12/31 14:39:58.0266 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\windows\system32\DRIVERS\HDAudBus.sys

2010/12/31 14:39:58.0344 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys

2010/12/31 14:39:58.0484 HidBth (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys

2010/12/31 14:39:58.0656 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys

2010/12/31 14:39:58.0843 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\windows\system32\DRIVERS\hidusb.sys

2010/12/31 14:39:59.0077 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\DRIVERS\HpSAMD.sys

2010/12/31 14:39:59.0249 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\windows\system32\drivers\HTTP.sys

2010/12/31 14:39:59.0389 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\windows\system32\drivers\hwpolicy.sys

2010/12/31 14:39:59.0545 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\DRIVERS\i8042prt.sys

2010/12/31 14:39:59.0639 iaStor (d483687eace0c065ee772481a96e05f5) C:\windows\system32\DRIVERS\iaStor.sys

2010/12/31 14:39:59.0810 iaStorV (934af4d7c5f457b9f0743f4299b77b67) C:\windows\system32\DRIVERS\iaStorV.sys

2010/12/31 14:40:00.0138 igfx (1f50623259df354776df04c56504a2d7) C:\windows\system32\DRIVERS\igdkmd32.sys

2010/12/31 14:40:00.0450 iirsp (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys

2010/12/31 14:40:00.0762 IntcAzAudAddService (db96b8bd676bb24bd4f1dc53ca1f182c) C:\windows\system32\drivers\RTKVHDA.sys

2010/12/31 14:40:00.0980 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\DRIVERS\intelide.sys

2010/12/31 14:40:01.0058 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys

2010/12/31 14:40:01.0230 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys

2010/12/31 14:40:01.0386 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\windows\system32\DRIVERS\IPMIDrv.sys

2010/12/31 14:40:01.0433 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys

2010/12/31 14:40:01.0589 IRENUM (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys

2010/12/31 14:40:01.0682 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\DRIVERS\isapnp.sys

2010/12/31 14:40:01.0760 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\windows\system32\DRIVERS\msiscsi.sys

2010/12/31 14:40:01.0947 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\DRIVERS\kbdclass.sys

2010/12/31 14:40:02.0041 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\windows\system32\DRIVERS\kbdhid.sys

2010/12/31 14:40:02.0197 kbfiltr (3eb803312987ff44265c87cb960df6ab) C:\windows\system32\DRIVERS\kbfiltr.sys

2010/12/31 14:40:02.0322 KSecDD (e36a061ec11b373826905b21be10948f) C:\windows\system32\Drivers\ksecdd.sys

2010/12/31 14:40:02.0447 KSecPkg (26c046977e85b95036453d7b88ba1820) C:\windows\system32\Drivers\ksecpkg.sys

2010/12/31 14:40:02.0618 L1C (a158cea8644b8a5c1ec0e9a81b70f65a) C:\windows\system32\DRIVERS\L1C62x86.sys

2010/12/31 14:40:02.0852 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys

2010/12/31 14:40:03.0055 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys

2010/12/31 14:40:03.0227 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys

2010/12/31 14:40:03.0398 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys

2010/12/31 14:40:03.0461 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys

2010/12/31 14:40:03.0601 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys

2010/12/31 14:40:03.0679 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\windows\system32\DRIVERS\mcdbus.sys

2010/12/31 14:40:03.0819 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys

2010/12/31 14:40:03.0991 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys

2010/12/31 14:40:04.0163 Modem (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys

2010/12/31 14:40:04.0334 monitor (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys

2010/12/31 14:40:04.0475 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys

2010/12/31 14:40:04.0631 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys

2010/12/31 14:40:04.0740 mountmgr (921c18727c5920d6c0300736646931c2) C:\windows\system32\drivers\mountmgr.sys

2010/12/31 14:40:04.0849 mpio (2af5997438c55fb79d33d015c30e1974) C:\windows\system32\DRIVERS\mpio.sys

2010/12/31 14:40:05.0005 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys

2010/12/31 14:40:05.0161 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\windows\system32\drivers\mrxdav.sys

2010/12/31 14:40:05.0333 mrxsmb (f4a054be78af7f410129c4b64b07dc9b) C:\windows\system32\DRIVERS\mrxsmb.sys

2010/12/31 14:40:05.0473 mrxsmb10 (deffa295bd1895c6ed8e3078412ac60b) C:\windows\system32\DRIVERS\mrxsmb10.sys

2010/12/31 14:40:05.0551 mrxsmb20 (24d76abe5dcad22f19d105f76fdf0ce1) C:\windows\system32\DRIVERS\mrxsmb20.sys

2010/12/31 14:40:05.0676 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\windows\system32\DRIVERS\msahci.sys

2010/12/31 14:40:05.0754 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\windows\system32\DRIVERS\msdsm.sys

2010/12/31 14:40:05.0910 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys

2010/12/31 14:40:05.0972 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys

2010/12/31 14:40:06.0035 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\DRIVERS\msisadrv.sys

2010/12/31 14:40:06.0237 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys

2010/12/31 14:40:06.0378 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys

2010/12/31 14:40:06.0471 MSPQM (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys

2010/12/31 14:40:06.0596 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys

2010/12/31 14:40:06.0721 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\DRIVERS\mssmbios.sys

2010/12/31 14:40:06.0877 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys

2010/12/31 14:40:06.0971 MTConfig (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys

2010/12/31 14:40:07.0095 Mup (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys

2010/12/31 14:40:07.0236 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys

2010/12/31 14:40:07.0407 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\windows\system32\drivers\ndis.sys

2010/12/31 14:40:07.0563 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys

2010/12/31 14:40:07.0641 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys

2010/12/31 14:40:07.0797 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\windows\system32\DRIVERS\ndisuio.sys

2010/12/31 14:40:07.0953 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\windows\system32\DRIVERS\ndiswan.sys

2010/12/31 14:40:08.0016 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\windows\system32\drivers\NDProxy.sys

2010/12/31 14:40:08.0187 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\windows\system32\DRIVERS\netaapl.sys

2010/12/31 14:40:08.0328 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys

2010/12/31 14:40:08.0406 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\windows\system32\DRIVERS\netbt.sys

2010/12/31 14:40:08.0624 netr28 (596e25b4631df2be98fd2bade8bcc625) C:\windows\system32\DRIVERS\netr28.sys

2010/12/31 14:40:08.0796 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys

2010/12/31 14:40:08.0874 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys

2010/12/31 14:40:09.0014 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys

2010/12/31 14:40:09.0139 Ntfs (3795dcd21f740ee799fb7223234215af) C:\windows\system32\drivers\Ntfs.sys

2010/12/31 14:40:09.0264 Null (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys

2010/12/31 14:40:09.0357 nvraid (3f3d04b1d08d43c16ea7963954ec768d) C:\windows\system32\DRIVERS\nvraid.sys

2010/12/31 14:40:09.0404 nvstor (c99f251a5de63c6f129cf71933aced0f) C:\windows\system32\DRIVERS\nvstor.sys

2010/12/31 14:40:09.0591 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\DRIVERS\nv_agp.sys

2010/12/31 14:40:09.0747 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\DRIVERS\ohci1394.sys

2010/12/31 14:40:09.0903 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys

2010/12/31 14:40:10.0028 partmgr (ff4218952b51de44fe910953a3e686b9) C:\windows\system32\drivers\partmgr.sys

2010/12/31 14:40:10.0122 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys

2010/12/31 14:40:10.0247 pci (c858cb77c577780ecc456a892e7e7d0f) C:\windows\system32\DRIVERS\pci.sys

2010/12/31 14:40:10.0325 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\DRIVERS\pciide.sys

2010/12/31 14:40:10.0403 pcmcia (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys

2010/12/31 14:40:10.0512 pcw (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys

2010/12/31 14:40:10.0605 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys

2010/12/31 14:40:11.0042 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys

2010/12/31 14:40:11.0120 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys

2010/12/31 14:40:11.0292 Psched (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys

2010/12/31 14:40:11.0417 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys

2010/12/31 14:40:11.0573 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys

2010/12/31 14:40:11.0651 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys

2010/12/31 14:40:11.0713 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys

2010/12/31 14:40:11.0900 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys

2010/12/31 14:40:12.0087 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys

2010/12/31 14:40:12.0243 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys

2010/12/31 14:40:12.0337 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys

2010/12/31 14:40:12.0477 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\windows\system32\DRIVERS\rdbss.sys

2010/12/31 14:40:12.0555 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys

2010/12/31 14:40:12.0602 RDPCDD (1e016846895b15a99f9a176a05029075) C:\windows\system32\DRIVERS\RDPCDD.sys

2010/12/31 14:40:12.0789 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys

2010/12/31 14:40:12.0883 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys

2010/12/31 14:40:13.0008 RDPWD (801371ba9782282892d00aadb08ee367) C:\windows\system32\drivers\RDPWD.sys

2010/12/31 14:40:13.0148 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\windows\system32\drivers\rdyboost.sys

2010/12/31 14:40:13.0257 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys

2010/12/31 14:40:13.0445 rspndr (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys

2010/12/31 14:40:13.0538 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\windows\system32\DRIVERS\sbp2port.sys

2010/12/31 14:40:13.0679 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\windows\system32\DRIVERS\scfilter.sys

2010/12/31 14:40:13.0913 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys

2010/12/31 14:40:14.0006 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys

2010/12/31 14:40:14.0131 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys

2010/12/31 14:40:14.0193 sermouse (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys

2010/12/31 14:40:14.0412 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\DRIVERS\sffdisk.sys

2010/12/31 14:40:14.0490 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\DRIVERS\sffp_mmc.sys

2010/12/31 14:40:14.0537 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\windows\system32\DRIVERS\sffp_sd.sys

2010/12/31 14:40:14.0677 sfloppy (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys

2010/12/31 14:40:14.0755 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\DRIVERS\sisagp.sys

2010/12/31 14:40:14.0833 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys

2010/12/31 14:40:14.0958 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys

2010/12/31 14:40:15.0051 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys

2010/12/31 14:40:15.0207 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys

2010/12/31 14:40:15.0426 sptd (c4bb8a12843d9cbb65f5ff617f389bbd) C:\windows\System32\Drivers\sptd.sys

2010/12/31 14:40:15.0597 srv (2ba4ebc7dfba845a1edbe1f75913be33) C:\windows\system32\DRIVERS\srv.sys

2010/12/31 14:40:15.0707 srv2 (dce7e10feaabd4cae95948b3de5340bb) C:\windows\system32\DRIVERS\srv2.sys

2010/12/31 14:40:15.0816 srvnet (b5665baa2120b8a54e22e9cd07c05106) C:\windows\system32\DRIVERS\srvnet.sys

2010/12/31 14:40:15.0972 stexstor (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys

2010/12/31 14:40:16.0097 swenum (e58c78a848add9610a4db6d214af5224) C:\windows\system32\DRIVERS\swenum.sys

2010/12/31 14:40:16.0268 SynTP (8bd10dc8809dc69a1c5a795cb10add76) C:\windows\system32\DRIVERS\SynTP.sys

2010/12/31 14:40:16.0533 Tcpip (2cc3d75488abd3ec628bbb9a4fc84efc) C:\windows\system32\drivers\tcpip.sys

2010/12/31 14:40:16.0736 TCPIP6 (2cc3d75488abd3ec628bbb9a4fc84efc) C:\windows\system32\DRIVERS\tcpip.sys

2010/12/31 14:40:16.0892 tcpipreg (e64444523add154f86567c469bc0b17f) C:\windows\system32\drivers\tcpipreg.sys

2010/12/31 14:40:16.0970 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\windows\system32\drivers\tdpipe.sys

2010/12/31 14:40:17.0017 TDTCP (7551e91ea999ee9a8e9c331d5a9c31f3) C:\windows\system32\drivers\tdtcp.sys

2010/12/31 14:40:17.0126 tdx (cb39e896a2a83702d1737bfd402b3542) C:\windows\system32\DRIVERS\tdx.sys

2010/12/31 14:40:17.0251 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\windows\system32\DRIVERS\termdd.sys

2010/12/31 14:40:17.0485 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\windows\system32\DRIVERS\tssecsrv.sys

2010/12/31 14:40:17.0579 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\windows\system32\DRIVERS\tunnel.sys

2010/12/31 14:40:17.0703 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys

2010/12/31 14:40:17.0766 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\windows\system32\DRIVERS\udfs.sys

2010/12/31 14:40:17.0906 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\DRIVERS\uliagpkx.sys

2010/12/31 14:40:18.0062 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\windows\system32\DRIVERS\umbus.sys

2010/12/31 14:40:18.0140 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys

2010/12/31 14:40:18.0296 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\windows\system32\Drivers\usbaapl.sys

2010/12/31 14:40:18.0483 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\windows\system32\drivers\usbaudio.sys

2010/12/31 14:40:18.0546 usbccgp (8455c4ed038efd09e99327f9d2d48ffa) C:\windows\system32\DRIVERS\usbccgp.sys

2010/12/31 14:40:18.0671 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\DRIVERS\usbcir.sys

2010/12/31 14:40:18.0749 usbehci (1c333bfd60f2fed2c7ad5daf533cb742) C:\windows\system32\DRIVERS\usbehci.sys

2010/12/31 14:40:18.0889 usbhub (ee6ef93ccfa94fae8c6ab298273d8ae2) C:\windows\system32\DRIVERS\usbhub.sys

2010/12/31 14:40:18.0967 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\windows\system32\DRIVERS\usbohci.sys

2010/12/31 14:40:19.0107 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys

2010/12/31 14:40:19.0201 usbscan (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys

2010/12/31 14:40:19.0326 USBSTOR (d8889d56e0d27e57ed4591837fe71d27) C:\windows\system32\DRIVERS\USBSTOR.SYS

2010/12/31 14:40:19.0419 usbuhci (78780c3ebce17405b1ccd07a3a8a7d72) C:\windows\system32\DRIVERS\usbuhci.sys

2010/12/31 14:40:19.0560 usbvideo (f642a7e4bf78cfa359cca0a3557c28d7) C:\windows\system32\Drivers\usbvideo.sys

2010/12/31 14:40:19.0669 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\DRIVERS\vdrvroot.sys

2010/12/31 14:40:19.0809 vga (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys

2010/12/31 14:40:19.0887 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys

2010/12/31 14:40:19.0950 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\windows\system32\DRIVERS\vhdmp.sys

2010/12/31 14:40:20.0090 viaagp (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\DRIVERS\viaagp.sys

2010/12/31 14:40:20.0153 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys

2010/12/31 14:40:20.0199 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\DRIVERS\viaide.sys

2010/12/31 14:40:20.0355 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\windows\system32\DRIVERS\volmgr.sys

2010/12/31 14:40:20.0433 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys

2010/12/31 14:40:20.0823 volsnap (58df9d2481a56edde167e51b334d44fd) C:\windows\system32\DRIVERS\volsnap.sys

2010/12/31 14:40:20.0964 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys

2010/12/31 14:40:21.0104 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys

2010/12/31 14:40:21.0245 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys

2010/12/31 14:40:21.0354 vwifimp (a3f04cbea6c2a10e6cb01f8b47611882) C:\windows\system32\DRIVERS\vwifimp.sys

2010/12/31 14:40:21.0510 WacomPen (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys

2010/12/31 14:40:21.0635 WANARP (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys

2010/12/31 14:40:21.0681 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\windows\system32\DRIVERS\wanarp.sys

2010/12/31 14:40:22.0009 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys

2010/12/31 14:40:22.0196 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys

2010/12/31 14:40:22.0633 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys

2010/12/31 14:40:22.0711 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys

2010/12/31 14:40:23.0117 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\windows\system32\DRIVERS\WinUsb.sys

2010/12/31 14:40:23.0335 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\DRIVERS\wmiacpi.sys

2010/12/31 14:40:23.0475 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys

2010/12/31 14:40:23.0616 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\windows\system32\drivers\WudfPf.sys

2010/12/31 14:40:23.0756 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\windows\system32\DRIVERS\WUDFRd.sys

2010/12/31 14:40:24.0224 ================================================================================

2010/12/31 14:40:24.0224 Scan finished

2010/12/31 14:40:24.0224 ================================================================================

2010/12/31 14:40:24.0271 Detected object count: 1

2010/12/31 14:40:49.0699 blbdrive (ca4aea0fcd049598620b615a10411ff0) C:\windows\system32\DRIVERS\blbdrive.sys

2010/12/31 14:40:49.0715 Suspicious file (Forged): C:\windows\system32\DRIVERS\blbdrive.sys. Real md5: ca4aea0fcd049598620b615a10411ff0, Fake md5: 2287078ed48fcfc477b05b20cf38f36f

2010/12/31 14:40:49.0918 Backup copy found, using it..

2010/12/31 14:40:49.0933 C:\windows\system32\DRIVERS\blbdrive.sys - will be cured after reboot

2010/12/31 14:40:49.0933 Rootkit.Win32.TDSS.tdl3(blbdrive) - User select action: Cure

2010/12/31 14:41:10.0494 Deinitialize success

[anttler]

ComboFix 10-12-31.01 - Scott 12/31/2010 15:20:40.1.2 - x86

Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1015.435 [GMT -5:00]

Running from: c:\users\Scott\Desktop\ComboFix.exe

AV: Trend Micro Security *Disabled/Updated* {48929DFC-7A52-A34F-8351-C4DBEDBD9C50}

SP: Trend Micro Security *Disabled/Updated* {F3F37C18-5C68-ACC1-B9E1-FFA9963AD6ED}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\program files\Mozilla Firefox\searchplugins\google_search.xml

c:\programdata\FullRemove.exe

c:\programdata\Microsoft\Network\Downloader\qmgr0.dat

c:\programdata\Microsoft\Network\Downloader\qmgr1.dat

c:\users\Scott\AppData\Local\Temp\4817.tmp

c:\windows\system\Agcgauge.ax

c:\windows\system32\Thumbs.db

----- BITS: Possible infected sites -----

hxxp://download.yimg.com

.

((((((((((((((((((((((((( Files Created from 2010-11-28 to 2010-12-31 )))))))))))))))))))))))))))))))

.

2010-12-31 20:32 . 2010-12-31 20:32 -------- d-----w- c:\users\Default\AppData\Local\temp

2010-12-31 05:25 . 2010-12-31 05:25 -------- d-----w- c:\users\Scott\AppData\Roaming\Malwarebytes

2010-12-31 05:25 . 2010-12-20 23:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-12-31 05:25 . 2010-12-31 05:25 -------- d-----w- c:\programdata\Malwarebytes

2010-12-31 05:25 . 2010-12-20 23:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-12-31 05:25 . 2010-12-31 05:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-12-27 23:23 . 2010-12-27 23:24 -------- d-----w- c:\program files\TuneUpMedia

2010-12-27 23:22 . 2010-12-29 19:25 -------- d-----w- c:\programdata\TuneUpMedia

2010-12-27 22:28 . 2010-12-27 22:28 -------- d-----w- c:\program files\iPod

2010-12-27 22:24 . 2010-12-27 22:24 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll

2010-12-27 22:24 . 2010-12-27 22:24 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll

2010-12-27 22:24 . 2010-12-27 22:24 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll

2010-12-27 22:24 . 2010-12-27 22:24 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll

2010-12-27 22:24 . 2010-12-27 22:24 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll

2010-12-27 22:24 . 2010-12-27 22:24 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll

2010-12-27 22:24 . 2010-12-27 22:24 159744 ----a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll

2010-12-27 22:24 . 2010-12-27 22:24 -------- d-----w- c:\program files\QuickTime

2010-12-27 03:46 . 2010-12-27 03:46 388096 ----a-r- c:\users\Scott\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-12-17 00:50 . 2003-11-10 23:14 729088 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll

2010-12-17 00:50 . 2003-11-10 23:13 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll

2010-12-17 00:50 . 2003-11-10 23:12 266240 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll

2010-12-17 00:50 . 2003-11-10 23:12 192512 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll

2010-12-17 00:50 . 2003-11-10 23:11 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe

2010-12-17 00:49 . 2010-12-17 00:49 188548 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll

2010-12-17 00:49 . 2010-12-17 00:49 311428 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll

2010-12-13 22:52 . 2010-12-13 22:52 -------- d-----w- c:\users\Scott\AppData\Roaming\AVG10

2010-12-13 22:49 . 2010-12-13 22:49 -------- d--h--w- c:\programdata\Common Files

2010-12-13 22:49 . 2010-12-31 19:48 -------- d-----w- c:\programdata\AVG Security Toolbar

2010-12-13 22:34 . 2010-12-13 22:40 -------- d-----w- c:\programdata\MFAData

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-31 19:41 . 2009-07-13 23:23 35328 ----a-w- c:\windows\system32\drivers\blbdrive.sys

2010-11-29 22:38 . 2010-11-29 22:38 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2010-11-29 22:38 . 2010-11-29 22:38 69632 ----a-w- c:\windows\system32\QuickTime.qts

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-05-26 1385864]

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2009-12-09 01:19 94208 ----a-w- c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe" [2010-06-01 5252408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-08-14 141848]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-08-14 173592]

"Persistence"="c:\windows\system32\igfxpers.exe" [2009-08-14 150552]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-29 7744032]

"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160]

"Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-12-20 963976]

c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]

Dropbox.lnk - c:\users\Scott\AppData\Roaming\Dropbox\bin\Dropbox.exe [2010-2-26 21979992]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]

path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^Scott^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk]

path=c:\users\Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk

backup=c:\windows\pss\MagicDisc.lnk.Startup

backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2009-02-28 00:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount]

2009-11-15 09:42 33120 ----a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boingo Wi-Fi]

2010-09-27 01:11 2429 ----a-w- c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Eee Docking]

2009-11-17 17:47 414384 ----a-w- c:\program files\ASUS\Eee Docking\Eee Docking.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]

2006-10-27 04:47 31016 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeyMon]

2009-09-11 20:25 33768 ----a-w- c:\windows\System32\AsusSender.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyService]

2009-09-11 20:25 33768 ----a-w- c:\windows\System32\AsusSender.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]

2007-05-08 20:24 54840 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon]

2008-07-22 22:33 150528 ----a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2010-12-13 22:16 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]

2009-09-11 20:25 33768 ----a-w- c:\windows\System32\AsusSender.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSN Toolbar]

2010-02-12 15:02 240992 ----a-w- c:\program files\MSN Toolbar\Platform\4.0.0401.0\mswinext.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2009-02-06 22:51 3885408 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OOBESetup]

2009-09-30 16:58 338096 ----a-w- c:\program files\ASUS\OOBERegBackup\OOBERegBackup.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2010-05-14 15:44 248552 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]

2009-09-11 20:25 33768 ----a-w- c:\windows\System32\AsusSender.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VizorHtmlDialog.exe]

2009-10-14 02:34 628016 ----a-w- c:\program files\Trend Micro\Security\VizorHtmlDialog.exe

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\DRIVERS\camdrv21.sys [x]

R3 DsiUsb;DsiUsb;c:\windows\system32\DRIVERS\DsiUsb.sys [2010-07-22 56664]

R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl.sys [2010-04-20 18432]

R3 netr28;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28.sys [2009-09-11 626688]

R4 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]

R4 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]

R4 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]

R4 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-09-27 697328]

S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]

S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-13 14336]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.yahoo.com/

uInternet Settings,ProxyOverride = *.local

IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM

IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

IE: Lookup on Merriam Webster - file://c:\program files\ieSpell\Merriam Webster.HTM

IE: Lookup on Wikipedia - file://c:\program files\ieSpell\wikipedia.HTM

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

.

- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)

HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-SynAsusAcpi - %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe

SafeBoot-klmdb.sys

MSConfigStartUp-{6CF0CBD8-BEB2-B04D-ACF1-FA1DC0220C12} - c:\users\Scott\AppData\Roaming\Udfip\qyxob.exe

.

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(2884)

c:\users\Scott\AppData\Roaming\Dropbox\bin\DropboxExt.13.dll

.

------------------------ Other Running Processes ------------------------

.

c:\windows\system32\taskhost.exe

c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files\Bonjour\mDNSResponder.exe

c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\conhost.exe

c:\windows\system32\WUDFHost.exe

c:\windows\system32\sppsvc.exe

.

**************************************************************************

.

Completion time: 2010-12-31 15:39:57 - machine was rebooted

ComboFix-quarantined-files.txt 2010-12-31 20:39

Pre-Run: 80,560,238,592 bytes free

Post-Run: 80,444,030,976 bytes free

- - End Of File - - BE6867F5CDB12B8853060D19E704EF24

[kahdah]

Update Run Malwarebytes

Please update\run Malwarebytes' Anti-Malware.

Double Click the Malwarebytes Anti-Malware icon to run the application.

• Click on the update tab then click on Check for updates.
  
• If an update is found, it will download and install the latest version.
  
• Once the update has loaded, go to the Scanner tab and select "Perform Quick Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.
  

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.

=====

* Go here to run an online scannner from ESET.

• Note: You will need to use Internet explorer for this scan
  
• Tick the box next to YES, I accept the Terms of Use.
  
• Click Start
  
• When asked, allow the activex control to install
  
• Click Start
  
• Check next options: Remove found threats and Scan inside archives.
  
• Click Scan
  
• Wait for the scan to finish
  
• Click on the option that says Export to text file.
  
• Save it to your desktop and post the contents here in your next reply.
  
• Once the log is saved click the option to delete quarantined threats and Uninstall application on close.
  

[anttler]

I updated and it found no malware... I hope this is good.

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 5431

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

12/31/2010 7:53:12 PM

mbam-log-2010-12-31 (19-53-12).txt

Scan type: Quick scan

Objects scanned: 154412

Time elapsed: 5 minute(s), 8 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

[kahdah]

Yes it is good please run the Eset scan from my instructions above and post the log once it is done.

[screen317]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!