removal of IRS email virus

Welcome to Dell Community Malware Removal Forums,

Sorry for the delay in getting to you, I'm K27 and i will be reviewing your log for you.

Please DO NOT run any scans/tools/fixes on your own as this will conflict with the tools we are going to use.

Please Print or Save to Notepad all instructions and please follow them carefully and if there's something you don't understand or that will not work please let me know and we will go through it together.

Please DO NOT use this system for anything apart from visiting this forum and other sites I direct you too, as this will only make the cleanup process all the more diffecult.

Failure to reply in three (3) days will result in this topic being closed and I will remove it from my notifications, If you require more time then that is fine but please let me know.

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan

   

• If an infected file is detected, the default action will be Cure, click on Continue.

   

  

   

• If a suspicious file is detected, the default action will be Skip, click on Continue.

   

  

   

• It may ask you to reboot the computer to complete the process. Click on Reboot Now.

   

  

   

• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Thanks

i ran the tds killer program and here is the log, it stated that there where no infected programs.

2011/07/25 14:22:43.0523 4468 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56
2011/07/25 14:22:45.0535 4468 ================================================================================
2011/07/25 14:22:45.0535 4468 SystemInfo:
2011/07/25 14:22:45.0535 4468 
2011/07/25 14:22:45.0535 4468 OS Version: 6.1.7601 ServicePack: 1.0
2011/07/25 14:22:45.0535 4468 Product type: Workstation
2011/07/25 14:22:45.0535 4468 ComputerName: LEO-PC
2011/07/25 14:22:45.0535 4468 UserName: leo
2011/07/25 14:22:45.0535 4468 Windows directory: C:\Windows
2011/07/25 14:22:45.0535 4468 System windows directory: C:\Windows
2011/07/25 14:22:45.0535 4468 Running under WOW64
2011/07/25 14:22:45.0535 4468 Processor architecture: Intel x64
2011/07/25 14:22:45.0535 4468 Number of processors: 2
2011/07/25 14:22:45.0535 4468 Page size: 0x1000
2011/07/25 14:22:45.0535 4468 Boot type: Normal boot
2011/07/25 14:22:45.0535 4468 ================================================================================
2011/07/25 14:22:47.0984 4468 Initialize success
2011/07/25 14:22:53.0553 2968 ================================================================================
2011/07/25 14:22:53.0553 2968 Scan started
2011/07/25 14:22:53.0553 2968 Mode: Manual;
2011/07/25 14:22:53.0553 2968 ================================================================================
2011/07/25 14:22:54.0755 2968 1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/07/25 14:22:55.0051 2968 ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/07/25 14:22:55.0238 2968 AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/07/25 14:22:55.0457 2968 adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/07/25 14:22:55.0659 2968 adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/07/25 14:22:55.0815 2968 adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/07/25 14:22:55.0971 2968 AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/07/25 14:22:56.0252 2968 agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/07/25 14:22:56.0424 2968 aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/07/25 14:22:56.0564 2968 amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/07/25 14:22:56.0783 2968 AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/07/25 14:22:56.0954 2968 AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/07/25 14:22:57.0157 2968 amdsata         (6ec6d772eae38dc17c14aed9b178d24b) C:\Windows\system32\drivers\amdsata.sys
2011/07/25 14:22:57.0391 2968 amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/07/25 14:22:57.0531 2968 amdxata         (1142a21db581a84ea5597b03a26ebaa0) C:\Windows\system32\drivers\amdxata.sys
2011/07/25 14:22:57.0765 2968 ApfiltrService  (98449a2957778a6f025c418438a380f4) C:\Windows\system32\DRIVERS\Apfiltr.sys
2011/07/25 14:22:57.0968 2968 AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/07/25 14:22:58.0202 2968 arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/07/25 14:22:58.0343 2968 arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/07/25 14:22:58.0514 2968 AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/07/25 14:22:58.0670 2968 atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/07/25 14:22:58.0873 2968 b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/07/25 14:22:59.0091 2968 b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/07/25 14:22:59.0263 2968 BCM42RLY        (e001dd475a7c27ebe5a0db45c11bad71) C:\Windows\system32\drivers\BCM42RLY.sys
2011/07/25 14:22:59.0497 2968 BCM43XX         (37394d3553e220fb732c21e217e1bd8b) C:\Windows\system32\DRIVERS\bcmwl664.sys
2011/07/25 14:22:59.0793 2968 Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/07/25 14:22:59.0965 2968 blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/07/25 14:23:00.0183 2968 bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/07/25 14:23:00.0402 2968 BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/07/25 14:23:00.0589 2968 BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/07/25 14:23:00.0761 2968 Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/07/25 14:23:00.0901 2968 BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/07/25 14:23:01.0041 2968 BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/07/25 14:23:01.0197 2968 BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/07/25 14:23:01.0322 2968 BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/07/25 14:23:01.0509 2968 cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/07/25 14:23:01.0712 2968 cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
2011/07/25 14:23:01.0946 2968 cfwids          (676535b3156fecf7133cf80b4d2f6cf7) C:\Windows\system32\drivers\cfwids.sys
2011/07/25 14:23:03.0023 2968 circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/07/25 14:23:03.0194 2968 CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/07/25 14:23:03.0366 2968 CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/07/25 14:23:03.0522 2968 cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/07/25 14:23:03.0693 2968 CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/07/25 14:23:03.0943 2968 Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/07/25 14:23:04.0099 2968 CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/07/25 14:23:04.0317 2968 crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/07/25 14:23:04.0567 2968 CtClsFlt        (ed5cf92396a62f4c15110dcdb5e854d9) C:\Windows\system32\DRIVERS\CtClsFlt.sys
2011/07/25 14:23:04.0895 2968 DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/07/25 14:23:05.0082 2968 discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/07/25 14:23:05.0222 2968 Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/07/25 14:23:05.0409 2968 DisplayLinkUsbPort (e5c3624921a4effd1774d4447c9cb390) C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys
2011/07/25 14:23:05.0659 2968 dlkmd           (09daebd9f50974c7d585603d598ce4d4) C:\Windows\system32\drivers\dlkmd.sys
2011/07/25 14:23:06.0033 2968 dlkmdldr        (389fb1d69a1b0e2403327590bf50084b) C:\Windows\system32\drivers\dlkmdldr.sys
2011/07/25 14:23:06.0252 2968 drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/07/25 14:23:06.0564 2968 DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/07/25 14:23:06.0923 2968 ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/07/25 14:23:07.0219 2968 elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/07/25 14:23:07.0375 2968 ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/07/25 14:23:07.0531 2968 exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/07/25 14:23:07.0671 2968 fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/07/25 14:23:07.0843 2968 fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/07/25 14:23:07.0983 2968 FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/07/25 14:23:08.0139 2968 Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/07/25 14:23:08.0295 2968 flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/07/25 14:23:08.0545 2968 FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/07/25 14:23:08.0763 2968 FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/07/25 14:23:08.0904 2968 Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/07/25 14:23:09.0091 2968 fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/07/25 14:23:09.0263 2968 gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/07/25 14:23:09.0419 2968 GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/07/25 14:23:09.0731 2968 hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/07/25 14:23:09.0887 2968 HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/07/25 14:23:10.0043 2968 HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/07/25 14:23:10.0245 2968 HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/07/25 14:23:10.0433 2968 HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/07/25 14:23:10.0604 2968 HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/07/25 14:23:10.0838 2968 HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/07/25 14:23:11.0135 2968 HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/07/25 14:23:11.0540 2968 hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/07/25 14:23:11.0805 2968 i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/07/25 14:23:12.0102 2968 iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
2011/07/25 14:23:12.0242 2968 iaStorV         (3df4395a7cf8b7a72a5f4606366b8c2d) C:\Windows\system32\drivers\iaStorV.sys
2011/07/25 14:23:13.0116 2968 igfx            (babd5f9b2bcc82ce556a0baf1ae208a7) C:\Windows\system32\DRIVERS\igdkmd64.sys
2011/07/25 14:23:13.0553 2968 iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/07/25 14:23:13.0740 2968 intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/07/25 14:23:13.0896 2968 intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/07/25 14:23:14.0114 2968 IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/07/25 14:23:14.0333 2968 IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/07/25 14:23:14.0582 2968 IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/07/25 14:23:14.0769 2968 IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/07/25 14:23:14.0910 2968 isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/07/25 14:23:15.0066 2968 iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/07/25 14:23:15.0269 2968 kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/07/25 14:23:15.0425 2968 kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/07/25 14:23:15.0674 2968 KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/07/25 14:23:15.0893 2968 KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/07/25 14:23:16.0095 2968 ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/07/25 14:23:16.0267 2968 Lavasoft Kernexplorer (9a7fa6371f68335fd3c3d6488bc5a9f8) C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys
2011/07/25 14:23:16.0470 2968 Lbd             (c8b3131857931ae76798a741cc52b021) C:\Windows\system32\DRIVERS\Lbd.sys
2011/07/25 14:23:16.0673 2968 lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/07/25 14:23:16.0829 2968 LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/07/25 14:23:16.0969 2968 LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/07/25 14:23:17.0156 2968 LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/07/25 14:23:17.0297 2968 LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/07/25 14:23:17.0468 2968 luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/07/25 14:23:17.0702 2968 megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/07/25 14:23:17.0889 2968 MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/07/25 14:23:18.0014 2968 mfeapfk         (31338e489314ae2a29534fbaa7ad2f1b) C:\Windows\system32\drivers\mfeapfk.sys
2011/07/25 14:23:18.0155 2968 mfeavfk         (5822e70233218bcf22a65fcea74d012d) C:\Windows\system32\drivers\mfeavfk.sys
2011/07/25 14:23:18.0529 2968 mfefirek        (5a24e7c834576313d8c5eaf0825da844) C:\Windows\system32\drivers\mfefirek.sys
2011/07/25 14:23:18.0732 2968 mfehidk         (a2607740bb18d631da01e01dcb81843b) C:\Windows\system32\drivers\mfehidk.sys
2011/07/25 14:23:18.0950 2968 mfenlfk         (50c3a9d7465d385061c0601deefb5a8e) C:\Windows\system32\DRIVERS\mfenlfk.sys
2011/07/25 14:23:19.0137 2968 mferkdet        (edf5ee799a0b3ed6dce8bb16a51f3d1f) C:\Windows\system32\drivers\mferkdet.sys
2011/07/25 14:23:19.0325 2968 mfewfpk         (9182faf9addd5ea6308d155ceb502c6f) C:\Windows\system32\drivers\mfewfpk.sys
2011/07/25 14:23:19.0527 2968 Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/07/25 14:23:19.0699 2968 monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/07/25 14:23:19.0808 2968 mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/07/25 14:23:19.0980 2968 mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/07/25 14:23:20.0105 2968 mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/07/25 14:23:20.0323 2968 MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
2011/07/25 14:23:20.0541 2968 mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/07/25 14:23:20.0838 2968 MpNWMon         (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
2011/07/25 14:23:20.0963 2968 mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/07/25 14:23:21.0119 2968 MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/07/25 14:23:21.0337 2968 mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/07/25 14:23:21.0524 2968 mrxsmb10        (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/07/25 14:23:21.0727 2968 mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/07/25 14:23:21.0930 2968 msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/07/25 14:23:22.0133 2968 msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/07/25 14:23:22.0335 2968 Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/07/25 14:23:22.0476 2968 mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/07/25 14:23:22.0632 2968 msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/07/25 14:23:22.0803 2968 MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/07/25 14:23:22.0975 2968 MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/07/25 14:23:23.0131 2968 MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/07/25 14:23:23.0303 2968 MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/07/25 14:23:23.0459 2968 mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/07/25 14:23:23.0568 2968 MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/07/25 14:23:23.0693 2968 MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/07/25 14:23:23.0849 2968 Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/07/25 14:23:24.0020 2968 mvusbews        (d2e148790a9111feb60257fb43a5c2ed) C:\Windows\system32\Drivers\mvusbews.sys
2011/07/25 14:23:24.0239 2968 NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/07/25 14:23:24.0473 2968 NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/07/25 14:23:24.0597 2968 NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/07/25 14:23:24.0785 2968 NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/07/25 14:23:24.0972 2968 Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/07/25 14:23:25.0143 2968 NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/07/25 14:23:25.0331 2968 NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/07/25 14:23:25.0533 2968 NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/07/25 14:23:25.0736 2968 NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/07/25 14:23:25.0939 2968 NetworkX        (2263727032e9b19231a706046b8c82d3) C:\Windows\system32\ckldrv.sys
2011/07/25 14:23:26.0111 2968 nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/07/25 14:23:26.0267 2968 NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
2011/07/25 14:23:26.0438 2968 Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/07/25 14:23:26.0563 2968 nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/07/25 14:23:26.0766 2968 Ntfs            (05d78aa5cb5f3f5c31160bdb955d0b7c) C:\Windows\system32\drivers\Ntfs.sys
2011/07/25 14:23:26.0984 2968 Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/07/25 14:23:27.0109 2968 nvraid          (5d9fd91f3d38dc9da01e3cb5fa89cd48) C:\Windows\system32\drivers\nvraid.sys
2011/07/25 14:23:27.0343 2968 nvstor          (f7cd50fe7139f07e77da8ac8033d1832) C:\Windows\system32\drivers\nvstor.sys
2011/07/25 14:23:27.0546 2968 nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/07/25 14:23:27.0717 2968 ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/07/25 14:23:27.0905 2968 Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/07/25 14:23:28.0076 2968 partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/07/25 14:23:28.0341 2968 pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/07/25 14:23:28.0544 2968 pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/07/25 14:23:28.0716 2968 pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/07/25 14:23:28.0856 2968 pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/07/25 14:23:29.0028 2968 PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/07/25 14:23:29.0309 2968 PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/07/25 14:23:29.0512 2968 Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/07/25 14:23:29.0730 2968 Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/07/25 14:23:29.0855 2968 PxHlpa64        (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
2011/07/25 14:23:30.0042 2968 ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/07/25 14:23:30.0307 2968 ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/07/25 14:23:30.0448 2968 QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/07/25 14:23:30.0604 2968 RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/07/25 14:23:30.0775 2968 RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/07/25 14:23:30.0962 2968 Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/07/25 14:23:31.0134 2968 RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/07/25 14:23:31.0321 2968 RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/07/25 14:23:31.0462 2968 rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/07/25 14:23:31.0664 2968 rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/07/25 14:23:31.0789 2968 RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/07/25 14:23:31.0976 2968 RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/07/25 14:23:32.0117 2968 RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/07/25 14:23:32.0242 2968 RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/07/25 14:23:32.0476 2968 rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/07/25 14:23:32.0788 2968 rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/07/25 14:23:32.0975 2968 RSUSBSTOR       (4a25dc970c58104602ed274dacafd784) C:\Windows\system32\Drivers\RtsUStor.sys
2011/07/25 14:23:33.0100 2968 sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/07/25 14:23:33.0287 2968 scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/07/25 14:23:33.0521 2968 secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/07/25 14:23:33.0692 2968 Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/07/25 14:23:33.0880 2968 Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/07/25 14:23:34.0004 2968 sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/07/25 14:23:34.0176 2968 sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/07/25 14:23:34.0332 2968 sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/07/25 14:23:34.0519 2968 sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/07/25 14:23:34.0706 2968 sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/07/25 14:23:34.0894 2968 SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/07/25 14:23:35.0034 2968 SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/07/25 14:23:35.0190 2968 Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/07/25 14:23:35.0362 2968 spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/07/25 14:23:35.0549 2968 srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/07/25 14:23:35.0767 2968 srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/07/25 14:23:35.0970 2968 srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/07/25 14:23:36.0251 2968 stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/07/25 14:23:36.0407 2968 STHDA           (02e784fa49032f84964db90a3ed81890) C:\Windows\system32\DRIVERS\stwrt64.sys
2011/07/25 14:23:36.0625 2968 swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/07/25 14:23:36.0875 2968 Tcpip           (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys
2011/07/25 14:23:37.0140 2968 TCPIP6          (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys
2011/07/25 14:23:37.0312 2968 tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/07/25 14:23:37.0530 2968 TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/07/25 14:23:37.0670 2968 TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/07/25 14:23:37.0858 2968 tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/07/25 14:23:38.0060 2968 TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/07/25 14:23:38.0310 2968 tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/07/25 14:23:38.0544 2968 TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/07/25 14:23:38.0762 2968 tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/07/25 14:23:38.0965 2968 uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/07/25 14:23:39.0137 2968 udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/07/25 14:23:39.0386 2968 uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/07/25 14:23:39.0542 2968 umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/07/25 14:23:39.0761 2968 UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/07/25 14:23:39.0948 2968 USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
2011/07/25 14:23:40.0120 2968 usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/07/25 14:23:40.0322 2968 usbccgp         (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\drivers\usbccgp.sys
2011/07/25 14:23:40.0556 2968 usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/07/25 14:23:40.0697 2968 usbehci         (74ee782b1d9c241efe425565854c661c) C:\Windows\system32\drivers\usbehci.sys
2011/07/25 14:23:40.0900 2968 usbhub          (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys
2011/07/25 14:23:41.0118 2968 usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
2011/07/25 14:23:41.0274 2968 usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/07/25 14:23:41.0430 2968 usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
2011/07/25 14:23:41.0570 2968 USBSTOR         (d76510cfa0fc09023077f22c2f979d86) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2011/07/25 14:23:41.0742 2968 usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
2011/07/25 14:23:41.0898 2968 usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
2011/07/25 14:23:42.0116 2968 usb_rndisx      (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys
2011/07/25 14:23:42.0272 2968 vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/07/25 14:23:42.0428 2968 vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/07/25 14:23:42.0631 2968 VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/07/25 14:23:42.0803 2968 vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/07/25 14:23:42.0990 2968 viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/07/25 14:23:43.0130 2968 volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/07/25 14:23:43.0364 2968 volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/07/25 14:23:43.0614 2968 volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/07/25 14:23:43.0817 2968 vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/07/25 14:23:44.0004 2968 vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/07/25 14:23:44.0129 2968 vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/07/25 14:23:44.0269 2968 WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/07/25 14:23:44.0425 2968 WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/25 14:23:44.0659 2968 Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/07/25 14:23:44.0956 2968 Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/07/25 14:23:45.0127 2968 Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/07/25 14:23:45.0346 2968 WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/07/25 14:23:45.0564 2968 WimFltr         (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
2011/07/25 14:23:45.0814 2968 WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/07/25 14:23:46.0048 2968 WINUSB          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\drivers\WinUSB.SYS
2011/07/25 14:23:46.0313 2968 WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/07/25 14:23:46.0562 2968 ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/07/25 14:23:46.0765 2968 WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/07/25 14:23:46.0999 2968 WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/07/25 14:23:47.0264 2968 yukonw7         (79d9ce9614c955dd31aa2556b4014662) C:\Windows\system32\DRIVERS\yk62x64.sys
2011/07/25 14:23:47.0483 2968 MBR (0x1B8)     (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
2011/07/25 14:23:47.0514 2968 Boot (0x1200)   (844c807994e1622088c74b59aca5fb41) \Device\Harddisk0\DR0\Partition0
2011/07/25 14:23:47.0545 2968 Boot (0x1200)   (eea4d12aa54c36c0efde1d90af15ef89) \Device\Harddisk0\DR0\Partition1
2011/07/25 14:23:47.0545 2968 ================================================================================
2011/07/25 14:23:47.0545 2968 Scan finished
2011/07/25 14:23:47.0545 2968 ================================================================================
2011/07/25 14:23:47.0592 5972 Detected object count: 0
2011/07/25 14:23:47.0592 5972 Actual detected object count: 0
2011/07/25 15:01:39.0237 4164 Deinitialize success

this is the second log from DDS :

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-23.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 6/22/2010 10:23:04 PM

System Uptime: 7/28/2011 4:09:20 PM (1 hours ago)

.

Motherboard: Dell Inc. |  | 0G848F

Processor: Pentium(R) Dual-Core CPU       T4400  @ 2.20GHz | Microprocessor | 2200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 218 GiB total, 172.218 GiB free.

D: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP86: 7/8/2011 3:00:27 AM - Windows Update

RP87: 7/10/2011 2:36:51 AM - Installed Ad-Aware

RP88: 7/10/2011 2:38:50 AM - Installed Ad-Aware

RP89: 7/15/2011 3:01:35 AM - Windows Update

RP90: 7/24/2011 2:03:53 AM - Windows Update

RP91: 7/24/2011 2:08:24 AM - Installed HiJackThis

RP92: 7/27/2011 3:41:44 PM - Windows Update

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Ad-Aware

Adobe Flash Player 10 ActiveX

Adobe Reader 9.4.5

Advanced Audio FX Engine

Apple Application Support

Apple Software Update

Ares 2.1.7

Canon MF Toolbox 4.9.1.1.mf09

Cisco EAP-FAST Module

Cisco LEAP Module

Cisco PEAP Module

Compatibility Pack for the 2007 Office system

Cozi

Dell DataSafe Local Backup

Dell DataSafe Local Backup - Support Software

Dell Driver Download Manager

Dell Getting Started Guide

Dell Support Center (Support Software)

Dell Webcam Central

EasyBits GO

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

GoToAssist 8.0.0.514

HiJackThis

hppLaserJetService

hppP1100P1560P1600SeriesLaserJetService

hppusgP1100P1560P1600Series

HPSSupply

Internet TV for Windows Media Center

iSqFt Full Viewer V4.01

Java Auto Updater

Java(TM) 6 Update 26

Junk Mail filter update

Live! Cam Avatar Creator

Malwarebytes' Anti-Malware version 1.51.1.1800

MarketResearch

McAfee SecurityCenter

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel MUI (English) 2007

Microsoft Office File Validation Add-In

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Search Enhancement Pack

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Sync Framework Runtime Native v1.0 (x86)

Microsoft Sync Framework Services Native v1.0 (x86)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

MSVCRT

ooVoo

PowerDVD DX

QuickTime

Roxio Burn

Safari

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB2509488)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office 2007 System (KB2541012)

Security Update for Microsoft Office Excel 2007 (KB2541007)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB2535818)

Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Skype Toolbars

Skype™ 5.3

Stellar Phoenix Windows Data Recovery - Home

TeamViewer 6

Update for 2007 Microsoft Office System (KB2284654)

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office 2007 System (KB2539530)

Update for Microsoft Office OneNote 2007 (KB980729)

WildTangent Games

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Gallery

Windows Live Sign-in Assistant

Windows Live Sync

Windows Live Toolbar

Windows Live Upload Tool

Windows Live Writer

Yahoo! BrowserPlus 2.9.8

.

==== Event Viewer Messages From Past Week ========

.

7/28/2011 4:10:08 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error   Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

7/28/2011 2:43:21 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error   Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

7/27/2011 3:29:36 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error   Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

7/26/2011 11:32:04 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.

7/26/2011 11:32:02 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer6 service.

7/25/2011 8:47:27 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.

7/25/2011 7:17:52 AM, Error: Service Control Manager [7031]  - The McShield service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.

7/25/2011 4:46:38 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HP LaserJet Service service.

7/25/2011 4:45:32 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McMPFSvc service.

7/25/2011 12:52:35 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.   Feature: Behavior Monitoring   Error Code: 0x80004005   Error description: Unspecified error   Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.

7/25/2011 12:49:13 PM, Error: Service Control Manager [7031]  - The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:49:13 PM, Error: Service Control Manager [7031]  - The McAfee Services service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:49:13 PM, Error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:49:13 PM, Error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:49:13 PM, Error: Service Control Manager [7031]  - The McAfee Network Agent service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:49:13 PM, Error: Service Control Manager [7031]  - The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:49:02 PM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "8" Happened while starting this command: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding

7/25/2011 12:49:01 PM, Error: Microsoft-Windows-DistributedCOM [10000]  - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "1455" Happened while starting this command: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding

7/25/2011 12:49:00 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.

7/25/2011 12:48:59 PM, Error: Service Control Manager [7023]  - The Windows Error Reporting Service service terminated with the following error:  The paging file is too small for this operation to complete.

7/25/2011 12:46:31 PM, Error: Service Control Manager [7031]  - The McAfee VirusScan Announcer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:46:31 PM, Error: Service Control Manager [7031]  - The McAfee Proxy Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:46:31 PM, Error: Service Control Manager [7031]  - The McAfee Network Agent service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:46:31 PM, Error: Service Control Manager [7031]  - The McAfee Anti-Spam Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:46:30 PM, Error: Service Control Manager [7031]  - The McAfee Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 12:46:30 PM, Error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

7/25/2011 11:38:42 AM, Error: Microsoft-Windows-Kernel-General :emotion-14:  - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): '\SystemRoot\System32\Config\SOFTWARE'.

7/25/2011 10:56:52 AM, Error: Service Control Manager [7000]  - The Application Experience service failed to start due to the following error:  A thread could not be created for the service.

7/21/2011 12:30:55 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.

7/21/2011 10:36:23 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the McNaiAnn service.

.

==== End Of File ===========================

here is the log from DDS.COM:

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514

Run by leo at 17:19:51 on 2011-07-28

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3032.1037 [GMT -4:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\STacSV64.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Dell\DellDock\DockLogin.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE

C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\crypserv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe

C:\Windows\system32\HPSIsvc.exe

C:\Windows\system32\mfevtps.exe

C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskhost.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

C:\Windows\System32\vds.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\DellTPad\Apoint.exe

C:\Program Files\IDT\WDM\sttray64.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\DellTPad\ApMsgFwd.exe

C:\Program Files\DellTPad\HidFind.exe

C:\Program Files\DellTPad\Apntex.exe

C:\Windows\system32\conhost.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110704162733.dll

BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun: [ ]

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

Trusted Zone: isqft.com\www

Trusted Zone: isqft.com\www

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {4063BE15-3B08-470D-A0D5-B37161CFFD69} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5489B983-B1C1-4AEB-A22A-37BF4B91D883} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5489B983-B1C1-4AEB-A22A-37BF4B91D883}\0484F6D65614542364 : DhcpNameServer = 65.32.5.111 65.32.5.112 0.0.0.0

TCP: Interfaces\{5489B983-B1C1-4AEB-A22A-37BF4B91D883}\348627963702149627 : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{5489B983-B1C1-4AEB-A22A-37BF4B91D883}\75162707462796675663935453 : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{5489B983-B1C1-4AEB-A22A-37BF4B91D883}\E49545543484D27657563747 : DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.33.1

TCP: Interfaces\{F6405BB4-7DA8-4A79-8C3C-F6B2097235E6} : DhcpNameServer = 4.2.2.1

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64:     AcroIEHelperStub - No File

BHO-X64: McAfee Phishing Filter: {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll

BHO-X64:     McAfee Phishing Filter - No File

BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

BHO-X64:     Search Helper - No File

BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20110704162733.dll

BHO-X64:     scriptproxy - No File

BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64:     SkypeIEPluginBHO - No File

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB-X64: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

mRun-x64: [(Default)]

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRunOnce-x64: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"

mRunOnce-x64: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe

.

============= SERVICES / DRIVERS ===============

.

R0 dlkmdldr;dlkmdldr;C:\Windows\system32\drivers\dlkmdldr.sys --> C:\Windows\system32\drivers\dlkmdldr.sys [?]

R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]

R2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-6-24 136704]

R2 HPSIService;HP SI Service;C:\Windows\system32\HPSIsvc.exe --> C:\Windows\system32\HPSIsvc.exe [?]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2011-6-20 2151640]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-7-4 355440]

R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-7-4 355440]

R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-7-4 355440]

R2 McShield;McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2011-7-4 200056]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2011-7-4 245352]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-1-21 705856]

R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-7-19 2337144]

R3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]

R3 dlkmd;dlkmd;C:\Windows\system32\drivers\dlkmd.sys --> C:\Windows\system32\drivers\dlkmd.sys [?]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;C:\Program Files (x86)\Lavasoft\Ad-Aware\kernexplorer64.sys [2011-7-10 17152]

R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]

R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-16 135664]

S3 DisplayLinkUsbPort;DisplayLink USB Device;C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys --> C:\Windows\system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys [?]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-16 135664]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 mvusbews;USB EWS Device;C:\Windows\system32\Drivers\mvusbews.sys --> C:\Windows\system32\Drivers\mvusbews.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 DisplayLinkService;DisplayLinkManager;C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [2010-9-21 9464680]

.

=============== Created Last 30 ================

.

2011-07-28 20:20:43 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D0558A1E-5CAF-4282-8BF0-8D8B2F312650}\mpengine.dll

2011-07-28 19:48:00 -------- d-----w- C:\Users\leo\AppData\Roaming\Malwarebytes

2011-07-28 19:47:34 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-28 19:47:31 -------- d-----w- C:\ProgramData\Malwarebytes

2011-07-28 19:47:25 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-07-25 17:07:37 8578896 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-07-24 06:12:27 -------- d-----w- C:\Windows\log

2011-07-24 06:09:27 388096 ----a-r- C:\Users\leo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-07-24 06:09:23 -------- d-----w- C:\Program Files (x86)\Trend Micro

2011-07-24 06:05:42 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F2D0A28-64A6-4CE1-9B38-B1044190264F}\gapaengine.dll

2011-07-24 06:04:51 270720 ------w- C:\Windows\System32\MpSigStub.exe

2011-07-24 06:01:08 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client

2011-07-24 06:00:57 -------- d-----w- C:\Program Files\Microsoft Security Client

2011-07-20 02:38:09 55280 ------w- C:\Windows\System32\drivers\PxHlpa64.sys

2011-07-20 02:38:09 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys

2011-07-20 02:38:09 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys

2011-07-20 02:38:04 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine

2011-07-20 02:37:56 -------- d-----w- C:\Program Files (x86)\Roxio

2011-07-20 02:35:56 -------- d-----w- C:\Users\leo\AppData\Roaming\Roxio Log Files

2011-07-20 02:00:57 178176 ----a-w- C:\Windows\SysWow64\StellarProfile.dll

2011-07-20 02:00:57 1207808 ----a-w- C:\Windows\SysWow64\PhoenixDll.dll

2011-07-20 02:00:55 -------- d-----w- C:\Program Files (x86)\Stellar Phoenix Windows Data Recovery

2011-07-20 01:14:01 -------- d-----w- C:\ProgramData\CrypKey

2011-07-20 01:01:24 -------- d-----w- C:\Program Files (x86)\TeamViewer

2011-07-17 05:32:09 -------- d-----w- C:\Log

2011-07-17 05:31:47 28664 ----a-w- C:\Windows\System32\Ckldrv.sys

2011-07-17 05:31:47 18432 ----a-w- C:\Windows\Setup_ck.dll

2011-07-17 05:31:47 165888 ----a-w- C:\Windows\Ckconfig.exe

2011-07-17 05:31:47 122880 ----a-w- C:\Windows\System32\Crypserv.exe

2011-07-17 05:31:47 11776 ----a-w- C:\Windows\Ckrfresh.exe

2011-07-17 05:31:46 27648 ----a-r- C:\Windows\Setup_ck.exe

2011-07-17 05:20:42 200976 ----a-w- C:\Windows\SysWow64\drivers\tmcomm.sys

2011-07-17 04:17:49 -------- d-----w- C:\Windows\pss

2011-07-10 14:42:39 16432 ----a-w- C:\Windows\System32\lsdelete.exe

2011-07-10 06:57:21 55384 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys

2011-07-10 06:39:39 69376 ----a-w- C:\Windows\System32\drivers\Lbd.sys

2011-07-10 06:39:24 -------- d-----w- C:\Program Files (x86)\Lavasoft

2011-07-05 03:54:13 -------- d-----w- C:\Windows\System32\SPReview

2011-07-05 03:53:17 -------- d-----w- C:\Windows\System32\EventProviders

2011-07-04 20:27:41 -------- d-----w- C:\Program Files\McAfee.com

2011-07-04 20:27:33 9984 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys

2011-07-04 20:27:26 149032 ----a-w- C:\Windows\System32\mfevtps.exe

2011-07-04 20:27:22 94992 ----a-w- C:\Windows\System32\drivers\mferkdet.sys

2011-07-04 20:27:22 75160 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys

2011-07-04 20:27:22 63056 ----a-w- C:\Windows\System32\drivers\cfwids.sys

2011-07-04 20:27:22 530304 ----a-w- C:\Windows\System32\drivers\mfehidk.sys

2011-07-04 20:27:22 441840 ----a-w- C:\Windows\System32\drivers\mfefirek.sys

2011-07-04 20:27:22 283744 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys

2011-07-04 20:27:22 190520 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys

2011-07-04 20:27:22 121376 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys

2011-07-04 19:42:36 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-07-04 19:42:36 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-07-04 19:42:36 207872 ----a-w- C:\Windows\System32\cfgmgr32.dll

2011-07-04 19:42:36 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-07-04 19:42:35 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-07-04 19:42:35 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-06-30 03:30:57 -------- d-----w- C:\Users\leo\Firmware

.

==================== Find3M  ====================

.

2011-07-22 01:02:58 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-05 04:10:16 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll

2011-07-05 04:10:15 175616 ----a-w- C:\Windows\System32\msclmd.dll

2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys

2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll

2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-28 03:30:09 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-05-28 02:53:58 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-05-14 07:25:06 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-05-14 07:25:06 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-05-14 07:25:06 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-05-14 07:24:33 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-05-14 07:22:25 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-05-14 07:16:48 338432 ----a-w- C:\Windows\System32\conhost.exe

2011-05-14 06:28:33 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-05-14 06:24:36 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-05-14 06:24:08 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-05-14 06:22:24 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-05-14 04:20:05 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-05-14 04:20:03 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-05-10 12:06:08 51712 ----a-w- C:\Windows\System32\drivers\usbaapl64.sys

2011-05-10 12:06:08 4517664 ----a-w- C:\Windows\System32\usbaaplrc.dll

2011-05-04 08:52:22 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2011-05-03 05:29:29 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-05-03 04:30:02 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

.

============= FINISH: 17:29:59.97 ===============

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Here  is a copy of the log after the scan was completed.

Database version: 7312

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

7/28/2011 4:01:52 PM

mbam-log-2011-07-28 (16-01-52).txt

Scan type: Quick scan

Objects scanned: 171915

Time elapsed: 9 minute(s), 12 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 44

Registry Values Infected: 4

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 2

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.

c:\Windows\SysWOW64\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.

Hi,

There are signs of more than one Anti-Virus Program Running on the system,(Ad-aware & McAfee). Please read the following link and then please remove one (1) of the
Anti-Virus Programs as running two is never a good idea as they will conflict with each other and leave you with nothing more than an unstable and unsecure system:

Do's and Don't's of Security Programs

Then please disable the AV that you decided to keep before running the online scan.

Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

Go here to run an online scannner from ESET.

• Note: You will need to use Internet explorer for this scan
• Turn off the real time scanner of any existing antivirus program while performing the online scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Click Start
• Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
• Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
• Click Scan
• Wait for the scan to finish
• Click the "Show Results" button
• Then click the "Export to Text File" button and save the log to the desktop
• Copy and paste that log as a reply to this topic and also let me know how things are now.

Thanks

Also web pages open and close randomly .

Here are the results of the ESET scan you asked me to perform.

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A application

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A application

C:\Program Files (x86)\Windows Live\Messenger\msimg32.dll Win32/Toolbar.MyWebSearch application

C:\Program Files (x86)\Windows Live\Messenger\riched20.dll Win32/Toolbar.MyWebSearch application

I dont know what is wrong obviously,  but this computer is running so slow it is taking 30 sec to load a web page or program. when i try to do a google search and click on a site it takes me to lemon merange web page or no access to web page. Memory seems to be all screwed up. Help . Thanks.

Hi,

Please Disable all Anti-virus/Anti-Spyware/FireWall on your machine(instructions via links below)

• Anti Virus
• Anti Spyware
• Firewall

Please download ComboFix.exe. Please visit THIS webpage for download links, and instructions for running the tool:

ComboFix MUST be saved to your desktop before running the tool

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

When prompted to install the recovery console please make sure to do so as this is a VERY IMPORTANT backup of ComboFix (XP only, Vista/Windows 7 will NOT be propmted to install the recovery console)

You will need to be conected to the net to install the recovery console, if you can not install it DO NOT run ComboFix,
Post back and we will install it manually.

DO NOT mouse click when ComboFix is running as this will cause ComboFix to Stall and it will not work as it should

EXTRA NOTES:

• If Combofix detects a Rootkit on the system it will give a warning and prompt for a reboot, please allow it to do so.
• If Combofix reboot's due to a rootkit, the screen may stay black for a few minutes on reboot, this is normal
• On some Vista machines, after running Combofix, you may receive a warning message about registry key's being listed for deletion, when trying to open certain programs. Please reboot the system and this will fix the issue (These certain items will not be deleted)

Please include the C:\ComboFix.txt in your next reply for further review.

Thanks,

ComboFix 11-08-01.05 - leo 08/01/2011  16:43:10.1.2 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3032.2149 [GMT -4:00]

Running from: c:\users\leo\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}

SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\leo\AppData\Roaming\Microsoft\Windows\Recent\Thumbs.db

.

.

(((((((((((((((((((((((((   Files Created from 2011-07-02 to 2011-08-02  )))))))))))))))))))))))))))))))

.

.

2011-08-01 21:20 . 2011-08-01 21:20 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-08-01 17:14 . 2011-07-13 01:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{469429AA-2947-435B-A692-7A2B0841101F}\mpengine.dll

2011-07-31 01:42 . 2011-07-31 01:42 -------- d-----w- c:\program files\iPod

2011-07-31 01:42 . 2011-07-31 01:43 -------- d-----w- c:\program files\iTunes

2011-07-31 01:42 . 2011-07-31 01:43 -------- d-----w- c:\program files (x86)\iTunes

2011-07-31 01:38 . 2011-07-31 01:38 -------- d-----w- c:\program files\Bonjour

2011-07-31 01:38 . 2011-07-31 01:38 -------- d-----w- c:\program files (x86)\Bonjour

2011-07-30 03:04 . 2011-07-20 13:44 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{5BB2B0F3-8DFD-4D50-B21D-CD8D2245E4FF}\mpengine.dll

2011-07-29 22:09 . 2011-07-29 22:09 -------- d-----w- c:\program files (x86)\ESET

2011-07-28 19:48 . 2011-07-28 19:48 -------- d-----w- c:\users\leo\AppData\Roaming\Malwarebytes

2011-07-28 19:47 . 2011-07-06 23:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-28 19:47 . 2011-07-28 19:47 -------- d-----w- c:\programdata\Malwarebytes

2011-07-28 19:47 . 2011-07-28 19:47 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-07-25 17:07 . 2011-07-13 01:53 8578896 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2011-07-24 06:12 . 2011-07-24 06:12 -------- d-----w- c:\windows\log

2011-07-24 06:09 . 2011-07-24 06:09 388096 ----a-r- c:\users\leo\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-07-24 06:09 . 2011-07-24 06:09 -------- d-----w- c:\program files (x86)\Trend Micro

2011-07-24 06:05 . 2011-07-24 06:05 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F2D0A28-64A6-4CE1-9B38-B1044190264F}\gapaengine.dll

2011-07-24 06:04 . 2011-05-24 23:14 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-07-24 06:01 . 2011-07-24 06:01 -------- d-----w- c:\program files (x86)\Microsoft Security Client

2011-07-24 06:00 . 2011-07-24 06:01 -------- d-----w- c:\program files\Microsoft Security Client

2011-07-24 05:47 . 2011-07-24 05:47 -------- d-----w- c:\program files (x86)\Apple Software Update

2011-07-20 02:38 . 2009-07-09 07:00 55280 ------w- c:\windows\system32\drivers\PxHlpa64.sys

2011-07-20 02:38 . 2009-06-23 07:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys

2011-07-20 02:38 . 2009-06-23 07:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2011-07-20 02:38 . 2011-07-20 02:38 -------- d-----w- c:\program files (x86)\Common Files\Roxio Shared

2011-07-20 02:38 . 2011-07-20 02:38 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine

2011-07-20 02:37 . 2011-07-20 02:37 -------- d-----w- c:\program files (x86)\Roxio

2011-07-20 02:35 . 2011-07-20 02:35 -------- d-----w- c:\users\leo\AppData\Roaming\Roxio Log Files

2011-07-20 02:00 . 2006-04-17 15:56 1207808 ----a-w- c:\windows\SysWow64\PhoenixDll.dll

2011-07-20 02:00 . 2004-10-17 01:46 178176 ----a-w- c:\windows\SysWow64\StellarProfile.dll

2011-07-20 02:00 . 2011-07-20 02:01 -------- d-----w- c:\program files (x86)\Stellar Phoenix Windows Data Recovery

2011-07-20 01:14 . 2011-07-20 01:14 -------- d-----w- c:\programdata\CrypKey

2011-07-20 01:01 . 2011-07-20 01:01 -------- d-----w- c:\program files (x86)\TeamViewer

2011-07-17 05:32 . 2011-07-22 01:03 -------- d-----w- C:\Log

2011-07-17 05:31 . 2008-05-07 23:29 122880 ----a-w- c:\windows\system32\Crypserv.exe

2011-07-17 05:31 . 2008-03-17 17:12 28664 ----a-w- c:\windows\system32\Ckldrv.sys

2011-07-17 05:31 . 1999-06-18 20:49 165888 ----a-w- c:\windows\Ckconfig.exe

2011-07-17 05:31 . 1996-05-03 14:36 18432 ----a-w- c:\windows\Setup_ck.dll

2011-07-17 05:31 . 1995-07-04 17:33 11776 ----a-w- c:\windows\Ckrfresh.exe

2011-07-17 05:31 . 1996-05-03 16:21 27648 ----a-r- c:\windows\Setup_ck.exe

2011-07-17 05:20 . 2011-06-21 04:09 200976 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys

2011-07-12 15:34 . 2011-07-12 15:34 96104 ----a-w- c:\windows\system32\dns-sd.exe

2011-07-12 15:34 . 2011-07-12 15:34 85864 ----a-w- c:\windows\system32\dnssd.dll

2011-07-12 15:34 . 2011-07-12 15:34 61288 ----a-w- c:\windows\system32\jdns_sd.dll

2011-07-12 15:34 . 2011-07-12 15:34 212840 ----a-w- c:\windows\system32\dnssdX.dll

2011-07-12 15:20 . 2011-07-12 15:20 83816 ----a-w- c:\windows\SysWow64\dns-sd.exe

2011-07-12 15:20 . 2011-07-12 15:20 73064 ----a-w- c:\windows\SysWow64\dnssd.dll

2011-07-12 15:20 . 2011-07-12 15:20 50536 ----a-w- c:\windows\SysWow64\jdns_sd.dll

2011-07-12 15:20 . 2011-07-12 15:20 178536 ----a-w- c:\windows\SysWow64\dnssdX.dll

2011-07-10 06:57 . 2011-07-10 06:57 55384 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-07-10 06:39 . 2011-07-10 06:39 -------- d-----w- c:\program files (x86)\Lavasoft

2011-07-10 06:39 . 2011-07-29 21:58 -------- d-----w- c:\programdata\Lavasoft

2011-07-05 03:54 . 2011-07-05 03:54 -------- d-----w- c:\windows\system32\SPReview

2011-07-05 03:53 . 2011-07-05 03:53 -------- d-----w- c:\windows\system32\EventProviders

2011-07-04 19:42 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll

2011-07-04 19:42 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll

2011-07-04 19:42 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe

2011-07-04 19:42 . 2010-11-20 13:25 207872 ----a-w- c:\windows\system32\cfgmgr32.dll

2011-07-04 19:42 . 2011-05-24 10:40 64512 ----a-w- c:\windows\SysWow64\devobj.dll

2011-07-04 19:42 . 2011-05-24 10:40 44544 ----a-w- c:\windows\SysWow64\devrtl.dll

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-07-22 01:02 . 2011-05-12 22:13 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-07-05 04:10 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll

2011-07-05 04:10 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll

2011-06-12 02:29 . 2010-06-24 05:15 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2011-05-28 03:30 . 2011-06-17 05:05 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-05-28 02:53 . 2011-06-17 05:05 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-05-19 03:07 . 2010-07-21 01:09 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2011-05-19 03:04 . 2010-07-21 01:08 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2011-05-14 06:24 . 2011-07-14 18:58 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2011-05-10 12:06 . 2011-05-10 12:06 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys

2011-05-10 12:06 . 2011-05-10 12:06 4517664 ----a-w- c:\windows\system32\usbaaplrc.dll

2011-05-04 08:52 . 2011-01-14 23:47 472808 ----a-w- c:\windows\SysWow64\deployJava1.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe" [2010-09-26 560128]

"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2011-01-13 165184]

.

c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dell Dock First Run.lnk - c:\program files (x86)\Dell\DellDock\DellDock.exe [N/A]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

.

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-16 135664]

R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_5.5.27797.0.sys

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-16 135664]

R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys

R3 mvusbews;USB EWS Device;c:\windows\system32\Drivers\mvusbews.sys

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R4 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [2010-09-21 9464680]

S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys

S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2009-06-09 155648]

S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2009-06-24 136704]

S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe

S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-01-13 705856]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-06-01 2337144]

S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys

S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys

S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys

.

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c9a39882-c4e6-11df-ae8f-a4badb9cca69}]

\shell\AutoRun\command - E:\SISetup.exe

.

Contents of the 'Scheduled Tasks' folder

.

2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-16 21:16]

.

2011-08-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-16 21:16]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\DellTPad\Apoint.exe" [2010-04-05 384296]

"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-06-29 444416]

"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html

Trusted Zone: isqft.com\www

Trusted Zone: isqft.com\www

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

SafeBoot-Wdf01000.sys

Toolbar-Locked - (no file)

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Bonjour\mDNSResponder.exe

c:\windows\system32\crypserv.exe

c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe

c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

c:\program files (x86)\Dell DataSafe Local Backup\Toaster.exe

.

**************************************************************************

.

Completion time: 2011-08-01  21:41:24 - machine was rebooted

ComboFix-quarantined-files.txt  2011-08-02 01:41

.

Pre-Run: 187,358,908,416 bytes free

Post-Run: 186,271,268,864 bytes free

.

- - End Of File - - 61BB1DAD8BDF2543DFE8201FCFC8626A

explorer still opening up with google windows , asking if you want to delete youtube, and when performing search on explorer , i click on the site i want and it goes to other sites, not what was selected ( redirects to other things). Please help.

Hi,

Sorry for the delay.

With this being a 64 bit system and you getting redirects, it pretty certain you have a rootkit on board, we just need to find something that can see it so we can remove it.

Please disable all active protection on the system before continuing

Please DO NOT click any fix button until instructed to do so by your analyst. Failure to comply with this may result in an unbootable system

Please download the Avast ASWMBR.exe Anti-Rootkit Tool and save it to you Desktop

• Please double click the tool to open it (Windows Vista/7 please right click and "Run as Administrator")
• Referring to the image below. please click the SCAN button and allow the scan to run to completion

• Once the scan has Completed, please click the Save Log button and save the log to the desktop

• Saved to the desktop will be a text file named aswMBR.txt, please copy/paste the contents of the text file back for review in your next reply
• There will also be a file named MBR.dat saved to the desktop, please do not do anything with this file just yet.

Thanks

installed to desk top and when i right click and run as admin. it says it is not a valid win 32 application.