Infected Windows 7 Antivirus 2012 Malware: Problem with wifi printer + accessing internet

I've been infected with Windows 7 Antivurus 2012.

- I used Malwarebytes Anti-Malware


The malware seems to be removed but I found many problems

- I can't print on my wifi printer
- Microsoft firewall doesn't work
- Some gadget and program can't access internet (gadget accuweather, program HideMyIp)

I removed McAffee because I think the Mcaffee firewall is the problem. I installed Norton Antivirus 2012, and I have a strange error (Error norton 5013,3). I removed Norton and now, I'm with AVG 2012 trial.

To enabled Microsoft Firewall, I applied this correction : http://answers.microsoft.com/en-us/windows/forum/windows_7-security/error-code-0x80070424-with-windows-firewall/ec3fc3b8-69ec-4b4b-a703-4b745fe6e8ee?page=7&tm=1327722759954

Broni help me here : http://www.bleepingcomputer.com/forums/topic440667.html

But we are stuck !!!

NOTE on GMER: I don't have all the option enable. Only Services - Registry - Files and ADS are enable. Show all is not enable

DDS LOG:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30
Run by Fred at 22:38:51 on 2012-01-31
Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.2.1036.18.12270.8748 [GMT -5:00]
.
AV: Protection antivirus et antispyware McAfee *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Protection antivirus et antispyware McAfee *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: Pare-feu McAfee *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\DllHost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Cyberlink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Java\jre6\bin\javaw.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.ca/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
uURLSearchHooks: H - No File
mURLSearchHooks: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
mWinlogon: Userinit=userinit.exe,
BHO: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Canon Easy-WebPrint EX BHO: {3785d0ad-bfff-47f6-bf5b-a587c162fed9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: PodcastBHO Class: {65134fdf-f8a5-4b3d-91d9-cdf273cfd578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
TB: uTorrentBar_FR Toolbar: {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} - C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Canon Easy-WebPrint EX: {759d9886-0c6f-4498-bab6-4a5f47c6c72f} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-ec41-4f9a-8887-1f4aee672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [Rank Tracker] C:\Program Files (x86)\SEO PowerSuite\Rank Tracker\bin\ranktracker.exe -minimized
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://portail.stm.info/dana-cached/sc/JuniperSetupClient.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{28666490-7DB6-4F69-938A-ACDA5410A29D} : DhcpNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9}
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
{65134FDF-F8A5-4B3D-91D9-CDF273CFD578}
{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{d2ce3e00-f94a-4740-988e-03dc2f38c34f}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{8dcb7100-df86-4384-8842-8fa844297b3f}
{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F}
EB-X64: {21347690-EC41-4F9A-8887-1F4AEE672439} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun-x64: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun-x64: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun-x64: [UpdReg] C:\Windows\UpdReg.EXE
mRun-x64: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [(par d‚faut)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [AccuWeatherWidget] "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [IJNetworkScanUtility] C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\q18ar60g.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\Supportability\MVT\NPMVTPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6a.sys --> C:\Windows\system32\DRIVERS\avgfwd6a.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 avgfws;Pare-feu AVG;C:\Program Files (x86)\AVG\AVG2012\avgfws.exe [2011-11-23 2391832]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-9-7 13336]
R2 iPodDrv;iPodDrv;\??\C:\Windows\system32\drivers\iPodDrv.sys --> C:\Windows\system32\drivers\iPodDrv.sys [?]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-9-7 1692480]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 HideMyIpSRV;HideMyIpSRV;C:\Program Files (x86)\Hide My IP\HideMyIpSrv.exe [2011-10-25 3249512]
R3 IntcDAud;Son Intel® pour écrans;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/09/07 01:12:24;C:\Program Files (x86)\Cyberlink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-26 236016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176]
S2 McMPFSvc;McAfee Personal Firewall Service;"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc --> C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [?]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S3 gupdatem;Service Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-10 136176]
S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2011-3-18 25072]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-02-01 01:33:51 -------- d-----w- C:\Users\Fred\AppData\Local\{C1B3EC1C-E559-4518-BF00-6D0FAAD49722}
2012-02-01 01:33:40 -------- d-----w- C:\Users\Fred\AppData\Local\{88226EE9-A3A6-4132-A02D-1CA41F1343AE}
2012-01-31 10:54:41 -------- d-----w- C:\Users\Fred\AppData\Local\{901E392A-83A4-4521-9411-AD1DCBDA1316}
2012-01-31 10:54:30 -------- d-----w- C:\Users\Fred\AppData\Local\{0BBCAB3A-3277-49D6-A13C-83A972550629}
2012-01-31 01:13:21 -------- d-----w- C:\Users\Fred\AppData\Local\CrashDumps
2012-01-31 00:21:54 -------- d-----w- C:\Program Files (x86)\DLLSuite
2012-01-30 18:11:47 -------- d-----w- C:\Users\Fred\AppData\Local\{29C3F86A-9097-4FC2-A4D1-2D2106377B07}
2012-01-30 18:11:33 -------- d-----w- C:\Users\Fred\AppData\Local\{72D22F73-8F1A-4E5D-B5AA-BCCED30CB3A5}
2012-01-30 02:45:03 -------- d-----w- C:\Users\Fred\AppData\Local\{782500FE-E320-414F-B17B-2CAF75EABD2D}
2012-01-30 02:44:52 -------- d-----w- C:\Users\Fred\AppData\Local\{00D574B5-73D5-4906-864C-BD8AC6B125C5}
2012-01-29 02:55:29 -------- d-----w- C:\Users\Fred\AppData\Local\{1F8011DC-EF4D-4392-93FE-9C0EF98AAB03}
2012-01-29 02:55:17 -------- d-----w- C:\Users\Fred\AppData\Local\{4B6E3DC4-9FE1-4447-9220-F2EA0A4B38F8}
2012-01-28 00:52:40 -------- d-----w- C:\Users\Fred\AppData\Local\{772D1E6E-2F9A-4D33-92E1-75C8D2E69C21}
2012-01-28 00:52:30 -------- d-----w- C:\Users\Fred\AppData\Local\{C546C28E-2897-4DA4-8CC5-07DE85EB0035}
2012-01-27 03:34:49 -------- d-----w- C:\Users\Fred\AppData\Local\Diagnostics
2012-01-27 02:57:36 -------- d-----w- C:\fix
2012-01-27 02:46:53 -------- d-----w- C:\Program Files\Common Files\CANON
2012-01-27 02:45:36 -------- d-----w- C:\Program Files\Canon
2012-01-27 02:00:29 -------- d--h--w- C:\$AVG
2012-01-27 01:03:39 -------- d-----w- C:\Users\Fred\AppData\Roaming\AVG2012
2012-01-27 01:03:34 -------- d--h--w- C:\ProgramData\Common Files
2012-01-27 01:03:28 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2012-01-27 01:03:03 -------- d-----w- C:\Windows\System32\drivers\AVG
2012-01-27 01:03:03 -------- d-----w- C:\ProgramData\AVG2012
2012-01-27 01:02:32 -------- d-----w- C:\Program Files (x86)\AVG
2012-01-27 00:59:35 -------- d-----w- C:\ProgramData\MFAData
2012-01-27 00:55:18 -------- d-----w- C:\Users\Fred\AppData\Local\{0256D3B4-E4AB-4028-9F8E-4CE563F959BF}
2012-01-27 00:55:07 -------- d-----w- C:\Users\Fred\AppData\Local\{C272E572-1A4E-4BE4-BA95-3A89331324BF}
2012-01-26 03:22:53 -------- d-----w- C:\Users\Fred\AppData\Local\{C13C8E97-17D2-467D-AB5B-F685D83D5515}
2012-01-26 03:22:43 -------- d-----w- C:\Users\Fred\AppData\Local\{691A229A-6ED3-46EA-B4F9-157B2E26FA42}
2012-01-25 22:51:47 -------- d-----w- C:\Users\Fred\AppData\Local\ElevatedDiagnostics
2012-01-25 03:10:29 -------- d-----w- C:\EdwinSoft
2012-01-25 01:05:31 -------- d-----w- C:\Users\Fred\AppData\Local\{28FC4DE9-F714-4A8E-A834-1BE0BE522900}
2012-01-25 01:05:20 -------- d-----w- C:\Users\Fred\AppData\Local\{7BA0E699-C914-40AD-BA9A-094E3F970B22}
2012-01-24 01:02:41 -------- d-----w- C:\Users\Fred\AppData\Local\{6F53D5D8-8EDD-4A58-8280-705446A67C4E}
2012-01-24 01:02:30 -------- d-----w- C:\Users\Fred\AppData\Local\{E369A743-E3A5-46A4-936C-2FDD291D8E77}
2012-01-23 03:40:00 -------- d-----w- C:\Users\Fred\AppData\Local\{D61205AC-16C5-4E03-B153-DA6994B340D5}
2012-01-23 03:39:49 -------- d-----w- C:\Users\Fred\AppData\Local\{688F6168-77F0-4A70-9C64-93FF607CCF1D}
2012-01-22 03:49:40 -------- d-----w- C:\Users\Fred\AppData\Local\{D04F8CA2-CBD9-43DF-92AE-9A0AF0CA0E68}
2012-01-22 03:49:29 -------- d-----w- C:\Users\Fred\AppData\Local\{2D7FDD33-9F70-4495-AEC7-A928B8C3ADDA}
2012-01-21 03:08:55 -------- d-----w- C:\Users\Fred\AppData\Local\{C22E9F00-CD47-4586-97F1-A9B364FF9FA6}
2012-01-21 03:08:44 -------- d-----w- C:\Users\Fred\AppData\Local\{9AF5C7B3-53E9-4DD9-BC97-6A6C61CEE0AF}
2012-01-20 00:46:16 -------- d-----w- C:\Users\Fred\AppData\Local\{ED2C6B41-83DB-4DCF-9CE0-30AF9E6E7E35}
2012-01-20 00:46:04 -------- d-----w- C:\Users\Fred\AppData\Local\{62B061F8-FD9B-4A8F-8BEF-470C37A4B546}
2012-01-20 00:11:36 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
2012-01-19 01:16:27 -------- d-----w- C:\Users\Fred\AppData\Local\NPE
2012-01-19 01:12:46 -------- d-----w- C:\ProgramData\NortonInstaller
2012-01-19 01:09:58 -------- d-----w- C:\ProgramData\Norton
2012-01-19 01:07:58 -------- d-----w- C:\Users\Fred\AppData\Local\{61A57634-DB92-447D-A796-80D22AE3D78B}
2012-01-19 01:07:46 -------- d-----w- C:\Users\Fred\AppData\Local\{15819BDA-CC84-49D1-BFBA-9592F0AA50BE}
2012-01-19 00:27:27 -------- d-----w- C:\Users\Fred\AppData\Roaming\McAfee
2012-01-18 23:32:08 -------- d-----w- C:\Users\Fred\AppData\Roaming\Malwarebytes
2012-01-18 23:32:01 -------- d-----w- C:\ProgramData\Malwarebytes
2012-01-18 23:32:00 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-01-18 23:32:00 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-01-17 20:05:21 -------- d-----w- C:\sh4ldr
2012-01-17 20:05:21 -------- d-----w- C:\Program Files\Enigma Software Group
2012-01-17 20:04:49 -------- d-----w- C:\Windows\89A072791DB3485AB1DF584DF86774B9.TMP
2012-01-17 20:04:48 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2012-01-17 20:02:15 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2012-01-17 20:02:15 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2012-01-17 20:02:15 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2012-01-17 20:02:15 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2012-01-17 17:03:12 -------- d-----w- C:\Users\Fred\AppData\Local\{91DAC133-5F44-4FFC-8FE8-58B1E2CD708D}
2012-01-17 17:03:01 -------- d-----w- C:\Users\Fred\AppData\Local\{BF2007FD-F3D9-4BC5-B6EE-0DAC31E33EE9}
2012-01-17 03:04:47 -------- d-----w- C:\Users\Fred\AppData\Local\{980E5CF4-3A28-4F63-8B65-491DAA7EC34E}
2012-01-17 03:04:36 -------- d-----w- C:\Users\Fred\AppData\Local\{34BA0088-F1A3-48AD-B1B0-71A8DDC62A79}
2012-01-16 10:47:25 -------- d-----w- C:\Users\Fred\AppData\Local\{0D0CF62D-50FD-4FE4-B31E-86CBF8BC7580}
2012-01-16 10:47:14 -------- d-----w- C:\Users\Fred\AppData\Local\{3635798C-AC42-42F6-BAE1-C25E4FF71A6A}
2012-01-15 20:29:49 -------- d-----w- C:\Users\Fred\AppData\Local\{05D3FA71-26A3-4028-ABFF-3E0B3B73245A}
2012-01-15 20:29:38 -------- d-----w- C:\Users\Fred\AppData\Local\{56D9CD70-CBD7-4E34-BB70-F2F0757BC16D}
2012-01-14 13:45:55 -------- d-----w- C:\Users\Fred\AppData\Local\{FD3BCF6C-2109-4EA1-AB22-E40AC8017BBD}
2012-01-14 13:45:44 -------- d-----w- C:\Users\Fred\AppData\Local\{C39240FC-59C6-49B0-8642-910CE4F49DFD}
2012-01-14 04:27:19 -------- d-----w- C:\Program Files (x86)\Citrix
2012-01-14 01:45:16 -------- d-----w- C:\Users\Fred\AppData\Local\{7306241F-0C99-47CD-8B28-89FDA4E7E604}
2012-01-14 01:45:05 -------- d-----w- C:\Users\Fred\AppData\Local\{71F033A2-E488-4385-BD9D-72E26A91358D}
2012-01-12 22:57:46 -------- d-----w- C:\Users\Fred\AppData\Local\{CFFA66BB-1235-44BC-B163-43C8D203F7E4}
2012-01-12 22:57:35 -------- d-----w- C:\Users\Fred\AppData\Local\{624E2B1C-13C2-42D1-90C6-BEEE58455FAE}
2012-01-12 02:20:07 -------- d-----w- C:\Users\Fred\AppData\Local\{DE4B2A80-4409-40EB-92D6-D14FDC9B6844}
2012-01-12 02:19:56 -------- d-----w- C:\Users\Fred\AppData\Local\{72BAFFFC-74D1-4835-89E8-B2EA99B5BDCD}
2012-01-12 00:45:41 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2012-01-12 00:45:41 366592 ----a-w- C:\Windows\System32\qdvd.dll
2012-01-12 00:45:41 1572864 ----a-w- C:\Windows\System32\quartz.dll
2012-01-12 00:45:41 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll
2012-01-12 00:45:40 1731920 ----a-w- C:\Windows\System32\ntdll.dll
2012-01-12 00:45:40 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll
2012-01-12 00:45:39 77312 ----a-w- C:\Windows\System32\packager.dll
2012-01-12 00:45:39 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2012-01-11 01:00:09 -------- d-----w- C:\Users\Fred\AppData\Local\{123D09DA-F400-490B-A8D3-28A500DC3D33}
2012-01-11 00:59:58 -------- d-----w- C:\Users\Fred\AppData\Local\{55BCAC1D-7BC1-406A-8287-F4391D576444}
2012-01-09 22:54:45 -------- d-----w- C:\Users\Fred\AppData\Local\{D989F0D1-C303-44BB-AFBB-30B2B10245D0}
2012-01-09 22:54:35 -------- d-----w- C:\Users\Fred\AppData\Local\{48DAC6DD-D138-4E5A-A23D-1797A8389A3C}
2012-01-09 10:54:10 -------- d-----w- C:\Users\Fred\AppData\Local\{A960C772-A63E-487D-B2F4-310721FE101B}
2012-01-09 10:54:00 -------- d-----w- C:\Users\Fred\AppData\Local\{21233598-377C-4313-ACFB-4E71B2F4D86A}
2012-01-08 21:57:58 -------- d-----w- C:\Users\Fred\AppData\Local\{0248E21C-A569-4078-AA5E-9D8C355D3BC3}
2012-01-08 21:57:47 -------- d-----w- C:\Users\Fred\AppData\Local\{F82F67D7-03F5-4AE1-91C3-2A335C76BCD8}
2012-01-08 03:38:37 -------- d-----w- C:\Users\Fred\AppData\Local\{B9913409-8ED6-4054-AD6D-3352EB589379}
2012-01-08 03:38:26 -------- d-----w- C:\Users\Fred\AppData\Local\{400400DF-DD1D-48CA-BE8A-D3D03A253754}
2012-01-07 04:17:41 -------- d-----w- C:\Users\Fred\AppData\Local\{2465BC33-53D9-4E8E-9B9B-631C6EC65B74}
2012-01-07 04:17:30 -------- d-----w- C:\Users\Fred\AppData\Local\{1F0E4D4E-9B8A-43CF-B5D6-EA83666DEF7E}
2012-01-06 01:07:19 -------- d-----w- C:\Users\Fred\AppData\Local\{0B0D3877-6701-45BA-BB7D-5C04CEA98EB6}
2012-01-06 01:07:08 -------- d-----w- C:\Users\Fred\AppData\Local\{8AF04232-073E-4A09-9452-E28890FF7BDB}
2012-01-05 03:38:15 -------- d-----w- C:\Users\Fred\AppData\Local\{4863B0B0-F052-4315-940B-15AFAF5D8D28}
2012-01-05 03:38:04 -------- d-----w- C:\Users\Fred\AppData\Local\{F7528724-BB8A-4A0C-A4DA-C43CD78FCA41}
2012-01-04 02:41:13 -------- d-----w- C:\Users\Fred\AppData\Local\{A3AFF64C-3E6E-4230-BAB2-E773F59B5D11}
2012-01-04 02:41:02 -------- d-----w- C:\Users\Fred\AppData\Local\{6AD375D4-CEAC-47A7-B13E-C634A893CCB9}
2012-01-03 14:40:38 -------- d-----w- C:\Users\Fred\AppData\Local\{8917A168-485F-478A-9A3B-FE01A7F20621}
2012-01-03 14:40:27 -------- d-----w- C:\Users\Fred\AppData\Local\{C06C5D75-AEC5-41A9-9D24-37D9F19AA6C2}
2012-01-03 02:37:07 -------- d-----w- C:\Users\Fred\AppData\Local\{4854DA4B-922F-4B20-A525-33CDAA79D837}
2012-01-03 02:36:56 -------- d-----w- C:\Users\Fred\AppData\Local\{BEDB199D-DA48-4392-B3E4-EF12886D0D01}
2012-01-02 14:36:32 -------- d-----w- C:\Users\Fred\AppData\Local\{34F52C0C-63DC-409D-B578-85EDE746143C}
2012-01-02 14:36:21 -------- d-----w- C:\Users\Fred\AppData\Local\{EF7AB3A7-D3F4-46A6-B7CE-9014B8EED680}
.
==================== Find3M ====================
.
2012-01-31 01:23:30 24576 ----a-w- C:\Windows\System32\drivers\nsiproxy.sys
2011-12-27 03:39:57 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-26 03:50:40 627600 ----a-w- C:\Windows\System32\deployJava1.dll
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys
2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll
2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll
2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll
2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll
2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll
2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe
2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll
2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll
2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2011-11-10 10:54:13 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-04 01:53:39 2309120 ----a-w- C:\Windows\System32\jscript9.dll
2011-11-04 01:44:47 1390080 ----a-w- C:\Windows\System32\wininet.dll
2011-11-04 01:44:21 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl
2011-11-04 01:34:43 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-03 22:47:42 1798144 ----a-w- C:\Windows\SysWow64\jscript9.dll
2011-11-03 22:40:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2011-11-03 22:39:47 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-11-03 22:31:57 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
.
============= FINISH: 22:39:16,26 ===============

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

• Do not run any other tool untill instructed to do so!
• please Do not Attach logs or put in code boxes.
• Tell me about any problems that have occurred during the fix.
• Tell me of any other symptoms you may be having as these can help also.
• Do not run anything while running a fix.
• Do not run any other tool untill instructed to do so!

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

• In your next post I need the following
  
• Log from Combofix
• let me know of any problems you may have had
  
• How is the computer doing now?

Gringo

Combofix tells me to stopMcAfee Antivirus.

I removed McAfee recently and it's seems that it's completly removed.

How can I do that ?

Thanks!

go ahead and run it I will remove what is left over


gringo

hum!

I'm on my laptop right now.

Combofix is running... but it's only a blue screen with title "administrateur"... Is it normal ?

how long has it been there


gringo

15 minutes now!

give it about 15 or 20 more min if nothing stop it and come tell me


gringo

35 minutes now.
nothing happen. Blue window with blinking cursor with title Administrateur.

BTW, I have Windows 7 in french ...

Do I need to run AS admin ?

Hello

Do I need to run AS admin ?
it would help if all our tools were run with admin privliges

go ahead and stop combofix and I want you to run this tool for me next.

tdsskiller:

Please read carefully and follow these steps.

• Download TDSSKiller and save it to your Desktop.
• doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Gringo

After tdsskiller:

No thread (no reboot)

21:38:57.0441 12656 TDSS rootkit removing tool 2.7.9.0 Feb 1 2012 09:28:49
21:38:57.0659 12656 ============================================================
21:38:57.0659 12656 Current date / time: 2012/02/02 21:38:57.0659
21:38:57.0659 12656 SystemInfo:
21:38:57.0659 12656
21:38:57.0659 12656 OS Version: 6.1.7601 ServicePack: 1.0
21:38:57.0659 12656 Product type: Workstation
21:38:57.0659 12656 ComputerName: XPS-PC
21:38:57.0659 12656 UserName: Fred
21:38:57.0659 12656 Windows directory: C:\Windows
21:38:57.0659 12656 System windows directory: C:\Windows
21:38:57.0659 12656 Running under WOW64
21:38:57.0659 12656 Processor architecture: Intel x64
21:38:57.0659 12656 Number of processors: 8
21:38:57.0659 12656 Page size: 0x1000
21:38:57.0659 12656 Boot type: Normal boot
21:38:57.0659 12656 ============================================================
21:38:58.0065 12656 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:38:58.0081 12656 \Device\Harddisk0\DR0:
21:38:58.0081 12656 MBR used
21:38:58.0081 12656 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1A7F000
21:38:58.0081 12656 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A93000, BlocksNum 0x72C73000
21:38:58.0112 12656 Initialize success
21:38:58.0112 12656 ============================================================
21:39:05.0600 11856 ============================================================
21:39:05.0600 11856 Scan started
21:39:05.0600 11856 Mode: Manual;
21:39:05.0600 11856 ============================================================
21:39:06.0411 11856 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
21:39:06.0427 11856 1394ohci - ok
21:39:06.0442 11856 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
21:39:06.0442 11856 ACPI - ok
21:39:06.0458 11856 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
21:39:06.0458 11856 AcpiPmi - ok
21:39:06.0536 11856 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
21:39:06.0536 11856 adp94xx - ok
21:39:06.0551 11856 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
21:39:06.0551 11856 adpahci - ok
21:39:06.0551 11856 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
21:39:06.0567 11856 adpu320 - ok
21:39:06.0598 11856 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
21:39:06.0614 11856 AFD - ok
21:39:06.0614 11856 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
21:39:06.0614 11856 agp440 - ok
21:39:06.0645 11856 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
21:39:06.0645 11856 aliide - ok
21:39:06.0661 11856 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
21:39:06.0661 11856 amdide - ok
21:39:06.0676 11856 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
21:39:06.0692 11856 AmdK8 - ok
21:39:06.0817 11856 amdkmdag (df943a113060d3abfda4730ae4163d6f) C:\Windows\system32\DRIVERS\atikmdag.sys
21:39:06.0941 11856 amdkmdag - ok
21:39:06.0973 11856 amdkmdap (4003b34b4a83de29cd1c88eb6c869e58) C:\Windows\system32\DRIVERS\atikmpag.sys
21:39:06.0973 11856 amdkmdap - ok
21:39:06.0988 11856 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
21:39:06.0988 11856 AmdPPM - ok
21:39:07.0004 11856 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
21:39:07.0004 11856 amdsata - ok
21:39:07.0035 11856 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
21:39:07.0035 11856 amdsbs - ok
21:39:07.0051 11856 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
21:39:07.0051 11856 amdxata - ok
21:39:07.0097 11856 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
21:39:07.0097 11856 AppID - ok
21:39:07.0113 11856 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
21:39:07.0113 11856 arc - ok
21:39:07.0129 11856 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
21:39:07.0129 11856 arcsas - ok
21:39:07.0160 11856 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
21:39:07.0160 11856 AsyncMac - ok
21:39:07.0191 11856 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
21:39:07.0191 11856 atapi - ok
21:39:07.0238 11856 AtiHDAudioService (4bf5bca6e2608cd8a00bc4a6673a9f47) C:\Windows\system32\drivers\AtihdW76.sys
21:39:07.0238 11856 AtiHDAudioService - ok
21:39:07.0269 11856 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
21:39:07.0269 11856 Avgfwfd - ok
21:39:07.0300 11856 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
21:39:07.0316 11856 AVGIDSDriver - ok
21:39:07.0347 11856 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
21:39:07.0347 11856 AVGIDSEH - ok
21:39:07.0347 11856 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
21:39:07.0363 11856 AVGIDSFilter - ok
21:39:07.0378 11856 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
21:39:07.0378 11856 Avgldx64 - ok
21:39:07.0394 11856 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
21:39:07.0394 11856 Avgmfx64 - ok
21:39:07.0425 11856 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
21:39:07.0441 11856 Avgrkx64 - ok
21:39:07.0472 11856 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
21:39:07.0472 11856 Avgtdia - ok
21:39:07.0503 11856 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
21:39:07.0519 11856 b06bdrv - ok
21:39:07.0534 11856 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
21:39:07.0534 11856 b57nd60a - ok
21:39:07.0565 11856 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
21:39:07.0565 11856 Beep - ok
21:39:07.0597 11856 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
21:39:07.0597 11856 blbdrive - ok
21:39:07.0643 11856 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
21:39:07.0643 11856 bowser - ok
21:39:07.0659 11856 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
21:39:07.0659 11856 BrFiltLo - ok
21:39:07.0675 11856 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
21:39:07.0675 11856 BrFiltUp - ok
21:39:07.0690 11856 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
21:39:07.0690 11856 Brserid - ok
21:39:07.0706 11856 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
21:39:07.0706 11856 BrSerWdm - ok
21:39:07.0721 11856 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
21:39:07.0721 11856 BrUsbMdm - ok
21:39:07.0737 11856 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
21:39:07.0737 11856 BrUsbSer - ok
21:39:07.0737 11856 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
21:39:07.0753 11856 BTHMODEM - ok
21:39:07.0768 11856 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
21:39:07.0768 11856 cdfs - ok
21:39:07.0784 11856 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
21:39:07.0799 11856 cdrom - ok
21:39:07.0815 11856 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
21:39:07.0815 11856 circlass - ok
21:39:07.0862 11856 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
21:39:07.0862 11856 CLFS - ok
21:39:07.0893 11856 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
21:39:07.0893 11856 CmBatt - ok
21:39:07.0909 11856 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
21:39:07.0909 11856 cmdide - ok
21:39:07.0940 11856 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
21:39:07.0955 11856 CNG - ok
21:39:07.0955 11856 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
21:39:07.0955 11856 Compbatt - ok
21:39:07.0987 11856 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
21:39:07.0987 11856 CompositeBus - ok
21:39:08.0018 11856 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
21:39:08.0018 11856 crcdisk - ok
21:39:08.0049 11856 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
21:39:08.0049 11856 DfsC - ok
21:39:08.0065 11856 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
21:39:08.0065 11856 discache - ok
21:39:08.0080 11856 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
21:39:08.0080 11856 Disk - ok
21:39:08.0111 11856 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
21:39:08.0127 11856 drmkaud - ok
21:39:08.0158 11856 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
21:39:08.0174 11856 DXGKrnl - ok
21:39:08.0236 11856 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
21:39:08.0236 11856 ebdrv - ok
21:39:08.0267 11856 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
21:39:08.0283 11856 elxstor - ok
21:39:08.0392 11856 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
21:39:08.0392 11856 ErrDev - ok
21:39:08.0408 11856 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
21:39:08.0423 11856 exfat - ok
21:39:08.0439 11856 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
21:39:08.0439 11856 fastfat - ok
21:39:08.0455 11856 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
21:39:08.0455 11856 fdc - ok
21:39:08.0486 11856 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
21:39:08.0486 11856 FileInfo - ok
21:39:08.0486 11856 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
21:39:08.0486 11856 Filetrace - ok
21:39:08.0517 11856 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
21:39:08.0517 11856 flpydisk - ok
21:39:08.0533 11856 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
21:39:08.0533 11856 FltMgr - ok
21:39:08.0548 11856 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
21:39:08.0548 11856 FsDepends - ok
21:39:08.0579 11856 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
21:39:08.0579 11856 Fs_Rec - ok
21:39:08.0595 11856 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
21:39:08.0595 11856 fvevol - ok
21:39:08.0611 11856 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
21:39:08.0611 11856 gagp30kx - ok
21:39:08.0657 11856 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:39:08.0673 11856 GEARAspiWDM - ok
21:39:08.0704 11856 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
21:39:08.0704 11856 hcw85cir - ok
21:39:08.0751 11856 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
21:39:08.0767 11856 HDAudBus - ok
21:39:08.0767 11856 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
21:39:08.0767 11856 HidBatt - ok
21:39:08.0798 11856 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
21:39:08.0798 11856 HidBth - ok
21:39:08.0829 11856 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
21:39:08.0829 11856 HidIr - ok
21:39:08.0876 11856 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
21:39:08.0876 11856 HidUsb - ok
21:39:08.0907 11856 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
21:39:08.0907 11856 HpSAMD - ok
21:39:08.0923 11856 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
21:39:08.0938 11856 HTTP - ok
21:39:08.0954 11856 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
21:39:08.0954 11856 hwpolicy - ok
21:39:08.0985 11856 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
21:39:08.0985 11856 i8042prt - ok
21:39:09.0016 11856 iaStor (f7ce9be72edac499b713eca6dae5d26f) C:\Windows\system32\drivers\iaStor.sys
21:39:09.0016 11856 iaStor - ok
21:39:09.0047 11856 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
21:39:09.0047 11856 iaStorV - ok
21:39:09.0063 11856 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
21:39:09.0063 11856 iirsp - ok
21:39:09.0094 11856 Impcd (dd587a55390ed2295bce6d36ad567da9) C:\Windows\system32\drivers\Impcd.sys
21:39:09.0110 11856 Impcd - ok
21:39:09.0188 11856 IntcAzAudAddService (235362d403d9d677514649d88db31914) C:\Windows\system32\drivers\RTKVHD64.sys
21:39:09.0203 11856 IntcAzAudAddService - ok
21:39:09.0250 11856 IntcDAud (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
21:39:09.0250 11856 IntcDAud - ok
21:39:09.0297 11856 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
21:39:09.0297 11856 intelide - ok
21:39:09.0313 11856 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
21:39:09.0313 11856 intelppm - ok
21:39:09.0328 11856 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:39:09.0344 11856 IpFilterDriver - ok
21:39:09.0359 11856 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
21:39:09.0359 11856 IPMIDRV - ok
21:39:09.0375 11856 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
21:39:09.0391 11856 IPNAT - ok
21:39:09.0453 11856 iPodDrv (02def37ab75e0032c50724646f708de8) C:\Windows\system32\drivers\iPodDrv.sys
21:39:09.0469 11856 iPodDrv - ok
21:39:09.0469 11856 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
21:39:09.0469 11856 IRENUM - ok
21:39:09.0500 11856 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
21:39:09.0500 11856 isapnp - ok
21:39:09.0531 11856 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
21:39:09.0531 11856 iScsiPrt - ok
21:39:09.0562 11856 k57nd60a (12e27942dbb7c91880163634b0d8a776) C:\Windows\system32\DRIVERS\k57nd60a.sys
21:39:09.0578 11856 k57nd60a - ok
21:39:09.0593 11856 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
21:39:09.0593 11856 kbdclass - ok
21:39:09.0640 11856 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
21:39:09.0640 11856 kbdhid - ok
21:39:09.0703 11856 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
21:39:09.0703 11856 KSecDD - ok
21:39:09.0734 11856 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
21:39:09.0734 11856 KSecPkg - ok
21:39:09.0749 11856 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
21:39:09.0749 11856 ksthunk - ok
21:39:09.0781 11856 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
21:39:09.0781 11856 lltdio - ok
21:39:09.0796 11856 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
21:39:09.0796 11856 LSI_FC - ok
21:39:09.0812 11856 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
21:39:09.0812 11856 LSI_SAS - ok
21:39:09.0859 11856 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
21:39:09.0859 11856 LSI_SAS2 - ok
21:39:09.0890 11856 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
21:39:09.0890 11856 LSI_SCSI - ok
21:39:09.0905 11856 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
21:39:09.0905 11856 luafv - ok
21:39:09.0921 11856 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
21:39:09.0921 11856 megasas - ok
21:39:09.0937 11856 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
21:39:09.0937 11856 MegaSR - ok
21:39:09.0968 11856 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys
21:39:09.0968 11856 MEIx64 - ok
21:39:10.0015 11856 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
21:39:10.0015 11856 Modem - ok
21:39:10.0015 11856 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
21:39:10.0030 11856 monitor - ok
21:39:10.0046 11856 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
21:39:10.0046 11856 mouclass - ok
21:39:10.0061 11856 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
21:39:10.0061 11856 mouhid - ok
21:39:10.0077 11856 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
21:39:10.0077 11856 mountmgr - ok
21:39:10.0093 11856 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
21:39:10.0093 11856 mpio - ok
21:39:10.0124 11856 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
21:39:10.0124 11856 mpsdrv - ok
21:39:10.0139 11856 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
21:39:10.0139 11856 MRxDAV - ok
21:39:10.0171 11856 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
21:39:10.0171 11856 mrxsmb - ok
21:39:10.0202 11856 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:39:10.0202 11856 mrxsmb10 - ok
21:39:10.0217 11856 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:39:10.0217 11856 mrxsmb20 - ok
21:39:10.0249 11856 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
21:39:10.0249 11856 msahci - ok
21:39:10.0264 11856 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
21:39:10.0264 11856 msdsm - ok
21:39:10.0280 11856 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
21:39:10.0280 11856 Msfs - ok
21:39:10.0311 11856 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
21:39:10.0311 11856 mshidkmdf - ok
21:39:10.0342 11856 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
21:39:10.0342 11856 msisadrv - ok
21:39:10.0373 11856 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
21:39:10.0373 11856 MSKSSRV - ok
21:39:10.0389 11856 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
21:39:10.0389 11856 MSPCLOCK - ok
21:39:10.0405 11856 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
21:39:10.0405 11856 MSPQM - ok
21:39:10.0436 11856 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
21:39:10.0451 11856 MsRPC - ok
21:39:10.0467 11856 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
21:39:10.0467 11856 mssmbios - ok
21:39:10.0483 11856 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
21:39:10.0483 11856 MSTEE - ok
21:39:10.0498 11856 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
21:39:10.0514 11856 MTConfig - ok
21:39:10.0529 11856 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
21:39:10.0529 11856 Mup - ok
21:39:10.0561 11856 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
21:39:10.0561 11856 NativeWifiP - ok
21:39:10.0607 11856 NDIS (c38b8ae57f78915905064a9a24dc1586) C:\Windows\system32\drivers\ndis.sys
21:39:10.0623 11856 NDIS - ok
21:39:10.0639 11856 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
21:39:10.0654 11856 NdisCap - ok
21:39:10.0685 11856 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
21:39:10.0685 11856 NdisTapi - ok
21:39:10.0701 11856 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
21:39:10.0701 11856 Ndisuio - ok
21:39:10.0717 11856 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
21:39:10.0717 11856 NdisWan - ok
21:39:10.0732 11856 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
21:39:10.0732 11856 NDProxy - ok
21:39:10.0763 11856 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
21:39:10.0763 11856 NetBIOS - ok
21:39:10.0779 11856 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
21:39:10.0779 11856 NetBT - ok
21:39:10.0826 11856 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
21:39:10.0826 11856 nfrd960 - ok
21:39:10.0841 11856 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
21:39:10.0841 11856 Npfs - ok
21:39:10.0888 11856 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
21:39:10.0904 11856 nsiproxy - ok
21:39:10.0951 11856 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
21:39:10.0982 11856 Ntfs - ok
21:39:10.0997 11856 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
21:39:10.0997 11856 Null - ok
21:39:11.0013 11856 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
21:39:11.0013 11856 nvraid - ok
21:39:11.0044 11856 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
21:39:11.0044 11856 nvstor - ok
21:39:11.0075 11856 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
21:39:11.0075 11856 nv_agp - ok
21:39:11.0107 11856 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
21:39:11.0107 11856 ohci1394 - ok
21:39:11.0169 11856 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
21:39:11.0169 11856 Parport - ok
21:39:11.0185 11856 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
21:39:11.0185 11856 partmgr - ok
21:39:11.0247 11856 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms
21:39:11.0247 11856 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok
21:39:11.0278 11856 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
21:39:11.0278 11856 pci - ok
21:39:11.0309 11856 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
21:39:11.0309 11856 pciide - ok
21:39:11.0325 11856 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
21:39:11.0325 11856 pcmcia - ok
21:39:11.0341 11856 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
21:39:11.0356 11856 pcw - ok
21:39:11.0372 11856 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
21:39:11.0387 11856 PEAUTH - ok
21:39:11.0465 11856 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
21:39:11.0465 11856 PptpMiniport - ok
21:39:11.0481 11856 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
21:39:11.0481 11856 Processor - ok
21:39:11.0497 11856 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
21:39:11.0497 11856 Psched - ok
21:39:11.0543 11856 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
21:39:11.0543 11856 PxHlpa64 - ok
21:39:11.0590 11856 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
21:39:11.0590 11856 ql2300 - ok
21:39:11.0621 11856 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
21:39:11.0621 11856 ql40xx - ok
21:39:11.0653 11856 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
21:39:11.0653 11856 QWAVEdrv - ok
21:39:11.0668 11856 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
21:39:11.0684 11856 RasAcd - ok
21:39:11.0699 11856 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
21:39:11.0699 11856 RasAgileVpn - ok
21:39:11.0715 11856 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
21:39:11.0731 11856 Rasl2tp - ok
21:39:11.0731 11856 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
21:39:11.0746 11856 RasPppoe - ok
21:39:11.0746 11856 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
21:39:11.0762 11856 RasSstp - ok
21:39:11.0777 11856 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
21:39:11.0777 11856 rdbss - ok
21:39:11.0793 11856 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
21:39:11.0793 11856 rdpbus - ok
21:39:11.0809 11856 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
21:39:11.0809 11856 RDPCDD - ok
21:39:11.0840 11856 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
21:39:11.0840 11856 RDPENCDD - ok
21:39:11.0855 11856 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
21:39:11.0855 11856 RDPREFMP - ok
21:39:11.0871 11856 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
21:39:11.0887 11856 RDPWD - ok
21:39:11.0902 11856 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
21:39:11.0918 11856 rdyboost - ok
21:39:11.0949 11856 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
21:39:11.0949 11856 rspndr - ok
21:39:11.0949 11856 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
21:39:11.0949 11856 sbp2port - ok
21:39:11.0965 11856 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
21:39:11.0965 11856 scfilter - ok
21:39:11.0980 11856 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
21:39:11.0980 11856 secdrv - ok
21:39:12.0011 11856 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
21:39:12.0011 11856 Serenum - ok
21:39:12.0011 11856 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
21:39:12.0011 11856 Serial - ok
21:39:12.0043 11856 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
21:39:12.0043 11856 sermouse - ok
21:39:12.0058 11856 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
21:39:12.0074 11856 sffdisk - ok
21:39:12.0089 11856 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
21:39:12.0089 11856 sffp_mmc - ok
21:39:12.0105 11856 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
21:39:12.0105 11856 sffp_sd - ok
21:39:12.0121 11856 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
21:39:12.0121 11856 sfloppy - ok
21:39:12.0167 11856 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
21:39:12.0167 11856 SiSRaid2 - ok
21:39:12.0183 11856 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
21:39:12.0183 11856 SiSRaid4 - ok
21:39:12.0214 11856 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
21:39:12.0214 11856 Smb - ok
21:39:12.0261 11856 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
21:39:12.0261 11856 spldr - ok
21:39:12.0292 11856 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
21:39:12.0292 11856 srv - ok
21:39:12.0308 11856 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
21:39:12.0323 11856 srv2 - ok
21:39:12.0339 11856 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
21:39:12.0339 11856 srvnet - ok
21:39:12.0355 11856 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
21:39:12.0370 11856 stexstor - ok
21:39:12.0386 11856 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
21:39:12.0386 11856 swenum - ok
21:39:12.0479 11856 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
21:39:12.0511 11856 Tcpip - ok
21:39:12.0557 11856 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
21:39:12.0557 11856 TCPIP6 - ok
21:39:12.0604 11856 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
21:39:12.0604 11856 tcpipreg - ok
21:39:12.0620 11856 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
21:39:12.0620 11856 TDPIPE - ok
21:39:12.0635 11856 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
21:39:12.0635 11856 TDTCP - ok
21:39:12.0682 11856 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
21:39:12.0698 11856 tdx - ok
21:39:12.0729 11856 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
21:39:12.0729 11856 TermDD - ok
21:39:12.0760 11856 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
21:39:12.0760 11856 tssecsrv - ok
21:39:12.0776 11856 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
21:39:12.0776 11856 TsUsbFlt - ok
21:39:12.0791 11856 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
21:39:12.0791 11856 TsUsbGD - ok
21:39:12.0823 11856 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
21:39:12.0823 11856 tunnel - ok
21:39:12.0838 11856 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
21:39:12.0838 11856 uagp35 - ok
21:39:12.0869 11856 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
21:39:12.0869 11856 udfs - ok
21:39:12.0885 11856 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
21:39:12.0901 11856 uliagpkx - ok
21:39:12.0916 11856 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
21:39:12.0916 11856 umbus - ok
21:39:12.0916 11856 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
21:39:12.0916 11856 UmPass - ok
21:39:12.0979 11856 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
21:39:12.0979 11856 USBAAPL64 - ok
21:39:13.0010 11856 usbccgp (19ad7990c0b67e48dac5b26f99628223) C:\Windows\system32\DRIVERS\usbccgp.sys
21:39:13.0010 11856 usbccgp - ok
21:39:13.0025 11856 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
21:39:13.0025 11856 usbcir - ok
21:39:13.0057 11856 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
21:39:13.0057 11856 usbehci - ok
21:39:13.0072 11856 usbhub (8b892002d7b79312821169a14317ab86) C:\Windows\system32\DRIVERS\usbhub.sys
21:39:13.0088 11856 usbhub - ok
21:39:13.0103 11856 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
21:39:13.0103 11856 usbohci - ok
21:39:13.0103 11856 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
21:39:13.0103 11856 usbprint - ok
21:39:13.0119 11856 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:39:13.0135 11856 USBSTOR - ok
21:39:13.0150 11856 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
21:39:13.0150 11856 usbuhci - ok
21:39:13.0181 11856 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
21:39:13.0181 11856 vdrvroot - ok
21:39:13.0213 11856 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
21:39:13.0213 11856 vga - ok
21:39:13.0228 11856 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
21:39:13.0228 11856 VgaSave - ok
21:39:13.0259 11856 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
21:39:13.0259 11856 vhdmp - ok
21:39:13.0259 11856 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
21:39:13.0259 11856 viaide - ok
21:39:13.0291 11856 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
21:39:13.0291 11856 volmgr - ok
21:39:13.0322 11856 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
21:39:13.0322 11856 volmgrx - ok
21:39:13.0337 11856 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
21:39:13.0353 11856 volsnap - ok
21:39:13.0353 11856 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
21:39:13.0353 11856 vsmraid - ok
21:39:13.0384 11856 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
21:39:13.0384 11856 vwifibus - ok
21:39:13.0431 11856 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
21:39:13.0431 11856 WacomPen - ok
21:39:13.0478 11856 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:39:13.0478 11856 WANARP - ok
21:39:13.0478 11856 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
21:39:13.0478 11856 Wanarpv6 - ok
21:39:13.0509 11856 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
21:39:13.0525 11856 Wd - ok
21:39:13.0540 11856 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
21:39:13.0540 11856 Wdf01000 - ok
21:39:13.0571 11856 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
21:39:13.0571 11856 WfpLwf - ok
21:39:13.0603 11856 WimFltr (b14ef15bd757fa488f9c970eee9c0d35) C:\Windows\system32\DRIVERS\wimfltr.sys
21:39:13.0603 11856 WimFltr - ok
21:39:13.0618 11856 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
21:39:13.0618 11856 WIMMount - ok
21:39:13.0649 11856 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
21:39:13.0649 11856 WmiAcpi - ok
21:39:13.0665 11856 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
21:39:13.0665 11856 ws2ifsl - ok
21:39:13.0696 11856 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
21:39:13.0696 11856 WudfPf - ok
21:39:13.0727 11856 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
21:39:13.0727 11856 WUDFRd - ok
21:39:13.0743 11856 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
21:39:13.0821 11856 \Device\Harddisk0\DR0 - ok
21:39:13.0837 11856 Boot (0x1200) (773584bab0ee960c93e714b4e83b6e02) \Device\Harddisk0\DR0\Partition0
21:39:13.0837 11856 \Device\Harddisk0\DR0\Partition0 - ok
21:39:13.0852 11856 Boot (0x1200) (5276a3a441fc404256c909e68c9213d6) \Device\Harddisk0\DR0\Partition1
21:39:13.0852 11856 \Device\Harddisk0\DR0\Partition1 - ok
21:39:13.0852 11856 ============================================================
21:39:13.0852 11856 Scan finished
21:39:13.0852 11856 ============================================================
21:39:13.0852 1564 Detected object count: 0
21:39:13.0852 1564 Actual detected object count: 0

Hello

This is the tool I would like you to try and run next.

Please download aswMBR ( 511KB ) to your desktop.

• Double click the aswMBR.exe icon to run it
• it will ask to download extra definitions - ALLOW IT
• Click the Scan button to start the scan
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo

I tried 3 times.

aswMBR crash at the same place each time:

I don't have the full path, but I can see that: Scanning: c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications....

Hello

I would like you to run this tool for me - fixTDSS

download it to your desktop and start the program

Follow the prompts and Ok any security prompts

when it is complete it will say the infection was cleared or no infection was found - let me know what it says

after it is complete I want you to restart the computer and try to rerun ASWMbr for me and send me the report

• Double click the aswMBR.exe icon to run it
• Click the Scan button to start the scan
• On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

Gringo

Hello!

fixTDSS: No infection

After the restart, I rerun ASWMbr and it crash at the same place (2 or 3 minutes after the start).

c:\windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Tools.Applications....