Possible Virus Infection on Laptop

 About a week ago, I went to a website and during the visit, my laptop starting acting strange...I immediately used Malwarebytes and SuperAntiSpyware and found about 3 viruses and hyjackers...But I still am having a very unsable laptop. Most I find my Internet Explorer flashes on and off during useage.

 I was wondering i there is anything else you could suggest me using to find out whats going on...?

 As always, many thanks for this site and your assistance

[Malware Removal Specialist]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
***********************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

Super AntiSpy LOG

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/21/2011 at 11:14 PM

Application Version : 4.47.1000

Core Rules Database Version : 7968
Trace Rules Database Version: 5780

Scan type       : Complete Scan
Total Scan Time : 05:59:25

Memory items scanned      : 718
Memory threats detected   : 0
Registry items scanned    : 15198
Registry threats detected : 0
File items scanned        : 309361
File threats detected     : 31

Adware.Tracking Cookie
   C:\Users\RichardNew\AppData\Roaming\Microsoft\Windows\Cookies\JUL4Z425.txt
   C:\Users\RichardNew\AppData\Roaming\Microsoft\Windows\Cookies\HEHJBVBR.txt
   C:\Users\RichardNew\AppData\Roaming\Microsoft\Windows\Cookies\W9FK2HHN.txt
   C:\Users\RichardNew\AppData\Roaming\Microsoft\Windows\Cookies\H0YCNNGV.txt
   C:\Users\RichardNew\AppData\Roaming\Microsoft\Windows\Cookies\II6DCAR9.txt
   media.heavy.com [ C:\Users\Matt\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\6KP34XM4 ]
   .invitemedia.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .invitemedia.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .atdmt.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .imrworldwide.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .imrworldwide.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .doubleclick.net [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .r1-ads.ace.advertising.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .advertising.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .serving-sys.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]
   .ads.pointroll.com [ C:\Users\Michael\AppData\Local\Google\Chrome\User Data\Default\Cookies ]


DDS SCAN LOG


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.0.0
Run by RichardNew at 17:58:17 on 2011-11-21
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3999.1668 [GMT -5:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_b87ff64c8b56b7db\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\LSI SoftModem\agr64svc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CQG\CQG.AutoUpgrade.Service\CQG.AutoUpgrade.StartUpNTService.exe
C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgemca.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\OO Software\Defrag\oodag.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\OO Software\Defrag\oodtray.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Ask.com\Updater\Updater.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\StikyNot.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.facebook.com/home.php
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mURLSearchHooks: H - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: ChromeFrame BHO: {ecb3c477-1a0a-44bd-bb57-78f9efe34fa7} - C:\Program Files (x86)\Google\Chrome Frame\Application\15.0.874.121\npchrome_frame.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
TB: ooVoo toolbar, powered by Ask.com: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [PxDotNetLoader] "C:\Program Files (x86)\Fidelity Investments\Fidelity Active Trader\System\ATPStartupAssistant.exe"
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [RESTART_STICKY_NOTES] C:\Windows\system32\StikyNot.exe
mRun: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun: [5-Day Forecast] "C:\Program Files (x86)\5-Day Forecast\5-Day Forecast\5-Day Forecast.exe" /Startup
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [<NO NAME>]
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
StartupFolder: C:\Users\RICHAR~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\YAHOO!~1.LNK - C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
uPolicies-explorer: NoThumbnailCache = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableSecureUIAPaths = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
dPolicies-system: WallpaperStyle = 2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.127.0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: {CAC161FD-C2F9-4F0F-95F3-A3D4E5D465CD} - hxxps://www.besttrading.com/webentryd/BCITCP.CAB
DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F2AA5658-00B3-4777-8157-C224B26C282E} - hxxps://www.besttrading.com/webentryd/prBDStockChart.CAB
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B93116B1-ACB8-4BED-85CC-DE94267B7A83} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B93116B1-ACB8-4BED-85CC-DE94267B7A83}\155716E64716270213537333 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B93116B1-ACB8-4BED-85CC-DE94267B7A83}\241636861627163686F57457563747 : DhcpNameServer = 63.167.141.10 198.6.1.4
TCP: Interfaces\{B93116B1-ACB8-4BED-85CC-DE94267B7A83}\25943484142544E45475D20534F5E4564777F627B6 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B93116B1-ACB8-4BED-85CC-DE94267B7A83}\37F6F69723D275962756C6563737 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{B93116B1-ACB8-4BED-85CC-DE94267B7A83}\E4544574541425 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\15.0.874.121\npchrome_frame.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
Handler: x-atng - {7e8717b0-d862-11d5-8c9e-00010304f989} - C:\Program Files (x86)\Fidelity Investments\Fidelity Active Trader\System\atngprot.dll
AppInit_DLLs: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64:     HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64:     AcroIEHelperStub - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64:     WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64:     URLRedirectionBHO - No File
BHO-X64: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO-X64:     Ask Toolbar BHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO-X64: ChromeFrame BHO: {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\15.0.874.121\npchrome_frame.dll
BHO-X64:     ChromeFrame BHO - No File
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64:     HP Smart BHO Class - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
TB-X64: ooVoo toolbar, powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
mRun-x64: [DATAMNGR] C:\PROGRA~2\WI3C8A~1\Datamngr\DATAMN~1.EXE
mRun-x64: [5-Day Forecast] "C:\Program Files (x86)\5-Day Forecast\5-Day Forecast\5-Day Forecast.exe" /Startup
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [(Default)]
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
AppInit_DLLs-X64: C:\PROGRA~2\WI3C8A~1\Datamngr\datamngr.dll C:\PROGRA~2\WI3C8A~1\Datamngr\IEBHO.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\RichardNew\AppData\Roaming\Mozilla\Firefox\Profiles\gnrq9mw8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll
FF - plugin: C:\Users\RichardNew\AppData\Roaming\Move Networks\plugins\npqmp071706000001.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2010-2-17 14920]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2010-2-17 12360]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 CQG.AutoUpgrade.StartUpNTService;CQG AutoUpgrade Service;C:\Program Files (x86)\CQG\CQG.AutoUpgrade.Service\CQG.AutoUpgrade.StartUpNTService.exe [2010-10-15 28672]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?]
R2 OODefragAgent;O&O Defrag;C:\Program Files\OO Software\Defrag\oodag.exe [2011-1-12 3134792]
R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]
R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-8-9 228408]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
S2 KMService;KMService;C:\Windows\System32\srvany.exe [2011-11-10 8192]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\system32\DRIVERS\VSTAZL6.SYS --> C:\Windows\system32\DRIVERS\VSTAZL6.SYS [?]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\system32\DRIVERS\VSTDPV6.SYS --> C:\Windows\system32\DRIVERS\VSTDPV6.SYS [?]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\system32\DRIVERS\VSTCNXT6.SYS --> C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]
.
=============== Created Last 30 ================
.
2011-11-19 02:39:07   --------   d-----w-   C:\Users\RichardNew\AppData\Roaming\Bitcoin
2011-11-16 11:48:09   --------   d-----w-   C:\Program Files (x86)\Mastertrader.com
2011-11-15 02:50:06   --------   d-----w-   C:\RealTick
2011-11-11 02:14:27   8192   ----a-w-   C:\Windows\SysWow64\srvany.exe
2011-11-09 21:08:10   886784   ----a-w-   C:\Program Files\Common Files\System\wab32.dll
2011-11-09 21:08:10   708608   ----a-w-   C:\Program Files (x86)\Common Files\System\wab32.dll
2011-11-09 21:08:07   1923952   ----a-w-   C:\Windows\System32\drivers\tcpip.sys
2011-11-09 21:08:05   3144704   ----a-w-   C:\Windows\System32\win32k.sys
2011-11-08 01:42:08   19416   ----a-w-   C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2011-11-01 14:09:31   947472   ----a-w-   C:\Windows\SysWow64\msjava.bak
2011-11-01 13:01:36   --------   d-----w-   C:\ProgramData\WebEx
2011-10-31 13:58:20   --------   d-----w-   C:\Program Files (x86)\NinjaTrader 7
2011-10-28 00:53:03   270240   ----a-w-   C:\Windows\SysWow64\PnkBstrB.xtr
2011-10-27 20:59:26   270240   ----a-w-   C:\Windows\SysWow64\PnkBstrB.exe
2011-10-27 20:59:26   270240   ----a-w-   C:\Windows\SysWow64\PnkBstrB.ex0
2011-10-27 20:59:24   75136   ----a-w-   C:\Windows\SysWow64\PnkBstrA.exe
2011-10-27 20:33:31   --------   d-----w-   C:\Users\RichardNew\AppData\Local\Microsoft Games
2011-10-25 23:46:04   --------   d-----w-   C:\Users\RichardNew\AppData\Roaming\ooVoo Details
2011-10-25 23:45:39   --------   d-----w-   C:\Program Files (x86)\Ask.com
2011-10-25 23:45:28   --------   d-----w-   C:\Program Files (x86)\ooVoo
2011-10-23 00:30:43   --------   d-----w-   C:\Program Files (x86)\Research In Motion Limited
.
==================== Find3M  ====================
.
2011-10-19 15:31:44   544656   ----a-w-   C:\Windows\SysWow64\deployJava1.dll
2011-10-07 10:23:46   283728   ----a-w-   C:\Windows\System32\drivers\avgldx64.sys
2011-09-17 20:06:27   404640   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-13 10:30:08   37456   ----a-w-   C:\Windows\System32\drivers\avgrkx64.sys
2011-09-01 05:24:07   2309120   ----a-w-   C:\Windows\System32\jscript9.dll
2011-09-01 05:17:57   1389056   ----a-w-   C:\Windows\System32\wininet.dll
2011-09-01 05:12:04   2382848   ----a-w-   C:\Windows\System32\mshtml.tlb
2011-09-01 02:35:59   1798144   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2011-09-01 02:28:15   1126912   ----a-w-   C:\Windows\SysWow64\wininet.dll
2011-09-01 02:22:54   2382848   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2011-08-31 21:00:50   25416   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2011-08-27 05:37:49   861696   ----a-w-   C:\Windows\System32\oleaut32.dll
2011-08-27 05:37:48   331776   ----a-w-   C:\Windows\System32\oleacc.dll
2011-08-27 04:26:27   571904   ----a-w-   C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:26:27   233472   ----a-w-   C:\Windows\SysWow64\oleacc.dll
.
============= FINISH: 18:04:56.93 ===============




MalwareBytes LOG 



Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8178

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

11/21/2011 2:27:48 PM
mbam-log-2011-11-21 (14-27-48).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 509757
Time elapsed: 1 hour(s), 51 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\program files (x86)\winpalace\miniprocess.exe (Adware.Casino) -> Quarantined and deleted successfully.

DDS Page #2


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/25/2010 11:06:13 AM
System Uptime: 11/21/2011 2:29:00 PM (4 hours ago)
.
Motherboard: Quanta |  | 3627
Processor: Pentium(R) Dual-Core CPU       T4300  @ 2.10GHz | CPU | 294/800mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 130.397 GiB free.
D: is FIXED (NTFS) - 13 GiB total, 2.127 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e971-e325-11ce-bfc1-08002be10318}
Description: Photosmart C4700 series
Device ID: ROOT\MULTIFUNCTION\0000
Manufacturer: HP
Name: Photosmart C4700 series
PNP Device ID: ROOT\MULTIFUNCTION\0000
Service:
.
==== System Restore Points ===================
.
RP233: 11/12/2011 12:00:04 AM - Scheduled Checkpoint
RP235: 11/14/2011 9:49:43 PM - Installed RealTick
RP237: 11/16/2011 6:37:57 AM - Removed RealTick
RP238: 11/16/2011 6:48:05 AM - Installed MTDirect Pro
RP239: 11/17/2011 8:06:32 AM - Removed MTDirect Pro
RP241: 11/17/2011 8:49:53 AM - Installed RealTick
RP243: 11/17/2011 10:11:13 AM - Removed RealTick
.
==== Installed Programs ======================
.
5-Day Forecast
Acrobat.com
Activate Norton Online Backup
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.1)
Adobe Shockwave Player 11.5
Apple Application Support
Apple Software Update
Ask Toolbar
AVG Security Toolbar
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Battlefield Heroes
BlackBerry App World Browser Plugin
BufferChm
C4700
Compatibility Pack for the 2007 Office system
CQG.AutoUpgrade.Service
CyberLink DVD Suite
D3DX10
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
Fidelity Active Trader Pro®
FixCleaner
Google Chrome Frame
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService2
HP Games
HP MediaSmart Internet TV
HP MediaSmart Live TV
HP MediaSmart Movie Themes
HP MediaSmart SlingPlayer
HP MediaSmart Software Notebook Demo
HP MediaSmart Webcam
HP Quick Launch Buttons
HP Setup
HP Smart Web Printing
HP Support Assistant
HP Update
HP User Guides 0154
HPAsset component for HP Active Support Library
HPPhotoGadget
hpPrintProjects
HPProductAssistant
hpWLPGInstaller
IDT Audio
Java Auto Updater
Java(TM) 6 Update 29
Java(TM) 7
Junk Mail filter update
LabelPrint
LightScribe System Software
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Move Media Player
Mozilla Firefox 7.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
ooVoo
Power2Go
PowerDirector
PowerRecover
PS_AIO_06_C4700_SW_Min
PunkBuster Services
QLBCASL
QuickTime
Realtek 8136 8168 8169 Ethernet Driver
Realtek USB 2.0 Card Reader
Rosetta Stone Version 3
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft Excel 2010 (KB2553070)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
ShufflePlusVLOI
Skype™ 4.0
SolutionCenter
Status
The Ultimate Troubleshooter
Tixati
Toolbox
TrayApp
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Visual Studio 2008 x64 Redistributables
VLC media player 1.1.8
WebReg
Windows iLivid Toolbar
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows SideShow Managed Runtime 1.0
WinPalace
WinRAR archiver
Yahoo! Install Manager
Yahoo! Software Update
Yahoo! Widgets
.
==== Event Viewer Messages From Past Week ========
.
11/21/2011 2:31:28 PM, Error: Service Control Manager [7022]  - The CQG AutoUpgrade Service service hung on starting.
11/20/2011 5:07:54 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Spooler service.
11/20/2011 5:07:24 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
11/20/2011 4:30:05 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
11/20/2011 3:27:25 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPSLPSVC service.
11/20/2011 3:27:20 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Pml Driver HPZ12 service to connect.
11/20/2011 3:27:20 PM, Error: Service Control Manager [7000]  - The Pml Driver HPZ12 service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/19/2011 2:12:11 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the CQG AutoUpgrade Service service to connect.
11/19/2011 2:12:11 PM, Error: Service Control Manager [7000]  - The CQG AutoUpgrade Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
11/18/2011 10:38:57 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
.
==== End Of File ===========================

[Malware Removal Specialist]

I strongly recommend that you remove Ask from your computer because it;

•Promotes its toolbars on sites targeted to kids.

•Promotes its toolbars through ads that appear to be part of other companies' sites.

•Promotes its toolbars through other companies' spyware.

•Installs without any disclosure whatsoever and without any consent whatsoever.

•Solicits installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link.

•Makes confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit.

See Here for more info.

If you choose to follow my recommendation then please go to Start > Control Panel > Add/Remove Programs and remove the following programs if present.

•AskBarDis or anything related to Ask

Then please find and delete this folder in bold (if present):
C:\Program Files\AskBarDis. or anything related to Ask.
********************************************************
Download OTL to your desktop.

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL

mURLSearchHooks: H - No File
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
mRun: [<NO NAME>]
BHO-X64:     HP Print Enhancer - No File
BHO-X64:     AcroIEHelperStub - No File
BHO-X64:     WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64:     URLRedirectionBHO - No File
BHO-X64:     Ask Toolbar BHO - No File
BHO-X64:     ChromeFrame BHO - No File
BHO-X64:     HP Smart BHO Class - No File

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
****************************************************************

Download ComboFix by sUBs from one of the below links.  Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

As reuested, I have removed anything having to do with ASK.

ComboFix Log

 ComboFix 11-11-22.02 - RichardNew 11/22/2011  19:47:24.4.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3999.2559 [GMT -5:00]
Running from: c:\users\RichardNew\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
C:\khq
c:\program files (x86)\Downloaded Installers
c:\program files (x86)\Downloaded Installers\{EB0696D4-2A41-40E5-B848-F148B3C4590D}\setup.msi
c:\users\RichardNew\AppData\Roaming\Bitcoin
c:\users\RichardNew\AppData\Roaming\Bitcoin\.lock
c:\users\RichardNew\AppData\Roaming\Bitcoin\__db.001
c:\users\RichardNew\AppData\Roaming\Bitcoin\__db.002
c:\users\RichardNew\AppData\Roaming\Bitcoin\__db.003
c:\users\RichardNew\AppData\Roaming\Bitcoin\__db.004
c:\users\RichardNew\AppData\Roaming\Bitcoin\__db.005
c:\users\RichardNew\AppData\Roaming\Bitcoin\__db.006
c:\users\RichardNew\AppData\Roaming\Bitcoin\addr.dat
c:\users\RichardNew\AppData\Roaming\Bitcoin\blk0001.dat
c:\users\RichardNew\AppData\Roaming\Bitcoin\blkindex.dat
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000001
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000002
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000003
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000004
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000005
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000006
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000007
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000008
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000009
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000010
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000011
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000012
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000013
c:\users\RichardNew\AppData\Roaming\Bitcoin\database\log.0000000014
c:\users\RichardNew\AppData\Roaming\Bitcoin\db.log
c:\users\RichardNew\AppData\Roaming\Bitcoin\debug.log
c:\users\RichardNew\AppData\Roaming\Bitcoin\wallet.dat
c:\windows\assembly\tmp\U
c:\windows\assembly\tmp\U\000000c0.@
c:\windows\assembly\tmp\U\000000cb.@
c:\windows\assembly\tmp\U\000000cf.@
c:\windows\assembly\tmp\U\80000000.@
c:\windows\assembly\tmp\U\800000c0.@
c:\windows\assembly\tmp\U\800000cb.@
c:\windows\assembly\tmp\U\800000cf.@
c:\windows\av_ico
.
.
(((((((((((((((((((((((((   Files Created from 2011-10-23 to 2011-11-23  )))))))))))))))))))))))))))))))
.
.
2011-11-23 01:58 . 2011-11-23 01:58   --------   d-----w-   c:\users\Public\AppData\Local\temp
2011-11-23 01:58 . 2011-11-23 01:58   --------   d-----w-   c:\users\Default\AppData\Local\temp
2011-11-23 01:58 . 2011-11-23 01:58   --------   d-----w-   c:\users\Michael\AppData\Local\temp
2011-11-23 01:58 . 2011-11-23 01:58   --------   d-----w-   c:\users\Matt\AppData\Local\temp
2011-11-23 00:39 . 2011-11-23 00:39   --------   d-----w-   C:\_OTL
2011-11-16 11:48 . 2011-11-16 11:48   --------   d-----w-   c:\program files (x86)\Mastertrader.com
2011-11-15 02:50 . 2011-11-17 15:12   --------   d-----w-   C:\RealTick
2011-11-11 02:14 . 2011-11-11 02:08   8192   ----a-w-   c:\windows\SysWow64\srvany.exe
2011-11-09 21:08 . 2011-10-01 05:45   886784   ----a-w-   c:\program files\Common Files\System\wab32.dll
2011-11-09 21:08 . 2011-10-01 04:37   708608   ----a-w-   c:\program files (x86)\Common Files\System\wab32.dll
2011-11-09 21:08 . 2011-09-29 16:29   1923952   ----a-w-   c:\windows\system32\drivers\tcpip.sys
2011-11-09 21:08 . 2011-09-29 04:03   3144704   ----a-w-   c:\windows\system32\win32k.sys
2011-11-08 01:42 . 2011-11-08 01:42   19416   ----a-w-   c:\program files (x86)\Mozilla Firefox\AccessibleMarshal.dll
2011-11-06 00:31 . 2011-11-06 00:35   --------   d-----w-   c:\users\Matt\AppData\Roaming\ooVoo Details
2011-11-04 21:30 . 2011-11-04 21:30   --------   d-----w-   c:\users\Michael\AppData\Roaming\Apple Computer
2011-11-02 14:20 . 2011-11-02 14:20   --------   d-----w-   c:\users\Default\AppData\Local\Microsoft Help
2011-11-01 14:09 . 2003-02-28 21:26   947472   ----a-w-   c:\windows\SysWow64\msjava.bak
2011-11-01 13:01 . 2011-11-11 01:55   --------   d-----w-   c:\programdata\WebEx
2011-10-31 13:58 . 2011-11-01 10:52   --------   d-----w-   c:\program files (x86)\NinjaTrader 7
2011-10-28 00:53 . 2011-10-28 19:14   270240   ----a-w-   c:\windows\SysWow64\PnkBstrB.xtr
2011-10-28 00:52 . 2011-10-28 00:52   --------   d-----w-   c:\users\Michael\AppData\Local\PunkBuster
2011-10-27 20:59 . 2011-10-28 19:14   270240   ----a-w-   c:\windows\SysWow64\PnkBstrB.exe
2011-10-27 20:59 . 2011-10-28 18:58   270240   ----a-w-   c:\windows\SysWow64\PnkBstrB.ex0
2011-10-27 20:59 . 2011-10-27 20:59   75136   ----a-w-   c:\windows\SysWow64\PnkBstrA.exe
2011-10-27 20:33 . 2011-10-27 20:33   --------   d-----w-   c:\users\RichardNew\AppData\Local\Microsoft Games
2011-10-25 23:49 . 2011-10-25 23:50   --------   d-----w-   c:\users\Michael\AppData\Roaming\ooVoo Details
2011-10-25 23:49 . 2011-10-25 23:49   --------   d-----w-   c:\users\Michael\AppData\Roaming\HP
2011-10-25 23:46 . 2011-10-27 20:20   --------   d-----w-   c:\users\RichardNew\AppData\Roaming\ooVoo Details
2011-10-25 23:45 . 2011-10-25 23:45   --------   d-----w-   c:\program files (x86)\ooVoo
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-19 15:31 . 2010-12-25 16:57   544656   ----a-w-   c:\windows\SysWow64\deployJava1.dll
2011-10-07 10:23 . 2011-10-07 10:23   283728   ----a-w-   c:\windows\system32\drivers\avgldx64.sys
2011-09-17 20:06 . 2011-09-17 20:06   404640   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-09-13 10:30 . 2011-09-13 10:30   37456   ----a-w-   c:\windows\system32\drivers\avgrkx64.sys
2011-09-01 05:24 . 2011-10-14 12:28   2309120   ----a-w-   c:\windows\system32\jscript9.dll
2011-09-01 05:17 . 2011-10-14 12:28   1389056   ----a-w-   c:\windows\system32\wininet.dll
2011-09-01 05:12 . 2011-10-14 12:28   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-09-01 02:35 . 2011-10-14 12:28   1798144   ----a-w-   c:\windows\SysWow64\jscript9.dll
2011-09-01 02:28 . 2011-10-14 12:28   1126912   ----a-w-   c:\windows\SysWow64\wininet.dll
2011-09-01 02:22 . 2011-10-14 12:28   2382848   ----a-w-   c:\windows\SysWow64\mshtml.tlb
2011-08-31 21:00 . 2011-04-27 00:21   25416   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-08-27 05:37 . 2011-10-13 10:49   861696   ----a-w-   c:\windows\system32\oleaut32.dll
2011-08-27 05:37 . 2011-10-13 10:49   331776   ----a-w-   c:\windows\system32\oleacc.dll
2011-08-27 04:26 . 2011-10-13 10:49   571904   ----a-w-   c:\windows\SysWow64\oleaut32.dll
2011-08-27 04:26 . 2011-10-13 10:49   233472   ----a-w-   c:\windows\SysWow64\oleacc.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2011-11-09 20:52   1451336   ----a-w-   c:\program files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\8.0.0.40\AVG Secure Search_toolbar.dll" [2011-11-09 1451336]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PxDotNetLoader"="c:\program files (x86)\Fidelity Investments\Fidelity Active Trader\System\ATPStartupAssistant.exe" [2011-04-25 42392]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-07-29 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HPCam_Menu"="c:\program files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" [2009-02-25 218408]
"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2009-11-24 323640]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-05-13 581480]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"5-Day Forecast"="c:\program files (x86)\5-Day Forecast\5-Day Forecast\5-Day Forecast.exe" [2009-07-29 876544]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2011-09-03 218440]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2011-10-25 2415456]
.
c:\users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2010 Screen Clipper and Launcher.lnk - c:\program files (x86)\Microsoft Office\Office14\ONENOTEM.EXE [2010-12-21 227712]
.
c:\users\RichardNew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Yahoo! Widgets.lnk - c:\program files (x86)\Yahoo!\Widgets\YahooWidgets.exe [2008-3-18 4742184]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableSecureUIAPaths"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"WallpaperStyle"= 2
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\IEBHO.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ      autocheck autochk *\0OODBS\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages   REG_MULTI_SZ      kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"DisableThumbnailCache"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-26 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys

R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys

R3 RtsUIR;Realtek IR Driver;

R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS

R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS

R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys

S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\AVGIDSEH.Sys

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2010-06-29 128752]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-08-02 192776]
S2 CQG.AutoUpgrade.StartUpNTService;CQG AutoUpgrade Service;c:\program files (x86)\CQG\CQG.AutoUpgrade.Service\CQG.AutoUpgrade.StartUpNTService.exe [2010-10-15 28672]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe

S2 OODefragAgent;O&O Defrag;c:\program files\OO Software\Defrag\oodag.exe [2011-01-12 3134792]
S2 vToolbarUpdater;vToolbarUpdater;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe [2011-09-03 246600]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\AVGIDSDriver.Sys

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\AVGIDSFilter.Sys

S3 Com4QLBEx;Com4QLBEx;c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-05-05 228408]
S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys

S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys

.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 19:11   451872   ----a-w-   c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-11-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-26 20:40]
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-26 20:40]
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3991111817-3376255687-3472610027-1004Core.job
- c:\users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-23 11:59]
.
2011-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3991111817-3376255687-3472610027-1004UA.job
- c:\users\Michael\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-23 11:59]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-21 610872]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-01-30 456192]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-30 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-30 387608]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-30 365592]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"OODefragTray"="c:\program files\OO Software\Defrag\oodtray.exe" [2011-01-12 4012360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\progra~2\WI3C8A~1\Datamngr\x64\datamngr.dll c:\progra~2\WI3C8A~1\Datamngr\x64\IEBHO.dll
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.facebook.com/home.php
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cnnb
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll
DPF: {CAC161FD-C2F9-4F0F-95F3-A3D4E5D465CD} - hxxps://www.besttrading.com/webentryd/BCITCP.CAB
DPF: {F2AA5658-00B3-4777-8157-C224B26C282E} - hxxps://www.besttrading.com/webentryd/prBDStockChart.CAB
FF - ProfilePath - c:\users\RichardNew\AppData\Roaming\Mozilla\Firefox\Profiles\gnrq9mw8.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php
FF - prefs.js: network.proxy.type - 0
FF - user.js: network.http.max-connections-per-server - 6
FF - user.js: network.http.max-persistent-connections-per-server - 3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Toolbar-10 - (no file)
Notify-igfxcui - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-YInstHelper - c:\windows\system32\regsvr32
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10p_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10p.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG14.00.00.01PROFESSIONAL"="85B730D632FCE46367CB442E5E82BA975D7A986 5246CE423E6FCD4901783FDCDE47A9CE241B77D 53ADCCDACDC5C34E2EB485996E8E21FEBC9E127 BECC74CFEBC9E127BECC74CFEBC9E127BECC74C FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E1 27BECC74C5D575E7D6A3B98088EDD5E5BE2F6E6 678EDD5E5BE2F6E667FEBC9E127BECC74C67695 681868B8A402B17143E7DF1F6101299B48932B2 28ED506984C79795E8881FFD2FD30EA884A0D30 FE20BBDAEF400FD350BA982631E381DCA91F666 87203E60A6BA422CC4B44779A78830665B9B050 28B33D5A8279CA2EA932DA4BA6814200003B9A9 67ED0F73FA659698D8FC817A24A431257B967AC 58873E93682087A2738886F5D69474E1A1AA021 A294A97FF4515F09A4F75FD171ABED60855545C FFDA57C252201076DE2FD8743A1430D35B8D6EB 48553EBF81286AD72CDE6916D484C97C28321EF 5AF2CB019195CADE5033EEAD2FB29110E2E9F44 5E6D039E848ECD0A77C83BD7F39984A02A460FC 40911B4A36BB6095831BEC218FDC728732D43A1 30325BE069F373B220E5EFE81A5C487CFB648FD 0A1A55DB0298BE1F58E4201FAEA4239B7AD7ACA 2CE6473D0AE35CD62C5240A1519A7C7ABAA12C6 80AB708168A48963F4A29A171200D9EDF8CFE96 300CECD30ACD1959C8680E5C0AF45CD718B2406 CCC9600997CEE1391867A69AE099AF0496D7E94 F3BE735D69FABC0D9EDD8B2C58C60E7DA2C3AB5 998E7D2465DDB88EA9DF08E271997CBE4F5F3D9 FE5F05E0C8C216180F15669E2801BD885B6CE63 CC9A3409F13AAD212DC79AEB90BADEBB1B665A8 0DC659C4C628EAC502153DAC4FE1018846BB9AB 41FE2BEEABCADB3B9B1FC53ECBCD9ED0352E9CB 401B8140720FE82F7E8728F042FB74E4ED38882 E53C8846D59E7A2E60BA65E6BF423547EC37CFA FBD76105CC4866785D7EF45FEE661219EC65451 FE80A5CDB672D5CE212EC4D9788CEC3A15BD552 B57168B09DDA63DC6E5D0F7EF02EF1409DB035F E292C82EA23CBA293F1E23CE5DAB8FA9BCCEA7D AC191ED4315E067652408ADEB3C68E5873E2101 5268EBA157BF5240BDAA02DADB912E2BDEFD0D1 12474910809BFC9089388470EDC933CF3AA1FC7 66D886B42B0EE373451C0568880089C2C744A34 1E743E9561F6BE3FA24B1BC745013029DF056DC 96E1C1E22B2C3AF052017C3F5B63B400BA77F38 36C5AA5E91FB24D373CFEE85EFBF2F7408F0221 03181CA0672EBC3A93B5C5ADD42E380957CD83A 680E6D784231AB9E288275A22EB338F57EFB67B 89EE16E5DCB2C37371F8CEF2B565CAC6B5CFB8B 830DB08492C183010091886287729D1FE292661 07E8E2A2762FA66905A45238A7A6ED2F8843779 EDD715B4ADE13073844A3682D448A921B9CF28D BB2961F5928240AD043CDAED4E16FD3BEAB3F94 C907772E3B7CCDEB2236"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
"MSCurrentCountry"=dword:000000b5
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-11-22  21:25:08
ComboFix-quarantined-files.txt  2011-11-23 02:25
.
Pre-Run: 139,603,308,544 bytes free
Post-Run: 139,842,306,048 bytes free
.
- - End Of File - - 64F8D20913CFB26990AA416F51A1B641

[Malware Removal Specialist]

Please download Rooter and Save it to your desktop.

• Double click it to start the tool.Vista and Windows7 run as administrator.
• Click Scan.
  
• Eventually, a Notepad file containing the report will open, also found at C:\Rooter.txt. Post that log in your next reply.
  

Rooster Log


.
SeDebugPrivilege granted successfully ...
.
Windows 7 Home Edition (6.1.7601) Service Pack 1
[32_bits] - Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
.
[wscsvc] (Security Center) RUNNING (state:4)
[MpsSvc] RUNNING (state:4)
Windows Firewall -> Enabled
Windows Defender -> Enabled
User Account Control (UAC) -> Disabled !
.
Internet Explorer 9.0.8112.16421
Mozilla Firefox 7.0.1 (en-US)
.
C:\  [Fixed-NTFS] .. ( Total:219 Go - Free:122 Go )
D:\  [Fixed-NTFS] .. ( Total:12 Go - Free:2 Go )
E:\  [CD_Rom]
Z:\  [Network] .. ( Total:0 Go - Free:0 Go )
.
Scan : 19:37.03
Path : C:\Users\RichardNew\Desktop\Rooter.exe
User : RichardNew ( Administrator -> YES )
.
----------------------\\ Processes
.
Locked [System Process] (0)
Locked System (4)
______ ? (312)
______ ? (404)
______ ? (440)
______ ? (736)
______ ? (800)
______ ? (812)
______ ? (860)
______ ? (876)
______ ? (888)
______ ? (992)
______ ? (388)
______ ? (724)
______ ? (928)
______ ? (1040)
______ ? (1068)
______ ? (1104)
______ ? (1324)
______ ? (1372)
______ ? (1432)
______ ? (1516)
______ ? (1536)
______ ? (1640)
______ ? (1724)
______ ? (1896)
______ C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (1932)
______ ? (2000)
______ C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (2020)
______ C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe (1064)
______ C:\Program Files (x86)\Bonjour\mDNSResponder.exe (1248)
______ C:\Program Files (x86)\CQG\CQG.AutoUpgrade.Service\CQG.AutoUpgrade.StartUpNTService.exe (1276)
______ ? (1856)
______ ? (1884)
______ ? (1272)
______ ? (1872)
______ C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (2444)
______ C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (2520)
______ ? (2616)
______ C:\Windows\SysWOW64\PnkBstrA.exe (2756)
______ C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (2780)
______ ? (2812)
______ C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe (2876)
______ ? (2952)
______ C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (3000)
______ ? (2152)
______ C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe (2224)
______ ? (3508)
______ ? (3584)
______ ? (3592)
______ ? (3788)
______ ? (3912)
______ ? (1144)
______ ? (1008)
______ ? (3260)
______ ? (2268)
______ ? (2700)
______ ? (2792)
______ C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (3012)
______ ? (1660)
______ ? (2984)
______ ? (3712)
______ C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (1700)
______ C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (4132)
______ C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe (4216)
______ C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\datamngrUI.exe (4260)
______ C:\Program Files (x86)\AVG Secure Search\vprot.exe (4416)
______ C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (4544)
______ C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (4580)
______ C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (4724)
______ C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (4736)
______ C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe (4904)
______ ? (4936)
______ ? (5116)
______ ? (3996)
______ C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (5232)
______ ? (3928)
______ C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe (5720)
______ C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (2648)
______ C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (5644)
______ ? (6076)
______ ? (4636)
______ ? (6476)
______ C:\Windows\SysWOW64\svchost.exe (6532)
______ ? (3836)
______ ? (6488)
______ ? (7060)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (5880)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (3276)
______ C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (4700)
Locked audiodg.exe (2740)
______ ? (7808)
______ C:\Program Files (x86)\Internet Explorer\iexplore.exe (660)
______ ? (7792)
______ ? (7636)
______ ? (2276)
______ C:\Users\RichardNew\Desktop\Rooter.exe (3636)
.
----------------------\\ Device\Harddisk0\
.
\Device\Harddisk0 [Sectors : 63 x 512 Bytes]
.
\Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:1048576 | Length:208666624)
\Device\Harddisk0\Partition2 (Start_Offset:209715200 | Length:236188598272)
\Device\Harddisk0\Partition3 (Start_Offset:236398313472 | Length:13659799552)
.
----------------------\\ Scheduled Tasks
.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3991111817-3376255687-3472610027-1004Core.job
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3991111817-3376255687-3472610027-1004UA.job
C:\Windows\Tasks\SA.DAT
C:\Windows\Tasks\SCHEDLGU.TXT
.
----------------------\\ Registry
.
.
----------------------\\ Files & Folders
.
----------------------\\ Scan completed at 19:37.10
.
C:\Rooter$\Rooter_1.txt - (23/11/2011 | 19:37.10)

[Malware Removal Specialist]

Please tell me how your computer is working now. Any other issues?

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

For some reason it would'nt let me save it to my desktop when I tried to export to a text file, so I copied and pasted.


ESET LOG


C:\Program Files (x86)\FixCleaner\FixCleaner.exe   a variant of Win32/Adware.ErrorRepair application   cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\80000000.@.vir   probably a variant of Win32/Agent.FHYFVGX trojan   cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Windows\assembly\tmp\U\800000c0.@.vir   probably a variant of Win32/Agent.EPSVEIR trojan   cleaned by deleting - quarantined
C:\Users\RichardNew\Desktop\downloads\FixCleaner 2.0.3820.860 Speed Up Your PC Software + Serial Key\FixCleaner 2.0.3820.860 Speed Up Your PC Software + Serial Key.rar   a variant of Win32/Adware.ErrorRepair application   deleted - quarantined
C:\Windows\Installer\a60945c.msi   a variant of Win32/Adware.ErrorRepair application   deleted - quarantined

[Malware Removal Specialist]

How's your computer working now? Any other issues?

  Seems to be OK now.

AS always, many thanks SuperDave 

[Malware Removal Specialist]

You're welcome. Now we can do some cleanup.

To uninstall ComboFix

• Click the Start button. Click Run. For Vista: type in Run in the Start search, and click on Run in the results pane.
  
• In the field, type in ComboFix /uninstall
  

(Note: Make sure there's a space between the word ComboFix and the forward-slash.)

• Then, press Enter, or click OK.
  
• This will uninstall ComboFix, delete its folders and files, hides System files and folders, and resets System Restore.
  

****************************************************
To remove all of the tools we used and the files and folders they created do the following:
Double click OTL.exe.

• Click the CleanUp button.
  
• Select Yes when the "Begin cleanup Process?" prompt appears.
  
• If you are prompted to Reboot during the cleanup, select Yes.
  
• The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.
****************************************************
Clean out your temporary internet files and temp files.

Download TFC by OldTimer to your desktop.

Double-click TFC.exe to run it.

Note: If you are running on Vista, right-click on the file and choose Run As Administrator

TFC will close all programs when run, so make sure you have saved all your work before you begin.

* Click the Start button to begin the cleaning process.
* Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
* Please let TFC run uninterrupted until it is finished.

Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.
******************************************************
Looking over your log it seems you don't have any evidence of a third party firewall.

Firewalls protect against hackers and malicious intruders. You need to download a free firewall from one of these reliable vendors.

Remember only install ONE firewall

1) Comodo Personal Firewall (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" and uncheck any HopSurf and/or Ask.com options if you choose this one)
2) Online Armor
3) Agnitum Outpost
4) PC Tools Firewall Plus

If you are using the built-in Windows XP firewall, it is not recommended as it does not block outgoing connections. This means that any malware on your computer is free to "phone home" for more instructions. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution. Remember to use only one firewall at the same time.
*********************************************************
Go to Microsoft Windows Update and get all critical updates.

----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

SpywareBlaster- Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here

Protect yourself against spyware using the Immunize feature in Spybot - Search & Destroy. Guide: Use Spybot's Immunize Feature to prevent spyware infection in real-time. Note: To ensure you have the latest Immunizations always update Spybot - Search & Destroy before Immunizing. Spybot - Search & Destroy FAQ

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

  Hey SuperDave,

     Do you like SpyBot better than SuperAntiSpyware....? Can I / Should I use both or just one...?

[Malware Removal Specialist]

Do you like SpyBot better than SuperAntiSpyware....? Can I / Should I use both or just one...?

Just about everyone has an opinion about which is better. I use both on my computer because my version of SAS not a full-time scanner.

  Thanks SuperDave  SpyBot found a number of items that SuperAntiSpyware didn't. So I will use both too.

[Malware Removal Specialist]

You're welcome. I will lock this thread. If you need it re-opened, please send me a pm.

[Malware Removal Specialist]

Let's run a few more scans to see what turns up.

Please download aswMBR.exe ( 511KB ) to your desktop.

Double click the aswMBR.exe to run it



Click the "Scan" button to start scan

Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Often there are false positives



On completion of the scan click save log, save it to your desktop and post in your next reply

aswMBR Scan results

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-12-07 15:56:50
-----------------------------
15:56:50.413    OS Version: Windows x64 6.1.7601 Service Pack 1
15:56:50.413    Number of processors: 2 586 0x170A
15:56:50.413    ComputerName: RICHARDNEW-PC  UserName: RichardNew
15:56:51.817    Initialize success
15:56:55.904    AVAST engine defs: 11120701
15:57:02.893    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:57:02.893    Disk 0 Vendor: TOSHIBA_ FG00 Size: 238475MB BusType: 3
15:57:02.940    Disk 0 MBR read successfully
15:57:02.940    Disk 0 MBR scan
15:57:02.940    Disk 0 unknown MBR code
15:57:02.956    Service scanning
15:57:04.266    Modules scanning
15:57:04.266    Disk 0 trace - called modules:
15:57:04.328    ntoskrnl.exe CLASSPNP.SYS disk.sys hpdskflt.sys iaStor.sys hal.dll
15:57:04.328    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057e0790]
15:57:04.344    3 CLASSPNP.SYS[fffff880010c743f] -> nt!IofCallDriver -> [0xfffffa80057e0040]
15:57:04.344    5 hpdskflt.sys[fffff88002565289] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80047c7050]
15:57:05.561    AVAST engine scan C:\Windows
15:57:09.851    AVAST engine scan C:\Windows\system32
15:59:17.989    AVAST engine scan C:\Windows\system32\drivers
15:59:31.203    AVAST engine scan C:\Users\RichardNew
16:03:25.000    AVAST engine scan C:\ProgramData
17:24:51.334    Scan finished successfully
18:09:19.875    Disk 0 MBR has been saved successfully to "C:\Users\RichardNew\Desktop\MBR.dat"
18:09:19.891    The log file has been saved successfully to "C:\Users\RichardNew\Desktop\aswMBR.txt"

[Malware Removal Specialist]

• Download TDSSKiller and save it to your Desktop.
  
• Extract its contents to your desktop.
• Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  
• If an infected file is detected, the default action will be Cure, click on Continue.
  
• If a suspicious file is detected, the default action will be Skip, click on Continue.
  
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  
• Click the Report button and copy/paste the contents of it into your next reply
  

Note:It will also create a log in the C:\ directory..

TDSS Scan Results


19:26:55.0086 4576   TDSS rootkit removing tool 2.6.22.0 Dec  7 2011 13:21:06
19:26:55.0258 4576   ============================================================
19:26:55.0258 4576   Current date / time: 2011/12/07 19:26:55.0258
19:26:55.0258 4576   SystemInfo:
19:26:55.0258 4576   
19:26:55.0258 4576   OS Version: 6.1.7601 ServicePack: 1.0
19:26:55.0258 4576   Product type: Workstation
19:26:55.0258 4576   ComputerName: RICHARDNEW-PC
19:26:55.0258 4576   UserName: RichardNew
19:26:55.0258 4576   Windows directory: C:\Windows
19:26:55.0258 4576   System windows directory: C:\Windows
19:26:55.0258 4576   Running under WOW64
19:26:55.0258 4576   Processor architecture: Intel x64
19:26:55.0258 4576   Number of processors: 2
19:26:55.0258 4576   Page size: 0x1000
19:26:55.0258 4576   Boot type: Normal boot
19:26:55.0258 4576   ============================================================
19:26:55.0882 4576   Initialize success
19:27:19.0812 5728   ============================================================
19:27:19.0812 5728   Scan started
19:27:19.0812 5728   Mode: Manual;
19:27:19.0812 5728   ============================================================
19:27:21.0107 5728   1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:27:21.0107 5728   1394ohci - ok
19:27:21.0201 5728   Accelerometer   (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
19:27:21.0201 5728   Accelerometer - ok
19:27:21.0294 5728   ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:27:21.0294 5728   ACPI - ok
19:27:21.0388 5728   AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:27:21.0388 5728   AcpiPmi - ok
19:27:21.0622 5728   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:27:21.0622 5728   adp94xx - ok
19:27:21.0715 5728   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:27:21.0715 5728   adpahci - ok
19:27:21.0793 5728   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:27:21.0793 5728   adpu320 - ok
19:27:21.0934 5728   AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:27:21.0934 5728   AFD - ok
19:27:22.0074 5728   AgereSoftModem  (af4748ef93416159459769a24a0053af) C:\Windows\system32\DRIVERS\agrsm64.sys
19:27:22.0090 5728   AgereSoftModem - ok
19:27:22.0168 5728   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:27:22.0168 5728   agp440 - ok
19:27:22.0293 5728   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:27:22.0293 5728   aliide - ok
19:27:22.0386 5728   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:27:22.0386 5728   amdide - ok
19:27:22.0480 5728   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:27:22.0480 5728   AmdK8 - ok
19:27:22.0558 5728   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:27:22.0558 5728   AmdPPM - ok
19:27:22.0636 5728   amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:27:22.0651 5728   amdsata - ok
19:27:22.0683 5728   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:27:22.0683 5728   amdsbs - ok
19:27:22.0729 5728   amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:27:22.0729 5728   amdxata - ok
19:27:22.0823 5728   AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:27:22.0823 5728   AppID - ok
19:27:22.0963 5728   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:27:22.0979 5728   arc - ok
19:27:23.0057 5728   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:27:23.0057 5728   arcsas - ok
19:27:23.0197 5728   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:27:23.0197 5728   AsyncMac - ok
19:27:23.0244 5728   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:27:23.0244 5728   atapi - ok
19:27:23.0463 5728   atikmdag        (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
19:27:23.0572 5728   atikmdag - ok
19:27:23.0697 5728   AVGIDSEH        (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
19:27:23.0697 5728   AVGIDSEH - ok
19:27:23.0806 5728   Avgtdia         (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
19:27:23.0806 5728   Avgtdia - ok
19:27:23.0962 5728   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:27:23.0962 5728   b06bdrv - ok
19:27:24.0071 5728   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:27:24.0087 5728   b57nd60a - ok
19:27:24.0258 5728   BCM43XX         (0e14a0071fe26a570bcaff5401014717) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:27:24.0321 5728   BCM43XX - ok
19:27:24.0414 5728   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:27:24.0414 5728   Beep - ok
19:27:24.0523 5728   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:27:24.0523 5728   blbdrive - ok
19:27:24.0617 5728   bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:27:24.0633 5728   bowser - ok
19:27:24.0664 5728   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:27:24.0664 5728   BrFiltLo - ok
19:27:24.0726 5728   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:27:24.0726 5728   BrFiltUp - ok
19:27:24.0820 5728   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:27:24.0820 5728   Brserid - ok
19:27:24.0898 5728   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:27:24.0898 5728   BrSerWdm - ok
19:27:24.0976 5728   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:27:24.0976 5728   BrUsbMdm - ok
19:27:24.0991 5728   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:27:24.0991 5728   BrUsbSer - ok
19:27:25.0085 5728   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:27:25.0085 5728   BTHMODEM - ok
19:27:25.0210 5728   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:27:25.0210 5728   cdfs - ok
19:27:25.0303 5728   cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:27:25.0303 5728   cdrom - ok
19:27:25.0397 5728   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:27:25.0397 5728   circlass - ok
19:27:25.0444 5728   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:27:25.0444 5728   CLFS - ok
19:27:25.0569 5728   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:27:25.0569 5728   CmBatt - ok
19:27:25.0631 5728   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:27:25.0631 5728   cmdide - ok
19:27:25.0662 5728   CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:27:25.0662 5728   CNG - ok
19:27:25.0818 5728   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:27:25.0818 5728   Compbatt - ok
19:27:25.0912 5728   CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:27:25.0927 5728   CompositeBus - ok
19:27:26.0021 5728   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:27:26.0021 5728   crcdisk - ok
19:27:26.0161 5728   DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:27:26.0161 5728   DfsC - ok
19:27:26.0239 5728   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:27:26.0239 5728   discache - ok
19:27:26.0302 5728   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:27:26.0302 5728   Disk - ok
19:27:26.0411 5728   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:27:26.0411 5728   drmkaud - ok
19:27:26.0520 5728   DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:27:26.0536 5728   DXGKrnl - ok
19:27:26.0692 5728   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:27:26.0754 5728   ebdrv - ok
19:27:26.0879 5728   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:27:26.0879 5728   elxstor - ok
19:27:26.0973 5728   enecir          (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
19:27:26.0973 5728   enecir - ok
19:27:27.0004 5728   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:27:27.0004 5728   ErrDev - ok
19:27:27.0113 5728   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:27:27.0113 5728   exfat - ok
19:27:27.0191 5728   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:27:27.0207 5728   fastfat - ok
19:27:27.0316 5728   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:27:27.0316 5728   fdc - ok
19:27:27.0394 5728   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:27:27.0394 5728   FileInfo - ok
19:27:27.0409 5728   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:27:27.0409 5728   Filetrace - ok
19:27:27.0519 5728   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:27:27.0519 5728   flpydisk - ok
19:27:27.0612 5728   FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:27:27.0612 5728   FltMgr - ok
19:27:27.0721 5728   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:27:27.0737 5728   FsDepends - ok
19:27:27.0768 5728   Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:27:27.0784 5728   Fs_Rec - ok
19:27:27.0862 5728   fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:27:27.0862 5728   fvevol - ok
19:27:27.0955 5728   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:27:27.0955 5728   gagp30kx - ok
19:27:28.0049 5728   GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:27:28.0049 5728   GEARAspiWDM - ok
19:27:28.0174 5728   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:27:28.0174 5728   hcw85cir - ok
19:27:28.0283 5728   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:27:28.0283 5728   HdAudAddService - ok
19:27:28.0377 5728   HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:27:28.0392 5728   HDAudBus - ok
19:27:28.0408 5728   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:27:28.0408 5728   HidBatt - ok
19:27:28.0486 5728   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:27:28.0501 5728   HidBth - ok
19:27:28.0595 5728   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:27:28.0595 5728   HidIr - ok
19:27:28.0673 5728   HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:27:28.0673 5728   HidUsb - ok
19:27:28.0782 5728   hpdskflt        (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
19:27:28.0782 5728   hpdskflt - ok
19:27:28.0876 5728   HpqKbFiltr      (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19:27:28.0876 5728   HpqKbFiltr - ok
19:27:29.0001 5728   HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:27:29.0001 5728   HpSAMD - ok
19:27:29.0125 5728   HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:27:29.0141 5728   HTTP - ok
19:27:29.0203 5728   hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:27:29.0219 5728   hwpolicy - ok
19:27:29.0328 5728   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:27:29.0328 5728   i8042prt - ok
19:27:29.0437 5728   iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
19:27:29.0437 5728   iaStor - ok
19:27:29.0547 5728   iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:27:29.0547 5728   iaStorV - ok
19:27:29.0827 5728   igfx            (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:27:29.0999 5728   igfx - ok
19:27:30.0077 5728   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:27:30.0077 5728   iirsp - ok
19:27:30.0186 5728   IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
19:27:30.0186 5728   IntcHdmiAddService - ok
19:27:30.0249 5728   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:27:30.0249 5728   intelide - ok
19:27:30.0311 5728   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:27:30.0327 5728   intelppm - ok
19:27:30.0358 5728   IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:27:30.0358 5728   IpFilterDriver - ok
19:27:30.0451 5728   IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:27:30.0451 5728   IPMIDRV - ok
19:27:30.0498 5728   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:27:30.0498 5728   IPNAT - ok
19:27:30.0592 5728   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:27:30.0592 5728   IRENUM - ok
19:27:30.0654 5728   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:27:30.0654 5728   isapnp - ok
19:27:30.0701 5728   iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:27:30.0701 5728   iScsiPrt - ok
19:27:30.0795 5728   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:27:30.0795 5728   kbdclass - ok
19:27:30.0873 5728   kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:27:30.0873 5728   kbdhid - ok
19:27:30.0966 5728   KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:27:30.0966 5728   KSecDD - ok
19:27:31.0013 5728   KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:27:31.0013 5728   KSecPkg - ok
19:27:31.0091 5728   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:27:31.0091 5728   ksthunk - ok
19:27:31.0231 5728   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:27:31.0231 5728   lltdio - ok
19:27:31.0325 5728   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:27:31.0325 5728   LSI_FC - ok
19:27:31.0403 5728   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:27:31.0419 5728   LSI_SAS - ok
19:27:31.0497 5728   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:27:31.0497 5728   LSI_SAS2 - ok
19:27:31.0590 5728   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:27:31.0590 5728   LSI_SCSI - ok
19:27:31.0699 5728   luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:27:31.0699 5728   luafv - ok
19:27:31.0793 5728   megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
19:27:31.0793 5728   megasas - ok
19:27:31.0824 5728   MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
19:27:31.0824 5728   MegaSR - ok
19:27:31.0918 5728   Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:27:31.0933 5728   Modem - ok
19:27:31.0996 5728   monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:27:31.0996 5728   monitor - ok
19:27:32.0089 5728   mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:27:32.0089 5728   mouclass - ok
19:27:32.0199 5728   mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
19:27:32.0199 5728   mouhid - ok
19:27:32.0261 5728   mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:27:32.0261 5728   mountmgr - ok
19:27:32.0355 5728   mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:27:32.0355 5728   mpio - ok
19:27:32.0433 5728   mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:27:32.0433 5728   mpsdrv - ok
19:27:32.0511 5728   MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:27:32.0526 5728   MRxDAV - ok
19:27:32.0604 5728   mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:27:32.0604 5728   mrxsmb - ok
19:27:32.0682 5728   mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:27:32.0682 5728   mrxsmb10 - ok
19:27:32.0760 5728   mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:27:32.0760 5728   mrxsmb20 - ok
19:27:32.0823 5728   msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:27:32.0823 5728   msahci - ok
19:27:32.0901 5728   msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:27:32.0901 5728   msdsm - ok
19:27:32.0979 5728   Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:27:32.0979 5728   Msfs - ok
19:27:33.0010 5728   mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:27:33.0010 5728   mshidkmdf - ok
19:27:33.0088 5728   msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:27:33.0088 5728   msisadrv - ok
19:27:33.0181 5728   MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:27:33.0181 5728   MSKSSRV - ok
19:27:33.0259 5728   MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:27:33.0259 5728   MSPCLOCK - ok
19:27:33.0306 5728   MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:27:33.0306 5728   MSPQM - ok
19:27:33.0384 5728   MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:27:33.0384 5728   MsRPC - ok
19:27:33.0462 5728   mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:27:33.0462 5728   mssmbios - ok
19:27:33.0525 5728   MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:27:33.0525 5728   MSTEE - ok
19:27:33.0556 5728   MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
19:27:33.0556 5728   MTConfig - ok
19:27:33.0649 5728   Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:27:33.0649 5728   Mup - ok
19:27:33.0790 5728   NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:27:33.0790 5728   NativeWifiP - ok
19:27:33.0899 5728   NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:27:33.0915 5728   NDIS - ok
19:27:33.0993 5728   NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:27:33.0993 5728   NdisCap - ok
19:27:34.0071 5728   NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:27:34.0071 5728   NdisTapi - ok
19:27:34.0180 5728   Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:27:34.0180 5728   Ndisuio - ok
19:27:34.0242 5728   NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:27:34.0242 5728   NdisWan - ok
19:27:34.0273 5728   NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:27:34.0273 5728   NDProxy - ok
19:27:34.0367 5728   NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:27:34.0367 5728   NetBIOS - ok
19:27:34.0398 5728   NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:27:34.0414 5728   NetBT - ok
19:27:34.0695 5728   netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
19:27:34.0819 5728   netw5v64 - ok
19:27:34.0882 5728   nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
19:27:34.0882 5728   nfrd960 - ok
19:27:34.0960 5728   Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:27:34.0960 5728   Npfs - ok
19:27:34.0975 5728   nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:27:34.0975 5728   nsiproxy - ok
19:27:35.0085 5728   Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:27:35.0116 5728   Ntfs - ok
19:27:35.0209 5728   Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:27:35.0209 5728   Null - ok
19:27:35.0303 5728   nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:27:35.0319 5728   nvraid - ok
19:27:35.0397 5728   nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:27:35.0397 5728   nvstor - ok
19:27:35.0428 5728   nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:27:35.0428 5728   nv_agp - ok
19:27:35.0506 5728   ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:27:35.0506 5728   ohci1394 - ok
19:27:35.0646 5728   Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
19:27:35.0646 5728   Parport - ok
19:27:35.0677 5728   partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:27:35.0677 5728   partmgr - ok
19:27:35.0724 5728   pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:27:35.0724 5728   pci - ok
19:27:35.0755 5728   pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:27:35.0755 5728   pciide - ok
19:27:35.0802 5728   pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
19:27:35.0818 5728   pcmcia - ok
19:27:35.0896 5728   pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:27:35.0896 5728   pcw - ok
19:27:35.0974 5728   PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:27:35.0989 5728   PEAUTH - ok
19:27:36.0099 5728   pgfilter - ok
19:27:36.0255 5728   PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:27:36.0255 5728   PptpMiniport - ok
19:27:36.0333 5728   Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
19:27:36.0333 5728   Processor - ok
19:27:36.0442 5728   Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:27:36.0442 5728   Psched - ok
19:27:36.0535 5728   ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
19:27:36.0551 5728   ql2300 - ok
19:27:36.0645 5728   ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
19:27:36.0645 5728   ql40xx - ok
19:27:36.0723 5728   QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:27:36.0723 5728   QWAVEdrv - ok
19:27:36.0785 5728   RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:27:36.0785 5728   RasAcd - ok
19:27:36.0879 5728   RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:27:36.0879 5728   RasAgileVpn - ok
19:27:36.0972 5728   Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:27:36.0972 5728   Rasl2tp - ok
19:27:37.0035 5728   RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:27:37.0035 5728   RasPppoe - ok
19:27:37.0128 5728   RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:27:37.0128 5728   RasSstp - ok
19:27:37.0191 5728   rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:27:37.0206 5728   rdbss - ok
19:27:37.0284 5728   rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
19:27:37.0284 5728   rdpbus - ok
19:27:37.0378 5728   RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:27:37.0378 5728   RDPCDD - ok
19:27:37.0456 5728   RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:27:37.0456 5728   RDPENCDD - ok
19:27:37.0549 5728   RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:27:37.0549 5728   RDPREFMP - ok
19:27:37.0627 5728   RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
19:27:37.0627 5728   RDPWD - ok
19:27:37.0737 5728   rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:27:37.0737 5728   rdyboost - ok
19:27:37.0815 5728   RimUsb - ok
19:27:37.0893 5728   RimVSerPort     (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
19:27:37.0893 5728   RimVSerPort - ok
19:27:37.0986 5728   ROOTMODEM       (388d3dd1a6457280f3badba9f3acd6b1) C:\Windows\system32\Drivers\RootMdm.sys
19:27:37.0986 5728   ROOTMODEM - ok
19:27:38.0095 5728   rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:27:38.0095 5728   rspndr - ok
19:27:38.0220 5728   RSUSBSTOR       (a5df2f732a6c95554e548fcb6932bd31) C:\Windows\system32\Drivers\RtsUStor.sys
19:27:38.0236 5728   RSUSBSTOR - ok
19:27:38.0329 5728   RTL8167         (91296f0b2653281b2f11e0fce56aa427) C:\Windows\system32\DRIVERS\Rt64win7.sys
19:27:38.0329 5728   RTL8167 - ok
19:27:38.0407 5728   RtsUIR - ok
19:27:38.0454 5728   SASDIFSV        (99df79c258b3342b6c8a5f802998de56) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
19:27:38.0470 5728   SASDIFSV - ok
19:27:38.0470 5728   SASKUTIL        (2859c35c0651e8eb0d86d48e740388f2) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
19:27:38.0470 5728   SASKUTIL - ok
19:27:38.0548 5728   sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:27:38.0548 5728   sbp2port - ok
19:27:38.0673 5728   scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:27:38.0673 5728   scfilter - ok
19:27:38.0766 5728   sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
19:27:38.0766 5728   sdbus - ok
19:27:38.0844 5728   secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:27:38.0844 5728   secdrv - ok
19:27:38.0953 5728   Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
19:27:38.0953 5728   Serenum - ok
19:27:38.0985 5728   Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
19:27:38.0985 5728   Serial - ok
19:27:39.0063 5728   sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
19:27:39.0078 5728   sermouse - ok
19:27:39.0156 5728   sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:27:39.0156 5728   sffdisk - ok
19:27:39.0219 5728   sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:27:39.0234 5728   sffp_mmc - ok
19:27:39.0234 5728   sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:27:39.0234 5728   sffp_sd - ok
19:27:39.0343 5728   sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
19:27:39.0343 5728   sfloppy - ok
19:27:39.0421 5728   SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:27:39.0421 5728   SiSRaid2 - ok
19:27:39.0437 5728   SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
19:27:39.0437 5728   SiSRaid4 - ok
19:27:39.0531 5728   Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:27:39.0531 5728   Smb - ok
19:27:39.0624 5728   spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:27:39.0624 5728   spldr - ok
19:27:39.0671 5728   srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:27:39.0671 5728   srv - ok
19:27:39.0749 5728   srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:27:39.0749 5728   srv2 - ok
19:27:39.0843 5728   SrvHsfHDA       (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
19:27:39.0843 5728   SrvHsfHDA - ok
19:27:39.0952 5728   SrvHsfV92       (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
19:27:39.0983 5728   SrvHsfV92 - ok
19:27:40.0077 5728   SrvHsfWinac     (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
19:27:40.0092 5728   SrvHsfWinac - ok
19:27:40.0170 5728   srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:27:40.0170 5728   srvnet - ok
19:27:40.0295 5728   stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
19:27:40.0295 5728   stexstor - ok
19:27:40.0404 5728   STHDA           (8d1ce4322a35f840711b87927cb57c05) C:\Windows\system32\DRIVERS\stwrt64.sys
19:27:40.0420 5728   STHDA - ok
19:27:40.0513 5728   StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
19:27:40.0513 5728   StillCam - ok
19:27:40.0560 5728   swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:27:40.0560 5728   swenum - ok
19:27:40.0685 5728   SynTP           (924d711941956f7420a4925592be8253) C:\Windows\system32\DRIVERS\SynTP.sys
19:27:40.0685 5728   SynTP - ok
19:27:40.0841 5728   Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:27:40.0872 5728   Tcpip - ok
19:27:40.0997 5728   TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:27:41.0013 5728   TCPIP6 - ok
19:27:41.0091 5728   tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:27:41.0091 5728   tcpipreg - ok
19:27:41.0137 5728   TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:27:41.0137 5728   TDPIPE - ok
19:27:41.0184 5728   TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
19:27:41.0184 5728   TDTCP - ok
19:27:41.0278 5728   tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:27:41.0278 5728   tdx - ok
19:27:41.0325 5728   TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:27:41.0325 5728   TermDD - ok
19:27:41.0418 5728   tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:27:41.0434 5728   tssecsrv - ok
19:27:41.0527 5728   TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:27:41.0527 5728   TsUsbFlt - ok
19:27:41.0637 5728   tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:27:41.0637 5728   tunnel - ok
19:27:41.0699 5728   uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
19:27:41.0715 5728   uagp35 - ok
19:27:41.0777 5728   udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:27:41.0793 5728   udfs - ok
19:27:41.0839 5728   uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:27:41.0839 5728   uliagpkx - ok
19:27:41.0949 5728   umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
19:27:41.0949 5728   umbus - ok
19:27:42.0027 5728   UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
19:27:42.0027 5728   UmPass - ok
19:27:42.0058 5728   USBAAPL64       (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
19:27:42.0058 5728   USBAAPL64 - ok
19:27:42.0151 5728   usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:27:42.0151 5728   usbccgp - ok
19:27:42.0229 5728   USBCCID - ok
19:27:42.0307 5728   usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:27:42.0307 5728   usbcir - ok
19:27:42.0401 5728   usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
19:27:42.0401 5728   usbehci - ok
19:27:42.0479 5728   usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:27:42.0479 5728   usbhub - ok
19:27:42.0573 5728   usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
19:27:42.0573 5728   usbohci - ok
19:27:42.0651 5728   usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:27:42.0651 5728   usbprint - ok
19:27:42.0682 5728   USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:27:42.0682 5728   USBSTOR - ok
19:27:42.0760 5728   usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
19:27:42.0760 5728   usbuhci - ok
19:27:42.0869 5728   usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
19:27:42.0869 5728   usbvideo - ok
19:27:42.0978 5728   vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:27:42.0978 5728   vdrvroot - ok
19:27:43.0072 5728   vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:27:43.0072 5728   vga - ok
19:27:43.0087 5728   VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:27:43.0087 5728   VgaSave - ok
19:27:43.0165 5728   vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:27:43.0181 5728   vhdmp - ok
19:27:43.0243 5728   viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:27:43.0243 5728   viaide - ok
19:27:43.0290 5728   volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:27:43.0290 5728   volmgr - ok
19:27:43.0337 5728   volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:27:43.0337 5728   volmgrx - ok
19:27:43.0446 5728   volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:27:43.0446 5728   volsnap - ok
19:27:43.0524 5728   vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
19:27:43.0524 5728   vsmraid - ok
19:27:43.0587 5728   vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:27:43.0587 5728   vwifibus - ok
19:27:43.0711 5728   vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:27:43.0711 5728   vwififlt - ok
19:27:43.0805 5728   WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
19:27:43.0805 5728   WacomPen - ok
19:27:43.0930 5728   WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:27:43.0930 5728   WANARP - ok
19:27:43.0945 5728   Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:27:43.0945 5728   Wanarpv6 - ok
19:27:44.0055 5728   Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
19:27:44.0055 5728   Wd - ok
19:27:44.0133 5728   Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:27:44.0148 5728   Wdf01000 - ok
19:27:44.0226 5728   WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:27:44.0226 5728   WfpLwf - ok
19:27:44.0257 5728   WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:27:44.0257 5728   WIMMount - ok
19:27:44.0413 5728   WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:27:44.0413 5728   WinUsb - ok
19:27:44.0523 5728   WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:27:44.0523 5728   WmiAcpi - ok
19:27:44.0632 5728   ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:27:44.0632 5728   ws2ifsl - ok
19:27:44.0741 5728   WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:27:44.0741 5728   WudfPf - ok
19:27:44.0803 5728   WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:27:44.0803 5728   WUDFRd - ok
19:27:44.0913 5728   yukonw7         (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
19:27:44.0928 5728   yukonw7 - ok
19:27:44.0959 5728   MBR (0x1B8)     (8ca37966eb3c750d08ac01dcd8dda115) \Device\Harddisk0\DR0
19:27:44.0959 5728   \Device\Harddisk0\DR0 - ok
19:27:44.0959 5728   Boot (0x1200)   (04dfb600a5d3c97f2dfd11dd84c1c8ac) \Device\Harddisk0\DR0\Partition0
19:27:44.0959 5728   \Device\Harddisk0\DR0\Partition0 - ok
19:27:44.0975 5728   Boot (0x1200)   (5ec31804363fa57ade9e699acbdfa4fc) \Device\Harddisk0\DR0\Partition1
19:27:44.0975 5728   \Device\Harddisk0\DR0\Partition1 - ok
19:27:45.0006 5728   Boot (0x1200)   (3c5b591e42ef80d39e7681c659ee5aa9) \Device\Harddisk0\DR0\Partition2
19:27:45.0006 5728   \Device\Harddisk0\DR0\Partition2 - ok
19:27:45.0006 5728   ============================================================
19:27:45.0006 5728   Scan finished
19:27:45.0006 5728   ============================================================
19:27:45.0037 5848   Detected object count: 0
19:27:45.0037 5848   Actual detected object count: 0
19:28:43.0272 4952   ============================================================
19:28:43.0272 4952   Scan started
19:28:43.0272 4952   Mode: Manual;
19:28:43.0272 4952   ============================================================
19:28:44.0208 4952   1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:28:44.0208 4952   1394ohci - ok
19:28:44.0271 4952   Accelerometer   (1cffe9c06e66a57dae1452e449a58240) C:\Windows\system32\DRIVERS\Accelerometer.sys
19:28:44.0271 4952   Accelerometer - ok
19:28:44.0349 4952   ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:28:44.0364 4952   ACPI - ok
19:28:44.0442 4952   AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:28:44.0442 4952   AcpiPmi - ok
19:28:44.0489 4952   adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
19:28:44.0505 4952   adp94xx - ok
19:28:44.0583 4952   adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
19:28:44.0583 4952   adpahci - ok
19:28:44.0661 4952   adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
19:28:44.0676 4952   adpu320 - ok
19:28:44.0723 4952   AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
19:28:44.0723 4952   AFD - ok
19:28:44.0848 4952   AgereSoftModem  (af4748ef93416159459769a24a0053af) C:\Windows\system32\DRIVERS\agrsm64.sys
19:28:44.0863 4952   AgereSoftModem - ok
19:28:44.0941 4952   agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:28:44.0941 4952   agp440 - ok
19:28:45.0035 4952   aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:28:45.0035 4952   aliide - ok
19:28:45.0097 4952   amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:28:45.0097 4952   amdide - ok
19:28:45.0129 4952   AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
19:28:45.0129 4952   AmdK8 - ok
19:28:45.0207 4952   AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
19:28:45.0207 4952   AmdPPM - ok
19:28:45.0269 4952   amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:28:45.0269 4952   amdsata - ok
19:28:45.0300 4952   amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
19:28:45.0300 4952   amdsbs - ok
19:28:45.0378 4952   amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:28:45.0378 4952   amdxata - ok
19:28:45.0409 4952   AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:28:45.0409 4952   AppID - ok
19:28:45.0503 4952   arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
19:28:45.0503 4952   arc - ok
19:28:45.0534 4952   arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
19:28:45.0534 4952   arcsas - ok
19:28:45.0581 4952   AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:28:45.0581 4952   AsyncMac - ok
19:28:45.0612 4952   atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:28:45.0628 4952   atapi - ok
19:28:45.0815 4952   atikmdag        (3efd964d52221360af0673cd61c2f4f5) C:\Windows\system32\drivers\atikmdag.sys
19:28:45.0862 4952   atikmdag - ok
19:28:46.0018 4952   AVGIDSEH        (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
19:28:46.0018 4952   AVGIDSEH - ok
19:28:46.0065 4952   Avgtdia         (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
19:28:46.0065 4952   Avgtdia - ok
19:28:46.0143 4952   b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
19:28:46.0143 4952   b06bdrv - ok
19:28:46.0221 4952   b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:28:46.0221 4952   b57nd60a - ok
19:28:46.0377 4952   BCM43XX         (0e14a0071fe26a570bcaff5401014717) C:\Windows\system32\DRIVERS\bcmwl664.sys
19:28:46.0408 4952   BCM43XX - ok
19:28:46.0486 4952   Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:28:46.0486 4952   Beep - ok
19:28:46.0517 4952   blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
19:28:46.0517 4952   blbdrive - ok
19:28:46.0611 4952   bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:28:46.0611 4952   bowser - ok
19:28:46.0642 4952   BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:28:46.0642 4952   BrFiltLo - ok
19:28:46.0735 4952   BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:28:46.0735 4952   BrFiltUp - ok
19:28:46.0829 4952   Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:28:46.0829 4952   Brserid - ok
19:28:46.0907 4952   BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:28:46.0907 4952   BrSerWdm - ok
19:28:46.0923 4952   BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:28:46.0923 4952   BrUsbMdm - ok
19:28:47.0001 4952   BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:28:47.0001 4952   BrUsbSer - ok
19:28:47.0032 4952   BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:28:47.0032 4952   BTHMODEM - ok
19:28:47.0125 4952   cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:28:47.0125 4952   cdfs - ok
19:28:47.0219 4952   cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:28:47.0219 4952   cdrom - ok
19:28:47.0297 4952   circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
19:28:47.0297 4952   circlass - ok
19:28:47.0375 4952   CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:28:47.0375 4952   CLFS - ok
19:28:47.0469 4952   CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
19:28:47.0469 4952   CmBatt - ok
19:28:47.0531 4952   cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:28:47.0531 4952   cmdide - ok
19:28:47.0578 4952   CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
19:28:47.0578 4952   CNG - ok
19:28:47.0656 4952   Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
19:28:47.0656 4952   Compbatt - ok
19:28:47.0749 4952   CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:28:47.0749 4952   CompositeBus - ok
19:28:47.0827 4952   crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
19:28:47.0827 4952   crcdisk - ok
19:28:47.0937 4952   DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:28:47.0937 4952   DfsC - ok
19:28:48.0030 4952   discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:28:48.0030 4952   discache - ok
19:28:48.0061 4952   Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
19:28:48.0061 4952   Disk - ok
19:28:48.0155 4952   drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:28:48.0155 4952   drmkaud - ok
19:28:48.0249 4952   DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:28:48.0264 4952   DXGKrnl - ok
19:28:48.0420 4952   ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
19:28:48.0451 4952   ebdrv - ok
19:28:48.0561 4952   elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
19:28:48.0561 4952   elxstor - ok
19:28:48.0639 4952   enecir          (524c79054636d2e5751169005006460b) C:\Windows\system32\DRIVERS\enecir.sys
19:28:48.0639 4952   enecir - ok
19:28:48.0685 4952   ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:28:48.0685 4952   ErrDev - ok
19:28:48.0779 4952   exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:28:48.0795 4952   exfat - ok
19:28:48.0873 4952   fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:28:48.0873 4952   fastfat - ok
19:28:48.0951 4952   fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
19:28:48.0951 4952   fdc - ok
19:28:49.0044 4952   FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:28:49.0044 4952   FileInfo - ok
19:28:49.0091 4952   Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:28:49.0091 4952   Filetrace - ok
19:28:49.0138 4952   flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
19:28:49.0138 4952   flpydisk - ok
19:28:49.0216 4952   FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:28:49.0216 4952   FltMgr - ok
19:28:49.0294 4952   FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:28:49.0294 4952   FsDepends - ok
19:28:49.0325 4952   Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
19:28:49.0325 4952   Fs_Rec - ok
19:28:49.0419 4952   fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:28:49.0419 4952   fvevol - ok
19:28:49.0497 4952   gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
19:28:49.0497 4952   gagp30kx - ok
19:28:49.0575 4952   GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:28:49.0575 4952   GEARAspiWDM - ok
19:28:49.0637 4952   hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:28:49.0637 4952   hcw85cir - ok
19:28:49.0731 4952   HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:28:49.0731 4952   HdAudAddService - ok
19:28:49.0793 4952   HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:28:49.0793 4952   HDAudBus - ok
19:28:49.0871 4952   HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
19:28:49.0871 4952   HidBatt - ok
19:28:49.0902 4952   HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
19:28:49.0902 4952   HidBth - ok
19:28:49.0980 4952   HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
19:28:49.0980 4952   HidIr - ok
19:28:50.0012 4952   HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
19:28:50.0012 4952   HidUsb - ok
19:28:50.0090 4952   hpdskflt        (05712fddbd45a5864eb326faabc6a4e3) C:\Windows\system32\DRIVERS\hpdskflt.sys
19:28:50.0090 4952   hpdskflt - ok
19:28:50.0152 4952   HpqKbFiltr      (9af482d058be59cc28bce52e7c4b747c) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
19:28:50.0168 4952   HpqKbFiltr - ok
19:28:50.0199 4952   HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:28:50.0199 4952   HpSAMD - ok
19:28:50.0324 4952   HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:28:50.0324 4952   HTTP - ok
19:28:50.0402 4952   hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:28:50.0402 4952   hwpolicy - ok
19:28:50.0433 4952   i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:28:50.0433 4952   i8042prt - ok
19:28:50.0542 4952   iaStor          (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
19:28:50.0542 4952   iaStor - ok
19:28:50.0636 4952   iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:28:50.0651 4952   iaStorV - ok
19:28:50.0916 4952   igfx            (3c3f27002abc69c5afe29cbe6cf7addf) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:28:50.0979 4952   igfx - ok
19:28:51.0150 4952   iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
19:28:51.0150 4952   iirsp - ok
19:28:51.0244 4952   IntcHdmiAddService (88a20fa54c73ded4e8dac764e9130ae9) C:\Windows\system32\drivers\IntcHdmi.sys
19:28:51.0244 4952   IntcHdmiAddService - ok
19:28:51.0306 4952   intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:28:51.0306 4952   intelide - ok
19:28:51.0338 4952   intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:28:51.0338 4952   intelppm - ok
19:28:51.0431 4952   IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:28:51.0431 4952   IpFilterDriver - ok
19:28:51.0462 4952   IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:28:51.0462 4952   IPMIDRV - ok
19:28:51.0540 4952   IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:28:51.0540 4952   IPNAT - ok
19:28:51.0618 4952   IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:28:51.0634 4952   IRENUM - ok
19:28:51.0712 4952   isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:28:51.0712 4952   isapnp - ok
19:28:51.0743 4952   iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:28:51.0759 4952   iScsiPrt - ok
19:28:51.0821 4952   kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:28:51.0821 4952   kbdclass - ok
19:28:51.0868 4952   kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:28:51.0868 4952   kbdhid - ok
19:28:51.0946 4952   KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
19:28:51.0946 4952   KSecDD - ok
19:28:51.0977 4952   KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
19:28:51.0977 4952   KSecPkg - ok
19:28:52.0055 4952   ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:28:52.0055 4952   ksthunk - ok
19:28:52.0102 4952   lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:28:52.0102 4952   lltdio - ok
19:28:52.0196 4952   LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
19:28:52.0196 4952   LSI_FC - ok
19:28:52.0211 4952   LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
19:28:52.0211 4952   LSI_SAS - ok
19:28:52.0289 4952   LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:28:52.0289 4952   LSI_SAS2 - ok
19:28:52.0383 4952   LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a)

[Malware Removal Specialist]

Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.

• Save it to your desktop.
• Reboot your computer into SafeMode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight SafeMode then hit enter.
  
• Double click the setup file to run it.
• Click Next to continue.
• Accept the License agreement and click on next.
• It will, by default, install it to your desktop folder. Click Next.
• It will then open a box There will be a tab that says Automatic scan.
• Under Automatic scan make sure these are checked.
• Hidden Startup Objects
  
• System Memory
  
• Disk Boot Sectors.
  
• My Computer.
  
• Also any other drives (Removable that you may have)
  

Leave the rest of the settings as they appear as default.
•Then click on Scan at the to right hand Corner.
•It will automatically Neutralize any objects found.
•If some objects are left un-neutralized then click the button that says Neutralize all
•If it says it cannot be neutralized then choose the delete option when prompted.
•After that is done click on the reports button at the bottom and save it to file name it Kas.
•Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

Note: This tool will self uninstall when you close it so please save the log before closing it.

   I had a problem trying to save the log while in the SAFE MODE...It did say there were no threats. Is it important for you to see the log...?

 I can try again.

   Also please note that in the bottom right hand corner of the screen I get  a "test mode" Rebuild 7601. Would this account for any instability...?

[Malware Removal Specialist]

It did say there were no threats. Is it important for you to see the log...?

No. If there were no threats I don't need to see it.

Also please note that in the bottom right hand corner of the screen I get  a "test mode" Rebuild 7601. Would this account for any instability...?

What do you mean by instability?

 
 My main problem is that programs. IE, etc sudeenly they start flashing o n and off and not responding can be read at the top of the program.

It seems to happen to all programs and websites.

[Malware Removal Specialist]

All the scans are not picking up any infections. I would suspect that there is something wrong with the video card or some other piece of hardware in your computer. You could start another thread in the proper forum for the OS of your computer and perhaps, someone could help your there.