Thanks for your help.
Forgot to mention, hard drive is always busy since the infection.
Here is the log
MySystem-Search MSS v1.6
Basic System Information Username: Joyce - Date: 15/07/2010 - Time: 22:45:21
Microsoft Windows [Version 6.0.6002]
Processor type: x86 Family 17 Model 3 Stepping 1, AuthenticAMD
Total processors: 2
Computer Name: JOYCE-PC
Logon Server: \\JOYCE-PC
CD Emulation Drivers running? Nero found!
Peer-to-Peer applications? File associations .exe=exefile
.scr=scrfile
.pif=piffile
.com=comfile
.bat=batfile
.cmd=cmdfile
.log=txtfile
.txt=txtfile
.reg=regfile
.sys=sysfile
.dll=dllfile
.ini=inifile
.inf=inffile
Running processes Image Name PID Session Name Session# Mem Usage
========================= ======== ================ =========== ============
System Idle Process 0 Services 0 24 K
System 4 Services 0 113,096 K
smss.exe 500 Services 0 1,028 K
csrss.exe 576 Services 0 8,748 K
wininit.exe 636 Services 0 12,960 K
csrss.exe 644 Console 1 14,496 K
avgchsvx.exe 656 Services 0 2,140 K
avgrsx.exe 664 Services 0 1,096 K
services.exe 700 Services 0 16,576 K
lsass.exe 712 Services 0 23,064 K
lsm.exe 720 Services 0 13,808 K
winlogon.exe 744 Console 1 14,332 K
avgcsrvx.exe 920 Services 0 11,356 K
svchost.exe 1140 Services 0 7,192 K
svchost.exe 1192 Services 0 9,932 K
HPFSService.exe 1220 Services 0 21,084 K
HpFkCrypt.exe 1300 Services 0 12,400 K
svchost.exe 1336 Services 0 18,992 K
RapportMgmtService.exe 1488 Services 0 37,000 K
Ati2evxx.exe 1568 Services 0 14,044 K
svchost.exe 1588 Services 0 11,856 K
svchost.exe 1616 Services 0 81,616 K
svchost.exe 1660 Services 0 36,600 K
audiodg.exe 1740 Services 0 12,844 K
svchost.exe 1812 Services 0 4,464 K
SLsvc.exe 1832 Services 0 22,888 K
svchost.exe 1876 Services 0 9,824 K
hpservice.exe 1956 Services 0 22,460 K
svchost.exe 2040 Services 0 17,480 K
Ati2evxx.exe 344 Console 1 18,848 K
wlanext.exe 1556 Services 0 19,236 K
spoolsv.exe 2036 Services 0 34,236 K
svchost.exe 1044 Services 0 24,680 K
accoca.exe 2212 Services 0 16,524 K
AEADISRV.EXE 2228 Services 0 12,032 K
agrsmsvc.exe 2260 Services 0 11,496 K
acevents.exe 2276 Services 0 25,716 K
avgwdsvc.exe 2304 Services 0 2,164 K
svchost.exe 2316 Services 0 4,016 K
PTChangeFilterService.exe 2496 Services 0 86,964 K
iviRegMgr.exe 2648 Services 0 13,236 K
LSSrvc.exe 2716 Services 0 21,088 K
avgnsx.exe 2772 Services 0 284 K
ramaint.exe 2928 Services 0 22,036 K
LogMeIn.exe 3016 Services 0 52,560 K
LMIGuardian.exe 3036 Services 0 18,944 K
svchost.exe 3060 Services 0 12,340 K
pdfsvc.exe 3088 Services 0 14,344 K
svchost.exe 3160 Services 0 3,172 K
svchost.exe 3192 Services 0 4,592 K
svchost.exe 3208 Services 0 5,940 K
svchost.exe 3236 Services 0 3,044 K
SearchIndexer.exe 3272 Services 0 47,120 K
hpqWmiEx.exe 3792 Services 0 24,744 K
WmiPrvSE.exe 3928 Services 0 20,820 K
taskeng.exe 4060 Services 0 24,524 K
HPHC_Service.exe 1368 Services 0 59,148 K
taskeng.exe 4152 Console 1 11,048 K
dwm.exe 4312 Console 1 3,144 K
explorer.exe 4348 Console 1 95,784 K
asghost.exe 4356 Console 1 35,088 K
RapportService.exe 4448 Console 1 36,632 K
WmiPrvSE.exe 4760 Services 0 12,324 K
accrdsub.exe 5048 Console 1 28,548 K
pthosttr.exe 5056 Console 1 63,716 K
SynTPEnh.exe 5148 Console 1 26,232 K
HPWAMain.exe 5168 Console 1 26,744 K
CoreShredder.exe 5216 Console 1 27,888 K
QLBCTRL.exe 5228 Console 1 37,672 K
GrooveMonitor.exe 5328 Console 1 30,520 K
LogMeInSystray.exe 5344 Console 1 30,508 K
jusched.exe 5368 Console 1 23,164 K
hpwuschd2.exe 5408 Console 1 22,148 K
smax4pnp.exe 5424 Console 1 26,784 K
NokiaMServer.exe 5468 Console 1 43,884 K
avgtray.exe 5488 Console 1 3,068 K
sidebar.exe 5500 Console 1 66,956 K
LightScribeControlPanel.e 5512 Console 1 30,236 K
ISUSPM.exe 5520 Console 1 26,876 K
msnmsgr.exe 5528 Console 1 42,124 K
ehtray.exe 5596 Console 1 24,852 K
NokiaOviSuite.exe 5640 Console 1 107,012 K
SUPERAntiSpyware.exe 5656 Console 1 672 K
BTTray.exe 5692 Console 1 38,096 K
MagicDisc.exe 5748 Console 1 23,628 K
ehmsas.exe 6120 Console 1 21,408 K
WiFiMsg.exe 6132 Console 1 26,504 K
VolCtrl.exe 4684 Console 1 23,436 K
HpqToaster.exe 4720 Console 1 25,052 K
MOM.exe 3432 Console 1 3,432 K
Com4QLBEx.exe 4116 Services 0 14,532 K
acevents.exe 5964 Console 1 30,484 K
SynTPHelper.exe 5992 Console 1 21,584 K
BTStackServer.exe 4772 Console 1 36,240 K
CCC.exe 6000 Console 1 3,100 K
LMIGuardian.exe 3768 Console 1 3,496 K
nokiaaserver.exe 5728 Console 1 32,660 K
ServiceLayer.exe 2532 Services 0 31,524 K
NclUSBSrv.exe 6192 Services 0 15,544 K
NclRSSrv.exe 6280 Services 0 11,860 K
NclMSBTSrv.exe 6400 Console 1 39,156 K
AAWService.exe 7628 Services 0 87,340 K
unsecapp.exe 2448 Services 0 15,528 K
AAWTray.exe 7804 Console 1 5,500 K
wuauclt.exe 2328 Console 1 6,856 K
LogMeIn.exe 13976 Console 1 28,312 K
LMIGuardian.exe 13792 Console 1 3,900 K
firefox.exe 13132 Console 1 70,736 K
plugin-container.exe 14052 Console 1 14,556 K
mss.exe 14924 Console 1 4,988 K
cmd.exe 14960 Console 1 3,784 K
tasklist.exe 14976 Console 1 5,556 K
Hidden objects PATH: C:\windows
Installer
WindowsShell.Manifest
PATH: C:\windows\system32
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
desktop.ini
PATH: C:\windows\system32\drivers
103C_HP_bNB_6735s_Y5336AN_0U_QCNU84711C
9_E480868-A41_4A_I30E4_SHP_V94.1C_68GPP F.06_T081002_WV3-1_L409_M2812_J250_7AMD_8F31_92.10_#080625_N11AB4357;14E44315_(GW694AV)_XMOBILE_CN10_Z_2F.06_G10029612.MRK
Msft_Kernel_ccdcmb_01007.Wdf
Msft_Kernel_SynTP_01000.Wdf
Msft_User_WpdFs_01_00_00.Wdf
Msft_User_WpdFs_01_07_00.Wdf
Msft_User_WpdMtpDr_01_07_00.Wdf
PATH: C:\
$AVG
$Recycle.Bin
boot
bootmgr
Documents and Settings
hiberfil.sys
hp
IO.SYS
MSDOS.SYS
MSOCache
pagefile.sys
ProgramData
sqmdata00.sqm
sqmdata01.sqm
sqmdata02.sqm
sqmdata03.sqm
sqmdata04.sqm
sqmdata05.sqm
sqmdata06.sqm
sqmdata07.sqm
sqmdata08.sqm
sqmdata09.sqm
sqmdata10.sqm
sqmdata11.sqm
sqmdata12.sqm
sqmdata13.sqm
sqmdata14.sqm
sqmdata15.sqm
sqmdata16.sqm
sqmdata17.sqm
sqmdata18.sqm
sqmdata19.sqm
sqmnoopt00.sqm
sqmnoopt01.sqm
sqmnoopt02.sqm
sqmnoopt03.sqm
sqmnoopt04.sqm
sqmnoopt05.sqm
sqmnoopt06.sqm
sqmnoopt07.sqm
sqmnoopt08.sqm
sqmnoopt09.sqm
sqmnoopt10.sqm
sqmnoopt11.sqm
sqmnoopt12.sqm
sqmnoopt13.sqm
sqmnoopt14.sqm
sqmnoopt15.sqm
sqmnoopt16.sqm
sqmnoopt17.sqm
sqmnoopt18.sqm
sqmnoopt19.sqm
System Volume Information
System.sav
User Profile check Joyce
neil
Public
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
ProfilesDirectory REG_EXPAND_SZ %SystemDrive%\Users
Default REG_EXPAND_SZ %SystemDrive%\Users\Default
Public REG_EXPAND_SZ %SystemDrive%\Users\Public
ProgramData REG_EXPAND_SZ %SystemDrive%\ProgramData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
Flags REG_DWORD 0xc
State REG_DWORD 0x0
RefCount REG_DWORD 0x1
Sid REG_BINARY 010100000000000512000000
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\LocalService
Flags REG_DWORD 0x0
State REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemRoot%\ServiceProfiles\NetworkService
Flags REG_DWORD 0x0
State REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-666564277-3309807266-2236694496-1004
ProfileImagePath REG_EXPAND_SZ C:\Users\Joyce
Flags REG_DWORD 0x0
State REG_DWORD 0x100
Sid REG_BINARY 010500000000000515000000B5F6BA27A2A647C
5E03F5185EC030000
ProfileLoadTimeLow REG_DWORD 0x0
ProfileLoadTimeHigh REG_DWORD 0x0
RefCount REG_DWORD 0x2
RunLogonScriptSync REG_DWORD 0x0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-666564277-3309807266-2236694496-1005
ProfileImagePath REG_EXPAND_SZ C:\Users\neil
Flags REG_DWORD 0x0
State REG_DWORD 0x0
Sid REG_BINARY 010500000000000515000000B5F6BA27A2A647C
5E03F5185ED030000
ProfileLoadTimeLow REG_DWORD 0x0
ProfileLoadTimeHigh REG_DWORD 0x0
RefCount REG_DWORD 0x0
RunLogonScriptSync REG_DWORD 0x0
Current Scheduled Tasks PATH: C:\Windows\Tasks
Google Software Updater.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
SCHEDLGU.TXT
SA.DAT
User_Feed_Synchronization-{580DF64F-48A0-499D-98CB-C46749C12044}.job
Windows Drivers and NT-Services Volume in drive C has no label.
Volume Serial Number is 5AB0-0B44
Directory of C:\Windows\System32\Drivers
02/01/2009 00:04 0 103C_HP_bNB_6735s_Y5336AN_0U_QCNU84711C
9_E480868-A41_4A_I30E4_SHP_V94.1C_68GPP F.06_T081002_WV3-1_L409_M2812_J250_7AMD_8F31_92.10_#080625_N11AB4357;14E44315_(GW694AV)_XMOBILE_CN10_Z_2F.06_G10029612.MRK
02/02/2010 16:58 0 Msft_Kernel_ccdcmb_01007.Wdf
26/06/2008 07:44 0 Msft_Kernel_SynTP_01000.Wdf
02/01/2009 01:11 0 Msft_User_WpdFs_01_00_00.Wdf
17/11/2009 04:18 0 Msft_User_WpdFs_01_07_00.Wdf
02/02/2010 16:58 0 Msft_User_WpdMtpDr_01_07_00.Wdf
6 File(s) 0 bytes
0 Dir(s) 140,235,014,144 bytes free
Volume in drive C has no label.
Volume Serial Number is 5AB0-0B44
Directory of C:\Windows\System32\Drivers
23/08/2006 18:26 328,162 ativcaxx.cpa
23/08/2006 18:26 929 ativcaxx.vp
18/09/2006 22:26 3,440,660 gm.dls
18/09/2006 22:26 646 gmreadme.txt
02/11/2006 07:37 20,480 secdrv.sys
02/11/2006 08:36 235,520 HdAudio.sys
02/11/2006 08:36 20,608 ntrigdigi.sys
02/11/2006 09:24 62,336 BrSerWdm.sys
02/11/2006 09:24 12,160 BrUsbMdm.sys
02/11/2006 09:24 13,568 BrFiltLo.sys
02/11/2006 09:24 5,248 BrFiltUp.sys
02/11/2006 09:24 11,904 BrUsbSer.sys
02/11/2006 09:25 71,808 BrSerId.sys
02/11/2006 09:51 17,920 serenum.sys
02/11/2006 09:51 83,456 serial.sys
02/11/2006 09:51 13,312 sfloppy.sys
02/11/2006 09:52 20,608 wacompen.sys
02/11/2006 09:55 21,504 hidir.sys
02/11/2006 09:55 68,608 usbcir.sys
02/11/2006 09:55 29,184 hidbth.sys
02/11/2006 09:55 39,936 bthmodem.sys
02/11/2006 10:04 878,080 PEAuth.sys
02/11/2006 10:14 18,944 usbprint.sys
02/11/2006 10:49 31,848 sym_hi.sys
02/11/2006 10:49 33,384 Mraid35x.sys
02/11/2006 10:50 34,920 sym_u3.sys
02/11/2006 10:50 35,944 symc8xx.sys
02/11/2006 10:50 35,944 iteatapi.sys
02/11/2006 10:50 35,944 iteraid.sys
02/11/2006 10:50 71,272 djsvs.sys
02/11/2006 10:50 76,392 sbp2port.sys
02/11/2006 10:50 41,576 iirsp.sys
02/11/2006 10:50 45,160 nfrd960.sys
02/11/2006 10:50 98,408 ulsata.sys
02/11/2006 10:50 106,088 ql40xx.sys
02/11/2006 12:18 <DIR> etc
02/11/2006 15:09 1,419,232 wdfcoinstaller01005.dll
18/04/2007 09:19 2,096 ativdkxx.vp
10/05/2007 15:16 28,160 sncduvc.sys
30/05/2007 12:37 2,096 ativpkxx.vp
30/05/2007 12:37 2,096 ativokxx.vp
19/06/2007 01:12 16,768 HpqKbFiltr.sys
17/08/2007 14:31 101,376 ewusbmdm.sys
08/09/2007 23:37 52,400 ativvpxx.vp
21/01/2008 03:23 6,656 errdev.sys
21/01/2008 03:23 11,264 wmiacpi.sys
21/01/2008 03:23 28,216 battc.sys
21/01/2008 03:23 20,792 compbatt.sys
21/01/2008 03:23 41,472 intelppm.sys
21/01/2008 03:23 41,472 viac7.sys
21/01/2008 03:23 44,032 amdk8.sys
21/01/2008 03:23 41,472 amdk7.sys
21/01/2008 03:23 40,960 crusoe.sys
21/01/2008 03:23 40,960 processr.sys
21/01/2008 03:23 17,976 intelide.sys
21/01/2008 03:23 19,000 cmdide.sys
21/01/2008 03:23 16,440 pciide.sys
21/01/2008 03:23 20,024 viaide.sys
21/01/2008 03:23 17,464 aliide.sys
21/01/2008 03:23 17,976 amdide.sys
21/01/2008 03:23 55,864 SISAGP.SYS
21/01/2008 03:23 15,288 swenum.sys
21/01/2008 03:23 60,984 ULIAGPKX.SYS
21/01/2008 03:23 109,112 NV_AGP.SYS
21/01/2008 03:23 31,288 mssmbios.sys
21/01/2008 03:23 16,440 msisadrv.sys
21/01/2008 03:23 56,376 AGP440.sys
21/01/2008 03:23 49,720 isapnp.sys
21/01/2008 03:23 52,792 volmgr.sys
21/01/2008 03:23 56,888 VIAAGP.SYS
21/01/2008 03:23 57,400 AMDAGP.SYS
21/01/2008 03:23 248,832 rdpdr.sys
21/01/2008 03:23 45,568 blbdrive.sys
21/01/2008 03:23 8,704 parvdm.sys
21/01/2008 03:23 79,360 parport.sys
21/01/2008 03:23 26,112 vgapnp.sys
21/01/2008 03:23 30,264 i2omp.sys
21/01/2008 03:23 19,000 i2omgmt.sys
21/01/2008 03:23 179,256 pcmcia.sys
21/01/2008 03:23 23,552 usbuhci.sys
21/01/2008 03:23 5,888 usbd.sys
21/01/2008 03:23 179,712 b57nd60x.sys
21/01/2008 03:23 54,784 i8042prt.sys
21/01/2008 03:23 15,872 mouhid.sys
21/01/2008 03:23 34,360 mouclass.sys
21/01/2008 03:23 19,968 sermouse.sys
21/01/2008 03:23 25,088 fdc.sys
21/01/2008 03:23 20,480 flpydisk.sys
21/01/2008 03:23 73,216 usbccgp.sys
21/01/2008 03:23 105,016 mpio.sys
21/01/2008 03:23 92,160 bthpan.sys
21/01/2008 03:23 238,648 uliahci.sys
21/01/2008 03:23 130,048 drmk.sys
21/01/2008 03:23 5,632 drmkaud.sys
21/01/2008 03:23 422,968 adp94xx.sys
21/01/2008 03:23 45,112 nvstor.sys
21/01/2008 03:23 102,968 nvraid.sys
21/01/2008 03:23 94,776 msdsm.sys
21/01/2008 03:23 53,376 1394bus.sys
21/01/2008 03:23 61,952 ohci1394.sys
21/01/2008 03:23 59,448 UAGP35.SYS
21/01/2008 03:23 61,496 GAGP30KX.SYS
21/01/2008 03:23 41,984 monitor.sys
21/01/2008 03:23 24,632 crcdisk.sys
21/01/2008 03:23 342,584 elxstor.sys
21/01/2008 03:23 64,512 IPMIDrv.sys
21/01/2008 03:23 34,816 umbus.sys
21/01/2008 03:23 96,312 lsi_scsi.sys
21/01/2008 03:23 235,064 iaStorV.sys
21/01/2008 03:23 12,288 sffp_mmc.sys
21/01/2008 03:23 13,312 sffdisk.sys
21/01/2008 03:23 11,776 sffp_sd.sys
21/01/2008 03:23 115,816 ulsata2.sys
21/01/2008 03:23 35,384 kbdclass.sys
21/01/2008 03:23 96,312 lsi_fc.sys
21/01/2008 03:23 79,416 arc.sys
21/01/2008 03:23 130,616 vsmraid.sys
21/01/2008 03:23 79,928 arcsas.sys
21/01/2008 03:23 22,072 wd.sys
21/01/2008 03:23 118,784 E1G60I32.sys
21/01/2008 03:23 1,122,360 ql2300.sys
21/01/2008 03:23 89,656 lsi_sas.sys
21/01/2008 03:23 300,600 adpahci.sys
21/01/2008 03:23 41,016 sisraid2.sys
21/01/2008 03:23 35,328 circlass.sys
21/01/2008 03:23 134,016 usbvideo.sys
21/01/2008 03:23 101,432 adpu160m.sys
21/01/2008 03:23 74,808 sisraid4.sys
21/01/2008 03:23 45,624 tpm.sys
21/01/2008 03:23 40,504 HpCISSs.sys
21/01/2008 03:23 14,208 CmBatt.sys
21/01/2008 03:23 25,472 hidparse.sys
21/01/2008 03:23 386,616 MegaSR.sys
21/01/2008 03:23 149,560 adpu320.sys
21/01/2008 03:23 31,288 megasas.sys
21/01/2008 03:23 31,232 qwavedrv.sys
21/01/2008 03:23 12,288 bdasup.sys
21/01/2008 03:23 17,976 wmilib.sys
21/01/2008 03:23 110,080 videoprt.sys
21/01/2008 03:23 57,400 mountmgr.sys
21/01/2008 03:23 6,144 beep.sys
21/01/2008 03:23 7,680 umpass.sys
21/01/2008 03:23 4,608 null.sys
21/01/2008 03:23 22,528 msfs.sys
21/01/2008 03:23 70,144 cdfs.sys
21/01/2008 03:23 503,864 Wdf01000.sys
21/01/2008 03:23 35,896 WdfLdr.sys
21/01/2008 03:23 3 MsftWdf_Kernel_01007_Inbox_Critical.Wdf
21/01/2008 03:23 69,632 bowser.sys
21/01/2008 03:23 13,312 irenum.sys
21/01/2008 03:23 142,904 scsiport.sys
21/01/2008 03:24 58,936 fileinfo.sys
21/01/2008 03:24 17,408 asyncmac.sys
21/01/2008 03:24 20,992 tdi.sys
21/01/2008 03:24 6,144 RDPCDD.sys
21/01/2008 03:24 12,800 fs_rec.sys
21/01/2008 03:24 29,184 tdtcp.sys
21/01/2008 03:24 17,920 tdpipe.sys
21/01/2008 03:24 21,048 spldr.sys
21/01/2008 03:24 11,776 rasacd.sys
21/01/2008 03:24 35,840 netbios.sys
21/01/2008 03:24 27,648 filetrace.sys
21/01/2008 03:24 13,312 dxapi.sys
21/01/2008 03:24 62,464 wanarp.sys
21/01/2008 03:24 49,664 ndproxy.sys
21/01/2008 03:24 20,992 ndistapi.sys
21/01/2008 03:24 100,864 ipnat.sys
21/01/2008 03:24 15,360 TUNMP.SYS
21/01/2008 03:24 95,744 irda.sys
21/01/2008 03:24 60,416 rspndr.sys
21/01/2008 03:24 47,104 lltdio.sys
21/01/2008 03:24 84,480 luafv.sys
21/01/2008 03:24 24,576 tape.sys
21/01/2008 03:24 47,616 ipfltdrv.sys
21/01/2008 03:24 18,944 mcd.sys
21/01/2008 03:24 16,384 nsiproxy.sys
21/01/2008 03:24 15,872 ws2ifsl.sys
21/01/2008 03:24 64,000 mpsdrv.sys
21/01/2008 03:24 8,192 rootmdm.sys
21/01/2008 03:24 6,144 RDPENCDD.sys
21/01/2008 03:24 25,088 vga.sys
21/01/2008 03:24 8,192 mskssrv.sys
21/01/2008 03:24 5,504 mspqm.sys
21/01/2008 03:24 6,016 mstee.sys
21/01/2008 03:24 5,888 mspclock.sys
21/01/2008 03:24 16,896 ndisuio.sys
21/01/2008 03:24 17,408 smclib.sys
21/01/2008 03:24 62,976 raspptp.sys
21/01/2008 03:24 76,288 rasl2tp.sys
21/01/2008 03:24 31,744 modem.sys
21/01/2008 03:24 83,328 WUDFRd.sys
21/01/2008 03:24 51,200 WUDFPf.sys
21/01/2008 03:24 23,552 tssecsrv.sys
29/02/2008 17:13 1,202,560 AGRSM.sys
21/03/2008 19:35 1,207,288 BCMWL6.SYS
27/03/2008 20:06 199,472 SynTP.sys
03/04/2008 22:57 310,272 yk60x86.sys
07/04/2008 19:13 34,664 Accelerometer.sys
07/04/2008 19:13 25,448 hpdskflt.sys
11/04/2008 02:27 1,804,160 snp2uvc.sys
11/04/2008 15:38 382,464 ADIHdAud.sys
14/04/2008 22:39 9,344 CPQBttn.sys
28/04/2008 10:26 14,352 AtiPcie.sys
21/05/2008 09:47 49,152 ati2erec.dll
21/05/2008 11:35 3,552,768 atikmdag.sys
28/05/2008 13:27 81,960 btwavdt.sys
28/05/2008 13:27 80,424 btwaudio.sys
28/05/2008 13:27 16,168 btwrchid.sys
30/05/2008 17:36 108,752 SafeBoot.sys
30/05/2008 17:37 12,496 rsvlock.sys
30/05/2008 17:37 12,928 SbFsLock.sys
30/05/2008 17:37 10,832 SbHiber.sys
30/05/2008 17:37 51,376 SbAlg.sys
24/07/2008 19:45 10,144 lmimirr.sys
24/07/2008 19:46 47,640 LMIRfsDriver.sys
28/07/2008 18:19 116,736 mcdbus.sys
26/08/2008 10:26 18,816 pccsmcfd.sys
11/04/2009 03:52 684,032 spsys.sys
11/04/2009 05:13 142,848 fastfat.sys
11/04/2009 05:13 136,704 exfat.sys
11/04/2009 05:13 226,816 udfs.sys
11/04/2009 05:14 35,328 npfs.sys
11/04/2009 05:14 75,264 dfsc.sys
11/04/2009 05:14 225,280 rdbss.sys
11/04/2009 05:14 114,688 mrxdav.sys
11/04/2009 05:22 33,280 watchdog.sys
11/04/2009 05:23 76,288 dxg.sys
11/04/2009 05:38 17,408 kbdhid.sys
11/04/2009 05:38 149,504 ks.sys
11/04/2009 05:39 19,456 Diskdump.sys
11/04/2009 05:39 67,072 cdrom.sys
11/04/2009 05:42 561,152 hdaudbus.sys
11/04/2009 05:42 52,992 stream.sys
11/04/2009 05:42 39,424 hidclass.sys
11/04/2009 05:42 12,800 hidusb.sys
11/04/2009 05:42 167,936 portcls.sys
11/04/2009 05:42 19,456 usbohci.sys
11/04/2009 05:42 39,936 usbehci.sys
11/04/2009 05:42 27,648 usbser.sys
11/04/2009 05:42 65,536 USBSTOR.SYS
11/04/2009 05:42 25,856 USBCAMD.sys
11/04/2009 05:42 25,856 USBCAMD2.sys
11/04/2009 05:42 226,304 usbport.sys
11/04/2009 05:43 29,696 BTHUSB.SYS
11/04/2009 05:43 507,904 bthport.sys
11/04/2009 05:43 22,528 bthenum.sys
11/04/2009 05:43 148,992 rfcomm.sys
11/04/2009 05:43 196,096 usbhub.sys
11/04/2009 05:43 148,480 nwifi.sys
11/04/2009 05:45 66,560 smb.sys
11/04/2009 05:45 113,664 rmcast.sys
11/04/2009 05:45 185,856 netbt.sys
11/04/2009 05:45 72,192 pacer.sys
11/04/2009 05:45 72,192 tdx.sys
11/04/2009 05:46 33,280 RNDISMP.sys
11/04/2009 05:46 15,872 usb8023.sys
11/04/2009 05:46 41,472 raspppoe.sys
11/04/2009 05:46 121,344 ndiswan.sys
11/04/2009 05:46 69,120 rassstp.sys
11/04/2009 05:47 273,920 afd.sys
11/04/2009 05:51 180,736 rdpwd.sys
11/04/2009 06:42 93,696 bridge.sys
11/04/2009 07:32 19,944 atapi.sys
11/04/2009 07:32 27,112 msahci.sys
11/04/2009 07:32 27,624 Dumpata.sys
11/04/2009 07:32 35,304 crashdmp.sys
11/04/2009 07:32 48,104 mup.sys
11/04/2009 07:32 53,736 disk.sys
11/04/2009 07:32 54,248 partmgr.sys
11/04/2009 07:32 109,032 ataport.sys
11/04/2009 07:32 99,816 FWPKCLNT.SYS
11/04/2009 07:32 141,288 ecache.sys
11/04/2009 07:32 125,928 Classpnp.sys
11/04/2009 07:32 161,752 msrpc.sys
11/04/2009 07:32 180,712 msiscsi.sys
11/04/2009 07:32 223,208 netio.sys
11/04/2009 07:32 265,688 acpi.sys
11/04/2009 07:32 190,424 fltMgr.sys
11/04/2009 07:32 527,848 ndis.sys
11/04/2009 07:32 1,083,880 ntfs.sys
11/04/2009 07:32 43,496 pciidex.sys
11/04/2009 07:32 53,224 termdd.sys
11/04/2009 07:32 122,344 Storport.sys
11/04/2009 07:32 149,480 pci.sys
11/04/2009 07:32 226,280 volsnap.sys
11/04/2009 07:33 292,840 volmgrx.sys
16/06/2009 00:15 439,864 ksecdd.sys
14/09/2009 10:29 144,896 srv2.sys
25/09/2009 02:27 634,880 dxgkrnl.sys
01/10/2009 02:01 40,448 WpdUsb.sys
06/10/2009 12:52 17,664 ccdcmb.sys
06/10/2009 12:52 7,936 usbser_lowerflt.sys
06/10/2009 12:52 22,016 ccdcmbo.sys
06/10/2009 12:52 7,936 usbser_lowerfltj.sys
08/12/2009 18:26 30,720 tcpipreg.sys
11/12/2009 12:43 98,816 srvnet.sys
11/12/2009 12:43 302,080 srv.sys
02/02/2010 16:58 <DIR> UMDF
18/02/2010 12:28 25,088 tunnel.sys
18/02/2010 15:07 904,576 tcpip.sys
20/02/2010 21:53 411,648 http.sys
23/02/2010 12:10 106,496 mrxsmb.sys
23/02/2010 12:10 79,360 mrxsmb20.sys
23/02/2010 12:10 212,992 mrxsmb10.sys
28/02/2010 15:22 390,528 RapportBuka.sys
17/03/2010 04:01 <DIR> en-US
18/03/2010 09:52 216,200 avgldx86.sys
29/04/2010 15:39 20,952 mbam.sys
29/04/2010 15:39 38,224 mbamswissarmy.sys
03/06/2010 09:29 29,584 avgmfx86.sys
03/06/2010 09:29 242,896 avgtdix.sys
11/06/2010 14:01 95,024 SBREDrv.sys
06/07/2010 18:28 64,288 Lbd.sys
07/07/2010 21:40 <DIR> ..
07/07/2010 21:40 <DIR> .
15/07/2010 09:37 <DIR> Avg
310 File(s) 41,789,424 bytes
6 Dir(s) 140,234,997,760 bytes free
Virtual drives found? Environment variables ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Joyce\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=JOYCE-PC
ComSpec=C:\windows\system32\cmd.exe
DFSTRACINGON=FALSE
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Joyce
LOCALAPPDATA=C:\Users\Joyce\AppData\Local
LOGONSERVER=\\JOYCE-PC
MOZ_CRASHREPORTER_DATA_DIRECTORY=C:\Users\Joyce\AppData\Roaming\Mozilla\Firefox\Crash Reports
MOZ_CRASHREPORTER_RESTART_ARG_0=C:\Program Files\Mozilla Firefox\firefox.exe
MOZ_CRASHREPORTER_STRINGS_OVERRIDE=C:\Program Files\Mozilla Firefox\crashreporter-override.ini
NUMBER_OF_PROCESSORS=2
OnlineServices=Online Services
OS=Windows_NT
Path=C:\Program Files\Mozilla Firefox;C:\Program Files\PC Connectivity Solution\;C:\windows\system32;C:\windows;C:\windows\System32\Wbem;c:\Program Files\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files\ActivIdentity\ActivClient\;c:\Program Files\Hewlett-Packard\IAM\bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
Platform=BNB
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 17 Model 3 Stepping 1, AuthenticAMD
PROCESSOR_LEVEL=17
PROCESSOR_REVISION=0301
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\windows
TEMP=C:\Users\Joyce\AppData\Local\Temp
TMP=C:\Users\Joyce\AppData\Local\Temp
TRACE_FORMAT_SEARCH_PATH=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
USERDOMAIN=Joyce-PC
USERNAME=Joyce
USERPROFILE=C:\Users\Joyce
windir=C:\windows
Stealth malware? Internet Explorer HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main
Start Page REG_SZ
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=all&pf=cmnb AutoHide REG_SZ yes
Default_Page_URL REG_SZ
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=all&pf=cmnb Default_Secondary_Page_URL REG_MULTI_SZ
Default_Search_URL REG_SZ
http://go.microsoft.com/fwlink/?LinkId=54896 Search Page REG_SZ
http://go.microsoft.com/fwlink/?LinkId=54896 Extensions Off Page REG_SZ about:NoAdd-ons
Security Risk Page REG_SZ about:SecurityRisk
Enable_Disk_Cache REG_SZ yes
Cache_Percent_of_Disk REG_BINARY 0A000000
Delete_Temp_Files_On_Exit REG_SZ yes
Local Page REG_SZ C:\windows\System32\blank.htm
Anchor_Visitation_Horizon REG_BINARY 01000000
Use_Async_DNS REG_SZ yes
Placeholder_Width REG_BINARY 1A000000
Placeholder_Height REG_BINARY 1A000000
tp REG_SZ 1000
TI REG_SZ 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\ErrorThresholds
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\UrlTemplate
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings
IE5_UA_Backup_Flag REG_SZ 5.0
User Agent REG_SZ Mozilla/4.0 (compatible; MSIE 8.0; Win32)
EmailName REG_SZ IEUser@
AutoConfigProxy REG_SZ wininet.dll
MimeExclusionListForCache REG_SZ multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
UseSchannelDirectly REG_BINARY 01000000
EnableHttp1_1 REG_DWORD 0x1
PrivDiscUiShown REG_DWORD 0x1
WarnOnIntranet REG_DWORD 0x1
EnableNegotiate REG_DWORD 0x1
MigrateProxy REG_DWORD 0x1
ProxyEnable REG_DWORD 0x0
GlobalUserOffline REG_DWORD 0x0
WarnOnPost REG_BINARY 01000000
UrlEncoding REG_DWORD 0x0
SecureProtocols REG_DWORD 0xa0
PrivacyAdvanced REG_DWORD 0x0
ZonesSecurityUpgradeDone REG_DWORD 0x1
DisableCachingOfSSLPages REG_DWORD 0x0
WarnonZoneCrossing REG_DWORD 0x0
CertificateRevocation REG_DWORD 0x1
NoNetAutodial REG_DWORD 0x0
EnableAutodial REG_DWORD 0x0
ZonesSecurityUpgrade REG_BINARY 83AD422D9D01CA01
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Http Filters
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Lockdown_Zones
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\P3P
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Passport
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Protocols
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\TemplatePolicies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Wpad
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main
Disable Script Debugger REG_SZ yes
Start Page REG_SZ
http://uk.yahoo.com/ Default_Page_URL REG_SZ
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=83&bd=all&pf=cmnb Anchor Underline REG_SZ yes
Cache_Update_Frequency REG_SZ Once_Per_Session
Display Inline Images REG_SZ yes
Do404Search REG_BINARY 01000000
Local Page REG_SZ C:\windows\system32\blank.htm
Save_Session_History_On_Exit REG_SZ no
Show_FullURL REG_SZ no
Show_StatusBar REG_SZ yes
Show_ToolBar REG_SZ yes
Show_URLinStatusBar REG_SZ yes
Show_URLToolBar REG_SZ yes
Use_DlgBox_Colors REG_SZ yes
Search Page REG_SZ
XMLHTTP REG_DWORD 0x1
NoUpdateCheck REG_DWORD 0x1
UseClearType REG_SZ no
Enable Browser Extensions REG_SZ yes
Play_Background_Sounds REG_SZ yes
Play_Animations REG_SZ yes
CompatibilityFlags REG_DWORD 0x0
FullScreen REG_SZ no
SearchMigrated REG_DWORD 0x0
Window_Placement REG_BINARY&n