madlew34

also just as i cleared off MBAM and rebooted the pop up came back up and i cannot launch the new programme of it MBAM

20:37:04.0396 3828 TDSS rootkit removing tool 2.7.20.0 Mar 9 2012 17:10:43 20:37:04.0487 3828 ============================================================ 20:37:04.0487 3828 Current date / time: 2012/03/19 20:37:04.0487 20:37:04.0487 3828 SystemInfo: 20:37:04.0487 3828 20:37:04.0487 3828 OS Version: 6.1.7600 ServicePack: 0.0 20:37:04.0487 3828 Product type: Workstation 20:37:04.0487 3828 ComputerName: HARRY-PC 20:37:04.0488 3828 UserName: Harry 20:37:04.0488 3828 Windows directory: C:\Windows 20:37:04.0488 3828 System windows directory: C:\Windows 20:37:04.0488 3828 Processor architecture: Intel x86 20:37:04.0488 3828 Number of processors: 2 20:37:04.0488 3828 Page size: 0x1000 20:37:04.0488 3828 Boot type: Normal boot 20:37:04.0488 3828 ============================================================ 20:37:05.0380 3828 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 20:37:05.0382 3828 \Device\Harddisk0\DR0: 20:37:05.0382 3828 MBR used 20:37:05.0382 3828 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000 20:37:05.0416 3828 Initialize success 20:37:05.0416 3828 ============================================================ 20:37:06.0822 3740 ============================================================ 20:37:06.0822 3740 Scan started 20:37:06.0822 3740 Mode: Manual; 20:37:06.0822 3740 ============================================================ 20:37:07.0754 3740 1394ohci (6d2aca41739bfe8cb86ee8e85f29697d) C:\Windows\system32\DRIVERS\1394ohci.sys 20:37:07.0757 3740 1394ohci - ok 20:37:07.0787 3740 ACPI (f0e07d144c8685b8774bc32fc8da4df0) C:\Windows\system32\DRIVERS\ACPI.sys 20:37:07.0789 3740 ACPI - ok 20:37:07.0803 3740 AcpiPmi (98d81ca942d19f7d9153b095162ac013) C:\Windows\system32\DRIVERS\acpipmi.sys 20:37:07.0804 3740 AcpiPmi - ok 20:37:07.0851 3740 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys 20:37:07.0855 3740 adp94xx - ok 20:37:07.0883 3740 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys 20:37:07.0885 3740 adpahci - ok 20:37:07.0904 3740 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys 20:37:07.0905 3740 adpu320 - ok 20:37:07.0969 3740 AFD (0db7a48388d54d154ebec120461a0fcd) C:\Windows\system32\drivers\afd.sys 20:37:07.0975 3740 AFD - ok 20:37:07.0999 3740 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\DRIVERS\agp440.sys 20:37:08.0001 3740 agp440 - ok 20:37:08.0048 3740 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys 20:37:08.0050 3740 aic78xx - ok 20:37:08.0092 3740 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\DRIVERS\aliide.sys 20:37:08.0092 3740 aliide - ok 20:37:08.0111 3740 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\DRIVERS\amdagp.sys 20:37:08.0112 3740 amdagp - ok 20:37:08.0131 3740 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\DRIVERS\amdide.sys 20:37:08.0132 3740 amdide - ok 20:37:08.0141 3740 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys 20:37:08.0142 3740 AmdK8 - ok 20:37:08.0160 3740 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys 20:37:08.0161 3740 AmdPPM - ok 20:37:08.0224 3740 amdsata (19ce906b4cdc11fc4fef5745f33a63b6) C:\Windows\system32\drivers\amdsata.sys 20:37:08.0226 3740 amdsata - ok 20:37:08.0253 3740 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys 20:37:08.0256 3740 amdsbs - ok 20:37:08.0275 3740 amdxata (869e67d66be326a5a9159fba8746fa70) C:\Windows\system32\drivers\amdxata.sys 20:37:08.0276 3740 amdxata - ok 20:37:08.0342 3740 AppID (feb834c02ce1e84b6a38f953ca067706) C:\Windows\system32\drivers\appid.sys 20:37:08.0343 3740 AppID - ok 20:37:08.0438 3740 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys 20:37:08.0439 3740 arc - ok 20:37:08.0456 3740 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys 20:37:08.0457 3740 arcsas - ok 20:37:08.0558 3740 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys 20:37:08.0560 3740 AsyncMac - ok 20:37:08.0581 3740 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\DRIVERS\atapi.sys 20:37:08.0582 3740 atapi - ok 20:37:08.0642 3740 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\Windows\system32\DRIVERS\atksgt.sys 20:37:08.0647 3740 atksgt - ok 20:37:08.0732 3740 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys 20:37:08.0735 3740 b06bdrv - ok 20:37:08.0777 3740 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys 20:37:08.0779 3740 b57nd60x - ok 20:37:08.0825 3740 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys 20:37:08.0825 3740 Beep - ok 20:37:08.0863 3740 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys 20:37:08.0864 3740 blbdrive - ok 20:37:08.0928 3740 bowser (9a5c671b7fbae4865149bb11f59b91b2) C:\Windows\system32\DRIVERS\bowser.sys 20:37:08.0930 3740 bowser - ok 20:37:08.0953 3740 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys 20:37:08.0954 3740 BrFiltLo - ok 20:37:08.0971 3740 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys 20:37:08.0972 3740 BrFiltUp - ok 20:37:09.0049 3740 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys 20:37:09.0051 3740 BridgeMP - ok 20:37:09.0121 3740 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys 20:37:09.0123 3740 Brserid - ok 20:37:09.0144 3740 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys 20:37:09.0145 3740 BrSerWdm - ok 20:37:09.0166 3740 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys 20:37:09.0167 3740 BrUsbMdm - ok 20:37:09.0188 3740 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys 20:37:09.0188 3740 BrUsbSer - ok 20:37:09.0204 3740 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys 20:37:09.0204 3740 BTHMODEM - ok 20:37:09.0327 3740 catchme - ok 20:37:09.0425 3740 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys 20:37:09.0426 3740 cdfs - ok 20:37:09.0474 3740 cdrom (ba6e70aa0e6091bc39de29477d866a77) C:\Windows\system32\DRIVERS\cdrom.sys 20:37:09.0476 3740 cdrom - ok 20:37:09.0520 3740 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys 20:37:09.0521 3740 circlass - ok 20:37:09.0548 3740 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys 20:37:09.0551 3740 CLFS - ok 20:37:09.0605 3740 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys 20:37:09.0605 3740 CmBatt - ok 20:37:09.0626 3740 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\DRIVERS\cmdide.sys 20:37:09.0629 3740 cmdide - ok 20:37:09.0681 3740 CNG (36c252e474b2ffa0f0fbbff20d92a640) C:\Windows\system32\Drivers\cng.sys 20:37:09.0684 3740 CNG - ok 20:37:09.0700 3740 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys 20:37:09.0700 3740 Compbatt - ok 20:37:09.0734 3740 CompositeBus (f1724ba27e97d627f808fb0ba77a28a6) C:\Windows\system32\DRIVERS\CompositeBus.sys 20:37:09.0735 3740 CompositeBus - ok 20:37:09.0777 3740 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys 20:37:09.0778 3740 crcdisk - ok 20:37:09.0823 3740 CSC (27c9490bdd0ae48911ab8cf1932591ed) C:\Windows\system32\drivers\csc.sys 20:37:09.0826 3740 CSC - ok 20:37:09.0883 3740 DfsC (83d1ecea8faae75604c0fa49ac7ad996) C:\Windows\system32\Drivers\dfsc.sys 20:37:09.0885 3740 DfsC - ok 20:37:09.0916 3740 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys 20:37:09.0917 3740 discache - ok 20:37:09.0961 3740 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys 20:37:09.0962 3740 Disk - ok 20:37:10.0008 3740 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys 20:37:10.0009 3740 drmkaud - ok 20:37:10.0068 3740 DXGKrnl (1679a4669326cb1a67cc95658d273234) C:\Windows\System32\drivers\dxgkrnl.sys 20:37:10.0079 3740 DXGKrnl - ok 20:37:10.0161 3740 EagleNT - ok 20:37:10.0323 3740 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys 20:37:10.0346 3740 ebdrv - ok 20:37:10.0382 3740 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys 20:37:10.0385 3740 elxstor - ok 20:37:10.0402 3740 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\DRIVERS\errdev.sys 20:37:10.0402 3740 ErrDev - ok 20:37:10.0442 3740 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys 20:37:10.0443 3740 exfat - ok 20:37:10.0460 3740 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys 20:37:10.0461 3740 fastfat - ok 20:37:10.0479 3740 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys 20:37:10.0479 3740 fdc - ok 20:37:10.0517 3740 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys 20:37:10.0517 3740 FileInfo - ok 20:37:10.0527 3740 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys 20:37:10.0528 3740 Filetrace - ok 20:37:10.0542 3740 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys 20:37:10.0542 3740 flpydisk - ok 20:37:10.0580 3740 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys 20:37:10.0581 3740 FltMgr - ok 20:37:10.0622 3740 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys 20:37:10.0623 3740 FsDepends - ok 20:37:10.0705 3740 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys 20:37:10.0706 3740 fssfltr - ok 20:37:10.0748 3740 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys 20:37:10.0749 3740 Fs_Rec - ok 20:37:10.0793 3740 fvevol (dafbd9fe39197495aed6d51f3b85b5d2) C:\Windows\system32\DRIVERS\fvevol.sys 20:37:10.0797 3740 fvevol - ok 20:37:10.0838 3740 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys 20:37:10.0839 3740 gagp30kx - ok 20:37:10.0883 3740 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 20:37:10.0884 3740 GEARAspiWDM - ok 20:37:10.0951 3740 gel90xne - ok 20:37:11.0060 3740 hamachi (833051c6c6c42117191935f734cfbd97) C:\Windows\system32\DRIVERS\hamachi.sys 20:37:11.0061 3740 hamachi - ok 20:37:11.0129 3740 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys 20:37:11.0131 3740 hcw85cir - ok 20:37:11.0156 3740 HdAudAddService (3530cad25deba7dc7de8bb51632cbc5f) C:\Windows\system32\drivers\HdAudio.sys 20:37:11.0161 3740 HdAudAddService - ok 20:37:11.0206 3740 HDAudBus (717a2207fd6f13ad3e664c7d5a43c7bf) C:\Windows\system32\DRIVERS\HDAudBus.sys 20:37:11.0208 3740 HDAudBus - ok 20:37:11.0222 3740 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys 20:37:11.0222 3740 HidBatt - ok 20:37:11.0243 3740 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys 20:37:11.0244 3740 HidBth - ok 20:37:11.0290 3740 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys 20:37:11.0292 3740 HidIr - ok 20:37:11.0340 3740 HidUsb (25072fb35ac90b25f9e4e3bacf774102) C:\Windows\system32\DRIVERS\hidusb.sys 20:37:11.0341 3740 HidUsb - ok 20:37:11.0424 3740 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\DRIVERS\HpSAMD.sys 20:37:11.0426 3740 HpSAMD - ok 20:37:11.0464 3740 HTTP (c531c7fd9e8b62021112787c4e2c5a5a) C:\Windows\system32\drivers\HTTP.sys 20:37:11.0468 3740 HTTP - ok 20:37:11.0479 3740 hwpolicy (8305f33cde89ad6c7a0763ed0b5a8d42) C:\Windows\system32\drivers\hwpolicy.sys 20:37:11.0480 3740 hwpolicy - ok 20:37:11.0498 3740 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\DRIVERS\i8042prt.sys 20:37:11.0499 3740 i8042prt - ok 20:37:11.0566 3740 iaStorV (71f1a494fedf4b33c02c4a6a28d6d9e9) C:\Windows\system32\drivers\iaStorV.sys 20:37:11.0571 3740 iaStorV - ok 20:37:11.0642 3740 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys 20:37:11.0644 3740 iirsp - ok 20:37:11.0670 3740 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\DRIVERS\intelide.sys 20:37:11.0671 3740 intelide - ok 20:37:11.0705 3740 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys 20:37:11.0706 3740 intelppm - ok 20:37:11.0720 3740 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys 20:37:11.0721 3740 IpFilterDriver - ok 20:37:11.0772 3740 IPMIDRV (e4454b6c37d7ffd5649611f6496308a7) C:\Windows\system32\DRIVERS\IPMIDrv.sys 20:37:11.0773 3740 IPMIDRV - ok 20:37:11.0794 3740 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys 20:37:11.0795 3740 IPNAT - ok 20:37:11.0849 3740 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys 20:37:11.0850 3740 IRENUM - ok 20:37:11.0870 3740 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\DRIVERS\isapnp.sys 20:37:11.0871 3740 isapnp - ok 20:37:11.0897 3740 iScsiPrt (ed46c223ae46c6866ab77cdc41c404b7) C:\Windows\system32\DRIVERS\msiscsi.sys 20:37:11.0899 3740 iScsiPrt - ok 20:37:11.0937 3740 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys 20:37:11.0938 3740 kbdclass - ok 20:37:11.0975 3740 kbdhid (3d9f0ebf350edcfd6498057301455964) C:\Windows\system32\DRIVERS\kbdhid.sys 20:37:11.0976 3740 kbdhid - ok 20:37:12.0055 3740 KSecDD (0263364acb9c834ace52fb85c2c064ec) C:\Windows\system32\Drivers\ksecdd.sys 20:37:12.0057 3740 KSecDD - ok 20:37:12.0093 3740 KSecPkg (27391db553be2a4e2b0adeea2873b2af) C:\Windows\system32\Drivers\ksecpkg.sys 20:37:12.0096 3740 KSecPkg - ok 20:37:12.0179 3740 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\Windows\system32\DRIVERS\lirsgt.sys 20:37:12.0180 3740 lirsgt - ok 20:37:12.0230 3740 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys 20:37:12.0231 3740 lltdio - ok 20:37:12.0289 3740 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys 20:37:12.0290 3740 LSI_FC - ok 20:37:12.0300 3740 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys 20:37:12.0301 3740 LSI_SAS - ok 20:37:12.0317 3740 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys 20:37:12.0318 3740 LSI_SAS2 - ok 20:37:12.0332 3740 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys 20:37:12.0334 3740 LSI_SCSI - ok 20:37:12.0373 3740 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys 20:37:12.0374 3740 luafv - ok 20:37:12.0398 3740 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys 20:37:12.0399 3740 megasas - ok 20:37:12.0437 3740 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys 20:37:12.0439 3740 MegaSR - ok 20:37:12.0464 3740 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys 20:37:12.0465 3740 Modem - ok 20:37:12.0500 3740 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys 20:37:12.0501 3740 monitor - ok 20:37:12.0542 3740 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys 20:37:12.0544 3740 mouclass - ok 20:37:12.0562 3740 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys 20:37:12.0564 3740 mouhid - ok 20:37:12.0598 3740 mountmgr (921c18727c5920d6c0300736646931c2) C:\Windows\system32\drivers\mountmgr.sys 20:37:12.0599 3740 mountmgr - ok 20:37:12.0617 3740 mpio (2af5997438c55fb79d33d015c30e1974) C:\Windows\system32\DRIVERS\mpio.sys 20:37:12.0618 3740 mpio - ok 20:37:12.0646 3740 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys 20:37:12.0647 3740 mpsdrv - ok 20:37:12.0667 3740 MRxDAV (b1be47008d20e43da3adc37c24cdb89d) C:\Windows\system32\drivers\mrxdav.sys 20:37:12.0668 3740 MRxDAV - ok 20:37:12.0707 3740 mrxsmb (ca7570e42522e24324a12161db14ec02) C:\Windows\system32\DRIVERS\mrxsmb.sys 20:37:12.0708 3740 mrxsmb - ok 20:37:12.0752 3740 mrxsmb10 (f965c3ab2b2ae5c378f4562486e35051) C:\Windows\system32\DRIVERS\mrxsmb10.sys 20:37:12.0754 3740 mrxsmb10 - ok 20:37:12.0769 3740 mrxsmb20 (25c38264a3c72594dd21d355d70d7a5d) C:\Windows\system32\DRIVERS\mrxsmb20.sys 20:37:12.0771 3740 mrxsmb20 - ok 20:37:12.0792 3740 msahci (4326d168944123f38dd3b2d9c37a0b12) C:\Windows\system32\DRIVERS\msahci.sys 20:37:12.0793 3740 msahci - ok 20:37:12.0830 3740 msdsm (455029c7174a2dbb03dba8a0d8bddd9a) C:\Windows\system32\DRIVERS\msdsm.sys 20:37:12.0832 3740 msdsm - ok 20:37:12.0880 3740 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys 20:37:12.0881 3740 Msfs - ok 20:37:12.0893 3740 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys 20:37:12.0893 3740 mshidkmdf - ok 20:37:12.0908 3740 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\DRIVERS\msisadrv.sys 20:37:12.0909 3740 msisadrv - ok 20:37:12.0948 3740 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys 20:37:12.0949 3740 MSKSSRV - ok 20:37:12.0961 3740 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys 20:37:12.0962 3740 MSPCLOCK - ok 20:37:12.0980 3740 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys 20:37:12.0980 3740 MSPQM - ok 20:37:12.0997 3740 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys 20:37:12.0999 3740 MsRPC - ok 20:37:13.0018 3740 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\DRIVERS\mssmbios.sys 20:37:13.0018 3740 mssmbios - ok 20:37:13.0081 3740 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys 20:37:13.0081 3740 MSTEE - ok 20:37:13.0102 3740 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys 20:37:13.0102 3740 MTConfig - ok 20:37:13.0147 3740 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\Windows\system32\DRIVERS\ASACPI.sys 20:37:13.0147 3740 MTsensor - ok 20:37:13.0159 3740 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys 20:37:13.0160 3740 Mup - ok 20:37:13.0215 3740 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys 20:37:13.0217 3740 NativeWifiP - ok 20:37:13.0243 3740 NDIS (23759d175a0a9baaf04d05047bc135a8) C:\Windows\system32\drivers\ndis.sys 20:37:13.0248 3740 NDIS - ok 20:37:13.0268 3740 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys 20:37:13.0268 3740 NdisCap - ok 20:37:13.0302 3740 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys 20:37:13.0303 3740 NdisTapi - ok 20:37:13.0325 3740 Ndisuio (b30ae7f2b6d7e343b0df32e6c08fce75) C:\Windows\system32\DRIVERS\ndisuio.sys 20:37:13.0325 3740 Ndisuio - ok 20:37:13.0346 3740 NdisWan (267c415eadcbe53c9ca873dee39cf3a4) C:\Windows\system32\DRIVERS\ndiswan.sys 20:37:13.0347 3740 NdisWan - ok 20:37:13.0365 3740 NDProxy (af7e7c63dcef3f8772726f86039d6eb4) C:\Windows\system32\drivers\NDProxy.sys 20:37:13.0366 3740 NDProxy - ok 20:37:13.0378 3740 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys 20:37:13.0379 3740 NetBIOS - ok 20:37:13.0396 3740 NetBT (dd52a733bf4ca5af84562a5e2f963b91) C:\Windows\system32\DRIVERS\netbt.sys 20:37:13.0397 3740 NetBT - ok 20:37:13.0491 3740 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys 20:37:13.0492 3740 nfrd960 - ok 20:37:13.0511 3740 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys 20:37:13.0512 3740 Npfs - ok 20:37:13.0533 3740 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys 20:37:13.0534 3740 nsiproxy - ok 20:37:13.0599 3740 Ntfs (187002ce05693c306f43c873f821381f) C:\Windows\system32\drivers\Ntfs.sys 20:37:13.0608 3740 Ntfs - ok 20:37:13.0621 3740 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys 20:37:13.0622 3740 Null - ok 20:37:13.0867 3740 nvlddmkm (d739db285d03d4994a937d156df50966) C:\Windows\system32\DRIVERS\nvlddmkm.sys 20:37:13.0912 3740 nvlddmkm - ok 20:37:13.0958 3740 nvraid (f1b0bed906f97e16f6d0c3629d2f21c6) C:\Windows\system32\drivers\nvraid.sys 20:37:13.0960 3740 nvraid - ok 20:37:14.0000 3740 nvstor (4520b63899e867f354ee012d34e11536) C:\Windows\system32\drivers\nvstor.sys 20:37:14.0003 3740 nvstor - ok 20:37:14.0057 3740 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\DRIVERS\nv_agp.sys 20:37:14.0058 3740 nv_agp - ok 20:37:14.0074 3740 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\DRIVERS\ohci1394.sys 20:37:14.0075 3740 ohci1394 - ok 20:37:14.0201 3740 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys 20:37:14.0202 3740 Parport - ok 20:37:14.0215 3740 partmgr (ff4218952b51de44fe910953a3e686b9) C:\Windows\system32\drivers\partmgr.sys 20:37:14.0216 3740 partmgr - ok 20:37:14.0228 3740 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys 20:37:14.0229 3740 Parvdm - ok 20:37:14.0246 3740 pci (c858cb77c577780ecc456a892e7e7d0f) C:\Windows\system32\DRIVERS\pci.sys 20:37:14.0247 3740 pci - ok 20:37:14.0265 3740 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\DRIVERS\pciide.sys 20:37:14.0265 3740 pciide - ok 20:37:14.0301 3740 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys 20:37:14.0303 3740 pcmcia - ok 20:37:14.0319 3740 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys 20:37:14.0319 3740 pcw - ok 20:37:14.0354 3740 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys 20:37:14.0358 3740 PEAUTH - ok 20:37:14.0447 3740 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys 20:37:14.0448 3740 PptpMiniport - ok 20:37:14.0463 3740 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys 20:37:14.0463 3740 Processor - ok 20:37:14.0522 3740 prodrv06 (0dfd0df9ab7a227cedf97fadee60f793) C:\Windows\System32\drivers\prodrv06.sys 20:37:14.0524 3740 prodrv06 - ok 20:37:14.0598 3740 prohlp02 (f2e44d17ea6334b39f35cc42251b2aca) C:\Windows\system32\drivers\prohlp02.sys 20:37:14.0600 3740 prohlp02 - ok 20:37:14.0659 3740 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys 20:37:14.0661 3740 Psched - ok 20:37:14.0700 3740 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys 20:37:14.0710 3740 ql2300 - ok 20:37:14.0727 3740 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys 20:37:14.0728 3740 ql40xx - ok 20:37:14.0771 3740 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys 20:37:14.0773 3740 QWAVEdrv - ok 20:37:14.0794 3740 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys 20:37:14.0796 3740 RasAcd - ok 20:37:14.0863 3740 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys 20:37:14.0864 3740 RasAgileVpn - ok 20:37:14.0886 3740 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys 20:37:14.0887 3740 Rasl2tp - ok 20:37:14.0932 3740 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys 20:37:14.0933 3740 RasPppoe - ok 20:37:14.0945 3740 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys 20:37:14.0946 3740 RasSstp - ok 20:37:14.0961 3740 rdbss (835d7e81bf517a3b72384bdcc85e1ce6) C:\Windows\system32\DRIVERS\rdbss.sys 20:37:14.0963 3740 rdbss - ok 20:37:14.0977 3740 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys 20:37:14.0977 3740 rdpbus - ok 20:37:14.0996 3740 RDPCDD (1e016846895b15a99f9a176a05029075) C:\Windows\system32\DRIVERS\RDPCDD.sys 20:37:14.0996 3740 RDPCDD - ok 20:37:15.0016 3740 RDPDR (c5ff95883ffef704d50c40d21cfb3ab5) C:\Windows\system32\drivers\rdpdr.sys 20:37:15.0016 3740 RDPDR - ok 20:37:15.0036 3740 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys 20:37:15.0037 3740 RDPENCDD - ok 20:37:15.0061 3740 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys 20:37:15.0062 3740 RDPREFMP - ok 20:37:15.0108 3740 RDPWD (0399c725a9c95a6f1862b93f008ddf4a) C:\Windows\system32\drivers\RDPWD.sys 20:37:15.0111 3740 RDPWD - ok 20:37:15.0160 3740 rdyboost (4ea225bf1cf05e158853f30a99ca29a7) C:\Windows\system32\drivers\rdyboost.sys 20:37:15.0164 3740 rdyboost - ok 20:37:15.0244 3740 RsFx0102 (fedd2710b75be3ecf078adace790c423) C:\Windows\system32\DRIVERS\RsFx0102.sys 20:37:15.0246 3740 RsFx0102 - ok 20:37:15.0297 3740 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys 20:37:15.0298 3740 rspndr - ok 20:37:15.0354 3740 RTL8167 (7dfd48e24479b68b258d8770121155a0) C:\Windows\system32\DRIVERS\Rt86win7.sys 20:37:15.0357 3740 RTL8167 - ok 20:37:15.0385 3740 s3cap (5423d8437051e89dd34749f242c98648) C:\Windows\system32\DRIVERS\vms3cap.sys 20:37:15.0386 3740 s3cap - ok 20:37:15.0437 3740 SAVOnAccess (12b6307ace60820b5e4ce3519adbe1b2) C:\Windows\system32\DRIVERS\savonaccess.sys 20:37:15.0438 3740 SAVOnAccess - ok 20:37:15.0478 3740 sbp2port (34ee0c44b724e3e4ce2eff29126de5b5) C:\Windows\system32\DRIVERS\sbp2port.sys 20:37:15.0479 3740 sbp2port - ok 20:37:15.0499 3740 scfilter (a95c54b2ac3cc9c73fcdf9e51a1d6b51) C:\Windows\system32\DRIVERS\scfilter.sys 20:37:15.0500 3740 scfilter - ok 20:37:15.0585 3740 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 20:37:15.0587 3740 secdrv - ok 20:37:15.0640 3740 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys 20:37:15.0641 3740 Serenum - ok 20:37:15.0666 3740 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys 20:37:15.0667 3740 Serial - ok 20:37:15.0695 3740 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys 20:37:15.0695 3740 sermouse - ok 20:37:15.0743 3740 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\DRIVERS\sffdisk.sys 20:37:15.0744 3740 sffdisk - ok 20:37:15.0756 3740 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\DRIVERS\sffp_mmc.sys 20:37:15.0757 3740 sffp_mmc - ok 20:37:15.0778 3740 sffp_sd (4f1e5b0fe7c8050668dbfade8999aefb) C:\Windows\system32\DRIVERS\sffp_sd.sys 20:37:15.0778 3740 sffp_sd - ok 20:37:15.0840 3740 sfhlp01 (462aee0ea0481ea8bd45cac876a4ccc4) C:\Windows\system32\drivers\sfhlp01.sys 20:37:15.0842 3740 sfhlp01 - ok 20:37:15.0870 3740 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys 20:37:15.0871 3740 sfloppy - ok 20:37:15.0910 3740 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\DRIVERS\sisagp.sys 20:37:15.0911 3740 sisagp - ok 20:37:15.0979 3740 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys 20:37:15.0980 3740 SiSRaid2 - ok 20:37:15.0999 3740 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys 20:37:16.0000 3740 SiSRaid4 - ok 20:37:16.0048 3740 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys 20:37:16.0049 3740 Smb - ok 20:37:16.0168 3740 SophosBootDriver (f2b7bd04146b3e6a895a1919e1f5da89) C:\Windows\system32\DRIVERS\SophosBootDriver.sys 20:37:16.0170 3740 SophosBootDriver - ok 20:37:16.0197 3740 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys 20:37:16.0198 3740 spldr - ok 20:37:16.0281 3740 srv (c4a027b8c0bd3fc0699f41fa5e9e0c87) C:\Windows\system32\DRIVERS\srv.sys 20:37:16.0286 3740 srv - ok 20:37:16.0305 3740 srv2 (414bb592cad8a79649d01f9d94318fb3) C:\Windows\system32\DRIVERS\srv2.sys 20:37:16.0308 3740 srv2 - ok 20:37:16.0329 3740 srvnet (ff207d67700aa18242aaf985d3e7d8f4) C:\Windows\system32\DRIVERS\srvnet.sys 20:37:16.0330 3740 srvnet - ok 20:37:16.0451 3740 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys 20:37:16.0452 3740 stexstor - ok 20:37:16.0501 3740 storflt (957e346ca948668f2496a6ccf6ff82cc) C:\Windows\system32\DRIVERS\vmstorfl.sys 20:37:16.0502 3740 storflt - ok 20:37:16.0530 3740 storvsc (d5751969dc3e4b88bf482ac8ec9fe019) C:\Windows\system32\DRIVERS\storvsc.sys 20:37:16.0532 3740 storvsc - ok 20:37:16.0553 3740 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\DRIVERS\swenum.sys 20:37:16.0554 3740 swenum - ok 20:37:16.0624 3740 tap0901t (b7aee68d2e867cbf69b649b18fcedbbb) C:\Windows\system32\DRIVERS\tap0901t.sys 20:37:16.0625 3740 tap0901t - ok 20:37:16.0688 3740 Tcpip (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\drivers\tcpip.sys 20:37:16.0697 3740 Tcpip - ok 20:37:16.0755 3740 TCPIP6 (56c198ac82efa622dd93e9e43575f79c) C:\Windows\system32\DRIVERS\tcpip.sys 20:37:16.0764 3740 TCPIP6 - ok 20:37:16.0792 3740 tcpipreg (e64444523add154f86567c469bc0b17f) C:\Windows\system32\drivers\tcpipreg.sys 20:37:16.0792 3740 tcpipreg - ok 20:37:16.0807 3740 TDPIPE (1875c1490d99e70e449e3afae9fcbadf) C:\Windows\system32\drivers\tdpipe.sys 20:37:16.0807 3740 TDPIPE - ok 20:37:16.0844 3740 TDTCP (7156308896d34ea75a582f9a09e50c17) C:\Windows\system32\drivers\tdtcp.sys 20:37:16.0844 3740 TDTCP - ok 20:37:16.0855 3740 tdx (cb39e896a2a83702d1737bfd402b3542) C:\Windows\system32\DRIVERS\tdx.sys 20:37:16.0856 3740 tdx - ok 20:37:16.0904 3740 TermDD (c36f41ee20e6999dbf4b0425963268a5) C:\Windows\system32\DRIVERS\termdd.sys 20:37:16.0905 3740 TermDD - ok 20:37:16.0952 3740 tssecsrv (98ae6fa07d12cb4ec5cf4a9bfa5f4242) C:\Windows\system32\DRIVERS\tssecsrv.sys 20:37:16.0952 3740 tssecsrv - ok 20:37:16.0995 3740 tunnel (3e461d890a97f9d4c168f5fda36e1d00) C:\Windows\system32\DRIVERS\tunnel.sys 20:37:16.0998 3740 tunnel - ok 20:37:17.0040 3740 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys 20:37:17.0042 3740 uagp35 - ok 20:37:17.0074 3740 udfs (09cc3e16f8e5ee7168e01cf8fcbe061a) C:\Windows\system32\DRIVERS\udfs.sys 20:37:17.0078 3740 udfs - ok 20:37:17.0117 3740 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\DRIVERS\uliagpkx.sys 20:37:17.0118 3740 uliagpkx - ok 20:37:17.0175 3740 umbus (049b3a50b3d646baeeee9eec9b0668dc) C:\Windows\system32\DRIVERS\umbus.sys 20:37:17.0176 3740 umbus - ok 20:37:17.0196 3740 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys 20:37:17.0196 3740 UmPass - ok 20:37:17.0263 3740 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys 20:37:17.0265 3740 USBAAPL - ok 20:37:17.0315 3740 usbaudio (2436a42aab4ad48a9b714e5b0f344627) C:\Windows\system32\drivers\usbaudio.sys 20:37:17.0317 3740 usbaudio - ok 20:37:17.0359 3740 usbccgp (c31ae588e403042632dc796cf09e30b0) C:\Windows\system32\DRIVERS\usbccgp.sys 20:37:17.0360 3740 usbccgp - ok 20:37:17.0379 3740 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\DRIVERS\usbcir.sys 20:37:17.0381 3740 usbcir - ok 20:37:17.0414 3740 usbehci (e4c436d914768ce965d5e659ba7eebd8) C:\Windows\system32\DRIVERS\usbehci.sys 20:37:17.0415 3740 usbehci - ok 20:37:17.0465 3740 usbhub (bdcd7156ec37448f08633fd899823620) C:\Windows\system32\DRIVERS\usbhub.sys 20:37:17.0468 3740 usbhub - ok 20:37:17.0505 3740 usbohci (eb2d819a639015253c871cda09d91d58) C:\Windows\system32\DRIVERS\usbohci.sys 20:37:17.0506 3740 usbohci - ok 20:37:17.0531 3740 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys 20:37:17.0532 3740 usbprint - ok 20:37:17.0571 3740 USBSTOR (1c4287739a93594e57e2a9e6a3ed7353) C:\Windows\system32\drivers\USBSTOR.SYS 20:37:17.0572 3740 USBSTOR - ok 20:37:17.0613 3740 usbuhci (22480bf4e5a09192e5e30ba4dde79fa4) C:\Windows\system32\drivers\usbuhci.sys 20:37:17.0613 3740 usbuhci - ok 20:37:17.0659 3740 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\DRIVERS\vdrvroot.sys 20:37:17.0660 3740 vdrvroot - ok 20:37:17.0679 3740 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys 20:37:17.0680 3740 vga - ok 20:37:17.0714 3740 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys 20:37:17.0715 3740 VgaSave - ok 20:37:17.0739 3740 vhdmp (3be6e1f3a4f1afec8cee0d7883f93583) C:\Windows\system32\DRIVERS\vhdmp.sys 20:37:17.0741 3740 vhdmp - ok 20:37:17.0775 3740 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\DRIVERS\viaagp.sys 20:37:17.0775 3740 viaagp - ok 20:37:17.0792 3740 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys 20:37:17.0793 3740 ViaC7 - ok 20:37:17.0819 3740 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\DRIVERS\viaide.sys 20:37:17.0820 3740 viaide - ok 20:37:17.0841 3740 vmbus (379b349f65f453d2a6e75ea6b7448e49) C:\Windows\system32\DRIVERS\vmbus.sys 20:37:17.0843 3740 vmbus - ok 20:37:17.0852 3740 VMBusHID (ec2bbab4b84d0738c6c83d2234dc36fe) C:\Windows\system32\DRIVERS\VMBusHID.sys 20:37:17.0853 3740 VMBusHID - ok 20:37:17.0872 3740 volmgr (384e5a2aa49934295171e499f86ba6f3) C:\Windows\system32\DRIVERS\volmgr.sys 20:37:17.0873 3740 volmgr - ok 20:37:17.0907 3740 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys 20:37:17.0910 3740 volmgrx - ok 20:37:17.0929 3740 volsnap (58df9d2481a56edde167e51b334d44fd) C:\Windows\system32\DRIVERS\volsnap.sys 20:37:17.0930 3740 volsnap - ok 20:37:17.0966 3740 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys 20:37:17.0967 3740 vsmraid - ok 20:37:17.0984 3740 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys 20:37:17.0984 3740 vwifibus - ok 20:37:18.0078 3740 VX3000 (e26744e5dd71a16e80d4dd5a286b8423) C:\Windows\system32\DRIVERS\VX3000.sys 20:37:18.0101 3740 VX3000 - ok 20:37:18.0122 3740 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys 20:37:18.0123 3740 WacomPen - ok 20:37:18.0165 3740 WANARP (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 20:37:18.0168 3740 WANARP - ok 20:37:18.0176 3740 Wanarpv6 (692a712062146e96d28ba0b7d75de31b) C:\Windows\system32\DRIVERS\wanarp.sys 20:37:18.0178 3740 Wanarpv6 - ok 20:37:18.0242 3740 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys 20:37:18.0242 3740 Wd - ok 20:37:18.0268 3740 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys 20:37:18.0272 3740 Wdf01000 - ok 20:37:18.0332 3740 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys 20:37:18.0333 3740 WfpLwf - ok 20:37:18.0355 3740 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys 20:37:18.0356 3740 WIMMount - ok 20:37:18.0545 3740 WinUsb (30fc6e5448d0cbaaa95280eeef7fedae) C:\Windows\system32\DRIVERS\WinUsb.sys 20:37:18.0547 3740 WinUsb - ok 20:37:18.0599 3740 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\DRIVERS\wmiacpi.sys 20:37:18.0600 3740 WmiAcpi - ok 20:37:18.0634 3740 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys 20:37:18.0635 3740 ws2ifsl - ok 20:37:18.0662 3740 WudfPf (6f9b6c0c93232cff47d0f72d6db1d21e) C:\Windows\system32\drivers\WudfPf.sys 20:37:18.0663 3740 WudfPf - ok 20:37:18.0702 3740 WUDFRd (f91ff1e51fca30b3c3981db7d5924252) C:\Windows\system32\DRIVERS\WUDFRd.sys 20:37:18.0705 3740 WUDFRd - ok 20:37:18.0758 3740 XDva390 - ok 20:37:18.0866 3740 xusb21 (a640c90b007762939507c28a021be3b3) C:\Windows\system32\DRIVERS\xusb21.sys 20:37:18.0868 3740 xusb21 - ok 20:37:18.0923 3740 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 20:37:18.0974 3740 \Device\Harddisk0\DR0 - ok 20:37:18.0981 3740 Boot (0x1200) (bb343b6375fecbac72f262a7dc05f835) \Device\Harddisk0\DR0\Partition0 20:37:18.0985 3740 \Device\Harddisk0\DR0\Partition0 - ok 20:37:18.0986 3740 ============================================================ 20:37:18.0986 3740 Scan finished 20:37:18.0987 3740 ============================================================ 20:37:19.0043 4984 Detected object count: 0 20:37:19.0043 4984 Actual detected object count: 0 aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-03-19 20:34:39 ----------------------------- 20:34:39.286 OS Version: Windows 6.1.7600 20:34:39.286 Number of processors: 2 586 0x603 20:34:39.287 ComputerName: HARRY-PC UserName: Harry 20:35:00.146 Initialize success 20:35:09.256 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T1L0-4 20:35:09.258 Disk 0 Vendor: ST3500418AS CC38 Size: 476940MB BusType: 3 20:35:09.270 Disk 0 MBR read successfully 20:35:09.272 Disk 0 MBR scan 20:35:09.274 Disk 0 Windows 7 default MBR code 20:35:09.278 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 476838 MB offset 206848 20:35:09.281 Disk 0 scanning sectors +976771072 20:35:09.332 Disk 0 scanning C:\Windows\system32\drivers 20:35:15.307 Service scanning 20:35:30.461 Modules scanning 20:35:37.310 Scan finished successfully 20:36:09.082 Disk 0 MBR has been saved successfully to "C:\Users\Harry\Desktop\MBR.dat" 20:36:09.088 The log file has been saved successfully to "C:\Users\Harry\Desktop\aswMBR.txt"

ComboFix 12-03-17.01 - Harry 18/03/2012 21:57:34.1.2 - x86 Microsoft Windows 7 Enterprise 6.1.7600.0.1252.44.1033.18.3326.2073 [GMT 0:00] Running from: c:\users\Harry\Desktop\ComboFix.exe AV: Sophos Anti-Virus *Disabled/Outdated* {479CCF92-4960-B3E0-7373-BF453B467D2C} SP: Sophos Anti-Virus *Disabled/Outdated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791} SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\install.exe c:\program files\INSTALL.LOG c:\users\Harry\AppData\Local\cinduhka.log c:\users\Harry\AppData\Local\ektowquj.log c:\users\Harry\AppData\Local\eykgolrq.log c:\users\Harry\AppData\Local\ldkvgmeh.log c:\users\Harry\AppData\Local\pmnfujya.log c:\users\Harry\AppData\Local\rfhyhidd.log c:\users\Harry\AppData\Local\sbrkkemb\csmjdrin.exe c:\users\Harry\AppData\Local\vtwomrab.log c:\users\Harry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\csmjdrin.exe c:\users\Harry\Desktop\Setup.exe c:\users\Harry\Documents\~WRL1964.tmp c:\users\Harry\g2ax_customer_downloadhelper_win32_x86.exe c:\users\Harry\GoToAssistDownloadHelper.exe . c:\windows\system32\grpconv.exe was missing Restored copy from - c:\windows\winsxs\x86_microsoft-windows-grpconv_31bf3856ad364e35_6.1.7600.16385_none_a25e7b019f016e70\grpconv.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_MICORSOFT_WINDOWS_SERVICE . . ((((((((((((((((((((((((( Files Created from 2012-02-18 to 2012-03-18 ))))))))))))))))))))))))))))))) . . 2012-03-18 22:08 . 2012-03-18 22:08 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-03-18 22:08 . 2012-03-18 22:08 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-03-18 22:08 . 2009-07-14 01:14 16384 ----a-w- c:\windows\system32\grpconv.exe 2012-03-18 21:50 . 2012-03-18 22:12 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{453F116D-3EFC-49EC-88A5-40DBAECB730F}\offreg.dll 2012-03-18 21:18 . 2012-03-18 21:18 97616 ---ha-w- c:\windows\system32\zGCBlkl 2012-03-18 20:24 . 2012-03-18 20:24 -------- d-----w- c:\program files\ERUNT 2012-03-15 03:00 . 2011-11-19 14:25 3957616 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-15 03:00 . 2011-11-19 14:25 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-14 18:23 . 2012-03-14 18:23 -------- d-----w- c:\users\Harry\AppData\Roaming\SUPERAntiSpyware.com 2012-03-14 17:34 . 2012-03-14 17:34 -------- d-----w- c:\users\Harry\AppData\Roaming\Uniblue 2012-03-14 17:34 . 2012-03-14 17:34 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-03-14 17:34 . 2012-03-14 17:34 -------- d-----w- c:\program files\Uniblue 2012-03-14 17:34 . 2012-03-14 17:34 -------- d-----w- c:\users\Harry\AppData\Local\PackageAware 2012-03-14 15:10 . 2012-02-03 04:01 2341376 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 15:10 . 2012-02-10 05:41 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 15:10 . 2012-02-10 05:41 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-03-14 15:10 . 2012-02-10 05:41 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2012-03-14 15:10 . 2012-02-10 05:41 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-03-14 15:10 . 2012-02-10 05:41 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-03-14 15:10 . 2012-01-25 05:44 57856 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 15:10 . 2012-01-25 05:44 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 15:10 . 2012-01-25 05:40 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 15:10 . 2012-02-15 05:44 826368 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 15:10 . 2012-02-15 04:22 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 15:10 . 2012-02-15 04:22 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 15:04 . 2012-03-18 22:08 -------- d-----w- c:\users\Harry\AppData\Local\sbrkkemb 2012-03-13 23:32 . 2012-03-13 23:32 -------- d-----w- c:\windows\Sun 2012-03-11 17:01 . 2012-03-11 17:01 -------- d-----w- c:\program files\PFPortChecker 2012-03-11 16:02 . 2012-03-11 16:02 -------- d-----w- c:\programdata\Citrix 2012-03-10 20:28 . 2012-03-10 20:28 -------- d-----w- c:\program files\Common Files\Java 2012-03-09 21:47 . 2012-03-09 21:48 -------- d-----w- C:\.minecraft 2012-03-09 21:13 . 2012-03-14 22:07 -------- d-----w- c:\users\Harry\AppData\Roaming\.techniclauncher 2012-03-02 21:10 . 2012-03-02 21:20 -------- d-----w- c:\program files\GTactix 2012-03-02 20:34 . 2012-03-02 20:34 -------- d-----w- c:\program files\Advanced Tactical Center 2012-03-02 17:47 . 2012-03-03 00:20 -------- d-----w- c:\users\Harry\AppData\Roaming\Kayxoc 2012-03-02 17:47 . 2012-03-02 21:17 -------- d-----w- c:\users\Harry\AppData\Roaming\Lyyt 2012-02-29 12:22 . 2012-02-29 12:22 -------- d-----w- c:\program files\LogMeIn Hamachi 2012-02-26 22:15 . 2012-03-14 22:26 -------- d-----w- c:\users\Harry\AppData\Roaming\Skype 2012-02-26 22:15 . 2012-02-26 22:16 -------- d-----r- c:\program files\Skype 2012-02-26 22:15 . 2012-02-26 22:15 -------- d-----w- c:\program files\Common Files\Skype 2012-02-26 22:15 . 2012-02-26 22:15 -------- d-----w- c:\programdata\Skype 2012-02-23 16:46 . 2012-02-23 19:47 -------- d-----w- C:\Temp 2012-02-22 16:37 . 2012-02-22 16:37 -------- d-----w- c:\users\Harry\AppData\Local\Focus Home Interactive . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-11 17:30 . 2010-12-05 09:51 139176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-03-11 17:30 . 2010-12-05 13:34 282864 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-03-11 17:30 . 2010-12-05 09:51 282864 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-03-11 17:30 . 2010-12-05 09:51 280904 ----a-w- c:\windows\system32\PnkBstrB.ex0 2012-03-10 20:27 . 2010-12-27 21:06 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-25 23:12 . 2010-12-05 09:51 76888 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-02-25 23:10 . 2010-12-05 09:51 138056 ----a-w- c:\users\Harry\AppData\Roaming\PnkBstrK.sys 2012-02-25 16:34 . 2011-05-16 14:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-02-15 00:32 . 2012-02-15 00:32 76800 ----a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-02-15 00:32 . 2012-02-15 00:32 74752 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-02-15 00:32 . 2012-02-15 00:32 161792 ----a-w- c:\windows\system32\msls31.dll 2012-02-15 00:32 . 2012-02-15 00:32 1127424 ----a-w- c:\windows\system32\wininet.dll 2012-02-15 00:32 . 2012-02-15 00:32 110592 ----a-w- c:\windows\system32\IEAdvpack.dll 2012-02-15 00:32 . 2012-02-15 00:32 86528 ----a-w- c:\windows\system32\iesysprep.dll 2012-02-15 00:32 . 2012-02-15 00:32 48640 ----a-w- c:\windows\system32\mshtmler.dll 2012-02-15 00:32 . 2012-02-15 00:32 74752 ----a-w- c:\windows\system32\iesetup.dll 2012-02-15 00:32 . 2012-02-15 00:32 63488 ----a-w- c:\windows\system32\tdc.ocx 2012-02-15 00:32 . 2012-02-15 00:32 367104 ----a-w- c:\windows\system32\html.iec 2012-02-15 00:32 . 2012-02-15 00:32 23552 ----a-w- c:\windows\system32\licmgr10.dll 2012-02-15 00:32 . 2012-02-15 00:32 1427456 ----a-w- c:\windows\system32\inetcpl.cpl 2012-02-15 00:32 . 2012-02-15 00:32 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-02-15 00:32 . 2012-02-15 00:32 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-02-15 00:32 . 2012-02-15 00:32 152064 ----a-w- c:\windows\system32\wextract.exe 2012-02-15 00:32 . 2012-02-15 00:32 150528 ----a-w- c:\windows\system32\iexpress.exe 2012-02-15 00:32 . 2012-02-15 00:32 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-02-15 00:32 . 2012-02-15 00:32 11776 ----a-w- c:\windows\system32\mshta.exe 2012-02-15 00:32 . 2012-02-15 00:32 35840 ----a-w- c:\windows\system32\imgutil.dll 2012-02-15 00:32 . 2012-02-15 00:32 1798656 ----a-w- c:\windows\system32\jscript9.dll 2012-02-15 00:32 . 2012-02-15 00:32 101888 ----a-w- c:\windows\system32\admparse.dll 2012-01-04 09:03 . 2012-02-15 11:56 442880 ----a-w- c:\windows\system32\ntshrui.dll 2012-01-03 05:44 . 2012-02-15 11:56 478208 ----a-w- c:\windows\system32\timedate.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2011-01-03 10:16 175400 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] 2011-01-03 10:16 175400 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-03 175400] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-03 175400] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 08:55 87304 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\steam.exe" [2011-08-02 1242448] "Comrade.exe"="c:\program files\GameSpy\Comrade\Comrade.exe" [2011-03-17 1204640] "KPeerNexonEU"="c:\nexon\NEXON_EU_Downloader\nxEULauncher.exe" [2011-10-23 536576] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-02-15 17146504] "RegistryBooster"="c:\program files\Uniblue\RegistryBooster\launcher.exe" [2012-03-02 67968] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sophos AutoUpdate Monitor"="c:\program files\Sophos\AutoUpdate\almon.exe" [2010-06-14 439536] "VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736] "LifeCam"="c:\program files\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-12-13 421160] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672] "LogMeIn Hamachi Ui"="c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-02-28 1987976] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ GamersFirst LIVE!.lnk - c:\program files\GamersFirst\LIVE!\Live.exe [2011-6-2 2586736] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist Express Customer] 2012-01-08 17:29 608632 ----a-w- c:\program files\Citrix\GoToAssist Express Customer\363\g2ax_winlogon.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\progra~1\Sophos\SOPHOS~1\sophos_detoured.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer2"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus] "DisableMonitoring"=dword:00000001 . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2012-02-15 158856] R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [2011-02-28 183560] R3 gel90xne;gel90xne;c:\users\Harry\AppData\Local\Temp\gel90xne.sys [x] R3 GoToAssist Express Customer;GoToAssist Express Customer;c:\program files\Citrix\GoToAssist Express Customer\363\g2ax_service.exe Start=service [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-10-04 1343400] R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x] R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2008-07-11 47128] R4 RsFx0102;RsFx0102 Driver;c:\windows\system32\DRIVERS\RsFx0102.sys [2008-07-10 242712] R4 SophosBootDriver;SophosBootDriver;c:\windows\system32\DRIVERS\SophosBootDriver.sys [2010-03-02 22536] R4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2008-07-11 369688] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040] S1 SAVOnAccess;SAVOnAccess;c:\windows\system32\DRIVERS\savonaccess.sys [2010-03-02 121848] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 1373576] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-09-22 2253120] S2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [2010-08-16 163056] S2 SAVService;Sophos Anti-Virus;c:\program files\Sophos\Sophos Anti-Virus\SavService.exe [2010-06-14 97520] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-09-22 381248] S2 swi_service;Sophos Web Intelligence Service;c:\program files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [2010-09-10 1541360] S2 TeamViewer7;TeamViewer 7;c:\program files\TeamViewer\Version7\TeamViewer_Service.exe [2012-02-23 2886528] S2 TunngleService;TunngleService;c:\program files\Tunngle\TnglCtrl.exe [2011-08-09 741224] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 27136] . . Contents of the 'Scheduled Tasks' folder . 2012-03-18 c:\windows\Tasks\RegistryBooster.job - c:\program files\Uniblue\RegistryBooster\rbmonitor.exe [2012-03-14 15:22] . . ------- Supplementary Scan ------- . uStart Page = hxxp://uk.ask.com/?l=dis&o=15179 uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\progra~1\MIF5BA~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\MIF5BA~1\Office14\ONBttnIE.dll/105 FF - ProfilePath - c:\users\Harry\AppData\Roaming\Mozilla\Firefox\Profiles\m2z3qakm.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://uk.ask.com/?l=dis&o=15179 FF - prefs.js: network.proxy.type - 0 FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} FF - Ext: Greek Spelling dictionary: el-GR@dictionaries.addons.mozilla.org - %profile%\extensions\el-GR@dictionaries.addons.mozilla.org FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) HKCU-Run-CsmJdrin - c:\users\Harry\AppData\Local\sbrkkemb\csmjdrin.exe HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL AddRemove-BattlEye - c:\program files\Bohemia Interactive\ArmA 2BattlEye\UnInstallBE.exe AddRemove-BattlEye A2 Free - c:\program files\Bohemia Interactive\ArmA 2 FreeBattlEye\UnInstallBE.exe AddRemove-Homeworld2 Demo - c:\program files\Sierra\Homeworld2 Demo\uninstall.exe AddRemove-Oblivion mod manager_is1 - c:\program files\Bethesda Softworks\Oblivion\obmm\uninstall\unins000.exe AddRemove-{3E4097DA-F6B7-4B3A-86B8-8F64D87650A7}_is1 - c:\program files\Mount&Blade Warband\Modules\mm prussia5\unins000.exe AddRemove-{74271BBB-B5A8-4FA3-B324-6E41B5249DBD}_is1 - c:\program files\Mount&Blade Warband\Modules\mm russia2\unins000.exe AddRemove-{90E2862C-5B70-418E-B98C-4AA412485D2E}_is1 - c:\program files\Mount&Blade Warband\Modules\Brytenwalda 1.31\unins000.exe AddRemove-{C8F3F9A3-5FD9-463A-939D-946C87B26A75}_is1 - c:\program files\Deep Silver\S.T.A.L.K.E.R. - Clear Sky\gamedata\unins000.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-3804439859-2242649139-759338674-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-3804439859-2242649139-759338674-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_USERS\S-1-5-21-3804439859-2242649139-759338674-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] "??"=hex:7a,89,aa,ef,a5,b8,43,2a,70,72,f5,22,06,ff,a1,e3,37,5e,e1,b8,29,29,f0, e2,ff,a9,38,a5,69,ba,c8,bd,61,4d,14,31,81,bb,ca,55,45,03,b5,ca,2a,4c,6c,4a,\ "??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d . [HKEY_USERS\S-1-5-21-3804439859-2242649139-759338674-1001\Software\SecuROM\License information*] @Allowed: (Read) (RestrictedCode) "datasecu"=hex:fe,e0,eb,17,00,6d,36,7f,6f,94,36,52,9b,00,e7,5d,13,55,e5,d9,8e, 73,b6,76,e0,b2,23,8f,46,0d,35,20,0a,4b,98,21,0d,e5,7d,a8,6e,3b,42,70,84,08,\ "rkeysecu"=hex:89,b0,3c,45,0f,2f,c7,ca,4a,5e,db,ea,16,b7,db,0c . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'Explorer.exe'(4048) c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll c:\program files\TortoiseSVN\bin\TortoiseStub.dll c:\program files\TortoiseSVN\bin\TortoiseSVN.dll c:\program files\TortoiseSVN\bin\intl3_tsvn.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\taskhost.exe c:\program files\Microsoft LifeCam\MSCamS32.exe c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe c:\windows\system32\PnkBstrA.exe c:\program files\Microsoft\BingBar\SeaPort.EXE c:\program files\Sophos\AutoUpdate\ALsvc.exe c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\taskhost.exe c:\windows\system32\conhost.exe c:\program files\NVIDIA Corporation\Display\nvtray.exe c:\windows\system32\sppsvc.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\TortoiseSVN\bin\TSVNCache.exe . ************************************************************************** . Completion time: 2012-03-18 22:16:59 - machine was rebooted ComboFix-quarantined-files.txt 2012-03-18 22:16 . Pre-Run: 98,200,932,352 bytes free Post-Run: 109,635,678,208 bytes free . - - End Of File - - 71DB91672C06A735EEC5604095CA175A

I only have Sophos Anti-Virus installed now.

Results of screen317's Security Check version 0.99.31 Windows 7 x86 (UAC is enabled) Internet Explorer 9 `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! AVG 2012 Sophos Anti-Virus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: TuneUp Companion 1.9.0 Java 6 Update 31 Adobe Flash Player 11.1.102.62 Adobe Reader 9 Adobe Reader out of date! Mozilla Firefox (3.6.10) Firefox out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent AVG avgwdsvc.exe AVG avgtray.exe AVG avgnsx.exe Sophos Sophos Anti-Virus SavService.exe Sophos Sophos Anti-Virus SAVAdminService.exe Sophos Sophos Anti-Virus Web Intelligence swi_service.exe ``````````End of Log````````````

RogueKiller V7.3.1 [03/10/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows 7 (6.1.7600 ) 32 bits version Started in : Normal mode User: Harry [Admin rights] Mode: Scan -- Date: 03/18/2012 20:42:27 ¤¤¤ Bad processes: 2 ¤¤¤ [sUSP PATH] csmjdrin.exe -- C:\Users\Harry\AppData\Local\sbrkkemb\csmjdrin.exe -> KILLED [TermProc] [sVCHOST] svchost.exe -- C:\Windows\system32\svchost.exe -> KILLED [TermProc] ¤¤¤ Registry Entries: 7 ¤¤¤ [sUSP PATH] HKCU\[...]\Run : Spyware Doctor with AntiVirus (C:\Users\Harry\Desktop\sdasetup_revwire207.exe -min) -> FOUND [sUSP PATH] HKCU\[...]\Run : CsmJdrin (C:\Users\Harry\AppData\Local\sbrkkemb\csmjdrin.exe) -> FOUND [sUSP PATH] HKUS\S-1-5-21-3804439859-2242649139-759338674-1001[...]\Run : Spyware Doctor with AntiVirus (C:\Users\Harry\Desktop\sdasetup_revwire207.exe -min) -> FOUND [sUSP PATH] HKUS\S-1-5-21-3804439859-2242649139-759338674-1001[...]\Run : CsmJdrin (C:\Users\Harry\AppData\Local\sbrkkemb\csmjdrin.exe) -> FOUND [HJ] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: ST3500418AS ATA Device +++++ --- User --- [MBR] 9ee31b4cddafdc7431b7ca820187bee2 [bSP] c36a85400f80193ca468591fe724b767 : Windows 7 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1].txt >> RKreport[1].txt

the Windows Command Processor keeps pooping up on my desktop and will not go away. Unfortunately my sister opened this without knowing don't know if this changes anything. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31 Run by Harry at 19:35:09 on 2012-03-18 Microsoft Windows 7 Enterprise 6.1.7600.0.1252.44.1033.18.3326.2010 [GMT 0:00] . AV: Sophos Anti-Virus *Enabled/Outdated* {479CCF92-4960-B3E0-7373-BF453B467D2C} AV: AVG Internet Security 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Internet Security 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Sophos Anti-Virus *Enabled/Outdated* {FCFD2E76-6F5A-BC6E-49C3-843740C13791} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: AVG Firewall *Disabled* {621CC794-9486-F902-D092-0484E8EA828B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\AVG\AVG2012\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\Dwm.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\Windows\Explorer.EXE C:\Program Files\Microsoft LifeCam\MSCamS32.exe C:\Windows\system32\taskeng.exe c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe C:\Windows\system32\PnkBstrA.exe C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe C:\Program Files\Microsoft\BingBar\SeaPort.EXE C:\Program Files\Sophos\AutoUpdate\ALsvc.exe C:\Windows\vVX3000.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\AVG\AVG2012\avgtray.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe C:\Program Files\Steam\Steam.exe C:\Program Files\TortoiseSVN\bin\TSVNCache.exe C:\Users\Harry\AppData\Local\sbrkkemb\csmjdrin.exe C:\Windows\system32\svchost.exe C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe C:\Program Files\Tunngle\TnglCtrl.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\taskhost.exe C:\Program Files\Common Files\Steam\SteamService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\consent.exe C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Windows\system32\taskmgr.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\explorer.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://uk.ask.com/?l=dis&o=15179 uInternet Settings,ProxyOverride = *.local uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll BHO: Sophos Web Content Scanner: {39ea7695-b3f2-4c44-a4bc-297ada8fd235} - c:\program files\sophos\sophos anti-virus\SophosBHO.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - c:\program files\windows live\companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\mif5ba~1\office14\URLREDIR.DLL BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll" BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\prxtbVuze.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll" TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\10.2.0.3\AVG Secure Search_toolbar.dll {e7df6bff-55a5-4eb7-a673-4ed3e9456d39} TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [steam] "c:\program files\steam\steam.exe" -silent uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background uRun: [Comrade.exe] c:\program files\gamespy\comrade\Comrade.exe uRun: [KPeerNexonEU] c:\nexon\nexon_eu_downloader\nxEULauncher.exe uRun: [spyware Doctor with AntiVirus] c:\users\harry\desktop\sdasetup_revwire207.exe -min uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [CsmJdrin] c:\users\harry\appdata\local\sbrkkemb\csmjdrin.exe uRun: [RegistryBooster] "c:\program files\uniblue\registrybooster\launcher.exe" delay 20000 uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe mRun: [sophos AutoUpdate Monitor] c:\program files\sophos\autoupdate\almon.exe mRun: [VX3000] c:\windows\vVX3000.exe mRun: [LifeCam] "c:\program files\microsoft lifecam\LifeExp.exe" mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe" mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [ROC_roc_dec12] "c:\program files\avg secure search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" StartupFolder: c:\users\harry\appdata\roaming\microsoft\windows\start menu\programs\startup\csmjdrin.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\gamers~1.lnk - c:\program files\gamersfirst\live!\Live.exe mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\mif5ba~1\office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~1\mif5ba~1\office14\ONBttnIE.dll/105 IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.254 TCP: Interfaces\{BEE347AC-1584-4D8E-A3EC-BFB84FA4AD6D} : DhcpNameServer = 192.168.1.254 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\10.2.0\ViProtocol.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL Notify: GoToAssist Express Customer - c:\program files\citrix\gotoassist express customer\363\g2ax_winlogon.dll AppInit_DLLs: c:\progra~1\sophos\sophos~1\SOPHOS~1.DLL SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\users\harry\appdata\roaming\mozilla\firefox\profiles\m2z3qakm.default\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxp://uk.ask.com/?l=dis&o=15179 FF - prefs.js: network.proxy.type - 0 FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff10.dll FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff4.dll FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff5.dll FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff6.dll FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff7.dll FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff8.dll FF - component: c:\program files\avg\avg2012\firefox4\components\avgssff9.dll FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll FF - component: c:\users\harry\appdata\roaming\mozilla\firefox\profiles\m2z3qakm.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\FFExternalAlert.dll FF - component: c:\users\harry\appdata\roaming\mozilla\firefox\profiles\m2z3qakm.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll FF - plugin: c:\progra~1\mif5ba~1\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL FF - plugin: c:\program files\battlelog web plugins\1.104.0\npesnlaunch.dll FF - plugin: c:\program files\battlelog web plugins\1.110.0\npesnlaunch.dll FF - plugin: c:\program files\battlelog web plugins\sonar\0.70.4\npesnsonar.dll FF - plugin: c:\program files\bf3 alpha trial web plugins\npesnlaunch.dll FF - plugin: c:\program files\bf3 alpha trial web plugins\sonar\npesnsonar.dll FF - plugin: c:\program files\gamespy\comrade\npcomrade.dll FF - plugin: c:\program files\java\jre6\bin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\npjpi160_31.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\harry\appdata\locallow\unity\webplayer\loader\npUnity3D32.dll FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} FF - Ext: Greek Spelling dictionary: el-GR@dictionaries.addons.mozilla.org - %profile%\extensions\el-GR@dictionaries.addons.mozilla.org FF - Ext: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - %profile%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} FF - Ext: AVG Safe Search: {1E73965B-8B48-48be-9C8D-68B920ABC1C4} - c:\program files\avg\avg2012\Firefox4 . ---- FIREFOX POLICIES ---- FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-7-11 23120] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 32592] R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2011-5-23 47968] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-10-7 230608] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 40016] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 295248] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R1 SAVOnAccess;SAVOnAccess;c:\windows\system32\drivers\savonaccess.sys [2010-10-3 121848] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608] R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2011-8-2 192776] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2012-2-28 1373576] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-7-31 2253120] R2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\sophos\sophos anti-virus\SAVAdminService.exe [2010-8-16 163056] R2 SAVService;Sophos Anti-Virus;c:\program files\sophos\sophos anti-virus\SavService.exe [2010-6-14 97520] R2 Sophos AutoUpdate Service;Sophos AutoUpdate Service;c:\program files\sophos\autoupdate\ALsvc.exe [2010-6-14 222448] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-9-22 381248] R2 swi_service;Sophos Web Intelligence Service;c:\program files\sophos\sophos anti-virus\web intelligence\swi_service.exe [2010-9-10 1541360] R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-3-9 2886528] R2 TunngleService;TunngleService;c:\program files\tunngle\TnglCtrl.exe [2011-8-19 741224] R2 vToolbarUpdater10.2.0;vToolbarUpdater10.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\10.2.0\ToolbarUpdater.exe [2012-3-7 918880] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-7-11 134736] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-7-11 24272] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-10-4 16720] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776] R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\drivers\tap0901t.sys [2011-8-19 27136] S2 avgfws;AVG Firewall;c:\program files\avg\avg2012\avgfws.exe [2011-11-23 2391832] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\AVGIDSAgent.exe [2011-10-12 4433248] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-2-15 158856] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888] S3 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-2-28 183560] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-10-3 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-22 1493352] S3 gel90xne;gel90xne;c:\users\harry\appdata\local\temp\gel90xne.sys [2011-6-26 29696] S3 GoToAssist Express Customer;GoToAssist Express Customer;c:\program files\citrix\gotoassist express customer\363\g2ax_service.exe [2012-1-8 609144] S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-10-4 1343400] S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2008-7-11 47128] S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [2008-7-10 242712] S4 SophosBootDriver;SophosBootDriver;c:\windows\system32\drivers\SophosBootDriver.sys [2010-10-3 22536] S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2008-7-11 369688] S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040] . =============== Created Last 30 ================ . 2012-03-18 10:49:12 -------- d-----w- c:\users\harry\appdata\local\{FA9FE39B-C0B3-4C9F-82D1-668FAEFD191C} 2012-03-18 10:48:47 -------- d-----w- c:\users\harry\appdata\local\{6DD7B3BB-5433-4C21-8FE0-85C96ADA6E1D} 2012-03-17 20:16:16 -------- d-----w- c:\users\harry\appdata\local\{84F5980A-C89F-4F83-8138-6CAEDD59B62A} 2012-03-17 20:16:02 -------- d-----w- c:\users\harry\appdata\local\{DCB1BD86-1125-43C8-90AF-18B8D41A19D7} 2012-03-17 20:01:13 -------- d-----w- c:\users\harry\appdata\local\{6DA60324-4714-4F97-9331-9472A013BC31} 2012-03-17 20:00:51 -------- d-----w- c:\users\harry\appdata\local\{76706F5E-7076-491D-8A4F-352BB312F23F} 2012-03-17 12:32:45 -------- d-----w- c:\users\harry\appdata\local\{BBD23AEB-DE3B-4131-BD42-E82AB3F6C9F2} 2012-03-17 12:32:24 -------- d-----w- c:\users\harry\appdata\local\{00C3A765-67D8-4B43-BDE2-CBD5D06C2C66} 2012-03-16 15:43:18 -------- d-----w- c:\users\harry\appdata\local\{D0AEEF20-E0CC-4C18-B4C5-7E6CE090387E} 2012-03-16 15:42:47 -------- d-----w- c:\users\harry\appdata\local\{3E07A1D6-E484-4BFF-ABA6-CED37E9366B4} 2012-03-15 13:39:23 -------- d-----w- c:\users\harry\appdata\local\{D21C57E4-A199-45D6-8251-FC03924A6C0B} 2012-03-15 13:38:54 -------- d-----w- c:\users\harry\appdata\local\{DB5B920D-A2F4-4013-BE27-48A167D93636} 2012-03-15 03:00:36 3957616 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-03-15 03:00:35 3902320 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-03-14 21:56:19 -------- d-----w- c:\users\harry\appdata\local\{DA8C3E98-868D-4404-A3B4-FFA195A2A768} 2012-03-14 21:56:03 -------- d-----w- c:\users\harry\appdata\local\{C64E3434-A136-449E-9F1C-C28CFB82CF30} 2012-03-14 18:23:21 -------- d-----w- c:\users\harry\appdata\roaming\SUPERAntiSpyware.com 2012-03-14 18:23:01 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-03-14 18:23:01 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-03-14 17:34:37 -------- d-----w- c:\users\harry\appdata\roaming\Uniblue 2012-03-14 17:34:35 -------- dc-h--w- c:\programdata\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} 2012-03-14 17:34:35 -------- d-----w- c:\program files\Uniblue 2012-03-14 17:34:28 -------- d-----w- c:\users\harry\appdata\local\PackageAware 2012-03-14 17:21:36 -------- d-----w- c:\users\harry\appdata\local\{E954D52D-EF64-4488-864F-8798F0A85F09} 2012-03-14 17:21:20 -------- d-----w- c:\users\harry\appdata\local\{C6AAC1F7-7B5A-4467-AF50-5FDFFC514BF7} 2012-03-14 15:10:46 2341376 ----a-w- c:\windows\system32\win32k.sys 2012-03-14 15:10:44 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-03-14 15:10:44 218624 ----a-w- c:\windows\system32\d3d10_1core.dll 2012-03-14 15:10:44 161792 ----a-w- c:\windows\system32\d3d10_1.dll 2012-03-14 15:10:44 1170944 ----a-w- c:\windows\system32\d3d10warp.dll 2012-03-14 15:10:44 1074176 ----a-w- c:\windows\system32\DWrite.dll 2012-03-14 15:10:36 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-03-14 15:10:36 57856 ----a-w- c:\windows\system32\rdpwsx.dll 2012-03-14 15:10:36 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-03-14 15:10:29 826368 ----a-w- c:\windows\system32\rdpcore.dll 2012-03-14 15:10:29 24064 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-03-14 15:10:29 177152 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-03-14 15:05:28 -------- d-----w- c:\users\harry\appdata\local\{A3F810A1-E0D7-4F75-A225-568D05B4FF43} 2012-03-14 15:05:11 -------- d-----w- c:\users\harry\appdata\local\{3848E79A-C860-4817-9523-DEA83270C75B} 2012-03-14 15:04:43 -------- d-----w- c:\users\harry\appdata\local\sbrkkemb 2012-03-14 14:54:52 -------- d-----w- c:\users\harry\appdata\local\{E8DF708D-BC34-4CA6-8757-A4F1DB770B4A} 2012-03-14 14:54:37 -------- d-----w- c:\users\harry\appdata\local\{0E5F3CB6-CE40-44C3-A197-C5161C8118BB} 2012-03-14 14:09:33 -------- d-----w- c:\users\harry\appdata\local\{AD1F02F4-BEFD-4496-9913-6FD3D2EA96B2} 2012-03-14 14:09:20 -------- d-----w- c:\users\harry\appdata\local\{75F5DB4E-C44C-4108-BB44-D94F4DD4515F} 2012-03-14 13:03:18 -------- d-----w- c:\users\harry\appdata\local\{F33D162B-DA2A-4E08-926C-4CE6873D0441} 2012-03-14 13:03:01 -------- d-----w- c:\users\harry\appdata\local\{08E3F4F0-5460-4C6E-B6BB-E19CEC33E34F} 2012-03-14 12:27:01 -------- d-----w- c:\users\harry\appdata\local\{88071307-DBE9-44CC-8766-7565821440CB} 2012-03-14 12:26:43 -------- d-----w- c:\users\harry\appdata\local\{DE4CD46E-0911-45BC-9A59-E6540BF99B15} 2012-03-13 23:31:24 -------- d-----w- c:\users\harry\appdata\local\{93987229-A5EA-4710-BEE3-70330CC58092} 2012-03-13 15:44:49 -------- d-----w- c:\users\harry\appdata\local\{BEC62BA9-6C72-4482-8C83-A9E248DBCBCE} 2012-03-13 15:44:24 -------- d-----w- c:\users\harry\appdata\local\{4C1194DE-1AEB-4965-A13B-150429F25DFD} 2012-03-12 15:33:46 -------- d-----w- c:\users\harry\appdata\local\{D0DA8468-C813-42C5-8005-FE6C983F6234} 2012-03-12 15:33:34 -------- d-----w- c:\users\harry\appdata\local\{BAB833FF-2209-4126-B080-4B95E8A97C15} 2012-03-11 17:01:59 -------- d-----w- c:\program files\PFPortChecker 2012-03-11 16:02:00 -------- d-----w- c:\programdata\Citrix 2012-03-11 16:01:32 103784 ----a-w- c:\users\harry\GoToAssistDownloadHelper.exe 2012-03-11 14:59:06 -------- d-----w- c:\users\harry\appdata\local\{14F87595-F8C8-4C1C-B01A-43425A4F38FC} 2012-03-11 11:29:17 -------- d-----w- c:\users\harry\appdata\local\{2B0B01A3-F149-4800-9AAA-F1964F871716} 2012-03-11 11:29:06 -------- d-----w- c:\users\harry\appdata\local\{926DA058-47B1-43F2-B245-308DF7A704D0} 2012-03-10 17:19:11 -------- d-----w- c:\users\harry\appdata\local\{1899EE0C-859B-4FFF-9E0A-FB67E9B31231} 2012-03-10 17:18:46 -------- d-----w- c:\users\harry\appdata\local\{DAC7695F-E786-4EEE-B328-9D65D279764B} 2012-03-10 11:58:06 -------- d-----w- c:\users\harry\appdata\local\{30B4454A-66A5-435C-B369-05EE167D9ACA} 2012-03-10 11:57:54 -------- d-----w- c:\users\harry\appdata\local\{2A1677C6-84FC-4564-AFEC-3542E8827444} 2012-03-09 21:47:50 -------- d-----w- C:\.minecraft 2012-03-09 21:13:16 -------- d-----w- c:\users\harry\appdata\roaming\.techniclauncher 2012-03-09 15:43:38 -------- d-----w- c:\users\harry\appdata\local\{E626250C-8896-42C7-98A5-E3E2A7814045} 2012-03-09 15:43:26 -------- d-----w- c:\users\harry\appdata\local\{ABBC5C2D-8E83-4E0F-B943-FE685CF34078} 2012-03-08 11:50:46 -------- d-----w- c:\users\harry\appdata\local\{868EB58D-ADDC-4A6F-B72D-51C0E25E27EC} 2012-03-08 11:50:33 -------- d-----w- c:\users\harry\appdata\local\{315C9233-34E8-4ABF-B423-8FF45542DCE4} 2012-03-07 15:51:41 -------- d-----w- c:\users\harry\appdata\local\{10B90341-4227-4541-921B-2F113D5BF5D7} 2012-03-07 15:51:27 -------- d-----w- c:\users\harry\appdata\local\{B8DFC8D4-95AE-4721-915F-91448C52DFA1} 2012-03-07 12:21:28 -------- d-----w- c:\users\harry\appdata\local\{51C17B0D-C6FF-442E-A2A1-0D4FA89CCE60} 2012-03-07 12:21:17 -------- d-----w- c:\users\harry\appdata\local\{ABDDB113-1B11-41C3-A7AF-7908D0CC21C5} 2012-03-06 17:25:06 -------- d-----w- c:\users\harry\appdata\local\{585DD089-9178-48CE-9FC3-C94725F568D0} 2012-03-06 17:24:53 -------- d-----w- c:\users\harry\appdata\local\{5201ABD5-5AE0-462C-9D80-AB0CA21C9CC3} 2012-03-05 15:45:04 -------- d-----w- c:\users\harry\appdata\local\{BE3319CC-DA95-44F2-A5A9-01F96505DF6F} 2012-03-05 15:44:52 -------- d-----w- c:\users\harry\appdata\local\{A084736C-4375-4583-8586-9F45B526A65F} 2012-03-04 12:34:00 -------- d-----w- c:\users\harry\appdata\local\{559870AD-9128-448B-900E-D9E09CB34150} 2012-03-04 12:33:49 -------- d-----w- c:\users\harry\appdata\local\{12C2C649-2D23-47A7-9CE3-84A692BCDBA3} 2012-03-03 17:13:42 -------- d-----w- c:\users\harry\appdata\local\{BE8D4749-6177-4C20-AF54-5342E9118694} 2012-03-03 17:13:30 -------- d-----w- c:\users\harry\appdata\local\{9119F8A8-968A-4E90-B930-7D9634348209} 2012-03-03 12:45:36 -------- d-----w- c:\users\harry\appdata\local\{E641B2FB-DAEF-4EEC-B8E4-544E3E1E98BF} 2012-03-03 12:45:21 -------- d-----w- c:\users\harry\appdata\local\{54AFCCD2-E613-46B8-A8F8-0D34846F5561} 2012-03-02 21:10:01 -------- d-----w- c:\program files\GTactix 2012-03-02 20:34:20 -------- d-----w- c:\program files\Advanced Tactical Center 2012-03-02 17:47:55 -------- d-----w- c:\users\harry\appdata\roaming\Lyyt 2012-03-02 17:47:55 -------- d-----w- c:\users\harry\appdata\roaming\Kayxoc 2012-03-02 15:58:03 -------- d-----w- c:\users\harry\appdata\local\{E4A52EE6-26C6-4E39-9456-3E328103B3D5} 2012-03-02 15:57:35 -------- d-----w- c:\users\harry\appdata\local\{AE63A95F-DFAB-4ADD-AE37-E57885E8CD73} 2012-03-01 13:44:25 -------- d-----w- c:\users\harry\appdata\local\{4BAEDAB1-8A14-40DD-A28B-8C8B7483519F} 2012-02-29 12:22:36 -------- d-----w- c:\users\harry\appdata\local\{8AF82BFF-826E-4E50-9915-ADDB9A2455D6} 2012-02-29 12:22:14 -------- d-----w- c:\program files\LogMeIn Hamachi 2012-02-29 12:22:08 -------- d-----w- c:\users\harry\appdata\local\{4C49B392-DCD6-4ED1-8D28-0FC29477C6A7} 2012-02-28 15:41:01 -------- d-----w- c:\users\harry\appdata\local\{36BCEEE9-9FC5-4959-BB9B-C836FD4E73D5} 2012-02-28 15:40:44 -------- d-----w- c:\users\harry\appdata\local\{4FD2730C-017D-4CA7-801C-47F31039CD4B} 2012-02-27 16:22:13 -------- d-----w- c:\users\harry\appdata\local\{F118E16E-9163-4C1F-8FF0-8047D35E1A0F} 2012-02-27 16:21:59 -------- d-----w- c:\users\harry\appdata\local\{F1822AB0-50C9-4388-8D05-430AA01D245E} 2012-02-26 22:15:30 -------- d-----r- c:\program files\Skype 2012-02-26 10:23:13 -------- d-----w- c:\users\harry\appdata\local\{8E213D86-4FEF-4CD5-AC58-58D19CC29846} 2012-02-26 10:22:49 -------- d-----w- c:\users\harry\appdata\local\{EAEDADF0-B0F7-4ED4-A103-D9DD1E8AC8C7} 2012-02-25 16:29:48 -------- d-----w- c:\users\harry\appdata\local\{0FEA2853-A9AD-41E2-8EEF-50FFA923D6A3} 2012-02-25 16:29:34 -------- d-----w- c:\users\harry\appdata\local\{CDBD78FA-A866-4CF5-87D5-A574BF6413A1} 2012-02-24 14:32:24 -------- d-----w- c:\users\harry\appdata\local\{7F89F8AD-E321-4517-9EF1-0555C88845F2} 2012-02-24 14:32:10 -------- d-----w- c:\users\harry\appdata\local\{669E2E9E-6286-4D34-8520-D09A37683A37} 2012-02-23 16:46:36 -------- d-----w- C:\Temp 2012-02-23 13:45:57 -------- d-----w- c:\users\harry\appdata\local\{6FCC6789-6830-49CB-BAE9-C59185055876} 2012-02-22 16:37:20 -------- d-----w- c:\users\harry\appdata\local\Focus Home Interactive 2012-02-22 15:44:18 -------- d-----w- c:\users\harry\appdata\local\{BD076E15-1F96-4CA7-AA76-37CFFDA9A016} 2012-02-22 15:44:02 -------- d-----w- c:\users\harry\appdata\local\{2F888606-6EE7-4002-80B8-F6D12F262DB2} 2012-02-21 16:41:24 -------- d-----w- c:\users\harry\appdata\local\{CE4B6A5F-3BB3-45D2-8322-634A15A69FE8} 2012-02-21 16:41:08 -------- d-----w- c:\users\harry\appdata\local\{0AED428F-6737-4698-ACEC-3795B89D187B} 2012-02-20 15:39:12 -------- d-----w- c:\users\harry\appdata\local\{500AAD5C-7340-4D7A-A485-78EB16F082AA} 2012-02-20 15:38:57 -------- d-----w- c:\users\harry\appdata\local\{DD323128-A243-43F8-8F19-80EEF18C8088} 2012-02-19 12:50:40 -------- d-----w- c:\users\harry\appdata\local\{0661718F-E35F-4B55-A8F1-2A57E9C09AE8} 2012-02-19 12:50:28 -------- d-----w- c:\users\harry\appdata\local\{FBEFE742-6D32-4473-B7DC-0617AF5354D3} 2012-02-18 17:18:59 -------- d-----w- c:\users\harry\appdata\local\{3DF61EB1-FFB6-48F1-8FC7-760E106D889D} 2012-02-18 17:18:45 -------- d-----w- c:\users\harry\appdata\local\{F76FC911-2253-4B05-8E85-2A31F3F32925} . ==================== Find3M ==================== . 2012-03-11 17:30:28 139176 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-03-11 17:30:19 282864 ----a-w- c:\windows\system32\PnkBstrB.xtr 2012-03-11 17:30:19 282864 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-03-11 17:30:07 280904 ----a-w- c:\windows\system32\PnkBstrB.ex0 2012-03-10 20:27:45 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-25 23:12:01 76888 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-02-25 23:10:03 138056 ----a-w- c:\users\harry\appdata\roaming\PnkBstrK.sys 2012-02-25 16:34:19 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-08 17:28:47 110456 ----a-w- c:\users\harry\g2ax_customer_downloadhelper_win32_x86.exe 2012-01-04 09:03:07 442880 ----a-w- c:\windows\system32\ntshrui.dll 2012-01-03 05:44:24 478208 ----a-w- c:\windows\system32\timedate.cpl . ============= FINISH: 19:36:02.58 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Enterprise Boot Device: \Device\HarddiskVolume1 Install Date: 03/10/2010 16:49:57 System Uptime: 18/03/2012 10:47:32 (9 hours ago) . Motherboard: ASUSTeK Computer INC. | | M4A78LT-M Processor: AMD Athlon II X2 250 Processor | AM3 | 3000/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 466 GiB total, 90.649 GiB free. D: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . Class GUID: {36fc9e60-c465-11cf-8056-444553540000} Description: Unknown Device Device ID: USB\VID_0000&PID_0000\5&21616667&0&1 Manufacturer: (Standard USB Host Controller) Name: Unknown Device PNP Device ID: USB\VID_0000&PID_0000\5&21616667&0&1 Service: . ==== System Restore Points =================== . RP525: 14/03/2012 17:59:41 - OTL Restore Point - 14/03/2012 17:59:41 RP526: 15/03/2012 03:00:19 - Windows Update . ==== Installed Programs ====================== . Ace of Spades Adobe Flash Player 11 Plugin Adobe Flash Player ActiveX Adobe Reader 9.3 Advanced Tactical Center™ 1.0 Age of Chivalry Apple Application Support Apple Mobile Device Support Apple Software Update ArmA 2 Free Uninstall AVG 2012 Battlefield 2142 Battlefield 3™ Battlefield 3™ Open Beta Battlelog Web Plugins BattlEye (A2Free) Uninstall BattlEye Uninstall Bing Bar BioShock 2 Black Hawk Down Map Pack v0.22b Blackhawk Down Mod v0.22b Bonjour Breach Brink Brytenwalda 1.31 version 1.31 Call of Duty: Black Ops - Multiplayer Cities XL 2012 Clear Sky Complete Commandos 2: Men of Courage Company of Heroes Online Launcher (THQ) Conduit Engine D3DX10 Darkspore Beta DarthMod Ultimate Commander Edition Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition E.Y.E: Divine Cybermancy Empires ESN Sonar Faction Fronts Clear Sky 1.2.3 Fallen Earth First Strike Mod Galactic Civilizations II - Ultimate Edition GamersFirst LIVE! GameSpy Comrade GangLand Singleplayer Demo Garry's Mod GoToManage Customer 1.6.0.363 GTA4 Mod Installer 0.4.0B GTactix Half-Life Half-Life 2 Homeworld2 Homeworld2 Demo Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB945282) Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946040) Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB946308) Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947540) Hotfix for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB947789) Impulse Insurgency iTunes Java Auto Updater Java 6 Update 31 Junk Mail filter update Lead and Gold - Gangs of the Wild West LogMeIn Hamachi MabinogiEU Malwarebytes Anti-Malware version 1.60.0.1800 Mandate Of Heaven for Crysis Medieval II Total War Men of War: Assault Squad ver. 0.9.60 (1.60.2) patch Mesh Runtime Messenger Companion Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Application Error Reporting Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) Microsoft Corporation Microsoft Game Studios Common Redistributables Pack 1 Microsoft Games for Windows - LIVE Redistributable Microsoft Games for Windows Marketplace Microsoft LifeCam Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (English) 2010 Microsoft Office Access Setup Metadata MUI (English) 2010 Microsoft Office Excel MUI (English) 2010 Microsoft Office OneNote MUI (English) 2010 Microsoft Office Outlook MUI (English) 2010 Microsoft Office PowerPoint MUI (English) 2010 Microsoft Office Professional 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (Spanish) 2010 Microsoft Office Proofing (English) 2010 Microsoft Office Publisher MUI (English) 2010 Microsoft Office Shared MUI (English) 2010 Microsoft Office Shared Setup Metadata MUI (English) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (English) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server 2008 Microsoft SQL Server 2008 Browser Microsoft SQL Server 2008 Common Files Microsoft SQL Server 2008 Database Engine Services Microsoft SQL Server 2008 Database Engine Shared Microsoft SQL Server 2008 Management Objects Microsoft SQL Server 2008 Native Client Microsoft SQL Server 2008 RsFx Driver Microsoft SQL Server 2008 Setup Support Files (English) Microsoft SQL Server Compact 3.5 SP1 Design Tools English Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server VSS Writer Microsoft Visual C# 2008 Express Edition with SP1 - ENU Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual J# .NET Redistributable Package 1.1 Microsoft Visual J# 2.0 Redistributable Package - SE Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 Microsoft XML Parser Microsoft XNA Framework Redistributable 3.0 Microsoft XNA Framework Redistributable 3.1 Microsoft XNA Framework Redistributable 4.0 Microsoft XNA Game Studio 3.1 Microsoft XNA Game Studio 3.1 (ARP entry) Microsoft XNA Game Studio 3.1 (Platformer) Microsoft XNA Game Studio 3.1 (Redists) Microsoft XNA Game Studio 3.1 (Shared Components) Microsoft XNA Game Studio 3.1 (VCSExpress) Microsoft XNA Game Studio 3.1 (XnaLiveProxy) Microsoft XNA Game Studio 3.1 Documentation Microsoft XNA Game Studio Platform Tools Monday Night Combat MountMusket Battalion Mozilla Firefox (3.6.10) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NehrimUninstaller Nexus Mod Manager NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Controller Driver 285.38 NVIDIA 3D Vision Driver 285.38 NVIDIA Control Panel 285.38 NVIDIA Display Control Panel NVIDIA Graphics Driver 285.38 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.11.0621 NVIDIA Stereoscopic 3D Driver NVIDIA Update 1.5.20 NVIDIA Update Components Oblivion mod manager 1.1.12 Origin Overwatch Mod 1.2.0 Pando Media Booster PAYDAY: The Heist PFPortChecker 1.0.39 Predator v0.2 alpha PunkBuster Services QuickTime Red Orchestra 2: Heroes of Stalingrad Renegade-X v0.55 Beta Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition Security Update for Microsoft Visual C# 2008 Express Edition with SP1 - ENU (KB2251487) Sid Meier's Civilization V Skype Click to Call Skype™ 5.8 Sophos Anti-Virus Sophos AutoUpdate Source SDK Base 2007 Spring 0.82.7 Sql Server Customer Experience Improvement Program SQL Server System CLR Types Stalker Complete 2009 v1.4.4 Star Trek Continuum Release ALPHA Star Trek Online Steam SUPERAntiSpyware System Requirements Lab TeamSpeak 3 Client TeamViewer 7 The Elder Scrolls V: Skyrim The Lord of the Rings Online™ v03.02.05.8032 The Sims 3 TortoiseSVN 1.6.8.19260 (32 bit) Total War: SHOGUN 2 Trojan Killer 2.1 TuneUp Companion 1.9.0 Tunngle beta Ubisoft Game Launcher Uniblue RegistryBooster Uninstall MEC2 Unity Web Player Universe Sandbox Unreal Tournament 3 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition Update for Microsoft Outlook Social Connector (KB2583935) Ventrilo Client Vuze Vuze Remote Toolbar Warhammer® 40,000®: Dawn of War® II – Retributionâ„¢ Beta Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Mesh Windows Live Mesh ActiveX Control for Remote Connections Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources Windows Media Player Firefox Plugin WinRAR archiver World in Conflict MW Mod 2.0 Open Beta R8 WWI Source 1.13b X-Universe Plugin Manager V1.30 by Cycrow X3: Albion Prelude X3: Terran Conflict Zero-K Zombie Panic Source . ==== Event Viewer Messages From Past Week ======== . 18/03/2012 10:48:29, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: prodrv06 prohlp02 sfhlp01 18/03/2012 10:47:38, Error: Application Popup [875] - Driver prodrv06.sys has been blocked from loading. 18/03/2012 10:47:35, Error: Application Popup [875] - Driver sfhlp01.sys has been blocked from loading. 18/03/2012 10:47:35, Error: Application Popup [875] - Driver prohlp02.sys has been blocked from loading. 17/03/2012 12:33:11, Error: Service Control Manager [7034] - The Sophos AutoUpdate Service service terminated unexpectedly. It has done this 1 time(s). 17/03/2012 12:33:11, Error: Service Control Manager [7034] - The Sophos Anti-Virus status reporter service terminated unexpectedly. It has done this 1 time(s). 15/03/2012 13:38:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. 15/03/2012 13:38:57, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 14/03/2012 20:41:53, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 14/03/2012 20:40:16, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 14/03/2012 20:40:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 14/03/2012 20:40:14, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 14/03/2012 20:40:13, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 14/03/2012 20:40:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 14/03/2012 20:40:01, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 discache prodrv06 prohlp02 SASDIFSV SASKUTIL SAVOnAccess sfhlp01 spldr Wanarpv6 14/03/2012 18:20:10, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Avgldx86 Avgmfx86 discache prodrv06 prohlp02 SAVOnAccess sfhlp01 spldr Wanarpv6 14/03/2012 15:04:57, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgfws service. 14/03/2012 07:29:05, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Games for Windows Software 3.5. 14/03/2012 02:14:28, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. 13/03/2012 23:36:26, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {24DC0815-9D82-47FD-81B3-11DE033EF7A3}. The error: "740" Happened while starting this command: "C:\Program Files\Sophos\Sophos Anti-Virus\SavMain.exe" -Embedding 12/03/2012 15:33:28, Error: Service Control Manager [7023] - The iPod Service service terminated with the following error: %%-2147417831 . ==== End Of File =========================== Also i have scanned it some stuff came up but it still keeps coming back