Jump to content

disappearing programs and start menu problems


Recommended Posts

I'm running windows 7 and have recently started having problems. I first noticed that when i tried to start Roxio burning program from the start menu and then from the .exe file itself nothing happened. Other links in the start menu don't work and things such as the calculator and windows games aren't available. I have now found that I can't install programs (tried a Garmin program and also Skype, amongst others) and it won't complete as it says I need admmin rights (this happens on all 3 accoounts on this computer which are all presently admin accounts).

I have run the various programs suggested and here are the logs etc.(i also disabled CD emulation, as suggested)

.

DDS (Ver_2011-06-23.01) - NTFSAMD64

Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_25

Run by Adults at 12:47:31 on 2011-07-24

Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.3758.1857 [GMT 1:00]

.

AV: AVG Anti-Virus Free *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Program Files (x86)\AVG\AVG9\avgchsva.exe

C:\Program Files (x86)\AVG\AVG9\avgrsa.exe

C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe

C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files (x86)\AVG\AVG9\avgnsa.exe

C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe

C:\Windows\system32\rundll32.exe

C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Sony\VAIO Care\VCPerfService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

C:\Program Files\Sony\VAIO Power Management\SPMService.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Sony\VAIO Care\listener.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe

C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\TMonitor.exe

C:\Program Files (x86)\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe

C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe

C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\ServoApp.exe

C:\Program Files (x86)\AVG\AVG9\avgtray.exe

C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Apoint\Apvfb.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\wuauclt.exe

C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

C:\Program Files\Sony\VAIO Care\VCsystray.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Windows\System32\vds.exe

C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10t_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.co.uk/ig?hl=en&source=iglk

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01

uInternet Settings,ProxyOverride = *.local

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

uURLSearchHooks: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll

uURLSearchHooks: FCToolbarURLSearchHook Class: {ada2ac0d-15c6-4611-ba5d-5b0a8b52fd6d} - C:\Program Files (x86)\Nectar Search Toolbar\Helper.dll

uURLSearchHooks: H - No File

uURLSearchHooks: YTNavAssist.YTNavAssistPlugin Class: {81017ea9-9aa8-4a6a-9734-7af40e7d593f} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\YTNavAssist.dll

uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll

mURLSearchHooks: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

mWinlogon: Userinit=userinit.exe,

BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO: DivX HiQ: {593ddec6-7468-4cdd-90e1-42dadaa222e9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO: Nectar Search Toolbar BHO: {b7c2f0d8-2209-4693-a15d-5a537211d48b} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll

TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll

TB: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll

TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

TB: Nectar Search Toolbar: {8020143d-5926-4394-a04d-dd0b649da121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [EPSON Stylus SX400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE /FU "C:\Windows\TEMP\E_S6F45.tmp" /EF "HKCU"

uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

uRun: [EPSON Stylus SX400 Series (Copy 2)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIEGE.EXE /FU "C:\Windows\TEMP\E_SB83A.tmp" /EF "HKCU"

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized

uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" -s

uRun: [sony Ericsson PC Companion] "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /Background

uRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

uRun: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"

mRun: [server Application] C:\Windows\system32\ServoApp.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun: [MyPoi Monitor] "C:\Program Files (x86)\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe"

mRun: [MFP Manager] C:\Program Files (x86)\MFP Server\MFPAgent.exe -CheckAutoRun

mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe

mRun: [GDI Manager] "C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe"

mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

StartupFolder: C:\Users\Adults\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} - hxxp://ax.emsisoft.com/asquared.cab

DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab

DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx

DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B} : DhcpNameServer = 192.168.0.1

TCP: Interfaces\{EB67E911-867D-4C13-AE00-E3C7ECA0A89B}\6796277696E6D65646961653135393631323 : DhcpNameServer = 194.168.4.100 194.168.8.100

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG9\avgpp.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: VESWinlogon - VESWinlogon.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

mASetup: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO-X64: Increase performance and video formats for your HTML5 <video> - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG9\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll

BHO-X64: DivX HiQ: {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

BHO-X64: Use the DivX Plus Web Player to watch web videos with less interruptions and smoother playback on supported sites - No File

BHO-X64: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

BHO-X64: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

BHO-X64: ZoneAlarm Security Engine Registrar - No File

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: AVG Security Toolbar BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll

BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Nectar Search Toolbar BHO: {B7C2F0D8-2209-4693-A15D-5A537211D48B} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll

BHO-X64: FCTBPos00Pos - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\YTSingleInstance.dll

TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn4\yt.dll

TB-X64: ZoneAlarm Toolbar: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - C:\Program Files (x86)\ZoneAlarm\tbZone.dll

TB-X64: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

TB-X64: AVG Security Toolbar: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG9\Toolbar\IEToolbar.dll

TB-X64: Nectar Search Toolbar: {8020143D-5926-4394-A04D-DD0B649DA121} - C:\Program Files (x86)\Nectar Search Toolbar\Toolbar.dll

TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun-x64: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"

mRun-x64: [server Application] C:\Windows\system32\ServoApp.exe

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun-x64: [MyPoi Monitor] "C:\Program Files (x86)\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe"

mRun-x64: [MFP Manager] C:\Program Files (x86)\MFP Server\MFPAgent.exe -CheckAutoRun

mRun-x64: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe

mRun-x64: [GDI Manager] "C:\Program Files (x86)\MFP Server\App\Common\MFPAgent.exe"

mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

Hosts: 127.0.0.1 www.spywareinfo.com

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Adults\AppData\Roaming\Mozilla\Firefox\Profiles\a7orfyxm.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ig

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c0a0ee8&v=6.010.006.004&i=23&tp=ab&iy=b&ychte=uk&lng=en-GB&q=

FF - component: C:\Program Files (x86)\AVG\AVG9\Firefox\components\avgssff.dll

FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG9\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: C:\Program Files (x86)\McAfee\SiteAdvisor\components\McFFPlg.dll

FF - component: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\components\TrustCheckerMozillaPlugin.dll

FF - component: C:\Users\Adults\AppData\Roaming\Mozilla\Firefox\Profiles\a7orfyxm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

FF - component: C:\Users\Adults\AppData\Roaming\Mozilla\Firefox\Profiles\a7orfyxm.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar-ff3.dll

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.1698.5652\npCIDetect13.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll

FF - plugin: C:\Program Files (x86)\NOS\bin\np_gp.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll

FF - plugin: C:\Windows\system32\Wat\npWatWeb.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 AvgLdx64;AVG Free AVI Loader Driver x64;C:\Windows\system32\Drivers\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?]

R1 AvgMfx64;AVG Free On-access Scanner Minifilter Driver x64;C:\Windows\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers\avgmfx64.sys [?]

R1 AvgTdiA;AVG Free Network Redirector x64;C:\Windows\system32\Drivers\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?]

R1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-6-22 52496]

R1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-6-22 61200]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 ALIWEHCD;MFP Server Enhanced Controller;C:\Windows\system32\Drivers\mfpec.sys --> C:\Windows\system32\Drivers\mfpec.sys [?]

R2 avg9wd;AVG Free WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe [2010-7-15 308136]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-25 13336]

R2 ISWKL;ZoneAlarm Toolbar ISWKL;C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [2010-5-26 33008]

R2 IswSvc;ZoneAlarm Toolbar IswSvc;C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe [2010-5-26 823272]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2011-4-25 101048]

R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-6-22 870200]

R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]

R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]

R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-6-10 259192]

R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-1-18 1153368]

R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-4-22 92592]

R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-25 2320920]

R2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-6-25 822784]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]

R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

R3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]

R3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-5-15 571248]

R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-6-10 44736]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 WUSBVBus;MFP Server Detector;C:\Windows\system32\DRIVERS\mfpvbus.sys --> C:\Windows\system32\DRIVERS\mfpvbus.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 0001631303764531mcinstcleanup;McAfee Application Installer Cleanup (0001631303764531);C:\Windows\TEMP\000163~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service --> C:\Windows\TEMP\000163~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-15 133104]

S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]

S3 AliWGP;Composite Device;C:\Windows\system32\DRIVERS\mfpcomp.sys --> C:\Windows\system32\DRIVERS\mfpcomp.sys [?]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-10-26 1025352]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 dgderdrv;dgderdrv;C:\Windows\system32\drivers\dgderdrv.sys --> C:\Windows\system32\drivers\dgderdrv.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-15 133104]

S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]

S3 nosGetPlusHelper;getPlus® Helper 3004;C:\Windows\System32\svchost.exe -k nosGetPlusHelper [2009-7-14 20992]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]

S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-1-30 155344]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]

S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]

S3 TFsExDisk;TFsExDisk;C:\Windows\System32\drivers\TFsExDisk.Sys [2010-10-2 16392]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TVICHW64;TVICHW64;\??\C:\Windows\system32\DRIVERS\TVICHW64.SYS --> C:\Windows\system32\DRIVERS\TVICHW64.SYS [?]

S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-5-15 1021840]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2011-07-23 19:17:00 -------- d-----w- C:\Users\Adults\AppData\Roaming\Malwarebytes

2011-07-23 19:16:43 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-23 19:16:42 -------- d-----w- C:\ProgramData\Malwarebytes

2011-07-23 19:16:37 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys

2011-07-23 19:16:36 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2011-07-23 12:26:21 -------- d-----w- C:\rei

2011-07-23 12:26:07 -------- d-----w- C:\Program Files\Reimage

2011-07-16 15:51:52 -------- d-----w- C:\Program Files\Microsoft Games

2011-07-16 15:43:18 -------- d-----w- C:\Users\Adults\AppData\Roaming\VSRevoGroup

2011-07-14 15:52:45 -------- d-----w- C:\bc92e3125ceca0c8a224dd651d

2011-07-09 11:59:02 311248 ----a-w- C:\Windows\IsUninst.exe

2011-07-06 22:56:00 -------- d-----w- C:\Program Files (x86)\Roxio

2011-07-06 22:55:11 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared

2011-07-06 22:53:55 -------- d-----w- C:\Users\Adults\AppData\Roaming\Roxio Log Files

2011-07-04 21:13:43 -------- d-----w- C:\Program Files (x86)\Memory-Map

2011-07-03 21:06:22 -------- d-----w- C:\WebUpdater

2011-07-03 20:19:46 -------- d-----w- C:\Maps_v5

2011-07-03 20:16:08 -------- d-----w- C:\ProgramData\GARMIN

2011-07-03 20:15:53 -------- d-----w- C:\Program Files (x86)\Garmin

2011-07-03 19:42:53 -------- d-----w- C:\Garmin

.

==================== Find3M ====================

.

2011-06-22 21:23:15 404640 ------w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys

2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll

2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll

2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll

2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll

2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll

2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll

2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe

2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll

2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll

2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe

2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll

2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll

2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe

2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe

2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll

2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll

2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll

2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll

2011-05-28 03:30:09 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2011-05-28 02:53:58 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll

2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll

2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll

2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll

2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe

2011-05-05 18:42:11 317520 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll

2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll

2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll

2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll

2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll

2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll

2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe

2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe

2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe

2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll

2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll

2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll

2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll

2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll

2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll

2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe

2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe

2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe

2011-05-03 05:29:29 976896 ----a-w- C:\Windows\System32\inetcomm.dll

2011-05-03 04:30:02 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll

2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys

2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys

2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2011-04-28 03:55:08 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys

2011-04-28 03:54:56 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS

2011-04-27 02:40:40 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys

2011-04-27 02:39:40 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys

2011-04-27 02:39:37 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys

.

============= FINISH: 12:48:39.90 ===============

Malwarebytes' Anti-Malware 1.51.1.1800

www.malwarebytes.org

Database version: 7254

Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514

24/07/2011 12:23:58

mbam-log-2011-07-24 (12-23-58).txt

Scan type: Quick scan

Objects scanned: 211802

Time elapsed: 4 minute(s), 53 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Hope I've done this right, TIA.ark.zip

Link to post
Share on other sites

:welcome:

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All

Click the Empty Selected button.

  • If you use Firefox browser
    Click Firefox at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

  • Click Opera at the top and choose: Select All
    Click the Empty Selected button.
    NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.

It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

  • Ensure all Firefox windows are closed.
  • To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  • When prompted to run the scan, click Yes.
  • It doesn't take long to run, once it is finished move onto the next step

Next:

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
    TDSSKillerSuspicious.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

please post the contents of that log TDSSKiller log.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

Have run all those. Here's the TDSS log

2011/07/27 21:52:30.0570 4712 TDSS rootkit removing tool 2.5.11.0 Jul 11 2011 16:56:56

2011/07/27 21:52:31.0506 4712 ================================================================================

2011/07/27 21:52:31.0506 4712 SystemInfo:

2011/07/27 21:52:31.0506 4712

2011/07/27 21:52:31.0506 4712 OS Version: 6.1.7601 ServicePack: 1.0

2011/07/27 21:52:31.0506 4712 Product type: Workstation

2011/07/27 21:52:31.0506 4712 ComputerName: ADULTS-VAIO

2011/07/27 21:52:31.0506 4712 UserName: Adults

2011/07/27 21:52:31.0506 4712 Windows directory: C:\Windows

2011/07/27 21:52:31.0506 4712 System windows directory: C:\Windows

2011/07/27 21:52:31.0506 4712 Running under WOW64

2011/07/27 21:52:31.0506 4712 Processor architecture: Intel x64

2011/07/27 21:52:31.0506 4712 Number of processors: 4

2011/07/27 21:52:31.0506 4712 Page size: 0x1000

2011/07/27 21:52:31.0506 4712 Boot type: Normal boot

2011/07/27 21:52:31.0506 4712 ================================================================================

2011/07/27 21:52:32.0161 4712 Initialize success

2011/07/27 21:52:37.0699 3472 ================================================================================

2011/07/27 21:52:37.0699 3472 Scan started

2011/07/27 21:52:37.0699 3472 Mode: Manual;

2011/07/27 21:52:37.0699 3472 ================================================================================

2011/07/27 21:52:39.0274 3472 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

2011/07/27 21:52:39.0477 3472 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

2011/07/27 21:52:39.0633 3472 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

2011/07/27 21:52:39.0820 3472 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

2011/07/27 21:52:39.0961 3472 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

2011/07/27 21:52:40.0101 3472 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

2011/07/27 21:52:40.0273 3472 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

2011/07/27 21:52:40.0413 3472 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

2011/07/27 21:52:40.0507 3472 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

2011/07/27 21:52:40.0600 3472 ALIWEHCD (6c77aaee7ea10f35533d610022f4cce2) C:\Windows\system32\Drivers\mfpec.sys

2011/07/27 21:52:40.0756 3472 AliWGP (db1aca48b42304350667d1c26de2b29d) C:\Windows\system32\DRIVERS\mfpcomp.sys

2011/07/27 21:52:40.0881 3472 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

2011/07/27 21:52:40.0975 3472 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

2011/07/27 21:52:41.0053 3472 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

2011/07/27 21:52:41.0131 3472 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

2011/07/27 21:52:41.0209 3472 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

2011/07/27 21:52:41.0287 3472 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

2011/07/27 21:52:41.0334 3472 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys

2011/07/27 21:52:41.0427 3472 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

2011/07/27 21:52:41.0568 3472 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

2011/07/27 21:52:41.0583 3472 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

2011/07/27 21:52:41.0630 3472 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

2011/07/27 21:52:41.0692 3472 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

2011/07/27 21:52:41.0786 3472 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

2011/07/27 21:52:42.0114 3472 atikmdag (89a3d56ce4044f35b9d08dd37193bbfc) C:\Windows\system32\DRIVERS\atikmdag.sys

2011/07/27 21:52:42.0550 3472 AvgLdx64 (b447db072bf939db9e07bef2adf4ecbd) C:\Windows\system32\Drivers\avgldx64.sys

2011/07/27 21:52:42.0582 3472 AvgMfx64 (405baabbb48f9176e220020b1a77c47b) C:\Windows\system32\Drivers\avgmfx64.sys

2011/07/27 21:52:42.0644 3472 AvgTdiA (8aa68c0ba2b84fd7eb3e1f10bbfc825b) C:\Windows\system32\Drivers\avgtdia.sys

2011/07/27 21:52:42.0738 3472 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

2011/07/27 21:52:42.0909 3472 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

2011/07/27 21:52:43.0096 3472 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

2011/07/27 21:52:43.0159 3472 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

2011/07/27 21:52:43.0284 3472 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

2011/07/27 21:52:43.0330 3472 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

2011/07/27 21:52:43.0346 3472 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

2011/07/27 21:52:43.0393 3472 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

2011/07/27 21:52:43.0424 3472 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

2011/07/27 21:52:43.0440 3472 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

2011/07/27 21:52:43.0471 3472 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

2011/07/27 21:52:43.0518 3472 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

2011/07/27 21:52:43.0549 3472 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

2011/07/27 21:52:43.0596 3472 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

2011/07/27 21:52:43.0658 3472 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

2011/07/27 21:52:43.0798 3472 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

2011/07/27 21:52:43.0876 3472 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys

2011/07/27 21:52:43.0923 3472 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys

2011/07/27 21:52:44.0048 3472 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys

2011/07/27 21:52:44.0110 3472 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

2011/07/27 21:52:44.0142 3472 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys

2011/07/27 21:52:44.0282 3472 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

2011/07/27 21:52:44.0344 3472 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

2011/07/27 21:52:44.0438 3472 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

2011/07/27 21:52:44.0500 3472 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

2011/07/27 21:52:44.0594 3472 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

2011/07/27 21:52:44.0656 3472 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

2011/07/27 21:52:44.0719 3472 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

2011/07/27 21:52:44.0781 3472 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

2011/07/27 21:52:44.0828 3472 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

2011/07/27 21:52:44.0922 3472 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

2011/07/27 21:52:45.0000 3472 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

2011/07/27 21:52:45.0187 3472 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

2011/07/27 21:52:45.0327 3472 dgderdrv (def365f0f6e017888c4b869d3ba4b8e0) C:\Windows\system32\drivers\dgderdrv.sys

2011/07/27 21:52:45.0390 3472 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

2011/07/27 21:52:45.0468 3472 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

2011/07/27 21:52:45.0546 3472 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

2011/07/27 21:52:45.0639 3472 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

2011/07/27 21:52:45.0780 3472 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

2011/07/27 21:52:46.0060 3472 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

2011/07/27 21:52:46.0123 3472 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

2011/07/27 21:52:46.0216 3472 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

2011/07/27 21:52:46.0294 3472 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

2011/07/27 21:52:46.0357 3472 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

2011/07/27 21:52:46.0419 3472 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

2011/07/27 21:52:46.0450 3472 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

2011/07/27 21:52:46.0497 3472 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

2011/07/27 21:52:46.0575 3472 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

2011/07/27 21:52:46.0638 3472 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

2011/07/27 21:52:46.0700 3472 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys

2011/07/27 21:52:46.0762 3472 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

2011/07/27 21:52:46.0809 3472 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

2011/07/27 21:52:46.0903 3472 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

2011/07/27 21:52:46.0965 3472 grmnusb (2ed7ff3e1ada4092632393781518b3a7) C:\Windows\system32\drivers\grmnusb.sys

2011/07/27 21:52:47.0121 3472 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

2011/07/27 21:52:47.0199 3472 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

2011/07/27 21:52:47.0262 3472 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

2011/07/27 21:52:47.0308 3472 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys

2011/07/27 21:52:47.0418 3472 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

2011/07/27 21:52:47.0464 3472 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

2011/07/27 21:52:47.0496 3472 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

2011/07/27 21:52:47.0574 3472 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys

2011/07/27 21:52:47.0667 3472 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

2011/07/27 21:52:47.0730 3472 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

2011/07/27 21:52:47.0792 3472 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

2011/07/27 21:52:47.0854 3472 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

2011/07/27 21:52:47.0948 3472 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys

2011/07/27 21:52:48.0042 3472 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

2011/07/27 21:52:48.0244 3472 igfx (2835c0808ba40fa8bc141e6015eb2414) C:\Windows\system32\DRIVERS\igdkmd64.sys

2011/07/27 21:52:48.0588 3472 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

2011/07/27 21:52:48.0634 3472 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys

2011/07/27 21:52:48.0728 3472 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys

2011/07/27 21:52:48.0822 3472 IntcDAud (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys

2011/07/27 21:52:48.0915 3472 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

2011/07/27 21:52:48.0978 3472 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

2011/07/27 21:52:49.0102 3472 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

2011/07/27 21:52:49.0196 3472 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

2011/07/27 21:52:49.0274 3472 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

2011/07/27 21:52:49.0352 3472 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

2011/07/27 21:52:49.0430 3472 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

2011/07/27 21:52:49.0508 3472 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

2011/07/27 21:52:49.0602 3472 ISWKL (a97874c03fb228b9d3641066805a2666) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys

2011/07/27 21:52:49.0742 3472 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

2011/07/27 21:52:49.0804 3472 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

2011/07/27 21:52:49.0882 3472 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

2011/07/27 21:52:49.0914 3472 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

2011/07/27 21:52:49.0960 3472 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

2011/07/27 21:52:50.0116 3472 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

2011/07/27 21:52:50.0210 3472 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

2011/07/27 21:52:50.0226 3472 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

2011/07/27 21:52:50.0241 3472 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

2011/07/27 21:52:50.0272 3472 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

2011/07/27 21:52:50.0304 3472 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

2011/07/27 21:52:50.0475 3472 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

2011/07/27 21:52:50.0506 3472 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

2011/07/27 21:52:50.0553 3472 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

2011/07/27 21:52:50.0600 3472 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

2011/07/27 21:52:50.0647 3472 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys

2011/07/27 21:52:50.0740 3472 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys

2011/07/27 21:52:50.0912 3472 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

2011/07/27 21:52:50.0959 3472 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

2011/07/27 21:52:51.0021 3472 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

2011/07/27 21:52:51.0130 3472 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

2011/07/27 21:52:51.0208 3472 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

2011/07/27 21:52:51.0271 3472 mrxsmb10 (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys

2011/07/27 21:52:51.0318 3472 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

2011/07/27 21:52:51.0396 3472 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

2011/07/27 21:52:51.0458 3472 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

2011/07/27 21:52:51.0536 3472 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

2011/07/27 21:52:51.0567 3472 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

2011/07/27 21:52:51.0645 3472 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

2011/07/27 21:52:51.0692 3472 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

2011/07/27 21:52:51.0739 3472 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

2011/07/27 21:52:51.0770 3472 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

2011/07/27 21:52:51.0832 3472 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

2011/07/27 21:52:51.0910 3472 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

2011/07/27 21:52:51.0973 3472 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

2011/07/27 21:52:52.0020 3472 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

2011/07/27 21:52:52.0066 3472 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

2011/07/27 21:52:52.0113 3472 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

2011/07/27 21:52:52.0207 3472 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

2011/07/27 21:52:52.0285 3472 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

2011/07/27 21:52:52.0316 3472 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

2011/07/27 21:52:52.0378 3472 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

2011/07/27 21:52:52.0441 3472 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

2011/07/27 21:52:52.0566 3472 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

2011/07/27 21:52:52.0628 3472 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

2011/07/27 21:52:52.0690 3472 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

2011/07/27 21:52:52.0768 3472 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

2011/07/27 21:52:52.0909 3472 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

2011/07/27 21:52:53.0096 3472 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

2011/07/27 21:52:53.0221 3472 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

2011/07/27 21:52:53.0408 3472 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

2011/07/27 21:52:53.0470 3472 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

2011/07/27 21:52:53.0548 3472 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

2011/07/27 21:52:53.0595 3472 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

2011/07/27 21:52:53.0720 3472 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

2011/07/27 21:52:53.0829 3472 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

2011/07/27 21:52:53.0907 3472 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

2011/07/27 21:52:53.0970 3472 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

2011/07/27 21:52:54.0001 3472 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

2011/07/27 21:52:54.0063 3472 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

2011/07/27 21:52:54.0094 3472 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

2011/07/27 21:52:54.0126 3472 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

2011/07/27 21:52:54.0422 3472 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

2011/07/27 21:52:54.0516 3472 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

2011/07/27 21:52:54.0594 3472 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

2011/07/27 21:52:54.0640 3472 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys

2011/07/27 21:52:54.0750 3472 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

2011/07/27 21:52:54.0906 3472 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

2011/07/27 21:52:54.0968 3472 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

2011/07/27 21:52:55.0124 3472 RapportEI64 (230fdd5894be098dcc4d1d3a79a2b6ee) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys

2011/07/27 21:52:55.0171 3472 RapportPG64 (03fc5131a18b97d0cf63d9df37a35d52) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys

2011/07/27 21:52:55.0296 3472 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

2011/07/27 21:52:55.0342 3472 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

2011/07/27 21:52:55.0420 3472 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

2011/07/27 21:52:55.0498 3472 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

2011/07/27 21:52:55.0561 3472 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

2011/07/27 21:52:55.0639 3472 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

2011/07/27 21:52:55.0701 3472 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

2011/07/27 21:52:55.0748 3472 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

2011/07/27 21:52:55.0810 3472 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

2011/07/27 21:52:55.0873 3472 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

2011/07/27 21:52:55.0920 3472 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

2011/07/27 21:52:55.0982 3472 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

2011/07/27 21:52:56.0060 3472 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

2011/07/27 21:52:56.0122 3472 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

2011/07/27 21:52:56.0263 3472 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys

2011/07/27 21:52:56.0310 3472 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys

2011/07/27 21:52:56.0388 3472 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

2011/07/27 21:52:56.0450 3472 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

2011/07/27 21:52:56.0544 3472 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

2011/07/27 21:52:56.0715 3472 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

2011/07/27 21:52:56.0809 3472 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

2011/07/27 21:52:56.0887 3472 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

2011/07/27 21:52:56.0965 3472 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

2011/07/27 21:52:57.0012 3472 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

2011/07/27 21:52:57.0090 3472 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

2011/07/27 21:52:57.0168 3472 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys

2011/07/27 21:52:57.0246 3472 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

2011/07/27 21:52:57.0292 3472 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

2011/07/27 21:52:57.0339 3472 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

2011/07/27 21:52:57.0402 3472 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

2011/07/27 21:52:57.0573 3472 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

2011/07/27 21:52:57.0604 3472 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

2011/07/27 21:52:57.0636 3472 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

2011/07/27 21:52:57.0838 3472 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

2011/07/27 21:52:57.0916 3472 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

2011/07/27 21:52:57.0979 3472 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

2011/07/27 21:52:58.0072 3472 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

2011/07/27 21:52:58.0150 3472 ssadbus (d52282225d5bd73a9cbf420699d1a0fe) C:\Windows\system32\DRIVERS\ssadbus.sys

2011/07/27 21:52:58.0260 3472 ssadmdfl (f7936ac6e8437e10e1ae488ce21f3086) C:\Windows\system32\DRIVERS\ssadmdfl.sys

2011/07/27 21:52:58.0306 3472 ssadmdm (1fe033372a58c67b3ecca903fc637b36) C:\Windows\system32\DRIVERS\ssadmdm.sys

2011/07/27 21:52:58.0447 3472 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

2011/07/27 21:52:58.0525 3472 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

2011/07/27 21:52:58.0587 3472 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

2011/07/27 21:52:58.0650 3472 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

2011/07/27 21:52:58.0759 3472 Tcpip (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys

2011/07/27 21:52:58.0884 3472 TCPIP6 (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys

2011/07/27 21:52:58.0977 3472 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

2011/07/27 21:52:59.0055 3472 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

2011/07/27 21:52:59.0102 3472 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

2011/07/27 21:52:59.0164 3472 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

2011/07/27 21:52:59.0242 3472 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

2011/07/27 21:52:59.0320 3472 TFsExDisk (ce4b6956e4e12492715a53076e58761f) C:\Windows\System32\Drivers\TFsExDisk.sys

2011/07/27 21:52:59.0476 3472 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

2011/07/27 21:52:59.0617 3472 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

2011/07/27 21:52:59.0695 3472 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

2011/07/27 21:52:59.0773 3472 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS

2011/07/27 21:52:59.0820 3472 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

2011/07/27 21:52:59.0882 3472 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

2011/07/27 21:53:00.0100 3472 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

2011/07/27 21:53:00.0147 3472 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

2011/07/27 21:53:00.0225 3472 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

2011/07/27 21:53:00.0303 3472 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

2011/07/27 21:53:00.0381 3472 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

2011/07/27 21:53:00.0444 3472 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

2011/07/27 21:53:00.0475 3472 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

2011/07/27 21:53:00.0553 3472 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

2011/07/27 21:53:00.0600 3472 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

2011/07/27 21:53:00.0662 3472 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

2011/07/27 21:53:00.0724 3472 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

2011/07/27 21:53:00.0787 3472 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

2011/07/27 21:53:00.0865 3472 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

2011/07/27 21:53:00.0974 3472 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

2011/07/27 21:53:01.0068 3472 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

2011/07/27 21:53:01.0146 3472 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

2011/07/27 21:53:01.0208 3472 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

2011/07/27 21:53:01.0286 3472 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

2011/07/27 21:53:01.0348 3472 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

2011/07/27 21:53:01.0411 3472 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

2011/07/27 21:53:01.0473 3472 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

2011/07/27 21:53:01.0536 3472 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

2011/07/27 21:53:01.0614 3472 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

2011/07/27 21:53:01.0692 3472 vpcbus (b4a73ca4ef9a02b9738cea9ad5fe5917) C:\Windows\system32\DRIVERS\vpchbus.sys

2011/07/27 21:53:01.0754 3472 vpcnfltr (e675fb2b48c54f09895482e2253b289c) C:\Windows\system32\DRIVERS\vpcnfltr.sys

2011/07/27 21:53:01.0848 3472 vpcusb (5fb42082b0d19a0268705f1dd343df20) C:\Windows\system32\DRIVERS\vpcusb.sys

2011/07/27 21:53:01.0926 3472 vpcvmm (207b6539799cc1c112661a9b620dd233) C:\Windows\system32\drivers\vpcvmm.sys

2011/07/27 21:53:01.0972 3472 Vsdatant (48bfa6276bcc0535f5f8898107ed489a) C:\Windows\system32\DRIVERS\vsdatant.sys

2011/07/27 21:53:02.0035 3472 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

2011/07/27 21:53:02.0191 3472 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

2011/07/27 21:53:02.0238 3472 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

2011/07/27 21:53:02.0284 3472 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

2011/07/27 21:53:02.0347 3472 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

2011/07/27 21:53:02.0409 3472 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/27 21:53:02.0456 3472 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

2011/07/27 21:53:02.0550 3472 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

2011/07/27 21:53:02.0612 3472 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

2011/07/27 21:53:02.0706 3472 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

2011/07/27 21:53:02.0768 3472 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

2011/07/27 21:53:02.0862 3472 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

2011/07/27 21:53:03.0033 3472 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

2011/07/27 21:53:03.0174 3472 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

2011/07/27 21:53:03.0252 3472 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

2011/07/27 21:53:03.0314 3472 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

2011/07/27 21:53:03.0408 3472 WUSBVBus (28de9164f5d74cfd2466778ba1d93f30) C:\Windows\system32\DRIVERS\mfpvbus.sys

2011/07/27 21:53:03.0470 3472 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys

2011/07/27 21:53:03.0517 3472 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

2011/07/27 21:53:03.0548 3472 Boot (0x1200) (2b4d5a4f1d5c76b39156464867ffaabc) \Device\Harddisk0\DR0\Partition0

2011/07/27 21:53:03.0564 3472 Boot (0x1200) (9b55df61a3ebf7c47d44b4a4f9af28bd) \Device\Harddisk0\DR0\Partition1

2011/07/27 21:53:03.0564 3472 ================================================================================

2011/07/27 21:53:03.0564 3472 Scan finished

2011/07/27 21:53:03.0564 3472 ================================================================================

2011/07/27 21:53:03.0579 7740 Detected object count: 0

2011/07/27 21:53:03.0579 7740 Actual detected object count: 0

Under the Start menu, all shortcuts icons are blank and clicking on them does not open the program. I am also unable to install new programs, I get the message that I must run the installation program as an administrator. At that point I had a standard user profile and an admin one. I set them both to admin and was unable to install programs using either. I set up another admin user but to no avail. Not sure if it's related but the computer seems to spend ages on the starting windows page.

Thanks in advance,

Diane

Link to post
Share on other sites

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

I suggest you do this:

Download unhide.exe & save it to your windows folder:

Right click on unhide.exe and select Run as administrator (In case you have Vista or Win7)

Reboot

This will unhide folders/files that were set to be hidden by the infection you had.

Let me know if that solved your problem.

Link to post
Share on other sites

Tried this a couple of times with two different restore points, got message both times System Restore did not complete successfully. Unspecified error 0x80070005. Forgot to mention that Windows Udate is not able to install updates successfully either.

Off to bed now as its 00:40 here so will continue tomorrow. Thanks for your time so far, Diane

Link to post
Share on other sites

None. The busy symbol onscreen circulates but the hard drive light is constant.

My husband came home late last night and started the computer in safe mode (don't know why, he's only a computer user, no interestin sorting it out himself). Anyway, he says that the start menu icons were all there and programs started when he clicked on them.

Link to post
Share on other sites

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from one of these locations:

Link 1

Link 2 If using this link, Right Click and select Save As.

* IMPORTANT !!! Save ComboFix.exe to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  • Double click on ComboFix.exe & follow the prompts.
    Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
    Note: If you have XP SP3, use the XP SP2 package.
    If Vista or Windows 7, skip the Recovery Console part
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

RC1.png

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

RC2-1.png

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

Link to post
Share on other sites

ComboFix 11-07-28.06 - Adults 28/07/2011 22:41:25.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.44.1033.18.3758.1863 [GMT 1:00]

Running from: c:\users\Adults\Desktop\Malware killers etc\ComboFix.exe

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\Install.exe

c:\users\Adults\AppData\Local\Microsoft\Windows\Temporary Internet Files\{78D45C0A-7A78-46C8-8871-356C1ECF4B3C}.xps

c:\users\Adults\AppData\Roaming\.#

c:\windows\SysWow64\Config.ini

c:\windows\SysWow64\muzapp.exe

c:\windows\SysWow64\system32

c:\windows\SysWow64\system32\3DAudio.ax

c:\windows\SysWow64\system32\cis-2.4.dll

c:\windows\SysWow64\system32\issacapi_bs-2.3.dll

c:\windows\SysWow64\system32\issacapi_pe-2.3.dll

c:\windows\SysWow64\system32\issacapi_se-2.3.dll

c:\windows\SysWow64\system32\MACXMLProto.dll

c:\windows\SysWow64\system32\MaDRM.dll

c:\windows\SysWow64\system32\MaJGUILib.dll

c:\windows\SysWow64\system32\MaJUtilLib.dll

c:\windows\SysWow64\system32\MAMACExtract.dll

c:\windows\SysWow64\system32\MASetupCaller.dll

c:\windows\SysWow64\system32\MASetupCleaner.exe

c:\windows\SysWow64\system32\MaXMLProto.dll

c:\windows\SysWow64\system32\MetaStore2.dll

c:\windows\SysWow64\system32\Microsoft.Synchronization.dll

c:\windows\SysWow64\system32\MK_Lyric.dll

c:\windows\SysWow64\system32\MSCLib.dll

c:\windows\SysWow64\system32\MSFLib.dll

c:\windows\SysWow64\system32\MSLUR71.dll

c:\windows\SysWow64\system32\msvcp60.dll

c:\windows\SysWow64\system32\MTTELECHIP.dll

c:\windows\SysWow64\system32\MTXSYNCICON.dll

c:\windows\SysWow64\system32\muzaf1.dll

c:\windows\SysWow64\system32\muzapp.dll

c:\windows\SysWow64\system32\muzapp.exe

c:\windows\SysWow64\system32\muzdecode.ax

c:\windows\SysWow64\system32\muzeffect.ax

c:\windows\SysWow64\system32\muzmp4sp.ax

c:\windows\SysWow64\system32\muzmpgsp.ax

c:\windows\SysWow64\system32\muzoggsp.ax

c:\windows\SysWow64\system32\muzwmts.dll

c:\windows\SysWow64\system32\psapi.dll

c:\windows\SysWow64\system32\Synchronization2.dll

.

.

((((((((((((((((((((((((( Files Created from 2011-06-28 to 2011-07-28 )))))))))))))))))))))))))))))))

.

.

2011-07-28 21:49 . 2011-07-28 21:49 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-07-28 21:49 . 2011-07-28 21:49 -------- d-----w- c:\users\Admin\AppData\Local\temp

2011-07-28 21:36 . 2011-07-28 21:37 -------- d-----w- C:\32788R22FWJFW

2011-07-28 21:36 . 2011-07-20 08:44 8578896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{99AF03BA-72E7-45E3-84B9-DD76C8B6E568}\mpengine.dll

2011-07-28 19:20 . 2011-07-28 19:20 -------- d-----w- c:\windows\Internet Logs

2011-07-23 19:17 . 2011-07-23 19:17 -------- d-----w- c:\users\Adults\AppData\Roaming\Malwarebytes

2011-07-23 19:16 . 2011-07-06 18:52 41272 ----a-w- c:\windows\SysWow64\drivers\mbamswissarmy.sys

2011-07-23 19:16 . 2011-07-23 19:16 -------- d-----w- c:\programdata\Malwarebytes

2011-07-23 19:16 . 2011-07-06 18:52 25912 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-23 19:16 . 2011-07-28 18:23 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2011-07-23 12:26 . 2011-07-28 18:22 -------- d-----w- C:\rei

2011-07-23 12:26 . 2011-07-23 12:26 -------- d-----w- c:\program files\Reimage

2011-07-20 19:53 . 2011-07-20 19:53 -------- d-----w- c:\users\Admin\AppData\Local\Diagnostics

2011-07-20 18:13 . 2011-07-28 21:39 -------- d-----w- c:\users\Administrator 2011

2011-07-20 17:08 . 2011-07-28 18:23 -------- d-----w- c:\programdata\Skype

2011-07-16 15:51 . 2011-07-16 15:51 -------- d-----w- c:\program files\Microsoft Games

2011-07-16 15:43 . 2011-07-28 18:21 -------- d-----w- c:\users\Adults\AppData\Roaming\VSRevoGroup

2011-07-14 15:52 . 2011-07-14 15:56 -------- d-----w- C:\bc92e3125ceca0c8a224dd651d

2011-07-09 11:59 . 2001-09-20 08:18 311248 ----a-w- c:\windows\IsUninst.exe

2011-07-07 13:02 . 2011-07-07 13:02 -------- d-----w- c:\program files (x86)\Common Files\Adobe

2011-07-06 22:56 . 2011-07-28 18:23 -------- d-----w- c:\program files (x86)\Roxio

2011-07-06 22:55 . 2011-07-28 18:24 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared

2011-07-06 22:55 . 2011-07-28 18:24 -------- d-----w- c:\program files (x86)\Common Files\Roxio Shared

2011-07-06 22:53 . 2011-07-06 22:53 -------- d-----w- c:\users\Adults\AppData\Roaming\Roxio Log Files

2011-07-04 21:13 . 2011-07-04 21:13 -------- d-----w- c:\program files (x86)\Memory-Map

2011-07-03 21:06 . 2011-07-28 18:21 -------- d-----w- C:\WebUpdater

2011-07-03 20:19 . 2011-07-03 20:22 -------- d-----w- C:\Maps_v5

2011-07-03 20:16 . 2011-07-03 20:16 -------- d-----w- c:\programdata\GARMIN

2011-07-03 20:15 . 2011-07-28 18:24 -------- d-----w- c:\program files (x86)\Garmin

2011-07-03 19:42 . 2011-07-28 18:24 -------- d-----w- C:\Garmin

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-07-07 15:27 . 2010-06-03 12:56 2301208 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll

2011-07-07 15:27 . 2010-06-03 12:56 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll

2011-07-01 21:07 . 2010-05-20 11:18 2588952 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll

2011-07-01 21:07 . 2010-05-20 11:18 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll

2011-07-01 21:07 . 2010-07-19 16:06 710976 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll

2011-06-27 21:13 . 2010-05-20 11:18 710976 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll

2011-06-22 21:23 . 2011-06-22 21:23 404640 ------w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2011-06-03 05:57 . 2011-07-13 19:54 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2011-05-28 03:30 . 2011-06-15 15:41 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2011-05-28 02:53 . 2011-06-15 15:41 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb

2011-05-24 18:14 . 2010-06-05 08:37 270720 ------w- c:\windows\system32\MpSigStub.exe

2011-05-03 05:29 . 2011-06-15 15:40 976896 ----a-w- c:\windows\system32\inetcomm.dll

2011-05-03 04:30 . 2011-06-15 15:40 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files (x86)\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

"{ada2ac0d-15c6-4611-ba5d-5b0a8b52fd6d}"= "c:\program files (x86)\Nectar Search Toolbar\Helper.dll" [2010-07-27 243200]

"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn4\YTNavAssist.dll" [2011-03-16 214840]

.

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

.

[HKEY_CLASSES_ROOT\clsid\{ada2ac0d-15c6-4611-ba5d-5b0a8b52fd6d}]

[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]

[HKEY_CLASSES_ROOT\TypeLib\{8021825B-2FBA-43AA-8FC9-1289DCD80B76}]

[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]

.

[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]

[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin.1]

[HKEY_CLASSES_ROOT\TypeLib\{A31F34A1-EBD2-45A2-BF6D-231C1B987CC8}]

[HKEY_CLASSES_ROOT\YTNavAssist.YTNavAssistPlugin]

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

2010-05-09 10:50 2517088 ----a-w- c:\program files (x86)\ZoneAlarm\tbZone.dll

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{B7C2F0D8-2209-4693-A15D-5A537211D48B}]

2010-07-27 22:03 1498624 ----a-w- c:\program files (x86)\Nectar Search Toolbar\Toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}"= "c:\program files (x86)\ZoneAlarm\tbZone.dll" [2010-05-09 2517088]

"{8020143D-5926-4394-A04D-DD0B649DA121}"= "c:\program files (x86)\Nectar Search Toolbar\Toolbar.dll" [2010-07-27 1498624]

.

[HKEY_CLASSES_ROOT\clsid\{66f2e20d-0da8-4c11-a9c8-dd8477b88acd}]

.

[HKEY_CLASSES_ROOT\clsid\{8020143d-5926-4394-a04d-dd0b649da121}]

[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar.3]

[HKEY_CLASSES_ROOT\TypeLib\{22466F1F-0B10-41B0-A971-3A28599AA7C7}]

[HKEY_CLASSES_ROOT\FCTB000061465.IEToolbar]

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-15 39408]

"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]

"Sony Ericsson PC Companion"="c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" [2010-11-16 422912]

"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-04-28 3373968]

"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-04-28 934800]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-01-07 253672]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-17 538472]

"MyPoi Monitor"="c:\program files (x86)\Common Files\MyPoiWorld Shared\MyPoiMonitor\MyPoiMonitor.exe" [2010-03-26 2114808]

"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2010-05-15 26624]

"GDI Manager"="c:\program files (x86)\MFP Server\App\Common\MFPAgent.exe" [2008-05-06 737280]

"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA&inst=NwA3AC0AMwAzADcAOAA5ADkAMwA1ADAALQBGAFAAOQAyACsANgAtAEYATAArADkALQBYAE8AMwA2ACsAMQAtAEYAOQBNADEAMABBACsAMgAtAFgATwA5ACsAMQAtAEYAOQBNADIAKwAxAC0ARABEAFQAKwAwAA∏=90&ver=9.0.894" [?]

.

c:\users\Adults\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

OpenOffice.org 3.2.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2010-5-20 1195008]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]

McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2009-12-01 21:03 98304 ------w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 0001631303764531mcinstcleanup;McAfee Application Installer Cleanup (0001631303764531);c:\windows\TEMP\000163~1.EXE [x]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 133104]

R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]

R3 AliWGP;Composite Device;c:\windows\system32\DRIVERS\mfpcomp.sys [x]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 133104]

R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-12-27 31124344]

R3 nosGetPlusHelper;getPlus® Helper 3004;c:\windows\System32\svchost.exe [2009-07-14 27136]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]

R3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-10-26 155344]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]

R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-09-15 16392]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]

S1 RapportEI64;RapportEI64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2011-06-22 52496]

S1 RapportPG64;RapportPG64;c:\program files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2011-06-22 61200]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 ALIWEHCD;MFP Server Enhanced Controller;c:\windows\system32\Drivers\mfpec.sys [x]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [2011-02-16 101048]

S2 RapportMgmtService;Rapport Management Service;c:\program files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2011-06-22 870200]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]

S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-01-29 822784]

S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]

S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]

S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2011-04-20 1021840]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]

S3 WUSBVBus;MFP Server Detector;c:\windows\system32\DRIVERS\mfpvbus.sys [x]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

getPlusHelper REG_MULTI_SZ getPlusHelper

nosGetPlusHelper REG_MULTI_SZ nosGetPlusHelper

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]

2010-11-20 12:17 302592 ----a-w- c:\windows\System32\cmd.exe

.

Contents of the 'Scheduled Tasks' folder

.

2011-07-28 c:\windows\Tasks\Free File Viewer Update Checker.job

- c:\program files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2010-10-26 10:25]

.

2011-07-28 c:\windows\Tasks\Google Software Updater.job

- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-05-15 19:38]

.

2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 14:42]

.

2011-07-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-15 14:42]

.

2011-07-25 c:\windows\Tasks\Norton Security Scan for Adults.job

- c:\progra~2\NORTON~2\Engine\300~1.103\Nss.exe [2011-04-18 03:19]

.

2011-07-23 c:\windows\Tasks\{1856DB99-325E-476A-AD8B-148FA40423C5}.job

- c:\program files (x86)\google\chrome\application\chrome.exe [2010-05-15 04:51]

.

2011-07-28 c:\windows\Tasks\{6C7EC41D-4F26-48EB-B6F8-B52AEEBB832F}.job

- c:\program files (x86)\google\chrome\application\chrome.exe [2010-05-15 04:51]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]

"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-05-15 171520]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-06-25 166424]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-06-25 390680]

"Persistence"="c:\windows\system32\igfxpers.exe" [2010-06-25 410136]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x1

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.co.uk/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll/cmsidewiki.html

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Adults\AppData\Roaming\Mozilla\Firefox\Profiles\a7orfyxm.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/ig

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4c0a0ee8&v=6.010.006.004&i=23&tp=ab&iy=b&ychte=uk&lng=en-GB&q=

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Wow6432Node-HKCU-Run-Skype - c:\program files (x86)\Skype\Phone\Skype.exe

Wow6432Node-HKLM-Run-Server Application - c:\windows\system32\ServoApp.exe

Wow6432Node-HKLM-Run-MFP Manager - c:\program files (x86)\MFP Server\MFPAgent.exe

WebBrowser-{66F2E20D-0DA8-4C11-A9C8-DD8477B88ACD} - (no file)

WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

WebBrowser-{8020143D-5926-4394-A04D-DD0B649DA121} - (no file)

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

AddRemove-YInstHelper - c:\windows\system32\regsvr32

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10t_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10t.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2011-07-28 22:53:30

ComboFix-quarantined-files.txt 2011-07-28 21:53

.

Pre-Run: 179,124,195,328 bytes free

Post-Run: 180,067,962,880 bytes free

.

- - End Of File - - 485FE1549B18A59811790559BB9AE686

Link to post
Share on other sites

See if any of these fix it.

1. Click Start, and then click Control Panel.

2. Double-click Display, click the Desktop tab, and then click Customize Desktop.

3. Select Restore Defaults

1. Click Start, and then click Control Panel.

2. Double-click Display, click the Desktop tab, and then click Customize Desktop.

then click the web tab, then under the web pages to display on your desktop

if it has "security" you uncheck this and delete

1. Right-click the desktop.

2. Point to Arrange Icons By.

3. Click Show Desktop Icons. ""

Open windows explorer (right click the Start button and click Explore)

At the top of windows explorer, click tools, folder options, click the

view tab

•check Display the contents of system folders

•check Show hidden files and folders

Click apply, click ok

Icons back?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.