Ports Blocked! can't run any AV! Ack!

Hi

I noticed after I attempted to update Firefox, via the Firefox updater tool, that Firefox would not display any pages. I was getting a standard error message along the lines of, “Unable to connect.” I then tried to launch IE and it is the only browser that now works. I uninstalled and tried to re-install Firefox, and now it does not even load. I also tried to download Chrome, but that won’t even install for some reason.

A separate, but maybe connected issue: a few weeks back the tech support guy at my ISP told me to uninstall all anti-virus software, in an attempt to resolve a problem with my modem and router. At that time, I tried to uninstall all Norton Internet Security/Symantec stuff. However, the uninstall is incomplete. I tried to download the uninstall tool from Symantec directly and the computer won’t let me (ha!). I get an error message that says, “unable to connect to server.”

So, I tried to download McAfee which my ISP provides free to its subscribers. I get almost all the way through the download but then it stops and gives me an error that there’s no internet connection, which obviously that’s not the case. On my other laptop I have successfully used Spybot Search & Destroy, so I tried to download and install it to this laptop. However, I get partially through the initial setup and am then given the error message as a weird looking popup that says “Error Sending Request. A connection to the server could not be established.” So, I called my ISP again and was told I have some kind of virus that’s blocking my ports.

Long story short: only IE works, sometimes it blocks a few webpages (like, eBay, Food Network, and Huffington Post). And, I can’t run any anti-virus software. I tried doing an online scan on Panda Security but my computer runs so hot that it shuts down after getting to about 26%. I tried using the Microsoft Security Essentials scan and it found nothing, so did Malwarebytes (because my computer won't let it update, I think). My machine runs Vista, but not even SP1 because the update won’t install (I think because, again, my computer runs too hot). I have a used HP Pavilion laptop.

Please, please help! Have zero ideas at this point...and cannot afford for McAfee to take remote control of my computer to fix it.

Hi,

I realized that I did not include the DDS report regarding the issue I requested help for: http://forums.spybot.info/showthread.php?t=64052

Totally not trying to make this any harder than it needs to be, my apologies. A little too stressed to be more precise. Can this be merged with my prior post? Not trying to bump at all!

Here's the report. Ever so grateful for your review. Thanks,

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 7.0.6000.16982 BrowserJavaVersion: 1.6.0_26
Run by KLB at 14:54:57 on 2011-10-03
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.833 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\FaxTalk Trial\FTclctrl.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\FaxTalk Trial\FTmsgsvc.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Print Clips: {ffffffff-ff12-44c5-91ec-068e3aa1b2d7} - c:\program files\hp\smart web printing\hpswp_framework.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
mRun: [SynTPStart] c:\program files\synaptics\syntp\SynTPStart.exe
mRun: [QPService] "c:\program files\hp\quickplay\QPService.exe"
mRun: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
mRun: [OnScreenDisplay] c:\program files\hewlett-packard\hp quicktouch\HPKBDAPP.exe
mRun: [UCam_Menu] "c:\program files\cyberlink\youcam\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\youcam" update "software\cyberlink\youcam\1.0"
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [hpqSRMon]
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpWirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe
mRun: [WAWifiMessage] c:\program files\hewlett-packard\hp wireless assistant\WiFiMsg.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [FaxTalk FaxCenter Pro 8] "c:\program files\faxtalk trial\FTClCtrl.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
StartupFolder: c:\users\klb\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: EnableLUA = 0 (0x0)
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBC} - c:\program files\java\jre6\bin\npjpi160_26.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{80C29B12-5FE1-4137-B7E4-2E25574E3145} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{9BF7A8D0-0218-4926-A7BA-12AEE79A3EBA} : DhcpNameServer = 192.168.1.1
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\klb\appdata\roaming\mozilla\firefox\profiles\y3scdo80.default\
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\users\klb\appdata\roaming\mozilla\plugins\npatgpc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2011-10-1 28552]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20110629.002\IDSvix86.sys [2011-7-1 287792]
R2 FaxTalk FaxCenter Pro 8;FaxTalk FaxCenter Pro 8;c:\program files\faxtalk trial\FTmsgsvc.exe [2011-5-19 33120]
R3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]
S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-5-29 23888]
S3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\drivers\WSDPrint.sys [2006-11-2 16896]
S4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2011-5-10 149352]
S4 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2011-5-10 1251720]
.
=============== Created Last 30 ================
.
2011-10-03 14:27:14 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{99cba211-fbd9-466b-92ab-255096b81ead}\offreg.dll
2011-10-02 20:26:45 -------- d-----w- c:\users\klb\appdata\local\Seven Zip
2011-10-02 04:05:52 -------- d-----w- c:\users\klb\appdata\roaming\Malwarebytes
2011-10-02 04:05:31 -------- d-----w- c:\programdata\Malwarebytes
2011-10-01 23:31:11 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys
2011-10-01 22:55:20 -------- d-----w- c:\users\klb\HijackThis
2011-10-01 21:58:26 7269712 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{99cba211-fbd9-466b-92ab-255096b81ead}\mpengine.dll
2011-10-01 18:58:58 -------- d-----w- c:\program files\Panda Security
2011-10-01 18:45:44 -------- d-----w- C:\TEMP
2011-10-01 14:59:33 -------- d-----w- c:\users\klb\appdata\local\Deployment
2011-09-04 16:02:58 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2011-09-04 16:02:58 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2011-09-04 16:02:58 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2011-09-04 16:02:52 713728 ----a-w- c:\windows\system32\timedate.cpl
2011-09-04 16:02:49 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2011-09-04 16:02:49 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-09-04 15:59:25 311296 ----a-w- c:\windows\system32\unregmp2.exe
2011-09-04 15:59:25 1418240 ----a-w- c:\program files\windows media player\setup_wm.exe
2011-09-04 15:59:24 7680 ----a-w- c:\windows\system32\spwmp.dll
2011-09-04 15:59:24 4096 ----a-w- c:\windows\system32\msdxm.ocx
2011-09-04 15:59:24 4096 ----a-w- c:\windows\system32\dxmasf.dll
2011-09-04 15:59:24 168960 ----a-w- c:\program files\windows media player\wmplayer.exe
2011-09-04 15:59:24 107520 ----a-w- c:\program files\windows media player\wmpshare.exe
2011-09-04 15:59:24 107520 ----a-w- c:\program files\windows media player\wmpconfig.exe
2011-09-04 15:59:23 8147968 ----a-w- c:\windows\system32\wmploc.DLL
.
==================== Find3M ====================
.
2011-07-22 21:07:38 413760 ----a-w- c:\windows\system32\MPG4c32.dll
2011-07-22 21:07:38 239888 ----a-w- c:\windows\system32\MPG4ds32.ax
2011-07-22 20:51:50 94208 ----a-w- c:\windows\system32\dpl100.dll
.
============= FINISH: 14:55:15.78 ===============

hi dough56,

Your post is a few days old. If you still need help simply reply back.

Yep, still need assistance

Hi shelflife,

Yes, I would appreciate any help you can offer. Still having the same problems.

Why dont you try this first: boot your machine into safe mode. To reach safe mode you would tap the f8 key during a computer restart. Chose the first option from the list: safe mode. Once at the safe mode desktop go ahead and run malwarebytes even though its not up to date. This may or may not help at all.

You can also do this, or at least try it in Vista. you might want to copy/paste it into notepad so you can find it in safe mode; I no longer have a copy of vista so I cant check these paths. but you can try it anyway, cant hurt.

Click Start> then type %temp%
in the search box
Hit OK or enter. Delete all the files you can.

click Start> then type %windir%\temp
in search box
hit ok. delete all the files you can

Empty your Temp folders. Go to Start > Run and type:cleanmgr. Windows will scan. When done check these 3 and press *ok* to remove:

Temporary Files
Temporary Internet Files
Recycle Bin

After the above reboot normally, then see if you can download a file to use:

Please download TDSS Killer.exe and save it to your desktop
Double click to launch the utility. Vista and Windows 7 right click and "run as admin.." After it initializes click the start scan button.

"The utility will automatically select an action (Cure or Delete) for known malcious objects. A suspicious object will be skipped by default."


If an infected file is detected, the default action will be Cure, click on Continue.

If a suspicious file is detected, the default action will be Skip, click on Continue.

It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.


A report can also be found in your Root drive Local Disk (C) as TDSSKiller.2.4.12.0_02.01.2011_17.32.21_log.txt (name, version, date, time, log.txt)
Please post the log report

We will go from there based on results.

Still, no malware found

Ok, I've:
-run Malwarebytes==>Nothing found.
-deleted Temp files
-deleted Windir temp files
-run disk cleanup and removed: temporary files, temp. internet files, and recycle bin files
-rebooted in normal mode
-downloaded and run (as administrator) TDSS Killer

TDSS Killer says it didn't find anything. Here's the report:

20:26:29.0220 2608 TDSS rootkit removing tool 2.6.6.0 Oct 7 2011 12:45:24
20:26:29.0314 2608 ============================================================
20:26:29.0314 2608 Current date / time: 2011/10/07 20:26:29.0314
20:26:29.0314 2608 SystemInfo:
20:26:29.0314 2608
20:26:29.0314 2608 OS Version: 6.0.6000 ServicePack: 0.0
20:26:29.0314 2608 Product type: Workstation
20:26:29.0314 2608 ComputerName: WORK-PC
20:26:29.0314 2608 UserName: KLB
20:26:29.0314 2608 Windows directory: C:\Windows
20:26:29.0314 2608 System windows directory: C:\Windows
20:26:29.0314 2608 Processor architecture: Intel x86
20:26:29.0314 2608 Number of processors: 2
20:26:29.0314 2608 Page size: 0x1000
20:26:29.0314 2608 Boot type: Normal boot
20:26:29.0314 2608 ============================================================
20:26:30.0016 2608 Initialize success
20:26:33.0713 0872 ============================================================
20:26:33.0713 0872 Scan started
20:26:33.0713 0872 Mode: Manual;
20:26:33.0713 0872 ============================================================
20:26:34.0727 0872 ACPI (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
20:26:34.0743 0872 ACPI - ok
20:26:34.0790 0872 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
20:26:34.0790 0872 adp94xx - ok
20:26:34.0836 0872 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
20:26:34.0836 0872 adpahci - ok
20:26:34.0883 0872 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
20:26:34.0883 0872 adpu160m - ok
20:26:34.0914 0872 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
20:26:34.0914 0872 adpu320 - ok
20:26:34.0992 0872 AFD (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
20:26:34.0992 0872 AFD - ok
20:26:35.0070 0872 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
20:26:35.0070 0872 agp440 - ok
20:26:35.0102 0872 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
20:26:35.0102 0872 aic78xx - ok
20:26:35.0148 0872 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
20:26:35.0148 0872 aliide - ok
20:26:35.0195 0872 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
20:26:35.0195 0872 amdagp - ok
20:26:35.0226 0872 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
20:26:35.0242 0872 amdide - ok
20:26:35.0289 0872 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
20:26:35.0289 0872 AmdK7 - ok
20:26:35.0336 0872 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
20:26:35.0336 0872 AmdK8 - ok
20:26:35.0398 0872 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
20:26:35.0398 0872 arc - ok
20:26:35.0445 0872 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
20:26:35.0445 0872 arcsas - ok
20:26:35.0492 0872 AsyncMac (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
20:26:35.0492 0872 AsyncMac - ok
20:26:35.0554 0872 atapi (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
20:26:35.0554 0872 atapi - ok
20:26:35.0679 0872 athr (0437199c88f6e88a387cfec8a8886a6e) C:\Windows\system32\DRIVERS\athr.sys
20:26:35.0694 0872 athr - ok
20:26:35.0882 0872 BCM43XV (cf6a67c90951e3e763d2135dede44b85) C:\Windows\system32\DRIVERS\bcmwl6.sys
20:26:35.0882 0872 BCM43XV - ok
20:26:35.0913 0872 Beep (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
20:26:35.0913 0872 Beep - ok
20:26:35.0944 0872 blbdrive - ok
20:26:35.0975 0872 bowser (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
20:26:35.0991 0872 bowser - ok
20:26:36.0022 0872 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
20:26:36.0022 0872 BrFiltLo - ok
20:26:36.0053 0872 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
20:26:36.0053 0872 BrFiltUp - ok
20:26:36.0100 0872 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\DRIVERS\BrSerId.sys
20:26:36.0100 0872 Brserid - ok
20:26:36.0131 0872 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
20:26:36.0147 0872 BrSerWdm - ok
20:26:36.0162 0872 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
20:26:36.0178 0872 BrUsbMdm - ok
20:26:36.0209 0872 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\DRIVERS\BrUsbSer.sys
20:26:36.0209 0872 BrUsbSer - ok
20:26:36.0256 0872 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
20:26:36.0256 0872 BTHMODEM - ok
20:26:36.0318 0872 cdfs (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
20:26:36.0318 0872 cdfs - ok
20:26:36.0396 0872 cdrom (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
20:26:36.0396 0872 cdrom - ok
20:26:36.0459 0872 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
20:26:36.0459 0872 circlass - ok
20:26:36.0521 0872 CLFS (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
20:26:36.0521 0872 CLFS - ok
20:26:36.0646 0872 CmBatt (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
20:26:36.0646 0872 CmBatt - ok
20:26:36.0693 0872 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
20:26:36.0693 0872 cmdide - ok
20:26:36.0786 0872 CnxtHdAudService (b6e7991e3d6146c04c85cd31af22a381) C:\Windows\system32\drivers\CHDRT32.sys
20:26:36.0786 0872 CnxtHdAudService - ok
20:26:36.0864 0872 COH_Mon (6186b6b953bdc884f0f379b84b3e3a98) C:\Windows\system32\Drivers\COH_Mon.sys
20:26:36.0864 0872 COH_Mon - ok
20:26:37.0020 0872 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
20:26:37.0020 0872 Compbatt - ok
20:26:37.0098 0872 CO_Mon (73f5d6835bfa66019c03e316d99649da) C:\Windows\system32\drivers\CO_Mon.sys
20:26:37.0098 0872 CO_Mon - ok
20:26:37.0145 0872 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
20:26:37.0145 0872 crcdisk - ok
20:26:37.0176 0872 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
20:26:37.0176 0872 Crusoe - ok
20:26:37.0223 0872 DfsC (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
20:26:37.0223 0872 DfsC - ok
20:26:37.0286 0872 disk (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
20:26:37.0301 0872 disk - ok
20:26:37.0332 0872 drmkaud (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
20:26:37.0332 0872 drmkaud - ok
20:26:37.0410 0872 DXGKrnl (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
20:26:37.0457 0872 DXGKrnl - ok
20:26:37.0566 0872 E100B (c0b00e55cf82d122d25983c7a6a53dea) C:\Windows\system32\DRIVERS\e100b325.sys
20:26:37.0598 0872 E100B - ok
20:26:37.0722 0872 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
20:26:37.0738 0872 E1G60 - ok
20:26:37.0910 0872 Ecache (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
20:26:37.0956 0872 Ecache - ok
20:26:38.0128 0872 eeCtrl (5461f01b7def17dc90d90b029f874c3b) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
20:26:38.0175 0872 eeCtrl - ok
20:26:38.0393 0872 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
20:26:38.0440 0872 elxstor - ok
20:26:38.0596 0872 fastfat (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
20:26:38.0627 0872 fastfat - ok
20:26:39.0002 0872 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
20:26:39.0017 0872 fdc - ok
20:26:39.0142 0872 FileInfo (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
20:26:39.0142 0872 FileInfo - ok
20:26:39.0220 0872 Filetrace (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
20:26:39.0220 0872 Filetrace - ok
20:26:39.0251 0872 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
20:26:39.0251 0872 flpydisk - ok
20:26:39.0282 0872 FltMgr (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
20:26:39.0282 0872 FltMgr - ok
20:26:39.0345 0872 Fs_Rec (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
20:26:39.0360 0872 Fs_Rec - ok
20:26:39.0392 0872 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
20:26:39.0392 0872 gagp30kx - ok
20:26:39.0548 0872 HdAudAddService (7be40bb4cd16d8760e18ea981ff452ec) C:\Windows\system32\drivers\CHDART.sys
20:26:39.0594 0872 HdAudAddService - ok
20:26:39.0750 0872 HDAudBus (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
20:26:39.0750 0872 HDAudBus - ok
20:26:39.0844 0872 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
20:26:39.0844 0872 HidBth - ok
20:26:39.0875 0872 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
20:26:39.0891 0872 HidIr - ok
20:26:40.0281 0872 HidUsb (01e7971e9f4bd6ac6a08db52d0ea0418) C:\Windows\system32\DRIVERS\hidusb.sys
20:26:40.0296 0872 HidUsb - ok
20:26:40.0390 0872 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
20:26:40.0421 0872 HpCISSs - ok
20:26:40.0484 0872 HpqKbFiltr (35956140e686d53bf676cf0c778880fc) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
20:26:40.0484 0872 HpqKbFiltr - ok
20:26:40.0546 0872 HpqRemHid (115c0933b3ed51dfbec4449348c8065b) C:\Windows\system32\DRIVERS\HpqRemHid.sys
20:26:40.0562 0872 HpqRemHid - ok
20:26:40.0671 0872 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
20:26:40.0686 0872 HSFHWAZL - ok
20:26:40.0874 0872 HSF_DPV (1882827f41dee51c70e24c567c35bfb5) C:\Windows\system32\DRIVERS\HSX_DPV.sys
20:26:40.0920 0872 HSF_DPV - ok
20:26:40.0967 0872 HSXHWAZL (a44ddf3ba83e4664bf4de9220097578c) C:\Windows\system32\DRIVERS\HSXHWAZL.sys
20:26:40.0983 0872 HSXHWAZL - ok
20:26:41.0061 0872 HTTP (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
20:26:41.0076 0872 HTTP - ok
20:26:41.0123 0872 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
20:26:41.0139 0872 i2omp - ok
20:26:41.0248 0872 i8042prt (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
20:26:41.0248 0872 i8042prt - ok
20:26:41.0357 0872 ialm (496db78e6a0c4c44023d9a92b4a7ac31) C:\Windows\system32\DRIVERS\igdkmd32.sys
20:26:41.0420 0872 ialm - ok
20:26:41.0669 0872 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
20:26:41.0716 0872 iaStorV - ok
20:26:41.0934 0872 IDSvix86 (b147ccf3b7a42b64af8ec0520b4b15e3) C:\PROGRA~2\Symantec\DEFINI~1\SymcData\ipsdefs\20110629.002\IDSvix86.sys
20:26:41.0966 0872 IDSvix86 - ok
20:26:42.0387 0872 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
20:26:42.0418 0872 iirsp - ok
20:26:42.0512 0872 intelide (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
20:26:42.0512 0872 intelide - ok
20:26:42.0543 0872 intelppm (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
20:26:42.0543 0872 intelppm - ok
20:26:42.0605 0872 IpFilterDriver (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:26:42.0605 0872 IpFilterDriver - ok
20:26:42.0652 0872 IpInIp - ok
20:26:42.0730 0872 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
20:26:42.0761 0872 IPMIDRV - ok
20:26:42.0808 0872 IPNAT (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
20:26:42.0808 0872 IPNAT - ok
20:26:42.0855 0872 IRENUM (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
20:26:42.0855 0872 IRENUM - ok
20:26:42.0917 0872 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
20:26:42.0917 0872 isapnp - ok
20:26:43.0011 0872 iScsiPrt (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
20:26:43.0026 0872 iScsiPrt - ok
20:26:43.0073 0872 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
20:26:43.0073 0872 iteatapi - ok
20:26:43.0120 0872 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
20:26:43.0120 0872 iteraid - ok
20:26:43.0182 0872 kbdclass (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
20:26:43.0198 0872 kbdclass - ok
20:26:43.0229 0872 kbdhid (ed61dbc6603f612b7338283edbacbc4b) C:\Windows\system32\DRIVERS\kbdhid.sys
20:26:43.0229 0872 kbdhid - ok
20:26:43.0307 0872 KSecDD (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
20:26:43.0307 0872 KSecDD - ok
20:26:43.0588 0872 lltdio (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
20:26:43.0604 0872 lltdio - ok
20:26:43.0650 0872 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
20:26:43.0682 0872 LSI_FC - ok
20:26:43.0728 0872 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
20:26:43.0728 0872 LSI_SAS - ok
20:26:43.0838 0872 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
20:26:43.0853 0872 LSI_SCSI - ok
20:26:43.0884 0872 luafv (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
20:26:43.0900 0872 luafv - ok
20:26:43.0962 0872 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys
20:26:43.0962 0872 MBAMProtector - ok
20:26:44.0056 0872 mdmxsdk (0cea2d0d3fa284b85ed5b68365114f76) C:\Windows\system32\DRIVERS\mdmxsdk.sys
20:26:44.0087 0872 mdmxsdk - ok
20:26:44.0150 0872 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
20:26:44.0150 0872 megasas - ok
20:26:44.0446 0872 Modem (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
20:26:44.0462 0872 Modem - ok
20:26:44.0524 0872 monitor (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
20:26:44.0524 0872 monitor - ok
20:26:44.0586 0872 mouclass (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
20:26:44.0602 0872 mouclass - ok
20:26:44.0633 0872 mouhid (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
20:26:44.0649 0872 mouhid - ok
20:26:44.0680 0872 MountMgr (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
20:26:44.0680 0872 MountMgr - ok
20:26:44.0727 0872 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
20:26:44.0727 0872 mpio - ok
20:26:44.0758 0872 mpsdrv (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
20:26:44.0758 0872 mpsdrv - ok
20:26:44.0789 0872 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
20:26:44.0789 0872 Mraid35x - ok
20:26:44.0836 0872 MRxDAV (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
20:26:44.0836 0872 MRxDAV - ok
20:26:44.0898 0872 mrxsmb (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:26:44.0898 0872 mrxsmb - ok
20:26:45.0008 0872 mrxsmb10 (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:26:45.0008 0872 mrxsmb10 - ok
20:26:45.0195 0872 mrxsmb20 (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:26:45.0226 0872 mrxsmb20 - ok
20:26:45.0288 0872 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
20:26:45.0288 0872 msahci - ok
20:26:45.0320 0872 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
20:26:45.0320 0872 msdsm - ok
20:26:45.0366 0872 Msfs (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
20:26:45.0366 0872 Msfs - ok
20:26:45.0398 0872 msisadrv (2c3f1983cd3629573cb9e9658247847a) C:\Windows\system32\drivers\msisadrv.sys
20:26:45.0398 0872 msisadrv - ok
20:26:45.0444 0872 MSKSSRV (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
20:26:45.0460 0872 MSKSSRV - ok
20:26:45.0507 0872 MSPCLOCK (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
20:26:45.0507 0872 MSPCLOCK - ok
20:26:45.0538 0872 MSPQM (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
20:26:45.0538 0872 MSPQM - ok
20:26:45.0554 0872 MsRPC (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
20:26:45.0569 0872 MsRPC - ok
20:26:45.0600 0872 mssmbios (1f6f7159c75e4b27d138b5225808860f) C:\Windows\system32\DRIVERS\mssmbios.sys
20:26:45.0600 0872 mssmbios - ok
20:26:45.0663 0872 MSTEE (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
20:26:45.0678 0872 MSTEE - ok
20:26:45.0710 0872 Mup (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
20:26:45.0710 0872 Mup - ok
20:26:45.0756 0872 NativeWifiP (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
20:26:45.0788 0872 NativeWifiP - ok
20:26:45.0866 0872 NAVENG - ok
20:26:45.0944 0872 NAVEX15 - ok
20:26:46.0490 0872 NDIS (227c11e1e7cf6ef8afb2a238d209760c) C:\Windows\system32\drivers\ndis.sys
20:26:46.0552 0872 NDIS - ok
20:26:46.0614 0872 NdisTapi (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
20:26:46.0614 0872 NdisTapi - ok
20:26:46.0646 0872 Ndisuio (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
20:26:46.0661 0872 Ndisuio - ok
20:26:46.0708 0872 NdisWan (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
20:26:46.0708 0872 NdisWan - ok
20:26:46.0739 0872 NDProxy (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
20:26:46.0739 0872 NDProxy - ok
20:26:46.0786 0872 NetBIOS (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
20:26:46.0802 0872 NetBIOS - ok
20:26:46.0833 0872 netbt (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
20:26:46.0833 0872 netbt - ok
20:26:46.0880 0872 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
20:26:46.0880 0872 nfrd960 - ok
20:26:46.0911 0872 Npfs (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
20:26:46.0911 0872 Npfs - ok
20:26:46.0926 0872 nsiproxy (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
20:26:46.0926 0872 nsiproxy - ok
20:26:47.0004 0872 Ntfs (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
20:26:47.0067 0872 Ntfs - ok
20:26:47.0114 0872 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
20:26:47.0129 0872 ntrigdigi - ok
20:26:47.0145 0872 Null (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
20:26:47.0145 0872 Null - ok
20:26:47.0238 0872 NVENETFD (d958a2b5f6ad5c3b8ccdc4d7da62466c) C:\Windows\system32\DRIVERS\nvmfdx32.sys
20:26:47.0285 0872 NVENETFD - ok
20:26:48.0502 0872 nvlddmkm (d65bc32c1795191b7f2b028351ab4fe2) C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:26:48.0752 0872 nvlddmkm - ok
20:26:48.0908 0872 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
20:26:48.0923 0872 nvraid - ok
20:26:48.0954 0872 nvsmu (9aebc32f9d6e02ebee0369ab296fe7c8) C:\Windows\system32\DRIVERS\nvsmu.sys
20:26:48.0954 0872 nvsmu - ok
20:26:48.0986 0872 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
20:26:49.0001 0872 nvstor - ok
20:26:49.0064 0872 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
20:26:49.0064 0872 nv_agp - ok
20:26:49.0095 0872 NwlnkFlt - ok
20:26:49.0344 0872 NwlnkFwd - ok
20:26:49.0438 0872 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
20:26:49.0438 0872 ohci1394 - ok
20:26:49.0594 0872 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
20:26:49.0610 0872 Parport - ok
20:26:49.0656 0872 partmgr (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
20:26:49.0656 0872 partmgr - ok
20:26:49.0703 0872 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
20:26:49.0703 0872 Parvdm - ok
20:26:49.0781 0872 pci (5bedd5e1416da009c4f24adf8da13773) C:\Windows\system32\drivers\pci.sys
20:26:49.0781 0872 pci - ok
20:26:49.0844 0872 pciide (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
20:26:49.0844 0872 pciide - ok
20:26:49.0984 0872 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
20:26:50.0000 0872 pcmcia - ok
20:26:50.0327 0872 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
20:26:50.0374 0872 PEAUTH - ok
20:26:50.0514 0872 PptpMiniport (c04dec5ace67c5247b150c4223970bb7) C:\Windows\system32\DRIVERS\raspptp.sys
20:26:50.0530 0872 PptpMiniport - ok
20:26:50.0561 0872 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
20:26:50.0561 0872 Processor - ok
20:26:50.0592 0872 PSched (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
20:26:50.0592 0872 PSched - ok
20:26:50.0670 0872 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
20:26:50.0702 0872 ql2300 - ok
20:26:50.0748 0872 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
20:26:50.0780 0872 ql40xx - ok
20:26:50.0889 0872 QWAVEdrv (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
20:26:50.0904 0872 QWAVEdrv - ok
20:26:50.0951 0872 RasAcd (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
20:26:50.0951 0872 RasAcd - ok
20:26:51.0029 0872 Rasl2tp (68b0019fee429ec49d29017af937e482) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:26:51.0029 0872 Rasl2tp - ok
20:26:51.0138 0872 RasPppoe (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
20:26:51.0154 0872 RasPppoe - ok
20:26:51.0232 0872 rdbss (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
20:26:51.0248 0872 rdbss - ok
20:26:51.0279 0872 RDPCDD (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:26:51.0279 0872 RDPCDD - ok
20:26:51.0357 0872 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
20:26:51.0357 0872 rdpdr - ok
20:26:51.0388 0872 RDPENCDD (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
20:26:51.0388 0872 RDPENCDD - ok
20:26:51.0435 0872 RDPWD (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
20:26:51.0435 0872 RDPWD - ok
20:26:51.0513 0872 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
20:26:51.0528 0872 rimmptsk - ok
20:26:51.0560 0872 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
20:26:51.0560 0872 rimsptsk - ok
20:26:51.0606 0872 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
20:26:51.0606 0872 rismxdp - ok
20:26:51.0794 0872 rspndr (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
20:26:51.0809 0872 rspndr - ok
20:26:51.0872 0872 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
20:26:51.0887 0872 sbp2port - ok
20:26:51.0950 0872 sdbus (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
20:26:51.0965 0872 sdbus - ok
20:26:52.0059 0872 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
20:26:52.0090 0872 secdrv - ok
20:26:52.0121 0872 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
20:26:52.0137 0872 Serenum - ok
20:26:52.0168 0872 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
20:26:52.0168 0872 Serial - ok
20:26:52.0199 0872 sermouse (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
20:26:52.0199 0872 sermouse - ok
20:26:52.0262 0872 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
20:26:52.0277 0872 sffdisk - ok
20:26:52.0293 0872 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
20:26:52.0293 0872 sffp_mmc - ok
20:26:52.0324 0872 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
20:26:52.0324 0872 sffp_sd - ok
20:26:52.0355 0872 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
20:26:52.0355 0872 sfloppy - ok
20:26:52.0386 0872 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
20:26:52.0386 0872 sisagp - ok
20:26:52.0433 0872 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
20:26:52.0449 0872 SiSRaid2 - ok
20:26:52.0496 0872 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
20:26:52.0496 0872 SiSRaid4 - ok
20:26:52.0542 0872 Smb (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
20:26:52.0542 0872 Smb - ok
20:26:52.0932 0872 SPBBCDrv (dc4dc886d3779c446f9b0e9d6b006e72) C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
20:26:52.0979 0872 SPBBCDrv - ok
20:26:53.0135 0872 spldr (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
20:26:53.0135 0872 spldr - ok
20:26:53.0213 0872 SRTSP (655773f2f1a3730c6cf20280a49f4ee1) C:\Windows\system32\Drivers\SRTSP.SYS
20:26:53.0229 0872 SRTSP - ok
20:26:53.0369 0872 SRTSPL (2a0aaf370d4c6574a34ae2f4a0709cae) C:\Windows\system32\Drivers\SRTSPL.SYS
20:26:53.0416 0872 SRTSPL - ok
20:26:53.0494 0872 SRTSPX (3104bdceace2d5710776dd05e6a286c1) C:\Windows\system32\Drivers\SRTSPX.SYS
20:26:53.0510 0872 SRTSPX - ok
20:26:53.0588 0872 srv (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
20:26:53.0588 0872 srv - ok
20:26:53.0650 0872 srv2 (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
20:26:53.0650 0872 srv2 - ok
20:26:53.0681 0872 srvnet (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
20:26:53.0681 0872 srvnet - ok
20:26:53.0728 0872 swenum (92894dd7fdd62af808b1409b73af9c73) C:\Windows\system32\DRIVERS\swenum.sys
20:26:53.0728 0872 swenum - ok
20:26:53.0853 0872 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
20:26:53.0868 0872 Symc8xx - ok
20:26:53.0915 0872 SYMDNS (fe9f8b3a8bc22d85332b42e92308ddf9) C:\Windows\System32\Drivers\SYMDNS.SYS
20:26:53.0931 0872 SYMDNS - ok
20:26:54.0024 0872 SymEvent (06b95820df51502099a8a15c93e87986) C:\Windows\system32\Drivers\SYMEVENT.SYS
20:26:54.0024 0872 SymEvent - ok
20:26:54.0102 0872 SYMFW (a0ea9d273889e53cfaabf2444692ccbf) C:\Windows\System32\Drivers\SYMFW.SYS
20:26:54.0118 0872 SYMFW - ok
20:26:54.0383 0872 SymIMMP - ok
20:26:54.0555 0872 SYMNDISV (c94eaca4b522012ee0691f1e79c42a7d) C:\Windows\System32\Drivers\SYMNDISV.SYS
20:26:54.0570 0872 SYMNDISV - ok
20:26:54.0648 0872 SYMREDRV (7c6505ea598e58099d3b7e1f70426864) C:\Windows\System32\Drivers\SYMREDRV.SYS
20:26:54.0648 0872 SYMREDRV - ok
20:26:54.0773 0872 SYMTDI (e6ff7ace71d07ca90119f2c6ab592ba4) C:\Windows\System32\Drivers\SYMTDI.SYS
20:26:54.0820 0872 SYMTDI - ok
20:26:54.0851 0872 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
20:26:54.0882 0872 Sym_hi - ok
20:26:54.0945 0872 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
20:26:54.0945 0872 Sym_u3 - ok
20:26:55.0023 0872 SynTP (3d6316279c3540aa268bf025f4621ef3) C:\Windows\system32\DRIVERS\SynTP.sys
20:26:55.0023 0872 SynTP - ok
20:26:55.0413 0872 Tcpip (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
20:26:55.0475 0872 Tcpip - ok
20:26:55.0818 0872 Tcpip6 (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
20:26:55.0834 0872 Tcpip6 - ok
20:26:56.0021 0872 tcpipreg (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
20:26:56.0052 0872 tcpipreg - ok
20:26:56.0099 0872 TDPIPE (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
20:26:56.0099 0872 TDPIPE - ok
20:26:56.0146 0872 TDTCP (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
20:26:56.0146 0872 TDTCP - ok
20:26:56.0193 0872 tdx (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
20:26:56.0193 0872 tdx - ok
20:26:56.0240 0872 TermDD (85908da29af0ab835048107ad2ad07d1) C:\Windows\system32\DRIVERS\termdd.sys
20:26:56.0240 0872 TermDD - ok
20:26:56.0333 0872 tssecsrv (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:26:56.0333 0872 tssecsrv - ok
20:26:56.0380 0872 tunmp (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
20:26:56.0380 0872 tunmp - ok
20:26:56.0396 0872 tunnel (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
20:26:56.0396 0872 tunnel - ok
20:26:56.0411 0872 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
20:26:56.0427 0872 uagp35 - ok
20:26:56.0442 0872 udfs (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
20:26:56.0458 0872 udfs - ok
20:26:56.0505 0872 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
20:26:56.0520 0872 uliagpkx - ok
20:26:56.0552 0872 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
20:26:56.0567 0872 uliahci - ok
20:26:56.0583 0872 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
20:26:56.0583 0872 UlSata - ok
20:26:56.0645 0872 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
20:26:56.0645 0872 ulsata2 - ok
20:26:56.0676 0872 umbus (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
20:26:56.0676 0872 umbus - ok
20:26:56.0770 0872 usbccgp (51480458e6e9863f856ebf35aae801b4) C:\Windows\system32\DRIVERS\usbccgp.sys
20:26:56.0786 0872 usbccgp - ok
20:26:56.0817 0872 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
20:26:56.0817 0872 usbcir - ok
20:26:56.0848 0872 usbehci (11fa3acbf0de0286829c69e01fe705e4) C:\Windows\system32\DRIVERS\usbehci.sys
20:26:56.0848 0872 usbehci - ok
20:26:56.0879 0872 usbhub (6a7858a38b5105731e219e7c6a238730) C:\Windows\system32\DRIVERS\usbhub.sys
20:26:56.0895 0872 usbhub - ok
20:26:57.0020 0872 usbohci (4eb459b60682d892ed9165270548b7f0) C:\Windows\system32\DRIVERS\usbohci.sys
20:26:57.0020 0872 usbohci - ok
20:26:57.0066 0872 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
20:26:57.0082 0872 usbprint - ok
20:26:57.0098 0872 usbscan (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
20:26:57.0113 0872 usbscan - ok
20:26:57.0129 0872 USBSTOR (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:26:57.0144 0872 USBSTOR - ok
20:26:57.0176 0872 usbuhci (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
20:26:57.0176 0872 usbuhci - ok
20:26:57.0222 0872 usbvideo (46f3a2912ef88cd8e87d4f9b304cd949) C:\Windows\system32\Drivers\usbvideo.sys
20:26:57.0222 0872 usbvideo - ok
20:26:57.0269 0872 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
20:26:57.0269 0872 vga - ok
20:26:57.0285 0872 VgaSave (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
20:26:57.0285 0872 VgaSave - ok
20:26:57.0316 0872 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
20:26:57.0316 0872 viaagp - ok
20:26:57.0347 0872 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
20:26:57.0347 0872 ViaC7 - ok
20:26:57.0378 0872 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
20:26:57.0378 0872 viaide - ok
20:26:57.0410 0872 volmgr (d9e9490c960624c416fbde080deeb7fe) C:\Windows\system32\drivers\volmgr.sys
20:26:57.0410 0872 volmgr - ok
20:26:57.0488 0872 volmgrx (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
20:26:57.0503 0872 volmgrx - ok
20:26:57.0628 0872 volsnap (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
20:26:57.0675 0872 volsnap - ok
20:26:57.0706 0872 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
20:26:57.0706 0872 vsmraid - ok
20:26:57.0737 0872 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
20:26:57.0737 0872 WacomPen - ok
20:26:57.0768 0872 Wanarp (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:26:57.0768 0872 Wanarp - ok
20:26:57.0768 0872 Wanarpv6 (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
20:26:57.0784 0872 Wanarpv6 - ok
20:26:57.0800 0872 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
20:26:57.0800 0872 Wd - ok
20:26:57.0940 0872 Wdf01000 (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
20:26:57.0987 0872 Wdf01000 - ok
20:26:58.0127 0872 winachsf (e096ffb754f1e45ae1bddac1275ae2c5) C:\Windows\system32\DRIVERS\HSX_CNXT.sys
20:26:58.0143 0872 winachsf - ok
20:26:58.0330 0872 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\DRIVERS\wmiacpi.sys
20:26:58.0330 0872 WmiAcpi - ok
20:26:58.0533 0872 ws2ifsl (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
20:26:58.0548 0872 ws2ifsl - ok
20:26:58.0642 0872 WSDPrintDevice (f01f25b4227ad8d717c21f25f62b43c8) C:\Windows\system32\DRIVERS\WSDPrint.sys
20:26:58.0642 0872 WSDPrintDevice - ok
20:26:58.0736 0872 WUDFRd (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:26:58.0736 0872 WUDFRd - ok
20:26:58.0782 0872 XAudio (19e7c173b6242ad7521e537ae54768bf) C:\Windows\system32\DRIVERS\xaudio.sys
20:26:58.0814 0872 XAudio - ok
20:26:58.0860 0872 MBR (0x1B8) (1a1a06f62e891045814007163c1c76c3) \Device\Harddisk0\DR0
20:26:58.0892 0872 \Device\Harddisk0\DR0 - ok
20:26:58.0892 0872 Boot (0x1200) (94ba7b22fd840a4a92b07ad66877eee9) \Device\Harddisk0\DR0\Partition0
20:26:58.0892 0872 \Device\Harddisk0\DR0\Partition0 - ok
20:26:58.0923 0872 Boot (0x1200) (479e33c6512598c2cddb86c643ba1188) \Device\Harddisk0\DR0\Partition1
20:26:58.0954 0872 \Device\Harddisk0\DR0\Partition1 - ok
20:26:58.0954 0872 ============================================================
20:26:58.0954 0872 Scan finished
20:26:58.0954 0872 ============================================================
20:26:58.0970 2256 Detected object count: 0
20:26:58.0970 2256 Actual detected object count: 0
20:27:18.0548 2060 Deinitialize success

Ok so far so good. We will get another download to use. Its called combofix. There is a guide to read first, read through the guide then download it to your desktop. You may have to right click and "run as admin". If for some reason you cant run it during a normal boot up then run it in safe mode.
Post the log. The guide to read and download links:

Guide to using Combofix

so far so good

Combofix nearly completed in normal mode, but then my computer completely shut off as it was preparing to display the log report. So, I re-ran it in safe mode. When I tried to restart Windows it wouldn't. I can only shut down and then start.

Also, there are 2 files that I would like to delete from something called Sling Media that I can't (?).

Anyway...here's the log:

ComboFix 11-10-07.04 - KLB 10/07/2011 21:49:25.2.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1453 [GMT -4:00]
Running from: c:\users\KLB\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\KBL.LOG
.
.
((((((((((((((((((((((((( Files Created from 2011-09-08 to 2011-10-08 )))))))))))))))))))))))))))))))
.
.
2011-10-08 01:56 . 2011-10-08 01:56 -------- d-----w- c:\users\KLB\AppData\Local\temp
2011-10-08 01:56 . 2011-10-08 01:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-08 00:18 . 2011-10-08 01:47 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D2C80BD-8356-4514-8F2D-433B2E111BFD}\offreg.dll
2011-10-07 23:22 . 2011-10-07 23:22 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2011-10-07 23:22 . 2011-08-31 21:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-10-07 15:02 . 2011-09-12 23:14 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0D2C80BD-8356-4514-8F2D-433B2E111BFD}\mpengine.dll
2011-10-06 03:52 . 2011-10-06 03:52 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2011-10-02 20:46 . 2011-10-02 20:47 -------- d-----w- c:\program files\ERUNT
2011-10-02 20:26 . 2011-10-02 20:26 -------- d-----w- c:\users\KLB\AppData\Local\Seven Zip
2011-10-02 04:05 . 2011-10-02 04:05 -------- d-----w- c:\users\KLB\AppData\Roaming\Malwarebytes
2011-10-02 04:05 . 2011-10-02 04:05 -------- d-----w- c:\programdata\Malwarebytes
2011-10-01 22:55 . 2011-10-02 01:25 -------- d-----w- c:\users\KLB\HijackThis
2011-10-01 18:58 . 2011-10-06 02:56 -------- d-----w- c:\program files\Panda Security
2011-10-01 18:45 . 2011-10-01 18:52 -------- d-----w- C:\TEMP
2011-10-01 15:49 . 2011-10-01 15:49 -------- d-----w- c:\programdata\McAfee
2011-10-01 14:59 . 2011-10-01 17:06 -------- d-----w- c:\users\KLB\AppData\Local\Deployment
2011-09-09 06:04 . 2011-09-09 06:04 -------- d-----w- c:\users\Public\CyberLink
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-08-10 15:31 . 2011-08-10 15:31 652296 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsTemplate\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-08-10 15:31 . 2011-08-10 15:31 644360 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2011-08-10 15:31 . 2011-08-10 15:31 416128 ----a-w- c:\programdata\Microsoft\eHome\Packages\NetTV\Browse\NetTVResources.dll
2011-07-22 21:07 . 2011-07-22 21:07 413760 ----a-w- c:\windows\system32\MPG4c32.dll
2011-07-22 21:07 . 2011-07-22 21:07 239888 ----a-w- c:\windows\system32\MPG4ds32.ax
2011-07-22 20:51 . 2011-07-22 20:51 94208 ----a-w- c:\windows\system32\dpl100.dll
2011-08-20 22:40 . 2011-05-10 14:53 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2011-05-11 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"hpqSRMon"="" [BU]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"FaxTalk FaxCenter Pro 8"="c:\program files\FaxTalk Trial\FTClCtrl.exe" [2011-05-19 120672]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [BU]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\KLB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20110629.002\IDSvix86.sys [2011-04-27 287792]
R2 FaxTalk FaxCenter Pro 8;FaxTalk FaxCenter Pro 8;c:\program files\FaxTalk Trial\FTmsgsvc.exe [2011-05-19 33120]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R3 COH_Mon;COH_Mon;c:\windows\system32\Drivers\COH_Mon.sys [2008-07-30 23888]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\Drivers\SYMNDISV.SYS [2009-02-19 41008]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2006-11-02 16896]
R4 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - COMHOST
*NewlyCreated* - ECACHE
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-04 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - KLB.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-26 23:19]
.
2011-10-07 c:\windows\Tasks\User_Feed_Synchronization-{0349555F-5CCD-4804-8FBF-D89C6AF35469}.job
- c:\windows\system32\msfeedssync.exe [2006-11-02 09:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\KLB\AppData\Roaming\Mozilla\Firefox\Profiles\y3scdo80.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-07 21:56
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(1760)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2011-10-07 21:58:01
ComboFix-quarantined-files.txt 2011-10-08 01:58
.
Pre-Run: 95,426,072,576 bytes free
Post-Run: 95,318,986,752 bytes free
.
- - End Of File - - 930FBA2853FE523594E4A1A17336AB4A

If there is any good news, its that I done see any malware in the logs. But we can get one more download. I think your problem is another issue, not malware related. You mentioned running hot a few times. This would cause problems, like the shutting down. At boot up things may be fine until you run for a little while, then the problems start. Could also be a hardware or driver issue, hard to say really, just trying to put out some options.
Do you recall installing any software or updating drivers or anything before the problems started?
When you have it in safe mode does it seem to function ok?
So now you cant even boot into windows normally. Can you get into safe mode?

I would like to delete from something called Sling Media

Click to expand...

did you remove it via the add/remove programs panel first?

When some of the problems started...

Thanks for reviewing these logs! I wonder what the issue could be?

I think the running hot issue began as I was trying to update Vista back in June. However, that was the only problem that I recall. I've never been able to fully update Vista.

Then, when I attempted to update Firefox last week, that's when the other problems began, such as being blocked from downloading the Norton uninstaller, not being able to install McAfee or Spybot, not being able to load certain webpages.

Via Add/Remove was my first attempt last week to uninstall the programs that I don't use. However, Sling Media Player will not uninstall via Add/Remove nor Norton.

Windows boots normally if it is shutdown first. Not if I do a warmboot from Restart. Only can do a cold boot have to give it a few seconds to rest.

We will get another download to use:

Download aswMBR to your desktop. Launch it and click the SCAN button. When its done click the SAVE LOG button. Save and post the log in your reply.

Here's the log...

Thanks for your continued help! Here's the aswMBR log:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-08 14:49:33
-----------------------------
14:49:33.775 OS Version: Windows 6.0.6000
14:49:33.775 Number of processors: 2 586 0x6802
14:49:33.775 ComputerName: WORK-PC UserName: KLB
14:49:48.299 Initialize success
14:50:00.069 AVAST engine download error: 0
14:50:08.961 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
14:50:08.961 Disk 0 Vendor: ST9160821AS 3.BHE Size: 152627MB BusType: 3
14:50:11.036 Disk 0 MBR read successfully
14:50:11.036 Disk 0 MBR scan
14:50:11.036 Disk 0 unknown MBR code
14:50:11.052 Disk 0 scanning sectors +312576705
14:50:11.130 Disk 0 scanning C:\Windows\system32\drivers
14:50:16.964 Service scanning
14:50:18.586 Modules scanning
14:50:33.157 Disk 0 trace - called modules:
14:50:33.235 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
14:50:33.235 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x843d8630]
14:50:33.235 3 ntkrnlpa.exe[81cb07e2] -> nt!IofCallDriver -> [0x843b6960]
14:50:33.235 5 acpi.sys[8023232a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0x84399bb0]
14:50:33.250 Scan finished successfully
14:51:16.977 Disk 0 MBR has been saved successfully to "C:\Users\KLB\Documents\MBR.dat"
14:51:16.977 The log file has been saved successfully to "C:\Users\KLB\Documents\aswMBR.txt"

dont see anything there to be worried about. You can try Revo uninstaller, they have a free version. All it does is launch the app uninstaller and cleans up leftovers.

See if you can download and use This for removing Norton.

Do you have a functional antivirus app installed now?
Try running combofix once more after a normal bootup and post the log if successful.

Good news and

Ok, well the good news is: finally got Norton off the computer, which I think was the original cause of the ports getting blocked (maybe?).

Bad news is: downloaded and ran Revo Uninstaller and totally screwed something up. My computer couldn't find the internet though I was clearly connected. Lost the connection after uninstalling Norton. The actual Norton uninstaller still would not download. I had to do a clean reinstall of Vista because the System Restore didn't fix the problem either. Tried multiple restore points to no avail. After the Vista reinstall I was able to download and run Norton's uninstaller.

Therefore, my log probably looks a lot different because my computer is just about back to original 2009 factory condition. Completely still runs hot though. I have Avast on now and need to install a lot of Windows updates.

Really appreciate all your help and apologize for my user error. I'm not good with computers.

Here's the Combo fix log:


ComboFix 11-10-08.05 - KLB 10/09/2011 8:57.3.2 - x86 MINIMAL
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1033.18.1982.1614 [GMT -4:00]
Running from: c:\users\KLB\Desktop\ComboFix.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
c:\windows\system32\KBL.LOG
.
.
((((((((((((((((((((((((( Files Created from 2011-09-09 to 2011-10-09 )))))))))))))))))))))))))))))))
.
.
2011-10-09 13:03 . 2011-10-09 13:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-10-09 10:53 . 2011-10-09 12:53 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{81C892E1-5148-4C42-AE9C-C8B674D35EF5}\offreg.dll
2011-10-09 05:41 . 2011-10-09 05:41 -------- d-----w- c:\users\Public\CyberLink
2011-10-09 04:46 . 2011-10-09 04:46 -------- d-----w- c:\programdata\AOL
2011-10-09 04:41 . 2011-09-21 13:00 7269712 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{81C892E1-5148-4C42-AE9C-C8B674D35EF5}\mpengine.dll
2011-10-09 04:41 . 2011-05-24 23:14 222080 ------w- c:\windows\system32\MpSigStub.exe
2011-10-09 04:30 . 2011-10-09 04:31 -------- d-----w- c:\program files\Google
2011-10-09 04:30 . 2011-09-06 20:36 20568 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2011-10-09 04:30 . 2011-09-06 20:37 320856 ----a-w- c:\windows\system32\drivers\aswSP.sys
2011-10-09 04:30 . 2011-09-06 20:36 34392 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2011-10-09 04:30 . 2011-09-06 20:36 52568 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2011-10-09 04:30 . 2011-09-06 20:38 442200 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2011-10-09 04:30 . 2011-09-06 20:36 54616 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2011-10-09 04:29 . 2011-09-06 20:45 41184 ----a-w- c:\windows\avastSS.scr
2011-10-09 04:29 . 2011-09-06 20:45 199304 ----a-w- c:\windows\system32\aswBoot.exe
2011-10-09 04:28 . 2011-10-09 04:28 -------- d-----w- c:\programdata\AVAST Software
2011-10-09 04:28 . 2011-10-09 04:28 -------- d-----w- c:\program files\AVAST Software
2011-10-09 02:27 . 2011-10-09 02:27 171520 ----a-w- c:\windows\system32\wintrust.dll
2011-10-09 02:26 . 2011-10-09 02:26 97792 ----a-w- c:\windows\system32\cabview.dll
2011-10-09 02:22 . 2011-10-09 05:10 -------- d-----w- c:\program files\Yahoo!
2011-10-09 02:16 . 2006-07-28 13:30 236824 ----a-w- c:\windows\system32\xactengine2_3.dll
2011-10-09 02:16 . 2006-07-28 13:30 62744 ----a-w- c:\windows\system32\xinput1_2.dll
2011-10-09 02:15 . 2005-05-26 19:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll
2011-10-09 02:11 . 2011-10-09 02:25 -------- d-----w- c:\users\KLB
2011-10-09 02:07 . 2011-10-09 02:07 53472 ----a-w- c:\windows\system32\wuauclt.exe
2011-10-09 02:07 . 2011-10-09 02:07 44768 ----a-w- c:\windows\system32\wups2.dll
2011-10-09 02:07 . 2011-10-09 02:07 2421760 ----a-w- c:\windows\system32\wucltux.dll
2011-10-09 02:07 . 2011-10-09 02:07 1929952 ----a-w- c:\windows\system32\wuaueng.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45 122512 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-09-19 86016]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-19 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-19 81920]
"SynTPStart"="c:\program files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 102400]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2007-10-01 181544]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-09-19 202032]
"OnScreenDisplay"="c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe" [2007-09-04 554320]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2007-08-17 218408]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2007-08-23 80896]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [BU]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-17 49152]
"hpWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-09-13 480560]
"WAWifiMessage"="c:\program files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-08 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2011-09-06 3722416]
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 136176]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 136176]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
Contents of the 'Scheduled Tasks' folder
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 04:30]
.
2011-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2011-10-09 04:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=laptop
TCP: DhcpNameServer = 192.168.1.1
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-10-09 09:03
Windows 6.0.6000 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(636)
c:\program files\Hewlett-Packard\HP Advisor\Pillars\Market\MLDeskBand.dll
.
Completion time: 2011-10-09 09:04:46
ComboFix-quarantined-files.txt 2011-10-09 13:04
.
Pre-Run: 110,649,864,192 bytes free
Post-Run: 110,555,119,616 bytes free
.
- - End Of File - - EAD47C23D23C1A652915C1747816BA7D

original cause of the ports getting blocked (maybe?)

Click to expand...

Its possible if it came with a firewall that was blocking program access. At least Norton is off your machine now.

I really dont think Revo lost your connection or that you had a malware problem.
In any case since your back to factory defaults it should all be better. The Windows updates will be a huge download.
If you think your laptop is running hotter than it should- then you should visit the HP website.. They have good troubleshooting guides for all kinds of issues. You can also get updated drivers for your hardware. Laptops can use proprietary hardware so its necessary to get drivers from the HP website for your make and model.

You may also want to run this HP utility you have installed:
Hewlett-Packard\HP Health Check

you can remove combofix like this:
start>run and type in combofix /uninstall
click ok or enter
note the sapce after the x and before the /

Anyway if all is good here are some tips for your reference:

1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update frequently or use the Windows auto-update feature. Staying updated is also essential for web based applications, browser plugins and addons like Java, Adobe Flash/Reader, iTunes etc. More and more third party applications are being targeted. Use the auto-update features available in most software. Not sure if you are using the latest version of software? Check their version status and get the updates here.

2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this. See also the signs that you may have malware on your computer.

3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.

4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. Do you trust the source? See also E-mail phishing Tricks.

5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.

6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?

7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista and Windows 7 attempts to address.

8) Install and understand the *limitations* of a software firewall.

9) The why and how for securing your browser for safer surfing.

10) Warez, cracks, keygens and p2p are very popular for carrying malware payloads. A file can be named anything, be nothing but malware or have malware bundled in it. Do you really trust the source of the file?


More info/tips with pictures, links below

Happy Safe Surfing.

Thank you, thank you!

Although it turned out to not be a malware problem, I am very grateful for your continued assistance! The HP Health Check tool used to report that the machine was fine so we'll see if I get some new info there. I will go to the HP website directly as well.

All the best and a nice loaf of artisan bread resent:

Your welcome. Take note if the problem returns and anything you may have just done like updates, installs, etc.