PDA

View Full Version : Computer extremely slow



Ange8889
2010-11-07, 04:11
Hi,

I have a Hp Pavilion dv5 1233. Everything is running slow or not responding. I have Rogers Online and there are no viruses or spyware detected (yield manager did show up but then disappeared). I have downloaded Spybot, Spyblaster and even AVG. I have run diagnostics from HP Support; everything is up to date. I used to use Google Chrome, but cannot download any files from my yahoo mail. I constantly get 'not responding' in all my applications. I tried to download Hijack this so that I could post a log, but it would not open. I even downloaded RSIT but it never completed the scan so I could not save the log and cut and paste. It is becoming problematic to do simple things and I noticed that when I check the task manager, it sometimes show CPU at 100%. Any suggestions?

Thanks in advance for your time.

I was able to run the RunAlyzer and it gave me the following:

Logfile of RunAlyzer 2.0.0. Copyright © 2000-2007 Safer Networking Limited. All rights reserved.
Scan saved at 11/6/2010 11:33:18 PM
Platform: Windows Vista (Build: 6002) Service Pack 2 (6.0.6002)

Running processes:
[System]
System
svchost.exe
svchost.exe
smss.exe
avgchsva.exe
svchost.exe
csrss.exe
wininit.exe
csrss.exe
services.exe
lsass.exe
lsm.exe
winlogon.exe
svchost.exe
svchost.exe
stacsv64.exe
audiodg.exe
svchost.exe
C:\Windows\System32\hkcmd.exe
SLsvc.exe
svchost.exe
hpservice.exe
C:\Windows\System32\dwm.exe
Fws.exe
svchost.exe
wlanext.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
spoolsv.exe
svchost.exe
AESTSr64.exe
agr64svc.exe
svchost.exe
AppleMobileDeviceService.exe
avgwdsvc.exe
mDNSResponder.exe
IAANTmon.exe
LSSrvc.exe
PD91Agent.exe
SDWinSec.exe
C:\Windows\explorer.exe
svchost.exe
BLService.exe
svchost.exe
C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
TomTomHOMEService.exe
TVCapSvc.exe
TVSched.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\taskeng.exe
svchost.exe
WLIDSVC.EXE
SearchIndexer.exe
WLIDSVCM.EXE
AVGIDSAgent.exe
SanaAgent.exe
avgnsa.exe
avgemca.exe
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
Com4QLBEx.exe
taskeng.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\rps.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
RpsSecurityAwareR.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
WmiPrvSE.exe
iPodService.exe
svchost.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Safer Networking\RunAlyzer\RunAlyzer.exe
SynTPHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\AVG\AVG10\avgtray.exe
C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
C:\Windows\System32\igfxsrvc.exe
hpqWmiEx.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
avgrsa.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
HPHC_Service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
msiexec.exe
avgcsrva.exe
WmiPrvSE.exe
PresentationFontCache.exe
C:\Windows\System32\conime.exe

F2 - REG:system.ini: UserInit=userinit.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [AdobeBridge]
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [Google Update] C:\Users\Mike\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKLM\..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Run: [GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [RogersServicepointAgent.exe] C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe
O4 - HKLM\..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
O4 - HKLM\..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O20 - Winlogon Notify: igfxcui = igfxdev.dll
O4 - HKLM\..\Run: [SmartMenu] C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files (x86)\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
O23 - Service: HP Accelerometer (Accelerometer) - /owner unsupported/ - system32\DRIVERS\Accelerometer.sys
O23 - Service: Andrea ST Filters Service (AESTFilters) - /owner unsupported/ - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe
O23 - Service: Ancilliary Function Driver for Winsock (AFD) - /owner unsupported/ - \SystemRoot\system32\drivers\afd.sys
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - /owner unsupported/ - C:\Windows\system32\agr64svc.exe
O23 - Service: Agere Systems Soft Modem (AgereSoftModem) - /owner unsupported/ - system32\DRIVERS\agrsm64.sys
O23 - Service: Intel AGP Bus Filter (agp440) - /owner unsupported/ - \SystemRoot\system32\drivers\agp440.sys
O23 - Service: Akamai NetSession Interface (Akamai) - /owner unsupported/ - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - /owner unsupported/ - C:\Windows\System32\alg.exe
O23 - Service: AMD K8 Processor Driver (AmdK8) - /owner unsupported/ - \SystemRoot\system32\drivers\amdk8.sys
O23 - Service: Apple Mobile Device (Apple Mobile Device) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: @%systemroot%\system32\rascfg.dll,-32000 (AsyncMac) - /owner unsupported/ - system32\DRIVERS\asyncmac.sys
O23 - Service: IDE Channel (atapi) - /owner unsupported/ - system32\drivers\atapi.sys
O23 - Service: AVG Security Toolbar Service (AVG Security Toolbar Service) - /owner unsupported/ - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) - /owner unsupported/ - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSDriver (AVGIDSDriver) - /owner unsupported/ - system32\DRIVERS\AVGIDSDriver.Sys
O23 - Service: AVGIDSEH (AVGIDSEH) - /owner unsupported/ - system32\DRIVERS\AVGIDSEH.Sys
O23 - Service: AVGIDSFilter (AVGIDSFilter) - /owner unsupported/ - system32\DRIVERS\AVGIDSFilter.Sys
O23 - Service: AVG AVI Loader Driver (Avgldx64) - /owner unsupported/ - system32\DRIVERS\avgldx64.sys
O23 - Service: AVG Mini-Filter Resident Anti-Virus Shield (Avgmfx64) - /owner unsupported/ - system32\DRIVERS\avgmfx64.sys
O23 - Service: AVG Anti-Rootkit Driver (Avgrkx64) - /owner unsupported/ - system32\DRIVERS\avgrkx64.sys
O23 - Service: AVG TDI Driver (Avgtdia) - /owner unsupported/ - system32\DRIVERS\avgtdia.sys
O23 - Service: AVG WatchDog (avgwd) - /owner unsupported/ - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe
O23 - Service: Broadcom 802.11 Network Adapter Driver (BCM43XX) - /owner unsupported/ - system32\DRIVERS\bcmwl664.sys
O23 - Service: Bonjour Service (Bonjour Service) - /owner unsupported/ - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bowser (bowser) - /owner unsupported/ - system32\DRIVERS\bowser.sys
O23 - Service: Brother USB Mass-Storage Lower Filter Driver (BrFiltLo) - /owner unsupported/ - \SystemRoot\system32\drivers\brfiltlo.sys
O23 - Service: Brother USB Mass-Storage Upper Filter Driver (BrFiltUp) - /owner unsupported/ - \SystemRoot\system32\drivers\brfiltup.sys
O23 - Service: Brother MFC Serial Port Interface Driver (WDM) (Brserid) - /owner unsupported/ - \SystemRoot\system32\drivers\brserid.sys
O23 - Service: Brother WDM Serial driver (BrSerWdm) - /owner unsupported/ - \SystemRoot\system32\drivers\brserwdm.sys
O23 - Service: Brother MFC USB Fax Only Modem (BrUsbMdm) - /owner unsupported/ - \SystemRoot\system32\drivers\brusbmdm.sys
O23 - Service: Brother MFC USB Serial WDM Driver (BrUsbSer) - /owner unsupported/ - \SystemRoot\system32\drivers\brusbser.sys
O23 - Service: Bluetooth Serial Communications Driver (BTHMODEM) - /owner unsupported/ - \SystemRoot\system32\drivers\bthmodem.sys
O23 - Service: CD/DVD File System Reader (cdfs) - /owner unsupported/ - system32\DRIVERS\cdfs.sys
O23 - Service: Consumer IR Devices (circlass) - /owner unsupported/ - system32\DRIVERS\circlass.sys
O23 - Service: Common Log (CLFS) (CLFS) - /owner unsupported/ - System32\CLFS.sys
O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X86 (clr_optimization_v2.0.50727_32) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X64 (clr_optimization_v2.0.50727_64) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X86 (clr_optimization_v4.0.30319_32) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
O23 - Service: Microsoft .NET Framework NGEN v4.0.30319_X64 (clr_optimization_v4.0.30319_64) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
O23 - Service: Com4QLBEx (Com4QLBEx) - /owner unsupported/ - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: Crcdisk Filter Driver (crcdisk) - /owner unsupported/ - system32\drivers\crcdisk.sys
O23 - Service: DefragFS (DefragFS) - /owner unsupported/ -
O23 - Service: @%systemroot%\system32\drivers\dfsc.sys,-101 (DfsC) - /owner unsupported/ - System32\Drivers\dfsc.sys
O23 - Service: @dfsrres.dll,-101 (DFSR) - /owner unsupported/ - C:\Windows\system32\DFSR.exe
O23 - Service: LDDM Graphics Subsystem (DXGKrnl) - /owner unsupported/ - \SystemRoot\System32\drivers\dxgkrnl.sys
O23 - Service: Intel(R) PRO/1000 NDIS 6 Adapter Driver (E1G60) - /owner unsupported/ - system32\DRIVERS\E1G6032E.sys
O23 - Service: ReadyBoost Caching Driver (Ecache) - /owner unsupported/ - System32\drivers\ecache.sys
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: ENE CIR Receiver (enecir) - /owner unsupported/ - system32\DRIVERS\enecir.sys
O23 - Service: Microsoft Hardware Error Device Driver (ErrDev) - /owner unsupported/ - \SystemRoot\system32\drivers\errdev.sys
O23 - Service: exFAT File System Driver (exfat) - /owner unsupported/ -
O23 - Service: FAT12/16/32 File System Driver (fastfat) - /owner unsupported/ -
O23 - Service: File Information FS MiniFilter (FileInfo) - /owner unsupported/ - system32\drivers\fileinfo.sys
O23 - Service: FileTrace (Filetrace) - /owner unsupported/ - system32\drivers\filetrace.sys
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\PresentationHost.exe,-3309 (FontCache3.0.0.0) - /owner unsupported/ - C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
O23 - Service: FssFltr (fssfltr) - /owner unsupported/ - system32\DRIVERS\fssfltr.sys
O23 - Service: Windows Live Family Safety Service (fsssvc) - /owner unsupported/ - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
O23 - Service: Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms (gagp30kx) - /owner unsupported/ - \SystemRoot\system32\drivers\gagp30kx.sys
O23 - Service: GameConsoleService (GameConsoleService) - /owner unsupported/ - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: GEAR ASPI Filter Driver (GEARAspiWDM) - /owner unsupported/ - system32\DRIVERS\GEARAspiWDM.sys
O23 - Service: @gpapi.dll,-112 (gpsvc) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - /owner unsupported/ - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - /owner unsupported/ - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Microsoft 1.1 UAA Function Driver for High Definition Audio Service (HdAudAddService) - /owner unsupported/ - system32\drivers\HdAudio.sys
O23 - Service: Microsoft Bluetooth HID Miniport (HidBth) - /owner unsupported/ - \SystemRoot\system32\drivers\hidbth.sys
O23 - Service: Microsoft Infrared HID Driver (HidIr) - /owner unsupported/ - system32\DRIVERS\hidir.sys
O23 - Service: HP Health Check Service (HP Health Check Service) - /owner unsupported/ - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Filter (hpdskflt) - /owner unsupported/ - system32\DRIVERS\hpdskflt.sys
O23 - Service: HpqKbFilter Driver (HpqKbFiltr) - /owner unsupported/ - system32\DRIVERS\HpqKbFiltr.sys
O23 - Service: hpqwmiex (hpqwmiex) - /owner unsupported/ - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - /owner unsupported/ - C:\Windows\system32\Hpservice.exe
O23 - Service: Intel AHCI Controller (iaStor) - /owner unsupported/ - system32\DRIVERS\iaStor.sys
O23 - Service: Intel RAID Controller Vista (iaStorV) - /owner unsupported/ - system32\drivers\iastorv.sys
O23 - Service: @%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193 (idsvc) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
O23 - Service: Intel(R) High Definition Audio HDMI (IntcHdmiAddService) - /owner unsupported/ - system32\drivers\IntcHdmi.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - /owner unsupported/ - system32\DRIVERS\ipfltdrv.sys
O23 - Service: iPod Service (iPod Service) - /owner unsupported/ - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IR Bus Enumerator (IRENUM) - /owner unsupported/ - system32\drivers\irenum.sys
O23 - Service: iScsiPort Driver (iScsiPrt) - /owner unsupported/ - system32\DRIVERS\msiscsi.sys
O23 - Service: ITERAID_Service_Install (iteraid) - /owner unsupported/ - system32\drivers\iteraid.sys
O23 - Service: @keyiso.dll,-100 (KeyIso) - /owner unsupported/ - C:\Windows\system32\lsass.exe
O23 - Service: Kernel Streaming Thunks (ksthunk) - /owner unsupported/ - \SystemRoot\system32\drivers\ksthunk.sys
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - /owner unsupported/ - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Link-Layer Topology Discovery Mapper I/O Driver (lltdio) - /owner unsupported/ - system32\DRIVERS\lltdio.sys
O23 - Service: UAC File Virtualization (luafv) - /owner unsupported/ - \SystemRoot\system32\drivers\luafv.sys
O23 - Service: Microsoft Office Groove Audit Service (Microsoft Office Groove Audit Service) - /owner unsupported/ - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
O23 - Service: Microsoft Monitor Class Function Driver Service (monitor) - /owner unsupported/ - system32\DRIVERS\monitor.sys
O23 - Service: Mount Point Manager (MountMgr) - /owner unsupported/ - System32\drivers\mountmgr.sys
O23 - Service: Microsoft Multi-Path Bus Driver (mpio) - /owner unsupported/ - system32\drivers\mpio.sys
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - /owner unsupported/ - System32\drivers\mpsdrv.sys
O23 - Service: WebDav Client Redirector Driver (MRxDAV) - /owner unsupported/ - \SystemRoot\system32\drivers\mrxdav.sys
O23 - Service: SMB MiniRedirector Wrapper and Engine (mrxsmb) - /owner unsupported/ - system32\DRIVERS\mrxsmb.sys
O23 - Service: SMB 1.x MiniRedirector (mrxsmb10) - /owner unsupported/ - system32\DRIVERS\mrxsmb10.sys
O23 - Service: SMB 2.0 MiniRedirector (mrxsmb20) - /owner unsupported/ - system32\DRIVERS\mrxsmb20.sys
O23 - Service: Microsoft Multi-Path Device Specific Module (msdsm) - /owner unsupported/ - system32\drivers\msdsm.sys
O23 - Service: @comres.dll,-2797 (MSDTC) - /owner unsupported/ - C:\Windows\System32\msdtc.exe
O23 - Service: ISA/EISA Class Driver (msisadrv) - /owner unsupported/ - system32\drivers\msisadrv.sys
O23 - Service: Mup (Mup) - /owner unsupported/ - System32\Drivers\mup.sys
O23 - Service: NativeWiFi Filter (NativeWifiP) - /owner unsupported/ - system32\DRIVERS\nwifi.sys
O23 - Service: NAVENG (NAVENG) - /owner unsupported/ - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS
O23 - Service: NAVEX15 (NAVEX15) - /owner unsupported/ - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS
O23 - Service: NDIS System Driver (NDIS) - /owner unsupported/ - system32\drivers\ndis.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - /owner unsupported/ - system32\DRIVERS\ndistapi.sys
O23 - Service: NDIS Usermode I/O Protocol (Ndisuio) - /owner unsupported/ - system32\DRIVERS\ndisuio.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - /owner unsupported/ - system32\DRIVERS\ndiswan.sys
O23 - Service: NETBT (netbt) - /owner unsupported/ - System32\DRIVERS\netbt.sys
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - /owner unsupported/ - C:\Windows\system32\lsass.exe
O23 - Service: @%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8201 (NetTcpPortSharing) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit (NETw3v64) - /owner unsupported/ - system32\DRIVERS\NETw3v64.sys
O23 - Service: Norton Internet Security (Norton Internet Security) - /owner unsupported/ - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe
O23 - Service: NSI proxy service (nsiproxy) - /owner unsupported/ - system32\drivers\nsiproxy.sys
O23 - Service: NVIDIA nForce RAID Driver (nvraid) - /owner unsupported/ - system32\drivers\nvraid.sys
O23 - Service: NVIDIA nForce AGP Bus Filter (nv_agp) - /owner unsupported/ - \SystemRoot\system32\drivers\nv_agp.sys
O23 - Service: Microsoft Office Diagnostics Service (odserv) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service: Parallel port driver (Parport) - /owner unsupported/ - \SystemRoot\system32\drivers\parport.sys
O23 - Service: Partition Manager (partmgr) - /owner unsupported/ - System32\drivers\partmgr.sys
O23 - Service: PD91Agent (PD91Agent) - /owner unsupported/ - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine (PD91Engine) - /owner unsupported/ - C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
O23 - Service: PEAUTH (PEAUTH) - /owner unsupported/ - system32\drivers\peauth.sys
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - /owner unsupported/ - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\rascfg.dll,-32006 (PptpMiniport) - /owner unsupported/ - system32\DRIVERS\raspptp.sys
O23 - Service: Processor Driver (Processor) - /owner unsupported/ - \SystemRoot\system32\drivers\processr.sys
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - /owner unsupported/ - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\drivers\pacer.sys,-101 (PSched) - /owner unsupported/ - system32\DRIVERS\pacer.sys
O23 - Service: PxHlpa64 (PxHlpa64) - /owner unsupported/ - System32\Drivers\PxHlpa64.sys
O23 - Service: QLogic Fibre Channel Miniport Driver (ql2300) - /owner unsupported/ - system32\drivers\ql2300.sys
O23 - Service: QLogic iSCSI Miniport Driver (ql40xx) - /owner unsupported/ - system32\drivers\ql40xx.sys
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1 (QWAVEdrv) - /owner unsupported/ - \SystemRoot\system32\drivers\qwavedrv.sys
O23 - Service: Rogers Online Protection (Radialpoint Security Services) - /owner unsupported/ - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe
O23 - Service: Rogers Online Protection SafeConnectAgent (RadialpointSafeConnectAgent) - /owner unsupported/ - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Bin\SanaAgent.exe
O23 - Service: RadialpointSafeConnectDriver64 (RadialpointSafeConnectDriver) - /owner unsupported/ - \??\C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Driver\platform_VISTA\SafeConnectDriver.sys
O23 - Service: RadialpointSafeConnectFilter64 (RadialpointSafeConnectFilter) - /owner unsupported/ - \??\C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Driver\platform_VISTA\SafeConnectFilter.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32005 (Rasl2tp) - /owner unsupported/ - system32\DRIVERS\rasl2tp.sys
O23 - Service: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - /owner unsupported/ - system32\DRIVERS\raspppoe.sys
O23 - Service: @%systemroot%\system32\sstpsvc.dll,-202 (RasSstp) - /owner unsupported/ - system32\DRIVERS\rassstp.sys
O23 - Service: Redirected Buffering Sub Sysytem (rdbss) - /owner unsupported/ - system32\DRIVERS\rdbss.sys
O23 - Service: RDPCDD (RDPCDD) - /owner unsupported/ - System32\DRIVERS\RDPCDD.sys
O23 - Service: Terminal Server Device Redirector Driver (rdpdr) - /owner unsupported/ - \SystemRoot\system32\drivers\rdpdr.sys
O23 - Service: RDP Encoder Mirror Driver (RDPENCDD) - /owner unsupported/ - system32\drivers\rdpencdd.sys
O23 - Service: Recovery Service for Windows (Recovery Service for Windows) - /owner unsupported/ - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: BlackBerry Smartphone (RimUsb) - /owner unsupported/ - System32\Drivers\RimUsb_AMD64.sys
O23 - Service: RIM Virtual Serial Port v2 (RimVSerPort) - /owner unsupported/ - system32\DRIVERS\RimSerial_AMD64.sys
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - /owner unsupported/ - C:\Windows\system32\locator.exe
O23 - Service: Radialpoint Filter (x64) (RPPKT) - /owner unsupported/ - system32\DRIVERS\rp_pkt64.sys
O23 - Service: Security Services Driver (x64) (RPSKT) - /owner unsupported/ - system32\DRIVERS\rp_skt64.sys
O23 - Service: Rogers Online Protection Firewall (RP_FWS) - /owner unsupported/ - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\Fws.exe
O23 - Service: Link-Layer Topology Discovery Responder (rspndr) - /owner unsupported/ - system32\DRIVERS\rspndr.sys
O23 - Service: Realtek 8169 NT Driver (RTL8169) - /owner unsupported/ - system32\DRIVERS\Rtlh64.sys
O23 - Service: Realtek USB 2.0 Card Reader (RTSTOR) - /owner unsupported/ - system32\drivers\RTSTOR64.SYS
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - /owner unsupported/ - C:\Windows\system32\lsass.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - /owner unsupported/ - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Security Driver (secdrv) - /owner unsupported/ -
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - /owner unsupported/ - C:\Windows\system32\svchost.exe
O23 - Service: Serenum Filter Driver (Serenum) - /owner unsupported/ - \SystemRoot\system32\drivers\serenum.sys
O23 - Service: Serial Port Driver (Serial) - /owner unsupported/ - \SystemRoot\system32\drivers\serial.sys
O23 - Service: Serial Mouse Driver (sermouse) - /owner unsupported/ - \SystemRoot\system32\drivers\sermouse.sys
O23 - Service: SFF Storage Class Driver (sffdisk) - /owner unsupported/ - \SystemRoot\system32\drivers\sffdisk.sys
O23 - Service: SFF Storage Protocol Driver for MMC (sffp_mmc) - /owner unsupported/ - \SystemRoot\system32\drivers\sffp_mmc.sys
O23 - Service: SFF Storage Protocol Driver for SDBus (sffp_sd) - /owner unsupported/ - \SystemRoot\system32\drivers\sffp_sd.sys
O23 - Service: High-Capacity Floppy Disk Drive (sfloppy) - /owner unsupported/ - \SystemRoot\system32\drivers\sfloppy.sys
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - /owner unsupported/ - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50005 (Smb) - /owner unsupported/ - system32\DRIVERS\smb.sys
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - /owner unsupported/ - C:\Windows\System32\snmptrap.exe
O23 - Service: Security Processor Loader Driver (spldr) - /owner unsupported/ -
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - /owner unsupported/ - C:\Windows\System32\spoolsv.exe
O23 - Service: SRTSP (SRTSP) - /owner unsupported/ - C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS
O23 - Service: SRTSPX (SRTSPX) - /owner unsupported/ - C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS
O23 - Service: srv2 (srv2) - /owner unsupported/ - System32\DRIVERS\srv2.sys
O23 - Service: Audio Service (STacSV) - /owner unsupported/ - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe
O23 - Service: IDT High Definition Audio CODEC (STHDA) - /owner unsupported/ - system32\DRIVERS\stwrt64.sys
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - /owner unsupported/ - System32\drivers\tcpip.sys
O23 - Service: Microsoft IPv6 Protocol Driver (Tcpip6) - /owner unsupported/ - system32\DRIVERS\tcpip.sys
O23 - Service: TCP/IP Registry Compatibility (tcpipreg) - /owner unsupported/ - System32\drivers\tcpipreg.sys
O23 - Service: TDPIPE (TDPIPE) - /owner unsupported/ - system32\drivers\tdpipe.sys
O23 - Service: TDTCP (TDTCP) - /owner unsupported/ - system32\drivers\tdtcp.sys
O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - /owner unsupported/ - system32\DRIVERS\tdx.sys
O23 - Service: TomTomHOMEService (TomTomHOMEService) - /owner unsupported/ - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - /owner unsupported/ - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: Terminal Services Security Filter Driver (tssecsrv) - /owner unsupported/ - System32\DRIVERS\tssecsrv.sys
O23 - Service: Microsoft Tun Miniport Adapter Driver (tunmp) - /owner unsupported/ - system32\DRIVERS\tunmp.sys
O23 - Service: Microsoft IPv6 Tunnel Miniport Adapter Driver (tunnel) - /owner unsupported/ - system32\DRIVERS\tunnel.sys
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - /owner unsupported/ - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - /owner unsupported/ - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: Microsoft AGPv3.5 Filter (uagp35) - /owner unsupported/ - \SystemRoot\system32\drivers\uagp35.sys
O23 - Service: udfs (udfs) - /owner unsupported/ - system32\DRIVERS\udfs.sys
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - /owner unsupported/ - C:\Windows\system32\UI0Detect.exe
O23 - Service: Uli AGP Bus Filter (uliagpkx) - /owner unsupported/ - \SystemRoot\system32\drivers\uliagpkx.sys
O23 - Service: UMBus Enumerator Driver (umbus) - /owner unsupported/ - system32\DRIVERS\umbus.sys
O23 - Service: eHome Infrared Receiver (USBCIR) (usbcir) - /owner unsupported/ - \SystemRoot\system32\drivers\usbcir.sys
O23 - Service: Microsoft USB Open Host Controller Miniport Driver (usbohci) - /owner unsupported/ - \SystemRoot\system32\drivers\usbohci.sys
O23 - Service: Microsoft USB PRINTER Class (usbprint) - /owner unsupported/ - \SystemRoot\system32\drivers\usbprint.sys
O23 - Service: USB Video Device (WDM) (usbvideo) - /owner unsupported/ - System32\Drivers\usbvideo.sys
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - /owner unsupported/ - C:\Windows\System32\vds.exe
O23 - Service: Volume Manager Driver (volmgr) - /owner unsupported/ - system32\drivers\volmgr.sys
O23 - Service: Dynamic Volume Manager (volmgrx) - /owner unsupported/ - System32\drivers\volmgrx.sys
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - /owner unsupported/ - C:\Windows\system32\vssvc.exe
O23 - Service: Wacom Serial Pen HID Driver (WacomPen) - /owner unsupported/ - \SystemRoot\system32\drivers\wacompen.sys
O23 - Service: Remote Access IPv6 ARP Driver (Wanarpv6) - /owner unsupported/ - system32\DRIVERS\wanarp.sys
O23 - Service: Microsoft Watchdog Timer Driver (Wd) - /owner unsupported/ - system32\drivers\wd.sys
O23 - Service: Kernel Mode Driver Frameworks service (Wdf01000) - /owner unsupported/ - system32\drivers\Wdf01000.sys
O23 - Service: WinUSB Service (winusb) - /owner unsupported/ - system32\DRIVERS\WinUSB.SYS
O23 - Service: Windows Live Mesh remote connections service (wlcrasvc) - /owner unsupported/ - C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
O23 - Service: Windows Live ID Sign-in Assistant (wlidsvc) - /owner unsupported/ - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
O23 - Service: Microsoft Windows Management Interface for ACPI (WmiAcpi) - /owner unsupported/ - system32\DRIVERS\wmiacpi.sys
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - /owner unsupported/ - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - /owner unsupported/ - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
O23 - Service: @c:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - /owner unsupported/ - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
O23 - Service: Winsock IFS driver (ws2ifsl) - /owner unsupported/ - \SystemRoot\system32\drivers\ws2ifsl.sys
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - /owner unsupported/ - C:\Windows\system32\SearchIndexer.exe
O23 - Service: NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller (yukonx64) - /owner unsupported/ - system32\DRIVERS\yk60x64.sys
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\pkR.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} () - http://primis.ebrary.com/support/plugins/ebraryRdr.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Runtime Environment 1.6.0) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

ken545
2010-11-13, 00:19
:snwelcome:


Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.

Until we deem your system clean I am going to ask you not to install or uninstall any software or hardware except for the programs we may run.

Sorry for the delay but we get very busy , but I am linked to you now


Download TFC (http://oldtimer.geekstogo.com/TFC.exe) to your desktop

Close any open windows.
Double click the TFC icon to run the program
TFC will close all open programs itself in order to run,
Click the Start button to begin the process.
Allow TFC to run uninterrupted.
The program should not take long to finish it's job
Once its finished it should automatically reboot your machine,
if it doesn't, manually reboot to ensure a complete clean






Please download Malwarebytes from Here (http://www.malwarebytes.org/mbam-download.php) or Here (http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html)


Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform quick scan, then click Scan.
http://i24.photobucket.com/albums/c30/ken545/MBAMCapture.jpg
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
Post the report please






Download OTL (http://oldtimer.geekstogo.com/OTL.exe) to your desktop.
Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
When the window appears, underneath Output at the top change it to Minimal Output.
Check the boxes beside LOP Check and Purity Check.
Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

Ange8889
2010-11-13, 06:54
Hi Ken

Totally understand that you are all busy. I really appreciate your time and expertise.

I installed and ran TFC.
I installed and ran Malwarebytes (posted results below)
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 5104

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18975

11/12/2010 11:32:55 PM
mbam-log-2010-11-12 (23-32-55).txt

Scan type: Quick scan
Objects scanned: 149749
Time elapsed: 6 minute(s), 2 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


I ran OTL: OTL.Txt results posted below. Extras.Txt will be posted on separate reply.

OTL logfile created on: 11/12/2010 11:44:33 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Mike\Documents\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 53.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.62 Gb Total Space | 53.84 Gb Free Space | 18.85% Space Free | Partition Type: NTFS
Drive D: | 12.47 Gb Total Space | 1.97 Gb Free Space | 15.77% Space Free | Partition Type: NTFS

Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Mike\Documents\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\bin\SanaAgent.exe (Sana Security)
PRC - C:\Program Files (x86)\SMINST\BLService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\Mike\Documents\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:[b]64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (PD91Engine) -- C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe (Raxco Software, Inc.)
SRV:64bit: - (PD91Agent) -- C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe (Raxco Software, Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (IDT, Inc.)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (Andrea Electronics Corporation)
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\Hpservice.exe (Hewlett-Packard Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AgereModemAudio) -- C:\Windows\SysNative\agr64svc.exe (Agere Systems)
SRV - (Akamai) -- c:\Program Files (x86)\Common Files\Akamai\netsession_win_4176eef.dll ()
SRV - (Apple Mobile Device) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVG Security Toolbar Service) -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe ()
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (TomTomHOMEService) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Radialpoint Security Services) -- C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\RpsSecurityAwareR.exe (Radialpoint SafeCare Inc.)
SRV - (RP_FWS) -- C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\Fws.exe (Rogers)
SRV - (TVCapSvc) TV Background Capture Service (TVBCS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe ()
SRV - (TVSched) TV Task Scheduler (TVTS) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (RadialpointSafeConnectAgent) -- C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Bin\SanaAgent.exe (Sana Security)
SRV - (Recovery Service for Windows) -- C:\Program Files (x86)\SMINST\BLService.exe ()
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SRTSPX64.SYS File not found
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1000000.07D\SRTSP64.SYS File not found
DRV:64bit: - (NwlnkFwd) -- C:\Windows\SysNative\DRIVERS\nwlnkfwd.sys File not found
DRV:64bit: - (NwlnkFlt) -- C:\Windows\SysNative\DRIVERS\nwlnkflt.sys File not found
DRV:64bit: - (IpInIp) -- C:\Windows\SysNative\DRIVERS\ipinip.sys File not found
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\DRIVERS\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (AVGIDSEH) -- C:\Windows\SysNative\DRIVERS\AVGIDSEH.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\DRIVERS\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\DRIVERS\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\DRIVERS\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\DRIVERS\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AVGIDSFilter) -- C:\Windows\SysNative\DRIVERS\AVGIDSFilter.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\DRIVERS\AVGIDSDriver.Sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\DRIVERS\klif.sys (Kaspersky Lab)
DRV:64bit: - (RTL8169) -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys (Realtek Corporation )
DRV:64bit: - (RimVSerPort) -- C:\Windows\SysNative\DRIVERS\RimSerial_AMD64.sys (Research in Motion Ltd)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\DRIVERS\bcmwl664.sys (Broadcom Corporation)
DRV:64bit: - (RPSKT) Security Services Driver (x64) -- C:\Windows\SysNative\DRIVERS\rp_skt64.sys (Radialpoint Inc.)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\DRIVERS\agrsm64.sys (Agere Systems)
DRV:64bit: - (RTSTOR) -- C:\Windows\SysNative\drivers\RTSTOR64.SYS (Realtek Semiconductor Corp.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\DRIVERS\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (enecir) -- C:\Windows\SysNative\DRIVERS\enecir.sys (ENE TECHNOLOGY INC.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RPPKT) Radialpoint Filter (x64) -- C:\Windows\SysNative\DRIVERS\rp_pkt64.sys (Radialpoint, Inc.)
DRV:64bit: - (IntcHdmiAddService) Intel(R) -- C:\Windows\SysNative\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\DRIVERS\SynTP.sys (Synaptics, Inc.)
DRV:64bit: - (RimUsb) -- C:\Windows\SysNative\Drivers\RimUsb_AMD64.sys (Research In Motion Limited)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\DRIVERS\iaStor.sys (Intel Corporation)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\DRIVERS\hpdskflt.sys (Hewlett-Packard Corporation)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\DRIVERS\Accelerometer.sys (Hewlett-Packard Corporation)
DRV:64bit: - (ROOTMODEM) -- C:\Windows\SysNative\Drivers\RootMdm.sys (Microsoft Corporation)
DRV:64bit: - (NETw3v64) Intel(R) -- C:\Windows\SysNative\DRIVERS\NETw3v64.sys (Intel Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\DRIVERS\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (HpqKbFiltr) -- C:\Windows\SysNative\DRIVERS\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV:64bit: - (yukonx64) -- C:\Windows\SysNative\DRIVERS\yk60x64.sys (Marvell)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\Wbem\ntfs.mof ()
DRV - (RadialpointSafeConnectDriver) -- C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Driver\platform_VISTA\SafeConnectDriver.sys (Sana Security, Inc. )
DRV - (RadialpointSafeConnectFilter) -- C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Driver\platform_VISTA\SafeConnectFilter.sys (Sana Security, Inc. )


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=91&bd=Pavilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 45 70 26 CA 81 CB 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/01/09 05:39:17 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG10\Firefox\ [2010/11/05 16:22:13 | 000,000,000 | ---D | M]

[2010/01/20 23:19:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions
[2010/01/20 23:19:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions\home2@tomtom.com
[2009/08/16 13:30:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mozilla\Extensions\mozswing@mozswing.org

O1 HOSTS File: ([2006/09/18 16:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2 - BHO: (HP Print Enhancer) - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
O2 - BHO: (PopKill Class) - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\pkR.dll (Rogers)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar BHO) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (HP Smart BHO Class) - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe (Research In Motion Limited)
O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [DVDAgent] C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [RogersServicepointAgent.exe] C:\Program Files (x86)\Rogers Online Protection\Rogers Servicepoint Agent\RogersServicepointAgent.exe (Rogers)
O4 - HKLM..\Run: [TSMAgent] C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TVAgent] C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePDIRShortCut] C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ISUSPM] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [swg] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O9 - Extra Button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} http://primis.ebrary.com/support/plugins/ebraryRdr.cab (Infotl Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\avgsecuritytoolbar {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll ()
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Mike\Pictures\Random 2\Summer Walker Wallpaper Best 1 EDIT.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mike\Pictures\Random 2\Summer Walker Wallpaper Best 1 EDIT.jpg
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{489d8917-062c-11df-8ba3-00238b5ae290}\Shell\AutoRun\command - "" = G:\InstallTomTomHOME.exe -- File not found
O34 - HKLM BootExecute: (PDBoot.exe) - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync) - C:\Program Files (x86)\AVG\AVG10\avgchsva.exe (AVG Technologies CZ, s.r.o.)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart) - C:\Program Files (x86)\AVG\AVG10\avgrsa.exe (AVG Technologies CZ, s.r.o.)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010/11/12 23:35:00 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Documents\Desktop\OTL.exe
[2010/11/12 23:26:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Malwarebytes
[2010/11/12 23:26:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2010/11/12 23:26:11 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010/11/12 23:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010/11/12 23:26:09 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010/11/12 23:26:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010/11/12 20:41:58 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Documents\Desktop\TFC.exe
[2010/11/12 15:14:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/11/12 15:14:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/11/12 15:14:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2010/11/12 15:11:00 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/11/12 15:06:52 | 000,000,000 | ---D | C] -- C:\Windows\LastGood.Tmp
[2010/11/06 22:20:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2010/11/06 20:52:47 | 000,000,000 | ---D | C] -- C:\rsit
[2010/11/06 13:40:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2010/11/05 17:20:47 | 000,000,000 | -H-D | C] -- C:\$AVG
[2010/11/05 16:24:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\AVG10
[2010/11/05 16:23:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2010/11/05 16:23:31 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Security Toolbar
[2010/11/05 16:22:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\AVG
[2010/11/05 16:21:34 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG10
[2010/11/05 16:21:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\AVG
[2010/11/05 16:19:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG
[2010/11/05 16:13:04 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2010/11/04 20:45:32 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\hpqLog
[2010/11/04 12:35:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpywareBlaster
[2010/11/04 10:49:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010/11/04 10:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010/10/27 10:08:28 | 001,927,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2010/10/27 10:08:27 | 001,696,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2010/10/27 10:08:25 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Apphlpdm.dll
[2010/10/27 10:08:25 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Apphlpdm.dll
[2010/10/27 10:08:24 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\GameUXLegacyGDFs.dll
[2010/10/27 10:08:24 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\SysNative\GameUXLegacyGDFs.dll
[2010/10/27 09:55:23 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010/10/27 09:55:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010/10/27 09:55:22 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010/10/22 16:20:40 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Windows Live Writer
[2010/10/22 16:20:40 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Windows Live Writer
[2010/10/22 10:49:10 | 000,000,000 | ---D | C] -- C:\Windows\en
[2010/10/22 10:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010/10/22 10:42:08 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2010/10/22 10:41:53 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010/10/22 10:40:45 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2010/10/22 10:40:45 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2010/10/22 10:40:43 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2010/10/22 10:40:43 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2010/10/22 10:40:00 | 004,398,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx9_32.dll
[2010/10/22 10:40:00 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_32.dll
[2010/10/22 10:38:44 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\Windows Live
[2010/10/22 10:36:10 | 001,103,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webservices.dll
[2010/10/22 10:36:10 | 000,754,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webservices.dll
[2010/10/18 14:01:45 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Britton 2010
[2010/10/14 12:46:23 | 001,915,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ole32.dll
[2010/10/14 12:46:17 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40.dll
[2010/10/14 12:46:17 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc40u.dll
[2010/10/14 12:46:13 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\t2embed.dll
[2010/10/14 12:46:12 | 000,157,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\t2embed.dll
[2010/10/14 12:46:06 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\comctl32.dll
[2010/10/14 12:45:58 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msshsq.dll
[2010/10/14 12:45:58 | 000,231,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msshsq.dll
[2010/10/14 12:45:41 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010/10/14 12:45:41 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010/10/14 12:45:40 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010/10/14 12:45:40 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010/10/14 12:45:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010/10/14 12:45:39 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010/10/14 12:45:39 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010/10/14 12:45:39 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010/10/14 12:45:38 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010/10/14 12:45:38 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2010/10/14 12:45:37 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2010/10/14 12:45:37 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2010/10/14 12:45:37 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010/10/14 12:45:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2010/10/14 12:45:37 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2010/10/14 12:45:36 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2010/10/14 12:45:36 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010/10/14 12:45:36 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2010/10/14 12:45:36 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2010/10/14 12:45:36 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2010/10/14 12:45:35 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010/10/14 12:45:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2010/10/14 12:45:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2010/10/14 12:45:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2010/10/14 12:45:35 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2010/10/14 12:45:35 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2010/10/14 12:45:34 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010/10/14 12:45:34 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010/10/14 12:45:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2010/10/14 12:45:16 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2010/10/14 12:45:16 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sscore.dll
[2010/10/14 12:45:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\sscore.dll
[2010/10/14 12:44:42 | 013,426,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmp.dll
[2010/10/14 12:44:38 | 010,627,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmp.dll
[2010/10/14 12:44:33 | 008,147,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmploc.DLL
[2010/10/14 12:44:32 | 008,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmploc.DLL
[2010/10/14 12:44:05 | 001,090,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmpmde.dll
[2010/10/14 12:44:05 | 000,867,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wmpmde.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Mike\Documents\*.tmp files -> C:\Users\Mike\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/11/12 23:36:34 | 236,024,380 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.dat
[2010/11/12 23:35:02 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Documents\Desktop\OTL.exe
[2010/11/12 23:26:14 | 000,000,848 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/12 23:20:11 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010/11/12 23:10:27 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010/11/12 23:10:27 | 000,609,196 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010/11/12 23:10:27 | 000,108,672 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010/11/12 23:03:01 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010/11/12 23:03:01 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010/11/12 23:02:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010/11/12 23:02:10 | 4193,472,512 | -HS- | M] () -- C:\hiberfil.sys
[2010/11/12 23:01:17 | 004,218,124 | -HS- | M] () -- C:\Windows\SysNative\drivers\fidbox.idx
[2010/11/12 23:00:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3976862297-3565332239-2422778440-1000UA.job
[2010/11/12 22:55:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010/11/12 20:55:58 | 000,000,496 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Mike.job
[2010/11/12 20:42:02 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Documents\Desktop\TFC.exe
[2010/11/12 15:16:02 | 000,001,694 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/12 11:30:04 | 099,096,967 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/12 03:00:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3976862297-3565332239-2422778440-1000Core.job
[2010/11/06 22:34:32 | 000,036,646 | ---- | M] () -- C:\Users\Mike\HJT
[2010/11/05 16:22:59 | 000,000,860 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/11/05 16:22:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/11/05 16:22:56 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/11/04 10:49:29 | 000,001,121 | ---- | M] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/11/02 22:50:48 | 000,013,853 | ---- | M] () -- C:\Users\Mike\Documents\Michael Tommasone Cover Letters.docx
[2010/11/01 21:52:23 | 000,046,592 | ---- | M] () -- C:\Users\Mike\Documents\Michael Tommasone Marketing Resume.doc
[2010/10/25 14:59:23 | 000,049,063 | ---- | M] () -- C:\Users\Mike\Documents\UFT Letter.docx
[2010/10/22 11:12:10 | 004,952,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010/10/20 13:38:52 | 008,823,233 | ---- | M] () -- C:\Users\Mike\Documents\LoaderBackup-(2010-10-20).ipd
[2010/10/20 13:30:00 | 000,047,616 | ---- | M] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/10/19 01:22:17 | 000,047,104 | ---- | M] () -- C:\Users\Mike\Documents\Michael Tommasone Sales Resume.doc
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Mike\Documents\*.tmp files -> C:\Users\Mike\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/11/12 23:26:14 | 000,000,848 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/12 15:16:02 | 000,001,694 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2010/11/12 11:30:04 | 099,096,967 | ---- | C] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2010/11/06 22:34:32 | 000,036,646 | ---- | C] () -- C:\Users\Mike\HJT
[2010/11/05 16:22:59 | 000,000,860 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2011.lnk
[2010/11/05 16:22:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\incavi.avm
[2010/11/05 16:22:56 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\AVG\iavichjw.avm
[2010/11/04 20:52:08 | 000,000,190 | ---- | C] () -- C:\ProgramData\HPWALog.txt
[2010/11/04 10:49:29 | 000,001,121 | ---- | C] () -- C:\Users\Mike\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2010/10/25 14:42:19 | 000,049,063 | ---- | C] () -- C:\Users\Mike\Documents\UFT Letter.docx
[2010/10/20 13:38:52 | 008,823,233 | ---- | C] () -- C:\Users\Mike\Documents\LoaderBackup-(2010-10-20).ipd
[2010/09/18 15:05:52 | 000,000,308 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\Rim.Desktop.Exception.log
[2010/08/13 03:22:09 | 000,001,614 | ---- | C] () -- C:\Users\Mike\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
[2010/08/13 03:19:22 | 000,443,652 | ---- | C] () -- C:\Users\Mike\AppData\Local\dd_vcredistMSI6F11.txt
[2010/08/13 03:19:20 | 000,011,456 | ---- | C] () -- C:\Users\Mike\AppData\Local\dd_vcredistUI6F11.txt
[2010/01/09 05:38:25 | 000,000,363 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2009/12/03 17:13:22 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/12/03 17:11:39 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/09/22 15:55:48 | 000,047,616 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/08/20 05:47:24 | 000,000,680 | ---- | C] () -- C:\Users\Mike\AppData\Local\d3d9caps.dat
[2009/08/14 14:26:38 | 000,000,000 | ---- | C] () -- C:\Users\Mike\AppData\Local\QSwitch.txt
[2009/08/14 14:26:38 | 000,000,000 | ---- | C] () -- C:\Users\Mike\AppData\Local\DSwitch.txt
[2009/08/14 14:26:38 | 000,000,000 | ---- | C] () -- C:\Users\Mike\AppData\Local\AtStart.txt
[2009/08/14 13:52:26 | 000,324,574 | ---- | C] () -- C:\Users\Mike\AppData\Local\dd_vcredistMSI3B37.txt
[2009/08/14 13:52:26 | 000,011,240 | ---- | C] () -- C:\Users\Mike\AppData\Local\dd_vcredistUI3B37.txt
[2008/12/26 03:59:15 | 000,000,105 | ---- | C] () -- C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log
[2008/12/26 03:59:07 | 000,000,032 | ---- | C] () -- C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
[2008/12/26 03:58:43 | 000,000,032 | ---- | C] () -- C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
[2008/12/26 03:58:13 | 000,000,032 | ---- | C] () -- C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
[2008/12/26 03:57:01 | 000,000,032 | ---- | C] () -- C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
[2008/10/18 18:45:24 | 000,000,109 | ---- | C] () -- C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2008/10/18 18:39:59 | 000,000,110 | ---- | C] () -- C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
[2008/10/18 18:38:17 | 000,000,105 | ---- | C] () -- C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2008/10/18 18:36:58 | 000,000,107 | ---- | C] () -- C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
[2008/10/18 17:46:31 | 000,218,480 | ---- | C] () -- C:\ProgramData\SymUpdate.exe
[2008/01/20 21:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini

========== LOP Check ==========

[2010/11/05 16:24:46 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG10
[2010/09/18 15:06:15 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Research In Motion
[2009/08/14 12:46:55 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Rogers Online Protection
[2010/01/20 23:19:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\TomTom
[2010/10/22 16:20:40 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Windows Live Writer
[2010/09/06 19:22:07 | 000,000,386 | ---- | M] () -- C:\Windows\Tasks\Install_NSS.job
[2010/11/12 23:00:41 | 000,032,596 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2009/08/14 12:16:56 | 000,000,036 | ---- | M] ()(C:\Windows\SysWow64\????????????????????????????????????????????????????) -- C:\Windows\SysWow64\㩃停潲牧浡䘠汩獥⠠㡸⤶剜杯牥⁳湏楬敮倠潲整瑣潩屮潒敧獲传汮湩⁥牐瑯捥楴湯卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩
[2009/08/14 12:16:56 | 000,000,036 | ---- | C] ()(C:\Windows\SysWow64\????????????????????????????????????????????????????) -- C:\Windows\SysWow64\㩃停潲牧浡䘠汩獥⠠㡸⤶剜杯牥⁳湏楬敮倠潲整瑣潩屮潒敧獲传汮湩⁥牐瑯捥楴湯卜晡䍥湯敮瑣䍜湯楦屧噘敩⹷潣普杩

========== Alternate Data Streams ==========

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

Ange8889
2010-11-13, 06:56
Here you go Ken.

Ange

OTL Extras logfile created on: 11/12/2010 11:44:33 PM - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Mike\Documents\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18975)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

4.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 53.00% Memory free
8.00 Gb Paging File | 6.00 Gb Available in Paging File | 75.00% Paging File free
Paging file location(s): ?:\pagefile.sys

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 285.62 Gb Total Space | 53.84 Gb Free Space | 18.85% Space Free | Partition Type: NTFS
Drive D: | 12.47 Gb Total Space | 1.97 Gb Free Space | 15.77% Space Free | Partition Type: NTFS

Computer Name: MIKE-PC | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[b]64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- C:\Users\Mike\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = 0D 4F 89 DC 9E 77 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DC60082-8547-4597-B372-D91B5C0BB643}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{16AFB4A3-02A7-40F5-93D1-DF8C6F8D4163}" = lport=2869 | protocol=6 | dir=in | app=system |
"{49FAA780-29B2-4D9F-A7DD-591FF5C77129}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{6745B198-9391-450B-8AA2-0F3495470FAA}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7CB2A525-20F9-4301-BE0C-78777B36B31D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{84D5B4A4-24F5-48F4-AEA3-2530B385228A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8C5FD6AB-0FC3-44A4-BDBE-742C31266F77}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |
"{8FB29BB1-C5B9-4B5D-99A9-31D20A638565}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface |
"{9D26F43D-7CE2-4490-B717-FA00E92208E3}" = lport=49161 | protocol=6 | dir=in | name=akamai netsession interface |
"{9EDC8469-F7C5-4D5A-8273-BA049BD6E9AF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{D4D55642-79A6-4D5F-913F-925A3C497543}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software music sync service discovery |
"{E8DF9B01-73C9-4B5C-A6EB-B2BA5D97332A}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software music sync service data transfer |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{095174BC-62DF-472A-9A95-F519D290151A}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{149BBE0F-ADE2-45C3-953B-C607F0F957F3}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe |
"{19821B2B-9BAD-4F27-B41F-02BED6716936}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe |
"{1B3396CC-4B13-4328-863B-D4950B3ECE4D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1BAF0EE4-5289-46E7-AAC5-F9F2B8D56A0F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{1CC104B8-68E2-4306-ABC8-6B9A46CA867E}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qp.exe |
"{1D618D55-F3AD-4952-9EC7-A2318B561DB0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\tv\qpservice.exe |
"{241E6AF0-54D7-4B96-856F-4155AC5AB46D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{27F0DCFB-366F-47D7-9F1A-F8EFABF082C2}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{30DA3D7D-F874-4E0D-A2DB-BC6EE3B087B3}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |
"{38B96834-1812-4CAF-8008-B96D767A2290}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{3C449251-DBB6-44BF-8C95-500AF436862D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3C81270A-AC1F-40EE-ABF3-8319B643EF04}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{4FBBD185-429A-4338-AC34-0C102FFCB36C}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{5219A907-DCD8-4F6F-B53F-053BF708FAD4}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{58343CEE-46CB-4689-BEEC-5EA13FB97AF3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{617572FA-BA26-4FBB-9CA0-FB1A10688991}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{64116C91-0E2B-458C-88F2-9E1AEED37585}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{67F6E121-59BB-49A6-B67C-7923CBD29DA6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgemca.exe |
"{7286AE5E-C63B-41AC-9B78-74CFCA0EC4C0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{751ED558-8706-4093-B9A8-EEEB2A6F7C7C}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe |
"{8466AB47-B463-4665-9687-5701CE9CD839}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgnsa.exe |
"{950FD0A2-9C18-4FD3-B784-2276543212B3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{A214218E-5EDF-4973-97A2-0ADF2662E8C2}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{A7130381-F980-4A03-9907-7316D4571180}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{A72BB54E-1F0B-41C3-A74C-74E5C1BB79E7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{B40C4A2E-E653-4439-AAFF-DF541CA77F4B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{B6AEDA58-7898-4C57-9785-0F370378876D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe |
"{C1454073-3529-42B7-B240-D5E8C36BA847}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{C59BBB69-5665-4F6E-B5C2-DAAB257A4026}" = protocol=17 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{C761311B-7FD7-4D8D-B4BE-6233313B1B14}" = protocol=6 | dir=in | app=c:\program files (x86)\research in motion\blackberry desktop\rim.desktop.exe |
"{CBF50A5E-A72B-4E0D-9BD2-F25C70915F9D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgdiagex.exe |
"{CC4A4AE6-5D19-4D70-86DA-6B660529258F}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe |
"{CF292E29-0842-4E98-907D-9C3302B23502}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CFBE6456-900E-47CD-A061-C1763D651B7B}" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{D850BE48-2375-41FE-8252-5D435890C30C}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{E0E34ACA-B4F3-4CBD-A760-B41FCBCF9338}" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"{FDFFB601-2A47-4A75-B7C9-16447AD95C8D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{21185083-5C3F-45E1-A52F-1279E0724967}" = iTunes
"{22ABA92B-6C1B-46D8-AC2B-C48EEAE172A9}" = VD64Inst
"{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}" = PerfectDisk 2008
"{2F97CE84-9C33-4631-821B-85EA371EA254}" = ProtectSmart Hard Drive Protection
"{319B58E8-4C80-4912-8EA7-24A9658120C6}" = AVG 2011
"{41BF0DE4-5BAE-4B88-AFD3-86A30B222186}" = Bonjour
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{58FE4F4C-C1BF-4884-AEAC-347FDA6525AC}" = RPS RpsCore64
"{5BF8A577-B334-49BE-A7B2-349C1F1B0C58}" = AVG 2011
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{889450B1-87C5-4A38-B766-DBBC9845EABE}" = HP MediaSmart SmartMenu
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{97A05756-BB54-42B9-A606-06C47E102548}" = RPS Burn64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"07B260955637F1FF7587ED2AA87459040DD09BF7" = Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"AVG" = AVG 2011
"Broadcom 802.11b Network Adapter" = Broadcom 802.11 Wireless LAN Adapter
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"{0054A0F6-00C9-4498-B821-B5C9578F433E}" = HP Help and Support
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07A5026D-5F9F-43D1-9073-C2F882D417E7}" = HP User Guides 0128
"{082702D5-5DD8-4600-BCE5-48B15174687F}" = HP Doc Viewer
"{08312997-5335-44F9-AAEC-63E79C859681}" = RPS Diagnostic Utility
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}" = HP Total Care Advisor
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{17424F35-8B77-4ADF-BC63-BF9B81418539}" = Apple Application Support
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23C12370-3A82-4558-B727-F345B473AD87}" = BlackBerry Device Software Updater
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216015FF}" = Java(TM) 6 Update 22
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{30D3B7BC-5798-45D9-822D-05CA18F39E99}" = HPTCSSetup
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons 6.40 H2
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{352310C3-E46B-42D3-8F32-54721FDD72D9}" = NetZero Preloader
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Vista
"{3E2220FD-AF5A-4EB3-8C06-8279BEA76041}" = RPS SafeConnect
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{45A136EC-88BF-4B95-99F5-C45D3930E1CC}" = HP MULTIPLE MODEM INSTALLER for VISTA
"{498C777C-415A-44FC-AE23-BB0A6967D5AB}" = Rogers Online Protection
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A9849CA-E11C-4F24-8BB1-97C717A1C898}" = LightScribe System Software
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{54CC7901-804D-4155-B353-21F0CC9112AB}" = HP Wireless Assistant
"{57A5AEC1-97FC-474D-92C4-908FCC2253D4}" = HP Customer Experience Enhancements
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6423EF83-6E1D-4D22-A36F-689CD19FD4D2}" = Juno Preloader
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6A370610-3778-44AF-9AAC-69B2FD1A3356}" = Microsoft Live Search Toolbar
"{6C8085FF-C8F6-4F80-8284-29C8074AF116}" = RPS Firewall
"{6F9301C3-F016-450D-97A1-B376DB98E967}" = RPS CRT
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72EEC7DF-A8AE-4E2B-AE11-D79C5400E12A}" = RPS ParentalControl
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7B798B31-2F33-4DC8-BDA4-D36488E86636}" = Slingbox - Watch Your TV Anywhere
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0409-1000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0116-0409-1000-0000000FF1CE}_ULTIMATER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95140000-007A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1" = RunAlyzer
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.0
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C189C757-6AEC-4595-BBEB-C9C7B8FD7CC6}" = RPS PopupBlocker
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}" = HP Active Support Library
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D25F26E6-7F37-4580-9E83-2BDD9BE9E0CE}" = BlackBerry Desktop Software 6.0
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}" = muvee Reveal
"{DD65F789-6298-4142-B12A-4C11AFA7BEB9}" = RPS Ksdk
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E7004147-2CCA-431C-AA05-2AB166B9785D}" = QuickTime
"{EB08E682-ED03-4374-9DF4-08226E637FFB}" = RPS PerfectDiskStub
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F31E534B-4199-4552-8154-5C130710D68E}" = HP Total Care Advisor
"{FCA64D6D-3D83-41BE-99AC-F3D5EF281527}" = RPS RpsCore
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"AC3Filter_is1" = AC3Filter 1.63b
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"BlackBerry_{205A5182-EFC8-4C25-B61D-C164F8FF4048}" = BlackBerry Desktop Software 5.0.1
"BlackBerry_Desktop" = BlackBerry Desktop Software 6.0
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Setup.divx.com" = DivX Setup
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}" = SlingPlayer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}" = HP MediaSmart TV
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"NSS" = Norton Security Scan
"RadialpointClientGateway_is1" = Rogers Servicepoint Agent 2.0.21
"Soulseek2" = SoulSeek 157 NS 13e
"SpywareBlaster_is1" = SpywareBlaster 4.4
"StarCraft II" = StarCraft II
"Sweepi_is1" = Sweepi 5.4.00
"TomTom HOME" = TomTom HOME 2.7.6.2056
"ULTIMATER" = Microsoft Office Ultimate 2007
"VLC media player" = VLC media player 1.1.4
"WildTangent hp Master Uninstall" = My HP Games
"WinLiveSuite" = Windows Live Essentials

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/6/2010 10:43:28 PM | Computer Name = Mike-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 11/6/2010 10:45:41 PM | Computer Name = Mike-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 11/6/2010 10:45:41 PM | Computer Name = Mike-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 11/6/2010 10:45:42 PM | Computer Name = Mike-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 11/6/2010 10:45:43 PM | Computer Name = Mike-PC | Source = MsiInstaller | ID = 11500
Description =

Error - 11/6/2010 10:47:57 PM | Computer Name = Mike-PC | Source = Application Hang | ID = 1002
Description = The program avgui.exe version 10.0.0.1150 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1a40 Start Time: 01cb7e26178bb18c Termination Time: 62

Error - 11/6/2010 10:50:09 PM | Computer Name = Mike-PC | Source = WinMgmt | ID = 10
Description =

Error - 11/6/2010 11:17:58 PM | Computer Name = Mike-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =

Error - 11/6/2010 11:26:05 PM | Computer Name = Mike-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 97c Start Time: 01cb7e26a8118e56 Termination Time: 5894

Error - 11/7/2010 3:50:35 AM | Computer Name = Mike-PC | Source = WinMgmt | ID = 10
Description =

[ System Events ]
Error - 2/8/2010 3:42:11 PM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7011
Description =

Error - 2/10/2010 4:04:25 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 2/10/2010 4:04:25 AM | Computer Name = Mike-PC | Source = DCOM | ID = 10005
Description =

Error - 2/10/2010 4:04:25 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/10/2010 4:04:25 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 2/10/2010 4:04:25 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/10/2010 4:24:26 AM | Computer Name = Mike-PC | Source = DCOM | ID = 10010
Description =

Error - 2/10/2010 4:28:15 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 2/10/2010 4:28:15 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 2/10/2010 4:30:07 AM | Computer Name = Mike-PC | Source = Service Control Manager | ID = 7026
Description =


< End of report >

ken545
2010-11-13, 07:13
Hi,

I am not looking at any malware on your log and Malwarebytes did not find anything, what I am looking at are three anti virus programs running and this can seriously hamper system performance and cause other issues.

Rogers Online Protection
AVG Technologies
Kaspersky Lab

You need to decide which one you want to keep and uninstall the other two via Programs and Features in the Control Panel. If AVG is the free version than thats one of them that I would consider removing, but the one you keep is totally up to you.


What we can do is run another scan to check for a Rootkit, this type of infection hides from most scanners.


Rootkit Unhooker


Please Download Rootkit Unhooker (http://www.rootkit.com/vault/DiabloNova/RKUnhookerLE.EXE) and Save it to your desktop.
Now double-click on RKUnhookerLE.exe to run it.
Click the Report tab, then click Scan.
Check (Tick) Drivers, Stealth. Uncheck the rest, then Click OK.
Wait till the scanner has finished and then click File, Save Report.
Save the report somewhere where you can find it. Click Close.


Copy the entire contents of the report and paste it in your next reply here.

Note: You may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

Ange8889
2010-11-13, 17:22
Hi Ken,

Thanks for your prognosis. The AVG was installed a week ago after the problems were occurring (more out of desperation to find the underlying problem). I have since uninstalled. Don't know how Kapersky lab appeared on my registry (?). I tried to follow the link you posted for the rootkit unhooker but I get a window telling me there it doesn't exist. Please advise.

Ange

ken545
2010-11-13, 18:15
It may have been pulled, try this one

http://img.photobucket.com/albums/v666/sUBs/gmer_zip.gif
Please download GMER from one of the following locations, and save it to your desktop:

Main Mirror (http://gmer.net/download.php)
This version will download a randomly named file (Recommended)
Zip Mirror (http://gmer.net/gmer.zip)
This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.



Extract the contents of the zipped file to desktop (applicable only to Zip mirror) .
Double click http://billy-oneal.com/forums/gmer/gmerRandomIcon.png or http://billy-oneal.com/forums/gmer/gmerDesktopIcon.png on your desktop.
If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
http://billy-oneal.com/forums/gmer/gmerNoDialog.png

http://www.geekstogo.com/misc/guide_icons/GMER_thumb.jpg (http://www.geekstogo.com/misc/guide_icons/GMER_instructions.jpg)
Click the image to enlarge it

In the right panel, you will see several boxes that have been checked. Uncheck the following ...
IAT/EAT
Drives/Partition other than Systemdrive (typically C:\)
Show All (don't miss this one)

Then click the Scan button & wait for it to finish.
Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.

Save it where you can easily find it, such as your desktop, and attach it in your reply.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

Ange8889
2010-11-14, 04:06
Hi Ken,

Clearly there is something wrong with this lap top. I followed your instructions to download the program. When I double click, it does not allow me the options to click or unclick much on the side bar. Should I just run the scan? I have doing a lot of research in the meantime. I thought it was malware or something pesky in there; I'm wondering if files are corrupt??? There was an appearance of 'yield manager' at one point (could that be a problem?)

Appreciate your time and patience,

Ange

ken545
2010-11-14, 06:41
Hello Ange,

Yield Manager is just a tracking cookie, pesky but no harm to your system.

Try running GMER in Safemode, see if you can still uncheck according to the picture

To Enter Safemode

Go to Start> Shut off your Computer> Restart
As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.
Use the Up and Down Arrow Keys to scroll up to Safemode
Then press the Enter Key on your Keyboard

Tutorial if you need it How to boot into Safemode (http://www.bleepingcomputer.com/tutorials/tutorial61.html)

Ange8889
2010-11-14, 19:30
Hi Ken,

So I followed your instructions and still had no luck in safe mode. But get this, I rebooted the computer and when it was up and running I get a notification from Rogers Protection:


Trojan.Win32.Vilsel.avav was detected but could not be quarantined or cleaned. I let Rogers complete the virus scan and nothing else came up.


What are your thoughts? Any other way I can run the GMER?

THANKS a million for your time and help....

Ange

ken545
2010-11-14, 19:48
Ange,

Your running the 64bit version of Vista, this is a good thing , but the downside is a lot of out tools have not been written yet to run on a 64bit operating system.

Give this one a try.

Please download Rooter Rootkit Detector (http://eric.71.mespages.googlepages.com/Rooter.exe) to your Desktop

Doubleclick it to start the tool.
A Notepad file containing the report will open, also found at %systemdrive% (usually C:\Rooter.txt.
Post the report for me to see.

Ange8889
2010-11-14, 20:04
Hi Ken,

Did as you asked. When I double click the icon and give it permission to run, I have to press the scan button, and then I get a message that Malware stopped working and it shuts down....

Ange

ken545
2010-11-14, 21:51
This one will check for a particular rootkit, remember with Vista you need to RIGHT CLICK ON IT AND RUN AS ADMINISTRATOR


Download TDSSKiller (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) and save it to your Desktop.

Extract the file and run it.

Once completed it will create a log in your C:\ drive called TDSSKiller_* (* denotes version & date)

Please post the content of the TDSSKiller log

Ange8889
2010-11-15, 01:34
Hi Ken,

Here you go...

Thanks!

Ange

2010/11/14 18:31:40.0101 TDSS rootkit removing tool 2.4.7.0 Nov 8 2010 10:52:22
2010/11/14 18:31:40.0101 ================================================================================
2010/11/14 18:31:40.0101 SystemInfo:
2010/11/14 18:31:40.0101
2010/11/14 18:31:40.0101 OS Version: 6.0.6002 ServicePack: 2.0
2010/11/14 18:31:40.0101 Product type: Workstation
2010/11/14 18:31:40.0101 ComputerName: MIKE-PC
2010/11/14 18:31:40.0102 UserName: Mike
2010/11/14 18:31:40.0102 Windows directory: C:\Windows
2010/11/14 18:31:40.0102 System windows directory: C:\Windows
2010/11/14 18:31:40.0102 Running under WOW64
2010/11/14 18:31:40.0102 Processor architecture: Intel x64
2010/11/14 18:31:40.0102 Number of processors: 2
2010/11/14 18:31:40.0102 Page size: 0x1000
2010/11/14 18:31:40.0102 Boot type: Normal boot
2010/11/14 18:31:40.0102 ================================================================================
2010/11/14 18:31:40.0102 Utility is running under WOW64
2010/11/14 18:31:41.0506 Initialize success
2010/11/14 18:31:44.0443 ================================================================================
2010/11/14 18:31:44.0443 Scan started
2010/11/14 18:31:44.0443 Mode: Manual;
2010/11/14 18:31:44.0443 ================================================================================
2010/11/14 18:31:46.0023 Accelerometer (60fbb29ccce48b4c3a6517caf42c3496) C:\Windows\system32\DRIVERS\Accelerometer.sys
2010/11/14 18:31:46.0085 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
2010/11/14 18:31:46.0170 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
2010/11/14 18:31:46.0329 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
2010/11/14 18:31:46.0375 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
2010/11/14 18:31:46.0418 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
2010/11/14 18:31:46.0618 AFD (12415ccfd3e7cec55b5184e67b039fe4) C:\Windows\system32\drivers\afd.sys
2010/11/14 18:31:46.0807 AgereSoftModem (6051b172930f3b2723d04c555f7ec55a) C:\Windows\system32\DRIVERS\agrsm64.sys
2010/11/14 18:31:47.0132 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
2010/11/14 18:31:47.0331 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
2010/11/14 18:31:47.0553 aliide (e0ca5bb8e6c79533dc6b1da7361a201e) C:\Windows\system32\drivers\aliide.sys
2010/11/14 18:31:47.0657 amdide (7034f8d1b9703d711d3f92c95deb377d) C:\Windows\system32\drivers\amdide.sys
2010/11/14 18:31:47.0860 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
2010/11/14 18:31:47.0969 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
2010/11/14 18:31:48.0009 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
2010/11/14 18:31:48.0102 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
2010/11/14 18:31:48.0222 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
2010/11/14 18:31:48.0444 BCM43XX (a4815907b039121d8d9221695cdc35f7) C:\Windows\system32\DRIVERS\bcmwl664.sys
2010/11/14 18:31:48.0692 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
2010/11/14 18:31:48.0786 bowser (8b2b19031d0aeade6e1b933df1acba7e) C:\Windows\system32\DRIVERS\bowser.sys
2010/11/14 18:31:48.0972 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
2010/11/14 18:31:49.0069 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
2010/11/14 18:31:49.0260 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
2010/11/14 18:31:49.0395 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
2010/11/14 18:31:49.0504 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
2010/11/14 18:31:49.0582 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
2010/11/14 18:31:49.0678 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
2010/11/14 18:31:49.0833 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
2010/11/14 18:31:50.0006 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
2010/11/14 18:31:50.0188 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\DRIVERS\circlass.sys
2010/11/14 18:31:50.0308 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
2010/11/14 18:31:50.0561 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
2010/11/14 18:31:50.0634 cmdide (8c6aa24c1d7273a02284588426ab8ce3) C:\Windows\system32\drivers\cmdide.sys
2010/11/14 18:31:50.0923 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
2010/11/14 18:31:51.0357 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
2010/11/14 18:31:51.0598 DefragFS (66faeea620beb34fd43479fe5518da34) C:\Windows\system32\drivers\DefragFS.sys
2010/11/14 18:31:51.0818 DfsC (36cd31121f228e7e79bae60aa45764c6) C:\Windows\system32\Drivers\dfsc.sys
2010/11/14 18:31:52.0029 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
2010/11/14 18:31:52.0232 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
2010/11/14 18:31:52.0363 DXGKrnl (1d96e28ebcd96ad1b44a3fd02ca6433d) C:\Windows\System32\drivers\dxgkrnl.sys
2010/11/14 18:31:52.0568 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
2010/11/14 18:31:52.0835 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
2010/11/14 18:31:52.0986 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
2010/11/14 18:31:53.0147 enecir (f218a3a27ed6592c0e22ec3595554447) C:\Windows\system32\DRIVERS\enecir.sys
2010/11/14 18:31:53.0232 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
2010/11/14 18:31:53.0366 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
2010/11/14 18:31:53.0479 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
2010/11/14 18:31:53.0576 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
2010/11/14 18:31:53.0707 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
2010/11/14 18:31:53.0769 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
2010/11/14 18:31:53.0851 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
2010/11/14 18:31:53.0954 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
2010/11/14 18:31:54.0122 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
2010/11/14 18:31:54.0197 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
2010/11/14 18:31:54.0232 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
2010/11/14 18:31:54.0388 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2010/11/14 18:31:54.0545 HdAudAddService (df45f8142dc6df9d18c39b3effbd0409) C:\Windows\system32\drivers\HdAudio.sys
2010/11/14 18:31:54.0660 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
2010/11/14 18:31:54.0823 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
2010/11/14 18:31:54.0869 HidIr (5f47839455d01ff6403b008d481a6f5b) C:\Windows\system32\DRIVERS\hidir.sys
2010/11/14 18:31:54.0954 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
2010/11/14 18:31:55.0081 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
2010/11/14 18:31:55.0147 hpdskflt (4a435ca815a54639ca09ddf75d751ebc) C:\Windows\system32\DRIVERS\hpdskflt.sys
2010/11/14 18:31:55.0213 HpqKbFiltr (0ecc54fd34d6a089c300846b011e81d6) C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
2010/11/14 18:31:55.0325 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
2010/11/14 18:31:55.0404 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
2010/11/14 18:31:55.0442 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
2010/11/14 18:31:55.0550 iaStor (8d58627fef3f8767665d9f4dc91cbd97) C:\Windows\system32\DRIVERS\iaStor.sys
2010/11/14 18:31:55.0621 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
2010/11/14 18:31:55.0971 igfx (cf00559906e45ecc6f035913880be2fc) C:\Windows\system32\DRIVERS\igdkmd64.sys
2010/11/14 18:31:56.0189 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
2010/11/14 18:31:56.0267 IntcHdmiAddService (dea2ab452b4fa773187369c4b6517320) C:\Windows\system32\drivers\IntcHdmi.sys
2010/11/14 18:31:56.0316 intelide (475490caf376e55e6e8b37bbdfeb2e81) C:\Windows\system32\drivers\intelide.sys
2010/11/14 18:31:56.0363 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
2010/11/14 18:31:56.0444 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2010/11/14 18:31:56.0524 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
2010/11/14 18:31:56.0544 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
2010/11/14 18:31:56.0604 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
2010/11/14 18:31:56.0634 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
2010/11/14 18:31:56.0704 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
2010/11/14 18:31:56.0724 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
2010/11/14 18:31:56.0754 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
2010/11/14 18:31:56.0794 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
2010/11/14 18:31:56.0844 kbdhid (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
2010/11/14 18:31:56.0924 KLIF (314aad588fe24a6d82e7b24e1c063922) C:\Windows\system32\DRIVERS\klif.sys
2010/11/14 18:31:57.0034 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
2010/11/14 18:31:57.0068 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
2010/11/14 18:31:57.0150 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
2010/11/14 18:31:57.0204 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
2010/11/14 18:31:57.0228 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
2010/11/14 18:31:57.0256 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
2010/11/14 18:31:57.0284 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
2010/11/14 18:31:57.0323 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
2010/11/14 18:31:57.0375 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
2010/11/14 18:31:57.0454 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
2010/11/14 18:31:57.0482 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
2010/11/14 18:31:57.0536 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
2010/11/14 18:31:57.0576 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
2010/11/14 18:31:57.0592 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
2010/11/14 18:31:57.0640 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
2010/11/14 18:31:57.0684 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
2010/11/14 18:31:57.0715 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
2010/11/14 18:31:57.0772 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
2010/11/14 18:31:57.0822 mrxsmb (d58d129e26705e83a4deba7177eb7972) C:\Windows\system32\DRIVERS\mrxsmb.sys
2010/11/14 18:31:57.0910 mrxsmb10 (d5be5c14e0f1dc489f5bb2a67983f630) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2010/11/14 18:31:57.0974 mrxsmb20 (09a2990c3b293c212816c9bc0d7c200e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2010/11/14 18:31:58.0028 msahci (e7e3e515d1d33a2a372d7fce2bbef5d9) C:\Windows\system32\drivers\msahci.sys
2010/11/14 18:31:58.0048 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
2010/11/14 18:31:58.0100 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
2010/11/14 18:31:58.0139 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
2010/11/14 18:31:58.0212 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
2010/11/14 18:31:58.0229 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
2010/11/14 18:31:58.0271 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
2010/11/14 18:31:58.0321 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
2010/11/14 18:31:58.0360 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
2010/11/14 18:31:58.0390 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
2010/11/14 18:31:58.0418 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
2010/11/14 18:31:58.0505 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
2010/11/14 18:31:58.0646 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
2010/11/14 18:31:58.0702 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
2010/11/14 18:31:58.0732 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
2010/11/14 18:31:58.0781 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
2010/11/14 18:31:58.0811 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
2010/11/14 18:31:58.0845 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
2010/11/14 18:31:58.0894 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
2010/11/14 18:31:59.0053 NETw3v64 (c86984aee87900c1eeb6942ede3bf4b6) C:\Windows\system32\DRIVERS\NETw3v64.sys
2010/11/14 18:31:59.0172 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
2010/11/14 18:31:59.0222 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
2010/11/14 18:31:59.0253 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
2010/11/14 18:31:59.0340 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
2010/11/14 18:31:59.0410 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
2010/11/14 18:31:59.0441 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
2010/11/14 18:31:59.0463 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
2010/11/14 18:31:59.0503 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
2010/11/14 18:31:59.0621 ohci1394 (1b30103fde512915a9214b108b6e7a9c) C:\Windows\system32\DRIVERS\ohci1394.sys
2010/11/14 18:31:59.0684 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
2010/11/14 18:31:59.0748 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
2010/11/14 18:31:59.0809 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
2010/11/14 18:31:59.0847 pciide (15e5c3f89a3452efbda3b39816dbc4ee) C:\Windows\system32\drivers\pciide.sys
2010/11/14 18:31:59.0882 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
2010/11/14 18:31:59.0999 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
2010/11/14 18:32:00.0164 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
2010/11/14 18:32:00.0192 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
2010/11/14 18:32:00.0278 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
2010/11/14 18:32:00.0341 PxHlpa64 (fbf4db6d53585437e41a113300002a2b) C:\Windows\system32\Drivers\PxHlpa64.sys
2010/11/14 18:32:00.0438 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
2010/11/14 18:32:00.0488 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
2010/11/14 18:32:00.0535 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
2010/11/14 18:32:00.0676 RadialpointSafeConnectDriver (c85903b283370a779ec3d814c749f6cb) C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Driver\platform_VISTA\SafeConnectDriver.sys
2010/11/14 18:32:00.0712 RadialpointSafeConnectFilter (3a9cea830a1cad1c6374dcf95bd92520) C:\Program Files (x86)\Rogers Online Protection\Rogers Online Protection\SafeConnect\Driver\platform_VISTA\SafeConnectFilter.sys
2010/11/14 18:32:00.0736 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
2010/11/14 18:32:00.0786 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
2010/11/14 18:32:00.0833 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
2010/11/14 18:32:00.0878 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
2010/11/14 18:32:00.0916 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
2010/11/14 18:32:00.0980 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
2010/11/14 18:32:01.0019 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
2010/11/14 18:32:01.0066 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
2010/11/14 18:32:01.0124 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
2010/11/14 18:32:01.0213 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
2010/11/14 18:32:01.0289 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
2010/11/14 18:32:01.0383 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
2010/11/14 18:32:01.0468 RPPKT (fe15c4c61b51159e8c826b64ff89b1ea) C:\Windows\system32\DRIVERS\rp_pkt64.sys
2010/11/14 18:32:01.0513 RPSKT (98f7aa362690324afa5c328c48cec932) C:\Windows\system32\DRIVERS\rp_skt64.sys
2010/11/14 18:32:01.0546 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
2010/11/14 18:32:01.0623 RTL8169 (af7074e1d6a8a66204067ee8b2a8327a) C:\Windows\system32\DRIVERS\Rtlh64.sys
2010/11/14 18:32:01.0672 RTSTOR (aa3987386cf7d9005c42bc974634bd56) C:\Windows\system32\drivers\RTSTOR64.SYS
2010/11/14 18:32:01.0704 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
2010/11/14 18:32:01.0799 sdbus (b42ee50f7d24f837f925332eb349eca5) C:\Windows\system32\DRIVERS\sdbus.sys
2010/11/14 18:32:01.0838 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2010/11/14 18:32:01.0871 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
2010/11/14 18:32:01.0911 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
2010/11/14 18:32:01.0937 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
2010/11/14 18:32:02.0012 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
2010/11/14 18:32:02.0049 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
2010/11/14 18:32:02.0070 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
2010/11/14 18:32:02.0097 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
2010/11/14 18:32:02.0135 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
2010/11/14 18:32:02.0162 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
2010/11/14 18:32:02.0215 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
2010/11/14 18:32:02.0311 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
2010/11/14 18:32:02.0418 srv (8cd33a47ca02c79038b669f31f95bdac) C:\Windows\system32\DRIVERS\srv.sys
2010/11/14 18:32:02.0490 srv2 (1bedf533096c56e70f87e3e3ee02caf5) C:\Windows\system32\DRIVERS\srv2.sys
2010/11/14 18:32:02.0534 srvnet (2b8c340f830c465f514d966f7e6a822f) C:\Windows\system32\DRIVERS\srvnet.sys
2010/11/14 18:32:02.0656 STHDA (e01797a54f8a61512b7e590fde6d1988) C:\Windows\system32\DRIVERS\stwrt64.sys
2010/11/14 18:32:02.0707 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
2010/11/14 18:32:02.0744 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
2010/11/14 18:32:02.0772 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
2010/11/14 18:32:02.0798 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
2010/11/14 18:32:02.0840 SynTP (c851305e2bcfce8aaa53342f912ddd7f) C:\Windows\system32\DRIVERS\SynTP.sys
2010/11/14 18:32:02.0971 Tcpip (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\drivers\tcpip.sys
2010/11/14 18:32:03.0077 Tcpip6 (973658a2ea9c06b2976884b9046dfc6c) C:\Windows\system32\DRIVERS\tcpip.sys
2010/11/14 18:32:03.0146 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
2010/11/14 18:32:03.0188 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
2010/11/14 18:32:03.0207 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
2010/11/14 18:32:03.0263 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
2010/11/14 18:32:03.0335 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
2010/11/14 18:32:03.0498 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
2010/11/14 18:32:03.0528 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
2010/11/14 18:32:03.0599 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
2010/11/14 18:32:03.0655 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
2010/11/14 18:32:03.0717 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
2010/11/14 18:32:03.0778 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
2010/11/14 18:32:03.0822 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
2010/11/14 18:32:03.0847 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
2010/11/14 18:32:03.0877 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
2010/11/14 18:32:03.0919 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
2010/11/14 18:32:04.0019 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
2010/11/14 18:32:04.0057 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
2010/11/14 18:32:04.0124 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
2010/11/14 18:32:04.0192 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
2010/11/14 18:32:04.0224 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
2010/11/14 18:32:04.0248 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
2010/11/14 18:32:04.0298 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
2010/11/14 18:32:04.0361 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
2010/11/14 18:32:04.0435 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
2010/11/14 18:32:04.0488 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
2010/11/14 18:32:04.0541 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
2010/11/14 18:32:04.0583 viaide (4f964e6828156f0ef3fa8d3a9a7895de) C:\Windows\system32\drivers\viaide.sys
2010/11/14 18:32:04.0624 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
2010/11/14 18:32:04.0681 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
2010/11/14 18:32:04.0742 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
2010/11/14 18:32:04.0788 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
2010/11/14 18:32:04.0847 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
2010/11/14 18:32:04.0905 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/14 18:32:04.0924 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
2010/11/14 18:32:04.0963 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
2010/11/14 18:32:05.0016 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
2010/11/14 18:32:05.0183 winusb (7f2f9e48566b2087f2aaad258cb2a8d4) C:\Windows\system32\DRIVERS\WinUSB.SYS
2010/11/14 18:32:05.0264 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
2010/11/14 18:32:05.0344 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
2010/11/14 18:32:05.0439 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
2010/11/14 18:32:05.0523 yukonx64 (07f7285220307aafb755d890295f0f9a) C:\Windows\system32\DRIVERS\yk60x64.sys
2010/11/14 18:32:05.0600 ================================================================================
2010/11/14 18:32:05.0600 Scan finished
2010/11/14 18:32:05.0600 ================================================================================

ken545
2010-11-15, 02:37
That program you just ran checks for and removes the TDSS rootkit and it did not find anything.

See if you can run this free online virus scanner

Please run this free online virus scanner from ESET (http://www.eset.com/onlinescan/)

Note: You will need to use Internet explorer for this scan
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Click Start
Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked
Click Scan
Wait for the scan to finish
Use notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
Copy and paste that log as a reply to this topic

Ange8889
2010-11-15, 16:54
Hi Ken,

I ran the scan. At the end it stated 'no threats found.' I could not locate a log in the C drive.

Ange

ken545
2010-11-15, 17:12
:bigthumb:

How are things running now ?

Ange8889
2010-11-15, 22:21
Hi Ken,

Difficult to say; it appears that all the things we have done show no threat. Do you think this is not a malware issue but a system issue (ie. corrupt files??).

I really appreciate all the time and advise you have given. I gather there is nothing lurking in the system???

Ange

ken545
2010-11-15, 23:36
I may have given you an outdated link for Rootkit Unhooker, here is the new link, see if you can run it and post the log. If no threats found than I can link you to a good windows forum as your problem may be windows related


Rootkit Unhooker


Please Download Rootkit Unhooker (http://www.kernelmode.info/ARKs/RkU3.8.388.590.rar) and Save it to your desktop.
Note** it is zipped up in a .rar file - If you do not have a program to unzip this type of file -
you can get a free one from here - http://www.7-zip.org/

Now double-click on RKUnhookerLE.exe to run it.
Click the Report tab, then click Scan.
Check (Tick) Drivers, Stealth. Uncheck the rest, then Click OK.
Wait till the scanner has finished and then click File, Save Report.
Save the report somewhere where you can find it. Click Close.


Copy the entire contents of the report and paste it in your next reply here.

Note: You may get the following warning, just click OK and continue.

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"

Ange8889
2010-11-16, 04:55
Hi Ken,

I followed your instructions; when I tried to run the program I got an 'error loading driver' window.

Ange

ken545
2010-11-16, 10:59
Lets run one more program and see if it finds anything

Please download SuperAntiSpyware Free (http://www.superantispyware.com/superantispyware.html)
Install the program

Run SuperAntiSpyware and click: Check for updates
Once the update is finished, on the main screen, click: Scan your computer
Check: Perform Complete Scan
Click Next to start the scan.

Superantispyware scans the computer, and when finished, lists all the infections found.
Make sure everything found has a check next to it, and press: Next <-- Important
Then, click Finish

It is possible that the program asks to reboot in order to delete some files.

Obtain the SuperAntiSpyware log as follows:
Click: Preferences
Click the Statistics/Logs tab
Under Scanner Logs, double-click SuperAntiSpyware Scan Log
It opens in your default text editor (such as Notepad)

Please provide the SuperAntiSpyware log in your next reply

Ange8889
2010-11-16, 18:45
Hi Ken,

Well, it worked! Here is the log....

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/16/2010 at 11:29 AM

Application Version : 4.45.1000

Core Rules Database Version : 5866
Trace Rules Database Version: 3678

Scan type : Complete Scan
Total Scan Time : 01:22:19

Memory items scanned : 636
Memory threats detected : 0
Registry items scanned : 14597
Registry threats detected : 0
File items scanned : 45128
File threats detected : 63

Adware.Tracking Cookie
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\mike@bellcan.adbureau[1].txt
adnetwork.break.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
bootcampmedia.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
cdn4.specificclick.net [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
cdn5.specificclick.net [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
cloud.video.unrulymedia.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
content.oddcast.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
core.insightexpressai.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
ds.serving-sys.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
i.adultswim.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
ia.media-imdb.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
indieclick.3janecdn.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
m1.2mdn.net [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
macromedia.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media.bimvid.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media.comicvine.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media.ign.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media.mtvnservices.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media.noob.us [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media.scanscout.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media.socialvibe.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media01.kyte.tv [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media1.break.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
media2.firstshowing.net [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
mediaforgews.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
memecounter.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
msnbcmedia.msn.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
msntest.serving-sys.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
naiadsystems.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
naked.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
objects.tremormedia.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
s-sec.slutload-media.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
s0.2mdn.net [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
secure-us.imrworldwide.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
serving-sys.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
udn.specificclick.net [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
vitamine.networldmedia.net [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
widgets.cracked.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
www.naiadsystems.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
www.porn.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
www.pornhub.com [ C:\Users\Mike\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\JFCHTKAB ]
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\mike@bellcan.adbureau[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@adserver.adtechus[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@tacoda[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@ads.bleepingcomputer[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@www.googleadservices[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@collective-media[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@richmedia.yahoo[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@chitika[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@chitika[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@at.atwola[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@interclick[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@invitemedia[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@kontera[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@kontera[3].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@legolas-media[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@media1.break[2].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@revsci[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\Low\mike@xiti[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\mike@bs.serving-sys[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\mike@doubleclick[1].txt
C:\Users\Mike\AppData\Roaming\Microsoft\Windows\Cookies\mike@serving-sys[1].txt

Trojan.Agent/Gen-Nullo[Micro]
C:\PROGRAM FILES (X86)\MALWAREBYTES ANTI-MALWARE\SSUBTMR6.DLL

ken545
2010-11-16, 19:15
widgets.cracked.com
Your downloading Cracked Software which besides being illegal are almost 100% guaranteed to bring infections along with them

Ange8889
2010-11-17, 00:33
Hi Ken,

What is cracked software and how do you get it?

Ange

ken545
2010-11-17, 01:39
Well, its illegal and something you want to stay away from.

How are things running now ?

Ange8889
2010-11-17, 03:25
Hi Ken,

Whatever it is, can I get rid of it?

Things have definitely improved after running the scans. I'm assuming we've cleaned everything including this cracked software (?). With that said, I suspect there must be something corrupt because I can't delete anything (It just hangs as it tries to send to the recycling bin); I will continue to do research to correct that problem.

I really appreicate the time and effort you put in this.

Ange

ken545
2010-11-17, 03:47
Hello Angie,

What your describing does not necessarily mean your infected. Why don't you post here in this windows forum as it may be a windows related problem. If they cant help correcting it then post back and we try and dig a bit deeper.

http://forums.whatthetech.com/index.php?showforum=119
Like Safer its free but you will need to register. Post back and keep me updated

Ange8889
2010-11-17, 03:59
Hi Ken,

Sounds good. I'll give it a go on the forum and will keep you posted.

I hope you and the rest of the crew on this site know just how valuable you all are and highly appreciated. I tip my hat to everyone at Safe Networking for their patience and welath of knowledge. I'll be sure to make another donation.

Ange

ken545
2010-11-17, 10:41
Thank you Angie,

I will keep this thread open for you for about a week but then it needs to be closed, if its closed you can PM me to reopen it or just start a new topic.