I have been having issues the last couple days. I keep getting a file on my desktop titles pljtxaetzk.tmp. I keep deleting and it keeps coming back, it says it is 0 kb. My Norton Internet Security keeps popping up with files and such that it finds as problems and I have to restart. Some of the files are microsoftdata.dll, mousenotifierbackup.dll, conduitdata.dll and slp7162874015064228029.tmp. There are probally a few more, but just wanted to list a couple. I had also been having to shutdown IE alot, but since running spybot S&D it has not happened again. Every once in awhile I do get full IE windows opening up for various websites.

Here is the dds log.

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_23
Run by Brian at 15:39:58 on 2011-12-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4791.2538 [GMT -6:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files (x86)\Yahoo!\Widgets\YahooWidgets.exe
C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe
C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\PX Storage Engine\VxBlockServer.exe
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k HPService
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\msiexec.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\taskhost.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_clipbook.exe
C:\Windows\system32\taskeng.exe
C:\Windows\SysWOW64\msiexec.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\RUNDLL32.EXE
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://manuals.info.apple.com/en_US/iphone_user_guide.pdf
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
TB: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [winupd] C:\Users\Brian\AppData\Local\Temp:winupd.exe
mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe"
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Brian\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\YAHOO!~1.LNK - C:\Users\Brian\AppData\Local\Temp\YahooWidgets.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
Trusted Zone: cinemanow.com
Trusted Zone: qflix.com
Trusted Zone: roxio.com
Trusted Zone: sonic.com\redirect
Trusted Zone: sonic.com\redirect2
DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{2AE834AC-9CD1-4140-B188-7725B5817292} : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{50B7350A-D023-42FE-8124-23FED783F6A6} : DhcpNameServer = 192.168.0.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO-X64: HP Print Enhancer - No File
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO-X64: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
BHO-X64: Symantec NCO BHO - No File
BHO-X64: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL
BHO-X64: Symantec Intrusion Prevention - No File
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
BHO-X64: HP Smart BHO Class - No File
TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll
TB-X64: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll
TB-X64: {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File
TB-X64: {7B13EC3E-999A-4B70-B9CB-2617B8323822} - No File
TB-X64: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
mRun-x64: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
mRun-x64: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe"
mRun-x64: [CPMonitor] "C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun-x64: [(Default)]
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
mRun-x64: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Hosts: 127.0.0.1 www.spywareinfo.com (http://www.spywareinfo.com)
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\eq4u3k7t.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn_2010_9_0_6\components\coFFPlgn.dll
FF - component: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll
FF - component: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\eq4u3k7t.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko19.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npyaxmpb.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 SymDS;Symantec Data Store;C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [?]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [?]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111221.003\BHDrvx64.sys [2011-12-21 1156216]
R1 ccHP;Symantec Hash Provider;C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys --> C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [?]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20111223.001\IDSviA64.sys [2011-12-23 488568]
R1 SymIRON;Symantec Iron Driver;C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS --> C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [?]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS --> C:\Windows\system32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [?]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2009-6-23 127352]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\17.9.0.12\ccsvchst.exe [2011-10-11 126400]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2011-12-20 1153368]
R2 TomTomHOMEService;TomTomHOMEService;C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-4-22 92592]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-11 138360]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-29 136176]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-7-24 219632]
S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-7-29 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 RoxMediaDB12;RoxMediaDB12;C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-7-24 1116656]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\system32\DRIVERS\RTL8192su.sys --> C:\Windows\system32\DRIVERS\RTL8192su.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2011-12-24 19:47:13 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-24 19:47:13 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-24 19:47:13 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-24 19:47:13 43992 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll
2011-12-24 19:45:59 -------- d-----w- C:\Users\Brian\AppData\Local\{13A24111-64BE-4A3C-9C2F-B30DCA8B3C47}
2011-12-24 04:08:24 -------- d-----w- C:\Users\Brian\AppData\Local\{67FBAD34-E2C8-43C3-B958-5866076D9A72}
2011-12-24 03:53:53 -------- d-----w- C:\Users\Brian\AppData\Local\{8C3F97E5-FBBE-4F01-A56D-DAB068BE2108}
2011-12-24 03:35:22 -------- d-----w- C:\Users\Brian\AppData\Local\{10516534-CE20-4BCD-AB94-BB195B0ACD34}
2011-12-23 13:31:58 -------- d-----w- C:\Users\Brian\AppData\Local\{21DFFD81-C6CD-4C84-BB1B-7EB000EE8BEC}
2011-12-23 13:22:51 -------- d-----w- C:\Users\Brian\AppData\Local\{3DB1FC43-1FF4-4238-9508-5910F28A655B}
2011-12-22 05:24:04 -------- d-----w- C:\Users\Brian\AppData\Local\{1FBBE902-0E63-4F1C-898A-4DE7275EDE34}
2011-12-22 05:19:39 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2011-12-22 05:09:43 -------- d-----w- C:\Users\Brian\AppData\Local\{0323A6C2-5401-4730-BFF0-FC59090C619F}
2011-12-22 04:15:46 -------- d-----w- C:\Users\Brian\AppData\Local\{615644A4-EF1E-450D-8DD5-D231BCA684F3}
2011-12-22 04:08:52 -------- d-----w- C:\Users\Brian\AppData\Local\{7F4EA752-DBD9-4C2E-BB68-96CB44DF4D46}
2011-12-21 00:41:46 -------- d-----w- C:\Users\Brian\AppData\Local\{F688EEAB-249F-4A65-93EE-79A10636AA61}
2011-12-20 23:37:57 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-12-20 23:37:57 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-12-20 23:33:31 -------- d-----w- C:\Users\Brian\AppData\Local\{A93B86BC-9614-40E0-9387-EEEECC8EB676}
2011-12-20 23:17:02 -------- d-----w- C:\Users\Brian\AppData\Local\{A6BDDB56-B167-4049-9C31-0FD4286FF071}
2011-12-19 10:18:20 -------- d-----w- C:\Users\Brian\AppData\Local\{92575ECC-CC2B-42E1-9925-DDB1B414DDEC}
2011-12-19 03:13:49 -------- d-----w- C:\Users\Brian\AppData\Local\{6B0DF4CA-76AF-410F-81EB-5308C93011B0}
2011-12-19 03:05:56 -------- d-----w- C:\Users\Brian\AppData\Local\{5D8E5A8D-7FEB-4604-921C-A540BF7494DB}
2011-12-19 01:45:12 886784 ----a-w- C:\Program Files\Common Files\System\wab32.dll
2011-12-19 01:45:12 708608 ----a-w- C:\Program Files (x86)\Common Files\System\wab32.dll
2011-12-19 01:45:01 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-12-19 01:45:01 1188864 ----a-w- C:\Windows\System32\wininet.dll
2011-12-19 01:45:00 1013248 ----a-w- C:\Program Files\Internet Explorer\iedvtool.dll
2011-12-19 01:43:10 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-12-19 01:43:10 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-12-19 01:43:10 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-12-19 01:43:10 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-12-18 21:19:24 -------- d-----w- C:\Users\Brian\AppData\Local\{2B929096-C597-4558-BD70-BDE9B1481A50}
2011-12-18 19:02:04 -------- d-----w- C:\Users\Brian\AppData\Local\{171FDA0A-96D9-4889-8E04-12990CDA81F4}
2011-12-18 15:01:54 -------- d-----w- C:\Users\Brian\AppData\Local\{114C2693-6C2B-45AA-86DA-AB0E607DB0F2}
2011-12-18 01:47:10 -------- d-----w- C:\Users\Brian\AppData\Local\{61027C6A-5F76-46A1-8B21-1BE0862A2541}
2011-12-17 18:07:36 115712 ----a-w- C:\Windows\SysWow64\srrstr.dll
2011-12-17 14:55:48 -------- d-----w- C:\Users\Brian\AppData\Local\{B00317C2-9A96-4944-9C32-7D8C4C0FAEAD}
2011-12-17 14:43:23 -------- d-----w- C:\Users\Brian\AppData\Local\{D9D6C1A9-A143-4F66-9358-C394FFBBF8BB}
2011-12-17 14:18:55 2106216 ----a-w- C:\Program Files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-12-17 14:18:55 1998168 ----a-w- C:\Program Files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-12-17 14:18:55 121816 ----a-w- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-12-17 14:18:54 97240 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libEGL.dll
2011-12-17 14:18:54 814040 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
2011-12-17 14:18:54 486360 ----a-w- C:\Program Files (x86)\Mozilla Firefox\libGLESv2.dll
2011-12-17 14:18:54 2124760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-12-17 14:18:54 15832 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
2011-12-17 13:26:48 -------- d-----w- C:\Users\Brian\AppData\Local\{8F77286C-F4EF-44D0-8B0D-1EF32DDC4436}
2011-12-17 05:40:38 -------- d-----w- C:\Users\Brian\AppData\Local\{29F3492F-83DD-40E6-8E37-2A18A36DBD5A}
2011-12-16 00:33:38 -------- d-----w- C:\Users\Brian\AppData\Local\{EE621C8A-7869-4A69-8098-6B0BE8F035F0}
2011-12-14 23:46:35 -------- d-----w- C:\Users\Brian\AppData\Local\{B5511260-4D64-4EFE-BE23-E3CF344AFF2E}
2011-12-14 04:10:23 -------- d-----w- C:\Users\Brian\AppData\Local\{9B3289EB-B654-4EA0-8FC1-E98F4BFB8464}
2011-12-12 23:21:38 -------- d-----w- C:\Users\Brian\AppData\Local\{47365A9A-F5F6-4DBE-B8CA-D49B830CC84F}
2011-12-11 05:02:52 -------- d-----w- C:\Users\Brian\AppData\Local\{EB6E08F8-B728-4E55-AB26-7A706219D863}
2011-12-10 15:07:51 -------- d-----w- C:\Users\Brian\AppData\Local\{A9DE6F97-0504-43A4-AC3F-6C08DBF059CD}
2011-12-09 15:48:16 -------- d-----w- C:\Users\Brian\AppData\Local\{6871A0C2-7CF5-497C-82A5-60744AE1BCE1}
2011-12-09 00:59:38 -------- d-----w- C:\Users\Brian\AppData\Local\{88937DC2-3EAA-4104-8B69-CCF9C736BF18}
2011-12-07 23:31:32 -------- d-----w- C:\Users\Brian\AppData\Local\{B0F52AC8-FCA4-482C-BE91-E60ABD4F391B}
2011-12-07 04:26:35 -------- d-----w- C:\Users\Brian\AppData\Local\{3D691AAA-82EE-427D-BD84-5C1ACCCD2767}
2011-12-05 23:39:56 -------- d-----w- C:\Users\Brian\AppData\Local\{C39335D9-84EE-483D-97AF-A2DC26B6CFFF}
2011-12-03 14:58:43 -------- d-----w- C:\Users\Brian\AppData\Local\{2C164740-84CE-4CB6-8373-6BF9504B66D7}
2011-12-03 14:36:50 -------- d-----w- C:\Users\Brian\AppData\Local\{29086474-E78B-4486-9BDF-4DCBCB08914F}
2011-12-02 04:00:44 -------- d-----w- C:\Users\Brian\AppData\Local\{25376C85-FB6D-4584-88C4-1B6AA0D9BDFA}
2011-12-01 16:23:08 -------- d-----w- C:\Users\Brian\AppData\Local\{CFE4861A-27F9-49CE-A198-1438B34AE5E2}
2011-12-01 01:16:50 -------- d-----w- C:\Users\Brian\AppData\Local\{9B3E72D0-D94C-4EC3-8165-B6802ABCCE56}
2011-11-30 10:10:06 -------- d-----w- C:\Users\Brian\AppData\Local\{1B91010A-0C78-4051-91C8-5C80A08CF3AC}
2011-11-29 01:21:49 -------- d-----w- C:\Users\Brian\AppData\Local\{55EB4050-BB4D-48A6-BC7D-8C4895059E95}
.
==================== Find3M ====================
.
2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys
2011-11-05 05:32:50 2048 ----a-w- C:\Windows\System32\tzres.dll
2011-11-05 04:26:03 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2011-11-05 03:32:47 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-11-05 02:48:51 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-10-26 05:21:20 43520 ----a-w- C:\Windows\System32\csrsrv.dll
2011-10-15 06:31:56 723456 ----a-w- C:\Windows\System32\EncDec.dll
2011-10-15 05:38:59 534528 ----a-w- C:\Windows\SysWow64\EncDec.dll
2011-09-29 16:29:28 1923952 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
============= FINISH: 15:40:47.53 ===============

I forgot to mention that I am having problems with adobe. I have Adobe reader 9.4.5 and canot update or remove because it says there is already a instalation in progress.

hi photographer,

If you still need help:

1)  Please download TDSS Killer.exe (http://support.kaspersky.com/downloads/utils/tdsskiller.exe) and save it to your desktop
Double click to launch the utility. After it initializes click the start scan button.

Once the scan completes you can click the continue button.

"The utility will automatically select an action (Cure or Delete) for known malcious objects. A suspicious object will be skipped by default."

"After clicking Next, the utility applies selected actions and outputs the result."

"A reboot might require after disinfection."

A report will be found in your Root drive Local Disk (C) as TDSSKiller.2.4.2.1_09.08.2010_17.32.21_log.txt (name, version, date, time)

2) Please download the free version of Malwarebytes (http://www.malwarebytes.org/mbam.php) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.

Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select Perform FULL SCAN, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.

Be sure that everything is checked, and click *Remove Selected.*

*A restart of your computer may be required to remove some items. If prompted please restart your computer to complete the fix.*

When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
Post the log in your reply.

Yes I am still having issues, as a matter of fact it will not boot. I get the HP splash screen then the screen from bios showing hard drives then all I have is a blinking cursor. I was talking to a buddy of mine and he had me get the Hirens boot cd and try booting with that. I did boot into mini xp and then accidently booted to hard drive and it did. I did run malware bytes and it did find 11 trojans. In telling him the problems he thinks it is Win7 antispyware 2012 that I got. I will run TDSS killer and see what happens. Thank you for response.

It found a file Rootkit.boot.Pihar.b, location Physical drive:\Device\harddisk0\DR0. It is described as malware object, high risk. I try to "cure" it, but I get message "Can't cure MBR. Write standard boot code?". At this point I can chose yes or no and I chose no as I do not know what yes will do. Looking for more guidance.

Could be because you have a custom MBR. Is the machine a commercially purchased computer like HP, Acer Dell etc. Sure it dosnt say non-standard boot code.

Yes it is an HP. No it does say standard boot code.

hi,

Lets run combofix first. There is a guide to read first, read the guide then apply the directions on your own machine. Post the combofix log in your reply:

Guide to using Combofix (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

First let me say that I can no longer open programs such as internet explorer or anything that is on the taskbar. I get message "Illegal operation attempted on a registry key that has been marked for deletion." That being said here is the log.

ComboFix 12-01-07.03 - Brian 01/07/2012 21:17:03.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4791.3271 [GMT -6:00]
Running from: c:\users\Brian\Documents\Drivers\combofix\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Brian\AppData\Local\Microsoft\MicrosoftData
c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\eq4u3k7t.default\extensions\{039b084a-3f51-4f8e-aec1-205e5f1c5c1f}
c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\eq4u3k7t.default\extensions\{039b084a-3f51-4f8e-aec1-205e5f1c5c1f}\chrome\xulcache.jar
c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\eq4u3k7t.default\extensions\{039b084a-3f51-4f8e-aec1-205e5f1c5c1f}\defaults\preferences\xulcache.js
c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\eq4u3k7t.default\extensions\{039b084a-3f51-4f8e-aec1-205e5f1c5c1f}\install.rdf
c:\users\Brian\Documents\DPE.DUS
.
.
((((((((((((((((((((((((( Files Created from 2011-12-08 to 2012-01-08 )))))))))))))))))))))))))))))))
.
.
2012-01-08 03:41 . 2012-01-08 03:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-04 02:18 . 2012-01-04 02:18 -------- d-----w- c:\program files (x86)\ESET
2012-01-04 01:58 . 2012-01-04 01:58 -------- d-----w- C:\TDSSKiller_Quarantine
2012-01-03 01:24 . 2012-01-03 01:24 -------- d-----w- c:\users\Brian\AppData\Roaming\Malwarebytes
2012-01-03 01:24 . 2012-01-03 01:24 -------- d-----w- c:\programdata\Malwarebytes
2012-01-03 01:24 . 2012-01-03 01:24 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-01-03 01:24 . 2011-12-10 21:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-25 04:50 . 2011-12-25 04:50 -------- d-----w- C:\MATS
2011-12-25 04:24 . 2011-12-26 02:52 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-12-25 01:32 . 2011-03-11 06:33 2565632 ----a-w- c:\windows\system32\esent.dll
2011-12-25 01:32 . 2011-03-11 06:30 96768 ----a-w- c:\windows\system32\fsutil.exe
2011-12-25 01:32 . 2011-03-11 06:41 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2011-12-25 01:32 . 2011-03-11 06:41 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2011-12-25 01:32 . 2011-03-11 06:41 1659776 ----a-w- c:\windows\system32\drivers\ntfs.sys
2011-12-25 01:32 . 2011-03-11 06:41 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2011-12-25 01:32 . 2011-03-11 06:41 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2011-12-25 01:32 . 2011-03-11 06:41 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2011-12-25 01:32 . 2011-03-11 06:41 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2011-12-25 01:32 . 2011-03-11 05:33 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2011-12-25 01:32 . 2011-03-11 05:31 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2011-12-25 01:31 . 2011-08-13 05:27 6144 ----a-w- c:\program files\Internet Explorer\iecompat.dll
2011-12-25 01:31 . 2011-08-13 04:18 6144 ----a-w- c:\program files (x86)\Internet Explorer\iecompat.dll
2011-12-25 01:31 . 2011-03-25 03:29 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2011-12-25 01:31 . 2011-03-25 03:29 98816 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2011-12-25 01:31 . 2011-03-25 03:29 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2011-12-25 01:31 . 2011-03-25 03:29 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2011-12-25 01:31 . 2011-03-25 03:29 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2011-12-25 01:31 . 2011-03-25 03:29 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-12-25 01:31 . 2011-03-25 03:28 7936 ----a-w- c:\windows\system32\drivers\usbd.sys
2011-12-25 01:31 . 2011-02-18 10:51 31232 ----a-w- c:\windows\system32\prevhost.exe
2011-12-25 01:31 . 2011-02-18 05:39 31232 ----a-w- c:\windows\SysWow64\prevhost.exe
2011-12-24 21:34 . 2011-12-24 21:34 -------- d-----w- c:\program files (x86)\ERUNT
2011-12-24 19:47 . 2011-12-24 19:47 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-24 19:47 . 2011-12-24 19:47 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-24 19:47 . 2011-12-24 19:47 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-24 19:47 . 2011-12-24 19:47 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-22 05:19 . 2011-12-22 05:19 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%
2011-12-20 23:37 . 2011-12-20 23:39 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2011-12-20 23:37 . 2011-12-20 23:39 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2011-12-19 01:45 . 2011-10-01 05:45 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-12-19 01:45 . 2011-10-01 04:37 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-12-19 01:45 . 2011-11-05 05:41 1188864 ----a-w- c:\windows\system32\wininet.dll
2011-12-19 01:45 . 2011-11-05 04:35 981504 ----a-w- c:\windows\SysWow64\wininet.dll
2011-12-19 01:45 . 2011-11-05 05:37 1013248 ----a-w- c:\program files\Internet Explorer\iedvtool.dll
2011-12-19 01:43 . 2011-08-27 05:37 861696 ----a-w- c:\windows\system32\oleaut32.dll
2011-12-19 01:43 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-12-19 01:43 . 2011-08-27 04:26 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-12-19 01:43 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-12-17 14:18 . 2011-12-24 19:47 2106216 ----a-w- c:\program files (x86)\Mozilla Firefox\D3DCompiler_43.dll
2011-12-17 14:18 . 2011-12-24 19:47 1998168 ----a-w- c:\program files (x86)\Mozilla Firefox\d3dx9_43.dll
2011-12-17 14:18 . 2011-12-24 19:47 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-12-17 14:18 . 2011-12-24 19:47 97240 ----a-w- c:\program files (x86)\Mozilla Firefox\libEGL.dll
2011-12-17 14:18 . 2011-12-24 19:47 486360 ----a-w- c:\program files (x86)\Mozilla Firefox\libGLESv2.dll
2011-12-17 14:18 . 2011-12-24 19:47 2124760 ----a-w- c:\program files (x86)\Mozilla Firefox\mozjs.dll
2011-12-17 14:18 . 2011-12-24 19:47 15832 ----a-w- c:\program files (x86)\Mozilla Firefox\mozalloc.dll
2011-12-17 14:18 . 2011-12-24 19:47 814040 ----a-w- c:\program files (x86)\Mozilla Firefox\mozsqlite3.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-12-24 20:57 . 2010-10-10 03:16 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2009-09-29 1685048]
"TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"NortonOnlineBackupReminder"="c:\program files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" [2009-06-29 600936]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatchTray12.exe" [2009-07-24 240112]
"CPMonitor"="c:\program files (x86)\Roxio 2010\5.0\CPMonitor.exe" [2009-07-21 84464]
"Desktop Disc Tool"="c:\program files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe" [2009-06-23 494064]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\Update\realsched.exe" [2010-12-31 274608]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-07-19 421736]
.
c:\users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
yahoo! widgets.lnk - c:\users\Brian\AppData\Local\Temp\YahooWidgets.exe [N/A]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2010-6-21 113664]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\hp\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2009-6-3 430080]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 RoxMediaDB12;RoxMediaDB12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111221.003\BHDrvx64.sys [2011-11-14 1156216]
S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120106.002\IDSvia64.sys [2011-08-23 488568]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS [x]
S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS [x]
S2 CinemaNow Service;CinemaNow Service;c:\program files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe [2009-06-23 127352]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-10-14 92216]
S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe [2011-08-04 126400]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2011-04-22 92592]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-09 138360]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30 02:44]
.
2012-01-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-07-30 02:44]
.
2011-12-14 c:\windows\Tasks\HPCeeScheduleForBrian.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2009-10-07 11:22]
.
2011-11-30 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdrcui.exe [2009-09-18 07:11]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-08 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-08 390168]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-08 408600]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-09-14 610360]
"PC-Doctor for Windows localizer"="c:\program files\PC-Doctor for Windows\localizer.exe" [2009-09-17 95728]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://manuals.info.apple.com/en_US/iphone_user_guide.pdf
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
Trusted Zone: cinemanow.com
Trusted Zone: qflix.com
Trusted Zone: roxio.com
Trusted Zone: sonic.com\redirect
Trusted Zone: sonic.com\redirect2
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\eq4u3k7t.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/home.php
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{7b13ec3e-999a-4b70-b9cb-2617b8323822} - (no file)
Wow6432Node-HKLM-Run-Adobe Reader Speed Launcher - c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
WebBrowser-{7B13EC3E-999A-4B70-B9CB-2617B8323822} - (no file)
AddRemove-YInstHelper - c:\windows\system32\regsvr32
AddRemove-{08DB3902-2CE0-474D-BCE3-0177766CE9F1} - c:\program files (x86)\InstallShield Installation Information\{08DB3902-2CE0-474D-BCE3-0177766CE9F1}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]
"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\17.9.0.12\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11e_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
c:\windows\SysWOW64\msiexec.exe
.
**************************************************************************
.
Completion time: 2012-01-07 21:49:59 - machine was rebooted
ComboFix-quarantined-files.txt 2012-01-08 03:49
.
Pre-Run: 501,603,041,280 bytes free
Post-Run: 506,880,221,184 bytes free
.
- - End Of File - - D5A455F1A66838CB5789DC9709B05B83

Illegal operation attempted on a registry key that has been marked for deletion
Reboot your machine, then run tdsskiller once more and post the log.

First, I want to thank you shelf life for your time in helping try to resolve this issue.
Second upon reboot I can now open those programs, sorry it was late from a very long day I should have rebooted rightaway.
Here is the log.

08:53:48.0390 5444 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
08:53:48.0827 5444 ============================================================
08:53:48.0827 5444 Current date / time: 2012/01/08 08:53:48.0827
08:53:48.0827 5444 SystemInfo:
08:53:48.0827 5444
08:53:48.0827 5444 OS Version: 6.1.7601 ServicePack: 1.0
08:53:48.0827 5444 Product type: Workstation
08:53:48.0827 5444 ComputerName: BALD_EAGLE
08:53:48.0827 5444 UserName: Brian
08:53:48.0827 5444 Windows directory: C:\Windows
08:53:48.0827 5444 System windows directory: C:\Windows
08:53:48.0827 5444 Running under WOW64
08:53:48.0827 5444 Processor architecture: Intel x64
08:53:48.0827 5444 Number of processors: 4
08:53:48.0827 5444 Page size: 0x1000
08:53:48.0827 5444 Boot type: Normal boot
08:53:48.0827 5444 ============================================================
08:53:49.0170 5444 Initialize success
08:53:53.0163 4652 ============================================================
08:53:53.0163 4652 Scan started
08:53:53.0163 4652 Mode: Manual;
08:53:53.0163 4652 ============================================================
08:53:53.0678 4652 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:53:53.0678 4652 1394ohci - ok
08:53:53.0709 4652 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:53:53.0725 4652 ACPI - ok
08:53:53.0756 4652 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:53:53.0772 4652 AcpiPmi - ok
08:53:53.0850 4652 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:53:53.0881 4652 adp94xx - ok
08:53:53.0897 4652 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:53:53.0912 4652 adpahci - ok
08:53:53.0928 4652 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:53:53.0943 4652 adpu320 - ok
08:53:54.0006 4652 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
08:53:54.0021 4652 AFD - ok
08:53:54.0084 4652 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:53:54.0099 4652 agp440 - ok
08:53:54.0131 4652 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:53:54.0146 4652 aliide - ok
08:53:54.0177 4652 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:53:54.0177 4652 amdide - ok
08:53:54.0209 4652 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:53:54.0209 4652 AmdK8 - ok
08:53:54.0240 4652 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:53:54.0240 4652 AmdPPM - ok
08:53:54.0287 4652 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:53:54.0302 4652 amdsata - ok
08:53:54.0349 4652 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:53:54.0349 4652 amdsbs - ok
08:53:54.0380 4652 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:53:54.0396 4652 amdxata - ok
08:53:54.0443 4652 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:53:54.0458 4652 AppID - ok
08:53:54.0521 4652 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:53:54.0521 4652 arc - ok
08:53:54.0536 4652 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:53:54.0552 4652 arcsas - ok
08:53:54.0567 4652 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:53:54.0583 4652 AsyncMac - ok
08:53:54.0630 4652 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:53:54.0645 4652 atapi - ok
08:53:54.0692 4652 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:53:54.0723 4652 b06bdrv - ok
08:53:54.0770 4652 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:53:54.0786 4652 b57nd60a - ok
08:53:54.0817 4652 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:53:54.0817 4652 Beep - ok
08:53:54.0973 4652 BHDrvx64 (82c695630676079f7ad68c85a5e662e5) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20111221.003\BHDrvx64.sys
08:53:54.0989 4652 BHDrvx64 - ok
08:53:55.0035 4652 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:53:55.0035 4652 blbdrive - ok
08:53:55.0113 4652 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:53:55.0113 4652 bowser - ok
08:53:55.0145 4652 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:53:55.0160 4652 BrFiltLo - ok
08:53:55.0176 4652 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:53:55.0176 4652 BrFiltUp - ok
08:53:55.0238 4652 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
08:53:55.0238 4652 BridgeMP - ok
08:53:55.0269 4652 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:53:55.0285 4652 Brserid - ok
08:53:55.0332 4652 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:53:55.0332 4652 BrSerWdm - ok
08:53:55.0347 4652 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:53:55.0347 4652 BrUsbMdm - ok
08:53:55.0379 4652 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:53:55.0379 4652 BrUsbSer - ok
08:53:55.0394 4652 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:53:55.0394 4652 BTHMODEM - ok
08:53:55.0425 4652 catchme - ok
08:53:55.0535 4652 ccHP (37f1baec39b505b3b51893a35c8337ea) C:\Windows\system32\drivers\NISx64\1109000.00C\ccHPx64.sys
08:53:55.0535 4652 ccHP - ok
08:53:55.0566 4652 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:53:55.0566 4652 cdfs - ok
08:53:55.0613 4652 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
08:53:55.0613 4652 cdrom - ok
08:53:55.0675 4652 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:53:55.0675 4652 circlass - ok
08:53:55.0706 4652 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:53:55.0706 4652 CLFS - ok
08:53:55.0753 4652 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:53:55.0753 4652 CmBatt - ok
08:53:55.0769 4652 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:53:55.0769 4652 cmdide - ok
08:53:55.0815 4652 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
08:53:55.0831 4652 CNG - ok
08:53:55.0847 4652 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:53:55.0847 4652 Compbatt - ok
08:53:55.0893 4652 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:53:55.0909 4652 CompositeBus - ok
08:53:55.0925 4652 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:53:55.0925 4652 crcdisk - ok
08:53:55.0987 4652 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:53:56.0003 4652 DfsC - ok
08:53:56.0018 4652 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:53:56.0018 4652 discache - ok
08:53:56.0049 4652 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:53:56.0049 4652 Disk - ok
08:53:56.0112 4652 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
08:53:56.0127 4652 Dot4 - ok
08:53:56.0174 4652 Dot4Print (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
08:53:56.0190 4652 Dot4Print - ok
08:53:56.0221 4652 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
08:53:56.0237 4652 dot4usb - ok
08:53:56.0283 4652 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:53:56.0283 4652 drmkaud - ok
08:53:56.0346 4652 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:53:56.0346 4652 DXGKrnl - ok
08:53:56.0439 4652 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:53:56.0517 4652 ebdrv - ok
08:53:56.0611 4652 eeCtrl (5ccf1be80930aeb1cdebf561666325e8) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:53:56.0627 4652 eeCtrl - ok
08:53:56.0689 4652 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:53:56.0705 4652 elxstor - ok
08:53:56.0798 4652 EraserUtilRebootDrv (7a898e4a744621711be7e7b796c69876) C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:53:56.0798 4652 EraserUtilRebootDrv - ok
08:53:56.0829 4652 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:53:56.0829 4652 ErrDev - ok
08:53:56.0876 4652 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:53:56.0907 4652 exfat - ok
08:53:56.0923 4652 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:53:56.0939 4652 fastfat - ok
08:53:56.0970 4652 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:53:56.0985 4652 fdc - ok
08:53:57.0017 4652 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:53:57.0017 4652 FileInfo - ok
08:53:57.0032 4652 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:53:57.0032 4652 Filetrace - ok
08:53:57.0063 4652 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:53:57.0063 4652 flpydisk - ok
08:53:57.0110 4652 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:53:57.0110 4652 FltMgr - ok
08:53:57.0126 4652 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:53:57.0141 4652 FsDepends - ok
08:53:57.0219 4652 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
08:53:57.0235 4652 fssfltr - ok
08:53:57.0266 4652 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
08:53:57.0266 4652 Fs_Rec - ok
08:53:57.0313 4652 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:53:57.0313 4652 fvevol - ok
08:53:57.0344 4652 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:53:57.0344 4652 gagp30kx - ok
08:53:57.0407 4652 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:53:57.0407 4652 GEARAspiWDM - ok
08:53:57.0453 4652 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:53:57.0453 4652 hcw85cir - ok
08:53:57.0500 4652 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:53:57.0500 4652 HDAudBus - ok
08:53:57.0516 4652 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
08:53:57.0516 4652 HECIx64 - ok
08:53:57.0531 4652 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:53:57.0531 4652 HidBatt - ok
08:53:57.0563 4652 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:53:57.0563 4652 HidBth - ok
08:53:57.0578 4652 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:53:57.0594 4652 HidIr - ok
08:53:57.0625 4652 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
08:53:57.0625 4652 HidUsb - ok
08:53:57.0688 4652 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:53:57.0703 4652 HpSAMD - ok
08:53:57.0750 4652 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:53:57.0766 4652 HTTP - ok
08:53:57.0812 4652 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:53:57.0812 4652 hwpolicy - ok
08:53:57.0844 4652 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:53:57.0844 4652 i8042prt - ok
08:53:57.0875 4652 iaStor (631fa8935163b01fc0c02966cb3adb92) C:\Windows\system32\DRIVERS\iaStor.sys
08:53:57.0890 4652 iaStor - ok
08:53:57.0922 4652 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:53:57.0968 4652 iaStorV - ok
08:53:58.0140 4652 IDSVia64 (0b97f1a640ad3d159a7b5d2164c42e50) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20120106.002\IDSvia64.sys
08:53:58.0140 4652 IDSVia64 - ok
08:53:58.0312 4652 igfx (404548917acaaa314165c2882b045c94) C:\Windows\system32\DRIVERS\igdkmd64.sys
08:53:58.0452 4652 igfx - ok
08:53:58.0499 4652 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:53:58.0514 4652 iirsp - ok
08:53:58.0546 4652 Impcd (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\DRIVERS\Impcd.sys
08:53:58.0577 4652 Impcd - ok
08:53:58.0670 4652 IntcAzAudAddService (3c4b4ee54febb09f7e9f58776de96dca) C:\Windows\system32\drivers\RTKVHD64.sys
08:53:58.0686 4652 IntcAzAudAddService - ok
08:53:58.0717 4652 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:53:58.0733 4652 intelide - ok
08:53:58.0764 4652 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:53:58.0764 4652 intelppm - ok
08:53:58.0795 4652 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:53:58.0811 4652 IpFilterDriver - ok
08:53:58.0858 4652 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:53:58.0873 4652 IPMIDRV - ok
08:53:58.0889 4652 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:53:58.0904 4652 IPNAT - ok
08:53:58.0951 4652 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:53:58.0951 4652 IRENUM - ok
08:53:58.0982 4652 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:53:58.0982 4652 isapnp - ok
08:53:59.0029 4652 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:53:59.0029 4652 iScsiPrt - ok
08:53:59.0060 4652 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:53:59.0060 4652 kbdclass - ok
08:53:59.0107 4652 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:53:59.0107 4652 kbdhid - ok
08:53:59.0123 4652 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
08:53:59.0123 4652 KSecDD - ok
08:53:59.0154 4652 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
08:53:59.0154 4652 KSecPkg - ok
08:53:59.0201 4652 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:53:59.0201 4652 ksthunk - ok
08:53:59.0248 4652 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:53:59.0248 4652 lltdio - ok
08:53:59.0279 4652 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:53:59.0279 4652 LSI_FC - ok
08:53:59.0310 4652 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:53:59.0326 4652 LSI_SAS - ok
08:53:59.0326 4652 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:53:59.0326 4652 LSI_SAS2 - ok
08:53:59.0357 4652 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:53:59.0357 4652 LSI_SCSI - ok
08:53:59.0388 4652 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:53:59.0388 4652 luafv - ok
08:53:59.0419 4652 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:53:59.0419 4652 megasas - ok
08:53:59.0450 4652 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:53:59.0450 4652 MegaSR - ok
08:53:59.0482 4652 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:53:59.0482 4652 Modem - ok
08:53:59.0528 4652 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:53:59.0528 4652 monitor - ok
08:53:59.0560 4652 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
08:53:59.0560 4652 mouclass - ok
08:53:59.0591 4652 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:53:59.0591 4652 mouhid - ok
08:53:59.0622 4652 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:53:59.0622 4652 mountmgr - ok
08:53:59.0669 4652 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:53:59.0669 4652 mpio - ok
08:53:59.0700 4652 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:53:59.0700 4652 mpsdrv - ok
08:53:59.0747 4652 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:53:59.0762 4652 MRxDAV - ok
08:53:59.0794 4652 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:53:59.0809 4652 mrxsmb - ok
08:53:59.0840 4652 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:53:59.0856 4652 mrxsmb10 - ok
08:53:59.0887 4652 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:53:59.0887 4652 mrxsmb20 - ok
08:53:59.0918 4652 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:53:59.0918 4652 msahci - ok
08:53:59.0965 4652 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:53:59.0965 4652 msdsm - ok
08:54:00.0012 4652 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:54:00.0012 4652 Msfs - ok
08:54:00.0043 4652 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:54:00.0059 4652 mshidkmdf - ok
08:54:00.0090 4652 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:54:00.0090 4652 msisadrv - ok
08:54:00.0106 4652 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:54:00.0121 4652 MSKSSRV - ok
08:54:00.0137 4652 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:54:00.0137 4652 MSPCLOCK - ok
08:54:00.0152 4652 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:54:00.0168 4652 MSPQM - ok
08:54:00.0199 4652 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:54:00.0199 4652 MsRPC - ok
08:54:00.0230 4652 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:54:00.0230 4652 mssmbios - ok
08:54:00.0246 4652 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:54:00.0246 4652 MSTEE - ok
08:54:00.0262 4652 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:54:00.0277 4652 MTConfig - ok
08:54:00.0293 4652 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:54:00.0293 4652 Mup - ok
08:54:00.0324 4652 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:54:00.0340 4652 NativeWifiP - ok
08:54:00.0464 4652 NAVENG (2dbe90210de76be6e1653bb20ec70ec2) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120107.009\ENG64.SYS
08:54:00.0496 4652 NAVENG - ok
08:54:00.0558 4652 NAVEX15 (346da70e203b8e2c850277713de8f71b) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20120107.009\EX64.SYS
08:54:00.0589 4652 NAVEX15 - ok
08:54:00.0652 4652 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:54:00.0667 4652 NDIS - ok
08:54:00.0698 4652 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:54:00.0698 4652 NdisCap - ok
08:54:00.0730 4652 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:54:00.0730 4652 NdisTapi - ok
08:54:00.0792 4652 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:54:00.0792 4652 Ndisuio - ok
08:54:00.0839 4652 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:54:00.0839 4652 NdisWan - ok
08:54:00.0886 4652 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:54:00.0886 4652 NDProxy - ok
08:54:00.0932 4652 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:54:00.0932 4652 NetBIOS - ok
08:54:00.0979 4652 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:54:00.0995 4652 NetBT - ok
08:54:01.0026 4652 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:54:01.0026 4652 nfrd960 - ok
08:54:01.0073 4652 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:54:01.0073 4652 Npfs - ok
08:54:01.0088 4652 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:54:01.0088 4652 nsiproxy - ok
08:54:01.0151 4652 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:54:01.0166 4652 Ntfs - ok
08:54:01.0182 4652 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:54:01.0182 4652 Null - ok
08:54:01.0229 4652 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:54:01.0260 4652 nvraid - ok
08:54:01.0307 4652 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:54:01.0322 4652 nvstor - ok
08:54:01.0369 4652 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:54:01.0369 4652 nv_agp - ok
08:54:01.0432 4652 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:54:01.0432 4652 ohci1394 - ok
08:54:01.0494 4652 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:54:01.0510 4652 Parport - ok
08:54:01.0541 4652 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
08:54:01.0541 4652 partmgr - ok
08:54:01.0556 4652 PcdrNdisuio - ok
08:54:01.0588 4652 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:54:01.0588 4652 pci - ok
08:54:01.0603 4652 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:54:01.0603 4652 pciide - ok
08:54:01.0650 4652 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:54:01.0650 4652 pcmcia - ok
08:54:01.0666 4652 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:54:01.0681 4652 pcw - ok
08:54:01.0697 4652 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:54:01.0712 4652 PEAUTH - ok
08:54:01.0806 4652 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:54:01.0806 4652 PptpMiniport - ok
08:54:01.0822 4652 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:54:01.0837 4652 Processor - ok
08:54:01.0884 4652 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:54:01.0884 4652 Psched - ok
08:54:01.0946 4652 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys
08:54:01.0962 4652 PxHlpa64 - ok
08:54:02.0009 4652 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:54:02.0071 4652 ql2300 - ok
08:54:02.0102 4652 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:54:02.0102 4652 ql40xx - ok
08:54:02.0134 4652 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:54:02.0134 4652 QWAVEdrv - ok
08:54:02.0149 4652 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:54:02.0149 4652 RasAcd - ok
08:54:02.0196 4652 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:54:02.0196 4652 RasAgileVpn - ok
08:54:02.0243 4652 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:54:02.0243 4652 Rasl2tp - ok
08:54:02.0258 4652 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:54:02.0258 4652 RasPppoe - ok
08:54:02.0274 4652 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:54:02.0274 4652 RasSstp - ok
08:54:02.0321 4652 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:54:02.0321 4652 rdbss - ok
08:54:02.0352 4652 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:54:02.0368 4652 rdpbus - ok
08:54:02.0383 4652 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:54:02.0383 4652 RDPCDD - ok
08:54:02.0414 4652 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:54:02.0414 4652 RDPENCDD - ok
08:54:02.0430 4652 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:54:02.0430 4652 RDPREFMP - ok
08:54:02.0461 4652 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
08:54:02.0508 4652 RDPWD - ok
08:54:02.0539 4652 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:54:02.0539 4652 rdyboost - ok
08:54:02.0602 4652 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:54:02.0602 4652 rspndr - ok
08:54:02.0648 4652 RTL8167 (3b01789ee4eaee97f5eb46b711387d5e) C:\Windows\system32\DRIVERS\Rt64win7.sys
08:54:02.0664 4652 RTL8167 - ok
08:54:02.0711 4652 RTL8192su (356961bc29734eb2e9882b544dcd07bc) C:\Windows\system32\DRIVERS\RTL8192su.sys
08:54:02.0773 4652 RTL8192su - ok
08:54:02.0804 4652 SANDRA - ok
08:54:02.0851 4652 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:54:02.0851 4652 sbp2port - ok
08:54:02.0929 4652 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:54:02.0960 4652 scfilter - ok
08:54:03.0007 4652 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:54:03.0007 4652 secdrv - ok
08:54:03.0023 4652 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:54:03.0038 4652 Serenum - ok
08:54:03.0070 4652 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:54:03.0070 4652 Serial - ok
08:54:03.0101 4652 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:54:03.0116 4652 sermouse - ok
08:54:03.0163 4652 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:54:03.0163 4652 sffdisk - ok
08:54:03.0179 4652 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:54:03.0179 4652 sffp_mmc - ok
08:54:03.0194 4652 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:54:03.0194 4652 sffp_sd - ok
08:54:03.0210 4652 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:54:03.0210 4652 sfloppy - ok
08:54:03.0241 4652 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:54:03.0241 4652 SiSRaid2 - ok
08:54:03.0272 4652 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:54:03.0272 4652 SiSRaid4 - ok
08:54:03.0304 4652 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:54:03.0304 4652 Smb - ok
08:54:03.0350 4652 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:54:03.0350 4652 spldr - ok
08:54:03.0444 4652 SRTSP (96babc4906ecdb1c69d1176f8647ad8e) C:\Windows\System32\Drivers\NISx64\1109000.00C\SRTSP64.SYS
08:54:03.0460 4652 SRTSP - ok
08:54:03.0491 4652 SRTSPX (c7f491a290e0e4222f5cdcd50eeb8167) C:\Windows\system32\drivers\NISx64\1109000.00C\SRTSPX64.SYS
08:54:03.0506 4652 SRTSPX - ok
08:54:03.0553 4652 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:54:03.0569 4652 srv - ok
08:54:03.0616 4652 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:54:03.0616 4652 srv2 - ok
08:54:03.0662 4652 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:54:03.0662 4652 srvnet - ok
08:54:03.0694 4652 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:54:03.0709 4652 stexstor - ok
08:54:03.0740 4652 StillCam (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
08:54:03.0740 4652 StillCam - ok
08:54:03.0787 4652 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:54:03.0787 4652 swenum - ok
08:54:03.0818 4652 SymDS (659b227a72b76115975a6a9491b2fe1f) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMDS64.SYS
08:54:03.0834 4652 SymDS - ok
08:54:03.0881 4652 SymEFA (9f5783a4a03d0091cdbdaa858b566926) C:\Windows\system32\drivers\NISx64\1109000.00C\SYMEFA64.SYS
08:54:03.0881 4652 SymEFA - ok
08:54:03.0928 4652 SymEvent (3f9d5fe52585e2653e59fdbfdf09a94c) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
08:54:03.0959 4652 SymEvent - ok
08:54:04.0006 4652 SymIRON (f57588546e738db1583981d8f44e9bc2) C:\Windows\system32\drivers\NISx64\1109000.00C\Ironx64.SYS
08:54:04.0021 4652 SymIRON - ok
08:54:04.0052 4652 SYMTDIv (3adfb72f0797ae3832509fe030755e21) C:\Windows\System32\Drivers\NISx64\1109000.00C\SYMTDIV.SYS
08:54:04.0052 4652 SYMTDIv - ok
08:54:04.0146 4652 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
08:54:04.0177 4652 Tcpip - ok
08:54:04.0240 4652 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
08:54:04.0255 4652 TCPIP6 - ok
08:54:04.0302 4652 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:54:04.0302 4652 tcpipreg - ok
08:54:04.0333 4652 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:54:04.0349 4652 TDPIPE - ok
08:54:04.0364 4652 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
08:54:04.0380 4652 TDTCP - ok
08:54:04.0411 4652 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:54:04.0411 4652 tdx - ok
08:54:04.0458 4652 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:54:04.0458 4652 TermDD - ok
08:54:04.0520 4652 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:54:04.0536 4652 tssecsrv - ok
08:54:04.0598 4652 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:54:04.0598 4652 TsUsbFlt - ok
08:54:04.0661 4652 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:54:04.0661 4652 tunnel - ok
08:54:04.0676 4652 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:54:04.0692 4652 uagp35 - ok
08:54:04.0723 4652 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:54:04.0739 4652 udfs - ok
08:54:04.0770 4652 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:54:04.0770 4652 uliagpkx - ok
08:54:04.0832 4652 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
08:54:04.0832 4652 umbus - ok
08:54:04.0848 4652 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:54:04.0848 4652 UmPass - ok
08:54:04.0895 4652 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
08:54:04.0910 4652 USBAAPL64 - ok
08:54:04.0957 4652 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:54:04.0957 4652 usbccgp - ok
08:54:04.0973 4652 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:54:04.0973 4652 usbcir - ok
08:54:05.0020 4652 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
08:54:05.0020 4652 usbehci - ok
08:54:05.0051 4652 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:54:05.0051 4652 usbhub - ok
08:54:05.0082 4652 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
08:54:05.0098 4652 usbohci - ok
08:54:05.0129 4652 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:54:05.0144 4652 usbprint - ok
08:54:05.0176 4652 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:54:05.0176 4652 usbscan - ok
08:54:05.0222 4652 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
08:54:05.0222 4652 USBSTOR - ok
08:54:05.0238 4652 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:54:05.0238 4652 usbuhci - ok
08:54:05.0285 4652 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:54:05.0285 4652 vdrvroot - ok
08:54:05.0316 4652 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:54:05.0332 4652 vga - ok
08:54:05.0347 4652 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:54:05.0347 4652 VgaSave - ok
08:54:05.0378 4652 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:54:05.0394 4652 vhdmp - ok
08:54:05.0410 4652 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:54:05.0410 4652 viaide - ok
08:54:05.0456 4652 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:54:05.0456 4652 volmgr - ok
08:54:05.0503 4652 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:54:05.0503 4652 volmgrx - ok
08:54:05.0519 4652 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:54:05.0534 4652 volsnap - ok
08:54:05.0566 4652 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:54:05.0566 4652 vsmraid - ok
08:54:05.0581 4652 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
08:54:05.0581 4652 vwifibus - ok
08:54:05.0628 4652 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:54:05.0628 4652 WacomPen - ok
08:54:05.0659 4652 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:05.0659 4652 WANARP - ok
08:54:05.0675 4652 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:54:05.0675 4652 Wanarpv6 - ok
08:54:05.0722 4652 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:54:05.0722 4652 Wd - ok
08:54:05.0737 4652 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:54:05.0768 4652 Wdf01000 - ok
08:54:05.0800 4652 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:54:05.0815 4652 WfpLwf - ok
08:54:05.0831 4652 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:54:05.0846 4652 WIMMount - ok
08:54:05.0909 4652 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
08:54:05.0909 4652 WinUsb - ok
08:54:05.0924 4652 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:54:05.0924 4652 WmiAcpi - ok
08:54:05.0956 4652 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:54:05.0956 4652 ws2ifsl - ok
08:54:06.0002 4652 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:54:06.0002 4652 WudfPf - ok
08:54:06.0034 4652 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:54:06.0034 4652 WUDFRd - ok
08:54:06.0065 4652 MBR (0x1B8) (6c6fdff834aa5d876c307bee53974486) \Device\Harddisk0\DR0
08:54:06.0096 4652 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
08:54:06.0096 4652 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
08:54:06.0096 4652 MBR (0x1B8) (35c6b2fcde68facbefe0a4a7200bae58) \Device\Harddisk1\DR1
08:54:06.0533 4652 \Device\Harddisk1\DR1 - ok
08:54:06.0564 4652 Boot (0x1200) (78f6f5ad76995c048ac6a36dcce9d6ce) \Device\Harddisk0\DR0\Partition0
08:54:06.0564 4652 \Device\Harddisk0\DR0\Partition0 - ok
08:54:06.0564 4652 Boot (0x1200) (e8bfda4e52fdaf69cdae728cc02fa64c) \Device\Harddisk0\DR0\Partition1
08:54:06.0564 4652 \Device\Harddisk0\DR0\Partition1 - ok
08:54:06.0595 4652 Boot (0x1200) (767df1c74c401d2c852b4a6ede5e5ad0) \Device\Harddisk0\DR0\Partition2
08:54:06.0595 4652 \Device\Harddisk0\DR0\Partition2 - ok
08:54:06.0595 4652 Boot (0x1200) (a649ecd71f4d54c1e301e8dc050cfe66) \Device\Harddisk1\DR1\Partition0
08:54:06.0595 4652 \Device\Harddisk1\DR1\Partition0 - ok
08:54:06.0595 4652 ============================================================
08:54:06.0595 4652 Scan finished
08:54:06.0595 4652 ============================================================
08:54:06.0611 5492 Detected object count: 1
08:54:06.0611 5492 Actual detected object count: 1
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0846 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - will be cured on reboot
08:54:15.0862 5492 \Device\Harddisk0\DR0 - processing error
08:54:19.0730 5492 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Cure
08:54:21.0680 5548 Deinitialize success

hi,

No problem. go ahead and re-run tdsskiller and this time select yes if you get the prompt; "write standard boot code?"

Re-ran and it found nothing. Shut down and restarted without hirens boot cd and it booted. Also was able to install Adobe reader which I have not been able to do for months. THANK YOU.

Sorry I reran it and it did find it, I clicked cure and rebooted. Rescanned and it found nothing, got a little ahead of myself.

ok so tdsskiller is coming up ok now? No rootkit showing up?
Only a few things left to do then.

rootkill does not show up, tdss killer and malwarebytes come up with nothing.

If all is good, you can delete the tdsskiller icon from your desktop and the logs and remove combofix like this:

Start>run and type in combofix /uninstall
click ok or enter
note the space after the x and before the /

for your reference;

10 Tips for Prevention and Avoidance of Malware:
There is no reason why your computer can not stay malware free.

No software can think for you. Help yourself. In no special order:

1) It is essential to keep your operating system (Windows) browser (IE, FireFox, Chrome, Opera) and other software up to date to "patch" vulnerabilities that could be exploited. Visit Windows Update (http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us) frequently or use the Windows auto-update feature. (http://www.microsoft.com/windows/downloads/windowsupdate/automaticupdate.mspx) Staying updated is also essential for other web based applications like Java, Adobe Flash/Reader, iTunes, media players, browser plugins and add-ons. More and more third party applications are being targeted. Not sure if you are using the latest version of software? Check their version status and get the updates here. (http://secunia.com/vulnerability_scanning/online/)

2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. More and more legitimate software is installing useless toolbars if not unchecked first. Do not install any files from ads, popups or random links. Do not fall for fake warnings about virus and trojans being found on your computer and you are then prompted to install software to remedy this. See also the signs (http://www.malwarevault.com/signs.html)that you may have malware on your computer.

3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. If either of these frequently find malware then its time to *review your computer habits*.

4) Refrain from clicking on links or attachments via E-Mail, IM, IRC, Chat Rooms, Blogs or Social Networking Sites, no matter how tempting or legitimate the message may seem. See also E-mail phishing Tricks (http://www.fraud.org/tips/internet/phishing.htm).

5) Do not click on ads/pop ups or offers from websites requesting that you need to install software to your computer--*for any reason*. Use the Alt+F4 keys to close the window.

6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website to install components?

7) Consider the use of limited (non-privileged) accounts for everyday use, rather than administrator accounts. Limited accounts (http://www.microsoft.com/protect/computer/advanced/useraccount.mspx) can help prevent *malware from installing and lessen its potential impact.* This is exactly what user account control (UAC) in Windows Vista and Windows 7 attempts to address.

8) Install and understand the *limitations* of a software firewall.

9) The why and how to secure (http://www.cert.org/tech_tips/securing_browser/) your browser for safer surfing.

10) Warez, cracks, keygens etc are very popular for carrying malware payloads. If you look for these you will encounter malware. If you download/install files via p2p networks you will encounter malware. A file can be named anything, be nothing but malware or have malware bundled in it.
Do you really trust the source?

More info/tips with pictures in links below.