Spybot System Scan won't run [Archive] - Safer-Networking Forums

susieqaz1

2013-02-02, 11:06

Hi,

Thanks in advance for the assistance.

Earlier today, I removed some software that popped up -- 24X7 Help -- an icon (a woman with a headphone) started cropping up on every window. I uninstalled it in Programs, and it's gone, but I decided that I needed to run Spybot. I had to reinstall Windows several months ago, and just realized I hadn't re-downloaded Spybot after that. So I downloaded it. But it won't run. I can update and immunize, but when I click the "System Scan" button, I get a "wait" icon for a second or two, then nothing happens. The cursor goes back to the arrow. I can't actually open Spybot from the Start menu. I have to right click on the icon in the system tray, right click, then choose "Start Center."

I have tried uninstalling and reinstalling Spybot, with the same results. I tried running in Safe Mode, but it didn't work there, either.

Here is my info:

I have a PC running Windows 7
I downloaded ERUNT and created a registry backup.
My DDS.txt info is below.
I have the attach.txt file on my desktop, but I cannot zip it. When I right cliek, choose "send," and choose the compressed option, I get an error message that says "Unable to complete the operation. Access is denied." (I have full administrator privileges.)
My aswMBR Log is below
I do not have a Spybot log, because I can't run a system scan. (I was not able to disable TeaTimer because I don't seem to have TeaTimer -- there is no "resident" icon. I have the free version of Spybot (ver. 2.0.12.0), but I know I've had TeaTimer with the free version before.)

DDS.txt:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.10.2
Run by Susie at 1:04:24 on 2013-02-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1116 [GMT -8:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Iconix eMailID\OutlookClient\IconixOutlookUpdaterService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k HPZ12
C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
C:\windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\windows\system32\svchost.exe -k iissvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\system32\svchost.exe -k HPService
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe
C:\windows\system32\CorelCreatorMessages.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\Susie\AppData\Local\Akamai\netsession_win.exe
C:\Users\Susie\AppData\Local\Akamai\netsession_win.exe
C:\Users\Susie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
C:\Program Files (x86)\Plustek\OpticSlim M12\DigiScan.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MozyHome\mozystat.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
C:\Users\Susie\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files (x86)\CodePlex\XPS2OneNote\XPS2OneNote.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\SSDriver\fi5110\SsWiaChecker.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\windows\splwow64.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\MozyHome\mozybackup.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\wuauclt.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Susie\AppData\Local\Google\Chrome\Application\chrome.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\ERUNT\ERUNT.EXE
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
mStart Page = hxxp://search.coupons.com/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: TBSB07898 Class: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Coupons.com CouponBar: {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [Google Update] "C:\Users\Susie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [cdloader] "C:\Users\Susie\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Akamai NetSession Interface] "C:\Users\Susie\AppData\Local\Akamai\netsession_win.exe"
uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
uRun: [SkyDrive] "C:\Users\Susie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE"
mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe" UNATTENDED
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ScanSnap WIA Service Checker] C:\windows\SSDriver\fi5110\SsWiaChecker.exe
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Susie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Susie\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Susie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\Users\Susie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE
StartupFolder: C:\Users\Susie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\XPS2ON~1.LNK - C:\Users\Susie\AppData\Roaming\Microsoft\Installer\{6DD7A9DA-6732-47D2-8362-6A12BD0EA053}\_FBB2488C0F33C1DFE6AC1F.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CARDMI~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\CardMinder\CardLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONVER~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Organizer\PfuSsOrgOcrChk.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DigiScan.lnk - C:\Program Files (x86)\Plustek\OpticSlim M12\DigiScan.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MOZYHO~1.LNK - C:\Program Files\MozyHome\mozystat.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SCANSN~1.LNK - C:\Program Files (x86)\PFU\ScanSnap\Driver\PfuSsMon.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{91D554F0-DE4A-4CCB-B745-A67B503A23E8} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\341666665602C4164627F6 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\341666665602C4164627F6 : DHCPNameServer = 205.171.3.65 205.171.2.65
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\54370727563737F6026596671636560214C6C656972343 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\54370727563737F6026596671636560214C6C656972343 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\54370727563737F6026596671636560275962756C6563737 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\54370727563737F6026596671636560275962756C6563737 : DHCPNameServer = 192.168.1.2
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\6457C6C6F466D45627 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{B9522D42-7D5E-468B-A16D-59AB67624BE4}\6457C6C6F466D45627 : DHCPNameServer = 192.168.1.1 207.115.64.172 207.115.64.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
AppInit_DLLs= c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: <No Name>: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - LocalServer32 - <no file>
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: <No Name>: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - LocalServer32 - <no file>
x64-BHO: <No Name>: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - LocalServer32 - <no file>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SmoothView] C:\Program Files (x86)\Toshiba\SmoothView\SmoothView.exe
x64-Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
x64-Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\mssecex.exe" -hide -runkey
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [CorelCreatorClient] C:\Program Files (x86)\Corel\Corel PDF Fusion\CorelCreatorClient.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [00TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2012-8-30 228768]
R2 IconixOutlookUpdaterService;Iconix Outlook Addin Updater Service;C:\Program Files (x86)\Iconix eMailID\OutlookClient\IconixOutlookUpdaterService.exe [2009-8-18 214360]
R2 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2011-4-27 128456]
R2 NitroDriverReadSpool8;NitroPDFDriverCreatorReadSpool8;C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [2012-10-9 230408]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2012-5-16 69640]
R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2012-2-16 103792]
R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2012-2-16 126392]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-2-2 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-2-2 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-2-2 168384]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-2-25 252928]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-2-16 2320920]
R3 CorelCreatorMessages;CorelCreatorMessages;C:\windows\System32\CorelCreatorMessages.exe [2012-4-25 105984]
R3 HECIx64;Intel(R) Management Engine Interface;C:\windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\windows\System32\drivers\Impcd.sys [2010-2-10 158720]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2010-2-22 75304]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-9-12 368896]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2012-2-16 35008]
R3 QIOMem;Generic IO & Memory Access;C:\windows\System32\drivers\QIOMem.sys [2009-6-15 12800]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\windows\System32\drivers\rtl8192se.sys [2012-2-16 946688]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2012-2-16 51512]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2012-2-16 239136]
S3 SrvHsfHDA;SrvHsfHDA;C:\windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2012-2-20 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2012-2-21 1255736]
.
=============== Created Last 30 ================
.
2013-02-02 08:11:07 388096 ----a-r- C:\Users\Susie\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-02-02 08:11:07 -------- d-----w- C:\Program Files (x86)\Trend Micro
2013-02-02 08:00:19 17272 ----a-w- C:\windows\System32\sdnclean64.exe
2013-02-02 07:34:43 9161176 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{557F7137-0FEE-4CC6-9AB4-46A49DFFEAE6}\mpengine.dll
2013-02-02 04:05:23 -------- d-----w- C:\Users\Susie\AppData\Local\{B966AB45-1F39-4D68-B758-2DFC51FFBCE1}
2013-02-01 05:55:06 9161176 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-02-01 00:17:39 -------- d-----w- C:\ProgramData\Logs
2013-01-31 21:50:25 -------- d-----w- C:\windows\SysWow64\searchplugins
2013-01-31 21:50:25 -------- d-----w- C:\windows\SysWow64\Extensions
2013-01-31 21:49:52 -------- d-----w- C:\Users\Susie\AppData\Roaming\Babylon
2013-01-31 21:49:52 -------- d-----w- C:\ProgramData\Babylon
2013-01-31 21:21:30 -------- d-----w- C:\Users\Susie\AppData\Roaming\pomodairo.1041936B6D0707C313E2E169D771193A7DFBADCC.1
2013-01-31 20:50:45 -------- d-----w- C:\Program Files\iPod
2013-01-31 20:50:43 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-31 20:50:43 -------- d-----w- C:\Program Files (x86)\iTunes
2013-01-31 20:50:42 -------- d-----w- C:\Program Files\iTunes
2013-01-26 15:46:13 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-01-26 15:45:35 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-01-21 07:21:20 -------- d-----w- C:\Users\Susie\AppData\Local\{00399F7D-1653-4445-891C-5CAD917FF0C4}
2013-01-20 19:20:50 -------- d-----w- C:\Users\Susie\AppData\Local\{2088329C-9165-44EC-8483-463B3B661E10}
2013-01-20 05:33:06 -------- d-----w- C:\Users\Susie\AppData\Local\{BACE0342-4845-4B62-963E-48E8B00338D1}
2013-01-19 17:32:15 -------- d-----w- C:\Users\Susie\AppData\Local\{C7CBF70B-388F-43A1-A559-013DF3A3C61B}
2013-01-19 04:52:25 -------- d-----w- C:\Users\Susie\AppData\Local\{CCDB18A9-E189-43F5-8A69-985BFE8544EF}
2013-01-18 20:49:13 -------- d--h--w- C:\SkyDriveTemp
2013-01-18 04:50:51 -------- d-----w- C:\Users\Susie\AppData\Local\{8A38B8F1-7E64-4A91-B73E-7D560F0D54DF}
2013-01-17 17:32:57 -------- d-----w- C:\Users\Susie\AppData\Roaming\SUPERAntiSpyware.com
2013-01-17 16:50:25 -------- d-----w- C:\Users\Susie\AppData\Local\{6CDDB359-29B9-43CA-B664-BCC7BD64ABEC}
2013-01-17 05:49:31 -------- d-----w- C:\windows\SSDriver
2013-01-13 13:12:26 -------- d-----w- C:\Firefox
2013-01-13 13:02:06 -------- d-----w- C:\ProgramData\Ask
2013-01-12 22:33:38 859072 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2013-01-12 22:32:57 95184 ----a-w- C:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-11 05:56:31 -------- d-----w- C:\Users\Susie\AppData\Local\{C59EF135-71AA-4E53-BC7E-6EDA0C6795C5}
2013-01-10 17:56:03 -------- d-----w- C:\Users\Susie\AppData\Local\{507E00BA-01CF-40D2-A147-8E75A4A3CE94}
2013-01-10 07:01:46 -------- d-----w- C:\ProgramData\Graboid Inc
2013-01-10 07:01:45 -------- d-----w- C:\Users\Susie\AppData\Local\Geckofx
2013-01-10 07:00:33 -------- d-----w- C:\Program Files (x86)\VideoLAN
2013-01-10 07:00:25 -------- d-----w- C:\Program Files (x86)\Graboid
2013-01-09 22:07:58 424448 ----a-w- C:\windows\System32\KernelBase.dll
2013-01-09 22:03:59 68608 ----a-w- C:\windows\System32\taskhost.exe
2013-01-09 22:03:58 3149824 ----a-w- C:\windows\System32\win32k.sys
2013-01-09 18:26:23 -------- d-----w- C:\Users\Susie\LapNet
2013-01-09 17:46:38 -------- d-----w- C:\Users\Susie\AppData\Local\{33F03F32-79BB-427E-9E41-7157F3A35935}
2013-01-09 05:46:12 -------- d-----w- C:\Users\Susie\AppData\Local\{A0E3BA42-2ECA-4A6C-8800-0346256C4590}
2013-01-08 04:55:34 -------- d-----w- C:\Users\Susie\AppData\Local\{0066618F-3758-4982-B3F1-06057B80B17E}
2013-01-07 16:55:09 -------- d-----w- C:\Users\Susie\AppData\Local\{404872D1-7CEA-451A-B47F-3A4A1F2678FF}
2013-01-06 20:37:59 367616 ----a-w- C:\windows\System32\atmfd.dll
2013-01-06 20:37:59 295424 ----a-w- C:\windows\SysWow64\atmfd.dll
2013-01-06 07:58:05 -------- d-----w- C:\Users\Susie\AppData\Local\{828F9544-3B73-493D-8791-2FCBE7E0C6A1}
.
==================== Find3M ====================
.
2013-01-30 10:53:22 273840 ------w- C:\windows\System32\MpSigStub.exe
2013-01-28 19:52:06 3766 --sha-w- C:\ProgramData\KGyGaAvL.sys
2013-01-12 22:32:34 779704 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-12-16 17:11:22 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-16 14:13:20 34304 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-07 13:20:16 441856 ----a-w- C:\windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\windows\System32\ntvdm64.dll
2012-11-30 04:54:00 5120 ----a-w- C:\windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-22 07:35:06 697272 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-11-22 07:35:05 73656 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-22 05:44:23 800768 ----a-w- C:\windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-11-14 06:11:44 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-11-14 06:04:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-11-14 06:02:49 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-11-14 05:57:46 599040 ----a-w- C:\windows\System32\vbscript.dll
2012-11-14 05:57:35 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-11-14 05:52:40 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-11-14 02:09:22 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-11-14 01:58:15 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57:37 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-11-14 01:49:25 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27 420864 ----a-w- C:\windows\SysWow64\vbscript.dll
2012-11-14 01:44:42 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45:32 750592 ----a-w- C:\windows\System32\win32spl.dll
2012-11-09 05:45:09 2048 ----a-w- C:\windows\System32\tzres.dll
2012-11-09 04:43:04 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-11-09 04:42:49 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2012-11-08 19:29:12 1402312 ----a-w- C:\windows\SysWow64\msxml4.dll
.
============= FINISH: 1:06:02.01 ===============

aswMBR Log:
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-02 01:18:30
-----------------------------
01:18:30.656 OS Version: Windows x64 6.1.7601 Service Pack 1
01:18:30.657 Number of processors: 4 586 0x2502
01:18:30.658 ComputerName: SUSIE-PC UserName: Susie
01:18:34.409 Initialize success
01:22:02.369 AVAST engine defs: 13020101
01:37:10.642 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
01:37:10.646 Disk 0 Vendor: TOSHIBA_ GJ00 Size: 305245MB BusType: 3
01:37:10.667 Disk 0 MBR read successfully
01:37:10.672 Disk 0 MBR scan
01:37:10.803 Disk 0 Windows VISTA default MBR code
01:37:10.809 Disk 0 Partition 1 80 (A) 27 Hidden NTFS WinRE NTFS 1500 MB offset 2048
01:37:10.891 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 293280 MB offset 3074048
01:37:10.974 Disk 0 Partition 3 00 17 Hidd HPFS/NTFS NTFS 10464 MB offset 603711488
01:37:11.129 Disk 0 scanning C:\windows\system32\drivers
01:37:27.821 Service scanning
01:38:28.247 Modules scanning
01:38:28.263 Disk 0 trace - called modules:
01:38:28.303 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
01:38:28.651 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c99060]
01:38:28.662 3 CLASSPNP.SYS[fffff88001d7143f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a2d050]
01:38:30.238 AVAST engine scan C:\windows
01:38:34.628 AVAST engine scan C:\windows\system32
01:43:57.622 AVAST engine scan C:\windows\system32\drivers
01:44:17.311 AVAST engine scan C:\Users\Susie
01:57:04.669 Disk 0 MBR has been saved successfully to "C:\Users\Susie\Desktop\MBR.dat"
01:57:04.695 The log file has been saved successfully to "C:\Users\Susie\Desktop\aswMBR.txt"

Again, :thanks:.
Susie