Solved Possible infection-Win 7- logs attached

[Resolved] Possible infection-Win 7- logs attached

I keep getting the error "Internet Explorer has stopped working" In another forum, the admin suggested for me to do the suggested scans and post here. I am running a Gateway pc with 6 gb ram with Windows 7 prem. I ran the Malwarebytes, AVG, Spybot and Microsoft Security Essentials. Spybot found adclick(2) but none of the others found anything. As per your instructions, I ran the othere two scans and the logs are included here:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-30 17:20:24
-----------------------------
17:20:24.133 OS Version: Windows x64 6.1.7600
17:20:24.133 Number of processors: 2 586 0x170A
17:20:24.134 ComputerName: DEAN-PC UserName: DEAN
17:20:26.062 Initialize success
17:23:16.196 AVAST engine defs: 11103001
17:23:57.360 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:23:57.364 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
17:23:57.377 Disk 0 MBR read successfully
17:23:57.384 Disk 0 MBR scan
17:23:57.389 Disk 0 TDL4@MBR code has been found
17:23:57.391 Disk 0 Windows 7 default MBR code found via API
17:23:57.394 Disk 0 MBR hidden
17:23:57.405 Disk 0 MBR [TDL4] **ROOTKIT**
17:23:57.408 Disk 0 trace - called modules:
17:23:57.415 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80061b5254]<<
17:23:57.418 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005fb8060]
17:23:57.421 3 CLASSPNP.SYS[fffff880017b343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005ee6050]
17:23:57.424 \Driver\iaStor[0xfffffa8005eb1550] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa80061b5254
17:23:59.221 AVAST engine scan C:\Windows
17:24:06.960 AVAST engine scan C:\Windows\system32
17:26:23.445 AVAST engine scan C:\Windows\system32\drivers
17:26:39.806 AVAST engine scan C:\Users\CRABTREE
17:37:49.821 AVAST engine scan C:\ProgramData
17:42:14.799 Scan finished successfully
17:48:22.666 Disk 0 MBR has been saved successfully to "C:\Users\CRABTREE\Desktop\MBR.dat "
17:48:22.676 The log file has been saved successfully to "C:\Users\CRABTREE\Desktop\aswMBRlog.txt "

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/9/2010 10:15:14 AM
System Uptime: 10/31/2011 2:40:12 AM (6 hours ago)
.
Motherboard: Acer | | EG43M
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz | CPU 1 | 2603/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 916 GiB total, 603.642 GiB free.
D: is CDROM (CDFS)
E: is FIXED (NTFS) - 298 GiB total, 48.105 GiB free.
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&242CC0DB&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&242CC0DB&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP285: 10/22/2011 7:55:44 AM - Windows Update
RP286: 10/23/2011 9:09:36 AM - Windows Update
RP287: 10/24/2011 10:02:34 AM - Windows Update
RP288: 10/25/2011 10:23:08 AM - Windows Update
RP289: 10/26/2011 1:03:33 PM - Windows Update
RP290: 10/27/2011 5:18:44 PM - Windows Update
RP291: 10/28/2011 8:07:31 AM - Windows Update
RP292: 10/29/2011 1:46:52 AM - Windows Update
RP293: 10/30/2011 12:16:19 PM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
4500_Help
7-Zip 4.65
Acrobat.com
Acronis*True*Image*Home 2011
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.3
Adobe Reader 9.4.6 MUI
Adobe Shockwave Player 11.5
Advanced SystemCare 3
AIO_Scan
AnswerWorks 5.0 English Runtime
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
AT&T Digital Directories - Gadsden-Attalla, AL
Auslogics Duplicate File Finder
AutoHotkey 1.0.48.05
AutoUpdate
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
C4200
C4200_doccd
c4200_Help
Camera Window DS
Canon Camera Window DS for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch 3.1
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Choice Guard
Compatibility Pack for the 2007 Office system
Corel Paint Shop Pro X
CrossLoop 2.74
CyberLink DVD Suite Deluxe
CyberLink PowerDirector
DeepBurner v1.9.0.228
Definition update for Microsoft Office 2010 (KB982726)
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Codec
DivX Version Checker
DJ_AIO_Software_min
DocProc
DocProcQFolder
Dream Aquarium 1.234
Driver Performer
DVD Flick 1.3.0.7
Enhanced Multimedia Keyboard Solution
EPSON Attach To Email
EPSON Event Manager
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
eReg
eSupportQFolder
eUSB SCSI Adapter
Everyone's Legal Forms 2007
Family Lawyer 2004
Family Lawyer 2010
FloatLED v1.06
FolderSizes 4
Garmin City Navigator North America NT 2010.30
Garmin City Navigator North America NT 2011.10 Update
Garmin City Navigator North America NT 2011.20 Update
Garmin City Navigator North America NT 2012.20 Update
Garmin Communicator Plugin
Garmin Lifetime Updater
Garmin WebUpdater
Gateway Games
Gateway InfoCentre
Gateway Photo Frame 4.2.3.10
Gateway Recovery Management
Google Chrome
Google Desktop
Google Earth
Google Gmail Notifier
Google Talk Plugin
Google Update Helper
Google Updater
GPBaseService
GPBaseService2
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Commercial Scanjet 5590 TWAIN Driver
HP Customer Feedback
HP My Display
HP Picasso Media Center Add-In
HP Smart Web Printing
HP Total Care Advisor
HPProductAssistant
HPSSupply
HPTCSSetup
HTC Driver Installer
HTC Sync
Identity Card
ImagXpress
IncrediMail
IncrediMail 2.0
Ipswitch WS_FTP Home 2007
J4500
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
LabelPrint
LightScribe System Software
LightScribeTemplateLabeler
Linksys Compact Wireless-G USB Adapter Driver - WUSB54GC
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft Easy Assist v2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Standard 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Primary Interoperability Assemblies 2005
Microsoft Project Professional 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Mozilla Firefox 7.0 (x86 en-US)
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
muvee autoProducer 6.1
My HP Games
My Macros 3.1
neroxml
palmOne
PCmover Professional
PCsync
PE Builder 3.1.10a
Photo Notifier and Animation Creator
PhotoMail Maker
PhotoStitch
Picasa 3
Power2Go
ProductContext
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
Python 2.5
QuickBooks Pro 2007
Quicken 2008
RC_Vista.exe
Readiris Pro 11 Mr.Underground Edition
Realtek High Definition Audio Driver
RemoteCapture Task 1.1
RoboForm 7-6-2 (All Users)
Scan
SDK
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SierraHome Print Artist 12.0
Skypeâ„¢ 5.3
SolutionCenter
Sony RAW Driver
Speccy
Spybot - Search & Destroy
Status
SupportSoft Assisted Service
Toolbox
Tor 0.2.1.26
TrayApp
Tune Tools 2
TurboTax 2010
TurboTax 2010 waliper
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
UnloadSupport
Unlocker 1.8.8
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2483110)
Vidalia 0.2.9
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
WebReg
Welcome Center
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Writer
WinRAR archiver
WinX DVD Ripper Platinum 5.1.1
Wireless-B Notebook Adapter Configuration Utility
Yahoo! Widgets
.
==== Event Viewer Messages From Past Week ========
.
10/31/2011 8:02:26 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR13.
10/31/2011 7:38:04 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR11.
10/31/2011 7:37:58 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk7\DR12.
10/30/2011 7:56:19 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
10/30/2011 4:40:59 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR8.
10/29/2011 9:28:17 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80061a87a7, 0x0000000000000000, 0x0000000077240000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 102911-67985-01.
10/29/2011 5:35:25 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7.
10/29/2011 12:40:27 PM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
10/29/2011 12:23:30 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/29/2011 1:48:06 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.831.0).
10/29/2011 1:47:37 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.831.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x80070643 Error description: Fatal error during installation.
10/29/2011 1:12:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
10/28/2011 7:13:21 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR16.
10/28/2011 12:46:09 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
10/28/2011 12:30:56 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80061b47a7, 0x0000000000000000, 0x0000000076f70000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 102811-43820-01.
10/27/2011 12:38:02 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR13.
10/26/2011 9:21:37 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/26/2011 9:21:05 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80063a57a7, 0x0000000000000000, 0x0000000077540000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 102611-50279-01.
10/26/2011 10:24:49 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR8.
10/25/2011 9:15:10 AM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/25/2011 9:00:41 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa8006fbd7a7, 0x0000000000000000, 0x0000000077540000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 102511-45957-01.
10/24/2011 4:54:28 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR9.
.
==== End Of File ===========================

Thank you for any help

 

Thanks very much for your help...
The dds.txt is in my previous message I think...the GMER is below:

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-11-03 10:17:03
Windows 6.1.7600
Running: 2tghbh4j.exe


---- Registry - GMER 1.0.15 ----

Reg HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}\iexplore@Count 69808

---- Files - GMER 1.0.15 ----

File C:\Users\CRABTREE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83UH14AL\adme_mevio_com[2].htm 0 bytes
File C:\Users\CRABTREE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\83UH14AL\opensearch_descCA4UBW55.xml 0 bytes
File C:\Users\CRABTREE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C7CDF7EV\afr[1].htm 0 bytes
File C:\Users\CRABTREE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXJBUNNA\1844255119[1].htm 0 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DF64D9CF5E64E8BF65.TMP 16384 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DF84F45979A5223FCF.TMP 512 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DF2B4BB73BBE5F8012.TMP 16384 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DF3E2B80B9237D26B4.TMP 16384 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DF546148DB1C2C51DB.TMP 16384 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DF5D898F2431B35344.TMP 512 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DF9C092A4D9C85885F.TMP 16384 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DFB2F5DB881AB2792E.TMP 32768 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DFB3EA0806025FF158.TMP 32768 bytes
File C:\Users\CRABTREE\AppData\Local\Temp\~DFBD557BF2FA41DC65.TMP 512 bytes

---- EOF - GMER 1.0.15 ----

 

sorry...here goes:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_23
Run by DEAN at 11:10:10 on 2011-11-03
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6109.3806 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Users\CRABTREE\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\Dwm.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Users\CRABTREE\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\REGSVR32.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4822&r=173601106206p0365v1j5k4871r25n
uSearch Bar = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=%tb_id&%language
mDefault_Page_URL = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4822&r=173601106206p0365v1j5k4871r25n
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4822&r=173601106206p0365v1j5k4871r25n
uInternet Settings,ProxyOverride = localhost
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: RoboForm BHO: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
uRun: [IncrediMail] C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe "
mRun: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe "
mRun: [TaskTray]
mRun: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe "
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe "
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg "& "inst=NzctNjE0MDQ0OTAzLVhPMTArMi1RSVgxKzQtWDIwMTArMi1GMTBNMTBEKzEtTElDKzIyLUZMMTArMS1TUDErMS1TUDFUQisxLVNVRCsxLVMxSSsxLVNVMysxLUREVCsxMjM4OS1ERDEwRisxLVNUMTBGQVBQKzE "& "prod=90 "& "ver=10.0.1410
dRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe "
StartupFolder: C:\Users\CRABTREE\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LOGITE~1.LNK - C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
mPolicies-system: EnableLinkedConnections = 1 (0x1)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
Trusted Zone: intuit.com\ttlc
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/e/4/9/e494c802-dd90-4c6b-a074-469358f075a6/OGAControl.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxp://ipgweb.cce.hp.com/rdqcpqdktp/downloads/sysinfo.cab
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {AA25A56C-B654-4356-B390-DC3594B75C63} - hxxp://65.15.154.215:81/codebase/HCNetVideoActiveX.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{C7D640D0-6EAB-4A49-AC56-DD7D2F91F6FE} : DhcpNameServer = 192.168.1.254 192.168.1.254
TCP: Interfaces\{EA8713C9-52CC-42DD-A388-B7B0CCC5398B} : DhcpNameServer = 192.168.1.254 192.168.1.254
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
AppInit_DLLs: C:\PROGRA~2\Google\GOBCA7~1\GO36F4~1.DLL
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe "
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5825.1100\swg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB-X64: &RoboForm: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File
TB-X64: {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No File
mRun-x64: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] "C:\Program Files (x86)\Google\Gmail Notifier\gnotify.exe "
mRun-x64: [TaskTray]
mRun-x64: [TrueImageMonitor.exe] "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe "
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe "
mRunOnce-x64: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=NFVZOVgtTlNWVkwtTzRCWlEtUUlNQ0wtUVREQ0gtNElKTUg "& "inst=NzctNjE0MDQ0OTAzLVhPMTArMi1RSVgxKzQtWDIwMTArMi1GMTBNMTBEKzEtTElDKzIyLUZMMTArMS1TUDErMS1TUDFUQisxLVNVRCsxLVMxSSsxLVNVMysxLUREVCsxMjM4OS1ERDEwRisxLVNUMTBGQVBQKzE "& "prod=90 "& "ver=10.0.1410
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE-X64: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE-X64: {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
AppInit_DLLs-X64: C:\PROGRA~2\Google\GOBCA7~1\GO36F4~1.DLL
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\CRABTREE\AppData\Roaming\Mozilla\Firefox\Profiles\xzvs5cdp.default\
FF - prefs.js: browser.search.selectedEngine - Dogpile
FF - prefs.js: browser.startup.homepage - hxxp://att.my.yahoo.com/?_bc=1
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&a=1uwsoPxbpd9&search=
FF - prefs.js: network.proxy.type - 4
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\CRABTREE\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Users\CRABTREE\AppData\Roaming\Mozilla\Firefox\Profiles\xzvs5cdp.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\npGarmin.dll
FF - plugin: C:\Users\CRABTREE\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\CRABTREE\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);C:\Windows\system32\DRIVERS\tdrpm273.sys --> C:\Windows\system32\DRIVERS\tdrpm273.sys [?]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
R1 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-9-5 3246040]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]
R2 CrossLoopService;CrossLoop Service;C:\Users\CRABTREE\AppData\Local\CrossLoop\CrossLoopService.exe [2011-2-9 560848]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2008-11-21 1153368]
R3 afcdp;afcdp;C:\Windows\system32\DRIVERS\afcdp.sys --> C:\Windows\system32\DRIVERS\afcdp.sys [?]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\system32\DRIVERS\e1y62x64.sys --> C:\Windows\system32\DRIVERS\e1y62x64.sys [?]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?]
R3 MpNWMon;Microsoft Malware Protection Network Driver;C:\Windows\system32\DRIVERS\MpNWMon.sys --> C:\Windows\system32\DRIVERS\MpNWMon.sys [?]
R3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-4-27 288272]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate1c98ebdbdbb100;Google Update Service (gupdate1c98ebdbdbb100);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-9 135664]
S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-2-16 30192]
S3 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-9 135664]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-9 135664]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 tvnserver;TightVNC Server;C:\Users\CRABTREE\AppData\Local\CrossLoop\tvnserver.exe [2011-2-9 814080]
S3 uvnc_service;uvnc_service; "C:\Users\CRABTREE\AppData\Local\CrossLoop\winvnc.exe" -service --> C:\Users\CRABTREE\AppData\Local\CrossLoop\winvnc.exe [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-11-03 14:00:06 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3AF03E8-9534-4880-B035-74F8AB9481E0}\offreg.dll
2011-11-03 12:28:25 8570192 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D3AF03E8-9534-4880-B035-74F8AB9481E0}\mpengine.dll
2011-10-31 13:37:54 -------- d-----w- C:\X-Plane 9
2011-10-26 18:57:27 -------- d-----w- C:\symbols
2011-10-26 18:02:23 -------- d-----w- C:\Program Files\Debugging Tools for Windows (x64)
2011-10-19 18:44:51 -------- d-----w- C:\Users\CRABTREE\AppData\Roaming\AVG2012
2011-10-19 18:43:47 -------- d-----w- C:\Windows\SysWow64\drivers\AVG
2011-10-19 18:42:12 -------- d-----w- C:\ProgramData\AVG2012
2011-10-18 18:11:47 -------- d--h--w- C:\Users\CRABTREE\AppData\Roaming\Tydije
2011-10-18 18:11:47 -------- d--h--w- C:\Users\CRABTREE\AppData\Roaming\Duojf
2011-10-16 21:58:59 601424 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2011-10-16 21:58:49 917840 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4F0C7EAF-53A7-4D1B-86FC-EAD9878E469B}\gapaengine.dll
.
==================== Find3M ====================
.
2011-10-18 20:41:59 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-01 20:06:42 285280 ----a-w- C:\Windows\System32\drivers\afcdp.sys
2011-10-01 20:06:41 1263200 ----a-w- C:\Windows\System32\drivers\tdrpm273.sys
2011-10-01 20:06:40 970336 ----a-w- C:\Windows\System32\drivers\timntr.sys
2011-10-01 03:21:20 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2011-10-01 02:59:14 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2011-09-13 11:30:08 37456 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
2011-09-09 19:38:48 525544 ----a-w- C:\Windows\System32\deployJava1.dll
2011-09-06 03:07:02 3134976 ----a-w- C:\Windows\System32\win32k.sys
2011-09-05 13:13:54 277088 ----a-w- C:\Windows\System32\drivers\snapman.sys
2011-08-27 05:40:28 861184 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-27 05:40:28 331776 ----a-w- C:\Windows\System32\oleacc.dll
2011-08-27 04:43:07 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-27 04:43:06 233472 ----a-w- C:\Windows\SysWow64\oleacc.dll
2011-08-20 05:45:20 1197568 ----a-w- C:\Windows\System32\wininet.dll
2011-08-20 05:41:16 57856 ----a-w- C:\Windows\System32\licmgr10.dll
2011-08-20 04:38:10 981504 ----a-w- C:\Windows\SysWow64\wininet.dll
2011-08-20 04:35:20 44544 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2011-08-20 04:20:23 482816 ----a-w- C:\Windows\System32\html.iec
2011-08-20 03:26:38 386048 ----a-w- C:\Windows\SysWow64\html.iec
2011-08-19 14:55:09 94720 ----a-w- C:\Windows\System32\antiwpa.dll
2011-08-08 11:08:58 46672 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
.
============= FINISH: 11:18:35.77 ===============

 

and here:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 1/9/2010 10:15:14 AM
System Uptime: 11/3/2011 8:59:22 AM (3 hours ago)
.
Motherboard: Acer | | EG43M
Processor: Pentium(R) Dual-Core CPU E5300 @ 2.60GHz | CPU 1 | 2603/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 916 GiB total, 592.268 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 298 GiB total, 47.87 GiB free.
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&242CC0DB&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&242CC0DB&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP288: 10/25/2011 10:23:08 AM - Windows Update
RP289: 10/26/2011 1:03:33 PM - Windows Update
RP290: 10/27/2011 5:18:44 PM - Windows Update
RP291: 10/28/2011 8:07:31 AM - Windows Update
RP292: 10/29/2011 1:46:52 AM - Windows Update
RP293: 10/30/2011 12:16:19 PM - Windows Update
RP294: 10/31/2011 4:27:36 PM - Windows Update
RP296: 11/3/2011 7:28:13 AM - Windows Update
.
==== Installed Programs ======================
.
µTorrent
4500_Help
7-Zip 4.65
Acrobat.com
Acronis*True*Image*Home 2011
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 8.1.3
Adobe Reader 9.4.6 MUI
Adobe Shockwave Player 11.5
Advanced SystemCare 3
AIO_Scan
AnswerWorks 5.0 English Runtime
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
AT&T Digital Directories - Gadsden-Attalla, AL
Auslogics Duplicate File Finder
AutoHotkey 1.0.48.05
AutoUpdate
bpd_scan
BPDSoftware
BPDSoftware_Ini
BufferChm
C4200
C4200_doccd
c4200_Help
Camera Window DS
Canon Camera Window DS for ZoomBrowser EX
Canon G.726 WMP-Decoder
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch 3.1
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Choice Guard
Compatibility Pack for the 2007 Office system
Corel Paint Shop Pro X
CrossLoop 2.74
CyberLink DVD Suite Deluxe
CyberLink PowerDirector
DeepBurner v1.9.0.228
Definition update for Microsoft Office 2010 (KB982726)
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Codec
DivX Version Checker
DJ_AIO_Software_min
DocProc
DocProcQFolder
Dream Aquarium 1.234
Driver Performer
DVD Flick 1.3.0.7
Enhanced Multimedia Keyboard Solution
EPSON Attach To Email
EPSON Event Manager
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
eReg
eSupportQFolder
eUSB SCSI Adapter
Everyone's Legal Forms 2007
Family Lawyer 2004
Family Lawyer 2010
FloatLED v1.06
FolderSizes 4
Garmin City Navigator North America NT 2010.30
Garmin City Navigator North America NT 2011.10 Update
Garmin City Navigator North America NT 2011.20 Update
Garmin City Navigator North America NT 2012.20 Update
Garmin Communicator Plugin
Garmin Lifetime Updater
Garmin WebUpdater
Gateway Games
Gateway InfoCentre
Gateway Photo Frame 4.2.3.10
Gateway Recovery Management
Google Chrome
Google Desktop
Google Earth
Google Gmail Notifier
Google Talk Plugin
Google Update Helper
Google Updater
GPBaseService
GPBaseService2
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Commercial Scanjet 5590 TWAIN Driver
HP Customer Feedback
HP My Display
HP Picasso Media Center Add-In
HP Smart Web Printing
HP Total Care Advisor
HPProductAssistant
HPSSupply
HPTCSSetup
HTC Driver Installer
HTC Sync
Identity Card
ImagXpress
IncrediMail
IncrediMail 2.0
Ipswitch WS_FTP Home 2007
J4500
Java Auto Updater
Java(TM) 6 Update 23
Java(TM) SE Runtime Environment 6 Update 1
Junk Mail filter update
LabelPrint
LightScribe System Software
LightScribeTemplateLabeler
Linksys Compact Wireless-G USB Adapter Driver - WUSB54GC
Malwarebytes' Anti-Malware version 1.51.2.1300
Microsoft Easy Assist v2
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2007
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2007
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Standard 2007
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Office XP Professional with FrontPage
Microsoft Primary Interoperability Assemblies 2005
Microsoft Project Professional 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works
Mozilla Firefox 7.0 (x86 en-US)
MSVCRT
MSVCSetup
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
muvee autoProducer 6.1
My HP Games
My Macros 3.1
neroxml
palmOne
PCmover Professional
PCsync
PE Builder 3.1.10a
Photo Notifier and Animation Creator
PhotoMail Maker
PhotoStitch
Picasa 3
Power2Go
ProductContext
PS_AIO_ProductContext
PS_AIO_Software
PS_AIO_Software_min
Python 2.5
QuickBooks Pro 2007
Quicken 2008
RC_Vista.exe
Readiris Pro 11 Mr.Underground Edition
Realtek High Definition Audio Driver
RemoteCapture Task 1.1
RoboForm 7-6-2 (All Users)
Scan
SDK
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft Office 2010 (KB2289078)
Security Update for Microsoft Office 2010 (KB2289161)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
SierraHome Print Artist 12.0
Skype™ 5.3
SolutionCenter
Sony RAW Driver
Speccy
Spybot - Search & Destroy
Status
SupportSoft Assisted Service
Toolbox
Tor 0.2.1.26
TrayApp
Tune Tools 2
TurboTax 2010
TurboTax 2010 waliper
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wrapper
UnloadSupport
Unlocker 1.8.8
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2010 (KB2202188)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2523113)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (KB2483110)
Vidalia 0.2.9
Visual C++ 8.0 Runtime Setup Package (x64)
Visual Studio 2008 x64 Redistributables
WebReg
Welcome Center
Windows Installer Clean Up
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Writer
WinRAR archiver
WinX DVD Ripper Platinum 5.1.1
Wireless-B Notebook Adapter Configuration Utility
Yahoo! Widgets
.
==== Event Viewer Messages From Past Week ========
.
11/3/2011 9:40:39 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
11/3/2011 9:01:21 AM, Error: Microsoft-Windows-ResourcePublication [1002] - Element Provider\Microsoft.Base.Publication/Publication/Computer failed to publish. Ensure that both PKEY_PUBSVCS_METADATA and PKEY_PUBSVCS_TYPE are set properly on the function instance and there were no errors adding the function instance.
11/2/2011 1:51:53 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR22.
10/31/2011 9:51:05 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk7\DR14.
10/31/2011 7:38:04 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR11.
10/31/2011 7:37:58 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk7\DR12.
10/31/2011 5:38:50 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR17.
10/31/2011 12:48:50 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.904.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
10/31/2011 12:48:50 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.904.0 Update Source: Microsoft Update Server Update Stage: Download Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x80240022 Error description: The program can't check for definition updates.
10/31/2011 11:18:36 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR13.
10/30/2011 7:56:19 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
10/30/2011 4:40:59 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR8.
10/29/2011 9:28:17 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80061a87a7, 0x0000000000000000, 0x0000000077240000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 102911-67985-01.
10/29/2011 5:35:25 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR7.
10/29/2011 12:23:30 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed. Feature: Behavior Monitoring Error Code: 0x80004005 Error description: Unspecified error Reason: The filter driver requires an up-to-date engine in order to function. You must install the latest definition updates in order to enable real-time protection.
10/29/2011 1:48:06 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.115.831.0).
10/29/2011 1:47:37 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.115.831.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.7801.0 Error code: 0x80070643 Error description: Fatal error during installation.
10/29/2011 1:12:10 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk6\DR6.
10/28/2011 7:13:21 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR16.
10/28/2011 12:30:56 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffffa80061b47a7, 0x0000000000000000, 0x0000000076f70000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 102811-43820-01.
10/27/2011 12:38:02 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR13.
.
==== End Of File ===========================

 

13:37:03.0974 4636 TDSS rootkit removing tool 2.6.15.0 Nov 3 2011 17:15:49
13:37:04.0310 4636 ============================================================
13:37:04.0310 4636 Current date / time: 2011/11/03 13:37:04.0310
13:37:04.0310 4636 SystemInfo:
13:37:04.0310 4636
13:37:04.0310 4636 OS Version: 6.1.7600 ServicePack: 0.0
13:37:04.0310 4636 Product type: Workstation
13:37:04.0310 4636 ComputerName: DEAN-PC
13:37:04.0310 4636 UserName: DEAN
13:37:04.0310 4636 Windows directory: C:\Windows
13:37:04.0310 4636 System windows directory: C:\Windows
13:37:04.0310 4636 Running under WOW64
13:37:04.0310 4636 Processor architecture: Intel x64
13:37:04.0310 4636 Number of processors: 2
13:37:04.0310 4636 Page size: 0x1000
13:37:04.0310 4636 Boot type: Normal boot
13:37:04.0310 4636 ============================================================
13:37:05.0055 4636 Initialize success
13:37:16.0938 2708 ============================================================
13:37:16.0938 2708 Scan started
13:37:16.0938 2708 Mode: Manual;
13:37:16.0938 2708 ============================================================
13:37:17.0843 2708 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
13:37:17.0847 2708 1394ohci - ok
13:37:17.0957 2708 61883 (e0a8525a951addb4655bc2068566407d) C:\Windows\system32\DRIVERS\61883.sys
13:37:17.0958 2708 61883 - ok
13:37:18.0003 2708 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
13:37:18.0008 2708 ACPI - ok
13:37:18.0031 2708 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
13:37:18.0033 2708 AcpiPmi - ok
13:37:18.0110 2708 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
13:37:18.0116 2708 adp94xx - ok
13:37:18.0135 2708 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
13:37:18.0139 2708 adpahci - ok
13:37:18.0179 2708 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
13:37:18.0182 2708 adpu320 - ok
13:37:18.0233 2708 afcdp (ae1fce2cd1e99bea89183ba8cd320872) C:\Windows\system32\DRIVERS\afcdp.sys
13:37:18.0235 2708 afcdp - ok
13:37:18.0306 2708 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
13:37:18.0311 2708 AFD - ok
13:37:18.0327 2708 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
13:37:18.0329 2708 agp440 - ok
13:37:18.0356 2708 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
13:37:18.0357 2708 aliide - ok
13:37:18.0369 2708 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
13:37:18.0371 2708 amdide - ok
13:37:18.0387 2708 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
13:37:18.0389 2708 AmdK8 - ok
13:37:18.0404 2708 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
13:37:18.0406 2708 AmdPPM - ok
13:37:18.0443 2708 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
13:37:18.0445 2708 amdsata - ok
13:37:18.0470 2708 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
13:37:18.0473 2708 amdsbs - ok
13:37:18.0492 2708 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
13:37:18.0493 2708 amdxata - ok
13:37:18.0538 2708 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
13:37:18.0541 2708 AppID - ok
13:37:18.0560 2708 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
13:37:18.0562 2708 arc - ok
13:37:18.0572 2708 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
13:37:18.0576 2708 arcsas - ok
13:37:18.0616 2708 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:37:18.0617 2708 AsyncMac - ok
13:37:18.0632 2708 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
13:37:18.0634 2708 atapi - ok
13:37:18.0692 2708 Avc (16fabe84916623d0607e4a975544032c) C:\Windows\system32\DRIVERS\avc.sys
13:37:18.0693 2708 Avc - ok
13:37:18.0760 2708 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
13:37:18.0761 2708 AVGIDSEH - ok
13:37:18.0829 2708 Avgldx64 (dadfccfb036da99fa83e7e1d29290a6c) C:\Windows\system32\DRIVERS\avgldx64.sys
13:37:18.0832 2708 Avgldx64 - ok
13:37:18.0901 2708 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
13:37:18.0902 2708 Avgmfx64 - ok
13:37:18.0956 2708 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
13:37:18.0957 2708 Avgrkx64 - ok
13:37:19.0040 2708 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
13:37:19.0049 2708 b06bdrv - ok
13:37:19.0122 2708 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:37:19.0126 2708 b57nd60a - ok
13:37:19.0170 2708 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:37:19.0172 2708 Beep - ok
13:37:19.0224 2708 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
13:37:19.0225 2708 blbdrive - ok
13:37:19.0254 2708 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
13:37:19.0256 2708 bowser - ok
13:37:19.0271 2708 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:37:19.0272 2708 BrFiltLo - ok
13:37:19.0287 2708 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:37:19.0288 2708 BrFiltUp - ok
13:37:19.0301 2708 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:37:19.0305 2708 Brserid - ok
13:37:19.0319 2708 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:37:19.0321 2708 BrSerWdm - ok
13:37:19.0340 2708 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:37:19.0342 2708 BrUsbMdm - ok
13:37:19.0358 2708 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:37:19.0359 2708 BrUsbSer - ok
13:37:19.0367 2708 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
13:37:19.0369 2708 BTHMODEM - ok
13:37:19.0418 2708 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:37:19.0420 2708 cdfs - ok
13:37:19.0464 2708 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
13:37:19.0466 2708 cdrom - ok
13:37:19.0499 2708 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
13:37:19.0500 2708 circlass - ok
13:37:19.0529 2708 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:37:19.0533 2708 CLFS - ok
13:37:19.0616 2708 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
13:37:19.0617 2708 CmBatt - ok
13:37:19.0639 2708 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
13:37:19.0640 2708 cmdide - ok
13:37:19.0665 2708 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
13:37:19.0669 2708 CNG - ok
13:37:19.0686 2708 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
13:37:19.0687 2708 Compbatt - ok
13:37:19.0720 2708 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
13:37:19.0722 2708 CompositeBus - ok
13:37:19.0765 2708 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
13:37:19.0766 2708 crcdisk - ok
13:37:19.0878 2708 dc3d (26c9db5fb11aa1c90ca4b7a986cca4f3) C:\Windows\system32\DRIVERS\dc3d.sys
13:37:19.0880 2708 dc3d - ok
13:37:19.0928 2708 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
13:37:19.0930 2708 DfsC - ok
13:37:19.0950 2708 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:37:19.0951 2708 discache - ok
13:37:20.0012 2708 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
13:37:20.0014 2708 Disk - ok
13:37:20.0097 2708 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
13:37:20.0100 2708 Dot4 - ok
13:37:20.0129 2708 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:37:20.0130 2708 Dot4Print - ok
13:37:20.0169 2708 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
13:37:20.0171 2708 dot4usb - ok
13:37:20.0214 2708 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:37:20.0215 2708 drmkaud - ok
13:37:20.0334 2708 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
13:37:20.0341 2708 DXGKrnl - ok
13:37:20.0398 2708 e1yexpress (761b9edd97a021aa1922501b7a056635) C:\Windows\system32\DRIVERS\e1y62x64.sys
13:37:20.0401 2708 e1yexpress - ok
13:37:20.0498 2708 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
13:37:20.0579 2708 ebdrv - ok
13:37:20.0801 2708 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
13:37:20.0809 2708 elxstor - ok
13:37:20.0831 2708 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
13:37:20.0832 2708 ErrDev - ok
13:37:20.0881 2708 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:37:20.0884 2708 exfat - ok
13:37:20.0907 2708 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:37:20.0911 2708 fastfat - ok
13:37:20.0957 2708 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
13:37:20.0959 2708 fdc - ok
13:37:20.0984 2708 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:37:20.0985 2708 FileInfo - ok
13:37:21.0000 2708 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:37:21.0002 2708 Filetrace - ok
13:37:21.0010 2708 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
13:37:21.0012 2708 flpydisk - ok
13:37:21.0057 2708 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
13:37:21.0060 2708 FltMgr - ok
13:37:21.0076 2708 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:37:21.0078 2708 FsDepends - ok
13:37:21.0100 2708 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:37:21.0100 2708 Fs_Rec - ok
13:37:21.0181 2708 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:37:21.0186 2708 fvevol - ok
13:37:21.0222 2708 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
13:37:21.0225 2708 gagp30kx - ok
13:37:21.0347 2708 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:37:21.0348 2708 hcw85cir - ok
13:37:21.0365 2708 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
13:37:21.0370 2708 HdAudAddService - ok
13:37:21.0404 2708 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:37:21.0406 2708 HDAudBus - ok
13:37:21.0426 2708 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
13:37:21.0427 2708 HidBatt - ok
13:37:21.0443 2708 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
13:37:21.0445 2708 HidBth - ok
13:37:21.0460 2708 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
13:37:21.0461 2708 HidIr - ok
13:37:21.0515 2708 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
13:37:21.0516 2708 HidUsb - ok
13:37:21.0571 2708 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
13:37:21.0572 2708 HpSAMD - ok
13:37:21.0618 2708 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
13:37:21.0625 2708 HTTP - ok
13:37:21.0641 2708 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
13:37:21.0642 2708 hwpolicy - ok
13:37:21.0711 2708 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
13:37:21.0713 2708 i8042prt - ok
13:37:21.0761 2708 iaStor (1d004cb1da6323b1f55caef7f94b61d9) C:\Windows\system32\DRIVERS\iaStor.sys
13:37:21.0763 2708 iaStor - ok
13:37:21.0788 2708 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
13:37:21.0793 2708 iaStorV - ok
13:37:22.0059 2708 igfx (c6238c6abd6ac99f5d152da4e9439a3d) C:\Windows\system32\DRIVERS\igdkmd64.sys
13:37:22.0214 2708 igfx - ok
13:37:22.0299 2708 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
13:37:22.0300 2708 iirsp - ok
13:37:22.0387 2708 IntcAzAudAddService (bc64b75e8e0a0b8982ab773483164e72) C:\Windows\system32\drivers\RTKVHD64.sys
13:37:22.0397 2708 IntcAzAudAddService - ok
13:37:22.0476 2708 IntcHdmiAddService (d485d3bd3e2179aa86853a182f70699f) C:\Windows\system32\drivers\IntcHdmi.sys
13:37:22.0478 2708 IntcHdmiAddService - ok
13:37:22.0493 2708 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
13:37:22.0495 2708 intelide - ok
13:37:22.0536 2708 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
13:37:22.0537 2708 intelppm - ok
13:37:22.0587 2708 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:37:22.0589 2708 IpFilterDriver - ok
13:37:22.0601 2708 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:37:22.0603 2708 IPMIDRV - ok
13:37:22.0613 2708 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:37:22.0615 2708 IPNAT - ok
13:37:22.0650 2708 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:37:22.0652 2708 IRENUM - ok
13:37:22.0669 2708 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
13:37:22.0671 2708 isapnp - ok
13:37:22.0682 2708 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
13:37:22.0685 2708 iScsiPrt - ok
13:37:22.0725 2708 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
13:37:22.0726 2708 kbdclass - ok
13:37:22.0745 2708 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
13:37:22.0746 2708 kbdhid - ok
13:37:22.0771 2708 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
13:37:22.0772 2708 KSecDD - ok
13:37:22.0799 2708 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\Windows\system32\Drivers\ksecpkg.sys
13:37:22.0801 2708 KSecPkg - ok
13:37:22.0821 2708 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:37:22.0822 2708 ksthunk - ok
13:37:22.0913 2708 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:37:22.0915 2708 lltdio - ok
13:37:22.0968 2708 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
13:37:22.0970 2708 LSI_FC - ok
13:37:22.0991 2708 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
13:37:22.0993 2708 LSI_SAS - ok
13:37:23.0014 2708 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:37:23.0016 2708 LSI_SAS2 - ok
13:37:23.0025 2708 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:37:23.0027 2708 LSI_SCSI - ok
13:37:23.0053 2708 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:37:23.0055 2708 luafv - ok
13:37:23.0083 2708 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
13:37:23.0084 2708 megasas - ok
13:37:23.0095 2708 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
13:37:23.0099 2708 MegaSR - ok
13:37:23.0144 2708 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:37:23.0146 2708 Modem - ok
13:37:23.0187 2708 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:37:23.0187 2708 monitor - ok
13:37:23.0219 2708 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:37:23.0220 2708 mouclass - ok
13:37:23.0249 2708 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:37:23.0250 2708 mouhid - ok
13:37:23.0276 2708 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
13:37:23.0277 2708 mountmgr - ok
13:37:23.0288 2708 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
13:37:23.0291 2708 mpio - ok
13:37:23.0313 2708 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:37:23.0324 2708 mpsdrv - ok
13:37:23.0336 2708 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
13:37:23.0338 2708 MRxDAV - ok
13:37:23.0393 2708 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:37:23.0396 2708 mrxsmb - ok
13:37:23.0438 2708 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:37:23.0443 2708 mrxsmb10 - ok
13:37:23.0458 2708 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:37:23.0460 2708 mrxsmb20 - ok
13:37:23.0482 2708 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
13:37:23.0483 2708 msahci - ok
13:37:23.0493 2708 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
13:37:23.0495 2708 msdsm - ok
13:37:23.0572 2708 MSDV (72949a24d37a20a54b3d4d3dadbb55e9) C:\Windows\system32\DRIVERS\msdv.sys
13:37:23.0574 2708 MSDV - ok
13:37:23.0600 2708 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:37:23.0602 2708 Msfs - ok
13:37:23.0640 2708 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:37:23.0642 2708 mshidkmdf - ok
13:37:23.0657 2708 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
13:37:23.0658 2708 msisadrv - ok
13:37:23.0697 2708 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:37:23.0698 2708 MSKSSRV - ok
13:37:23.0736 2708 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:37:23.0737 2708 MSPCLOCK - ok
13:37:23.0745 2708 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:37:23.0747 2708 MSPQM - ok
13:37:23.0778 2708 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
13:37:23.0782 2708 MsRPC - ok
13:37:23.0812 2708 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
13:37:23.0812 2708 mssmbios - ok
13:37:23.0825 2708 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:37:23.0827 2708 MSTEE - ok
13:37:23.0843 2708 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
13:37:23.0844 2708 MTConfig - ok
13:37:23.0883 2708 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:37:23.0884 2708 Mup - ok
13:37:23.0928 2708 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:37:23.0932 2708 NativeWifiP - ok
13:37:24.0014 2708 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
13:37:24.0028 2708 NDIS - ok
13:37:24.0075 2708 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:37:24.0077 2708 NdisCap - ok
13:37:24.0110 2708 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:37:24.0112 2708 NdisTapi - ok
13:37:24.0159 2708 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
13:37:24.0161 2708 Ndisuio - ok
13:37:24.0185 2708 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:37:24.0187 2708 NdisWan - ok
13:37:24.0205 2708 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
13:37:24.0207 2708 NDProxy - ok
13:37:24.0258 2708 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:37:24.0260 2708 NetBIOS - ok
13:37:24.0285 2708 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
13:37:24.0289 2708 NetBT - ok
13:37:24.0351 2708 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
13:37:24.0352 2708 nfrd960 - ok
13:37:24.0394 2708 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:37:24.0395 2708 Npfs - ok
13:37:24.0420 2708 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:37:24.0421 2708 nsiproxy - ok
13:37:24.0518 2708 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
13:37:24.0538 2708 Ntfs - ok
13:37:24.0599 2708 NuidFltr (d4012918d3a3847b44b888d56bc095d6) C:\Windows\system32\DRIVERS\NuidFltr.sys
13:37:24.0601 2708 NuidFltr - ok
13:37:24.0625 2708 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:37:24.0627 2708 Null - ok
13:37:24.0649 2708 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
13:37:24.0653 2708 nvraid - ok
13:37:24.0665 2708 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
13:37:24.0669 2708 nvstor - ok
13:37:24.0678 2708 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
13:37:24.0681 2708 nv_agp - ok
13:37:24.0717 2708 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
13:37:24.0719 2708 ohci1394 - ok
13:37:24.0742 2708 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
13:37:24.0745 2708 Parport - ok
13:37:24.0765 2708 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
13:37:24.0767 2708 partmgr - ok
13:37:24.0786 2708 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
13:37:24.0789 2708 pci - ok
13:37:24.0807 2708 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
13:37:24.0809 2708 pciide - ok
13:37:24.0829 2708 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
13:37:24.0832 2708 pcmcia - ok
13:37:24.0853 2708 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:37:24.0854 2708 pcw - ok
13:37:24.0975 2708 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:37:24.0983 2708 PEAUTH - ok
13:37:25.0154 2708 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
13:37:25.0156 2708 PptpMiniport - ok
13:37:25.0178 2708 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
13:37:25.0179 2708 Processor - ok
13:37:25.0226 2708 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
13:37:25.0228 2708 Psched - ok
13:37:25.0286 2708 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
13:37:25.0302 2708 ql2300 - ok
13:37:25.0315 2708 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
13:37:25.0317 2708 ql40xx - ok
13:37:25.0339 2708 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:37:25.0341 2708 QWAVEdrv - ok
13:37:25.0354 2708 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:37:25.0355 2708 RasAcd - ok
13:37:25.0431 2708 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:37:25.0433 2708 RasAgileVpn - ok
13:37:25.0470 2708 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:37:25.0473 2708 Rasl2tp - ok
13:37:25.0503 2708 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:37:25.0505 2708 RasPppoe - ok
13:37:25.0557 2708 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:37:25.0558 2708 RasSstp - ok
13:37:25.0583 2708 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
13:37:25.0587 2708 rdbss - ok
13:37:25.0604 2708 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
13:37:25.0606 2708 rdpbus - ok
13:37:25.0668 2708 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:37:25.0669 2708 RDPCDD - ok
13:37:25.0717 2708 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:37:25.0718 2708 RDPENCDD - ok
13:37:25.0751 2708 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:37:25.0752 2708 RDPREFMP - ok
13:37:25.0782 2708 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
13:37:25.0785 2708 RDPWD - ok
13:37:25.0803 2708 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
13:37:25.0806 2708 rdyboost - ok
13:37:25.0878 2708 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:37:25.0880 2708 rspndr - ok
13:37:25.0924 2708 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
13:37:25.0926 2708 sbp2port - ok
13:37:25.0982 2708 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
13:37:25.0984 2708 scfilter - ok
13:37:26.0030 2708 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:37:26.0050 2708 secdrv - ok
13:37:26.0114 2708 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
13:37:26.0115 2708 Serenum - ok
13:37:26.0163 2708 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
13:37:26.0166 2708 Serial - ok
13:37:26.0210 2708 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
13:37:26.0211 2708 sermouse - ok
13:37:26.0281 2708 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
13:37:26.0282 2708 sffdisk - ok
13:37:26.0326 2708 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:37:26.0327 2708 sffp_mmc - ok
13:37:26.0368 2708 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\DRIVERS\sffp_sd.sys
13:37:26.0370 2708 sffp_sd - ok
13:37:26.0434 2708 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
13:37:26.0435 2708 sfloppy - ok
13:37:26.0494 2708 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:37:26.0501 2708 SiSRaid2 - ok
13:37:26.0516 2708 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
13:37:26.0518 2708 SiSRaid4 - ok
13:37:26.0552 2708 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:37:26.0554 2708 Smb - ok
13:37:26.0633 2708 snapman (10450f432811d7fda60a97fcc674d7b2) C:\Windows\system32\DRIVERS\snapman.sys
13:37:26.0636 2708 snapman - ok
13:37:26.0678 2708 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:37:26.0679 2708 spldr - ok
13:37:26.0740 2708 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
13:37:26.0746 2708 srv - ok
13:37:26.0768 2708 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
13:37:26.0774 2708 srv2 - ok
13:37:26.0810 2708 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
13:37:26.0812 2708 srvnet - ok
13:37:26.0858 2708 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
13:37:26.0859 2708 stexstor - ok
13:37:26.0909 2708 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
13:37:26.0910 2708 swenum - ok
13:37:27.0025 2708 Tcpip (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\drivers\tcpip.sys
13:37:27.0036 2708 Tcpip - ok
13:37:27.0082 2708 TCPIP6 (b9d87c7707f058ac652a398cd28de14b) C:\Windows\system32\DRIVERS\tcpip.sys
13:37:27.0094 2708 TCPIP6 - ok
13:37:27.0133 2708 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
13:37:27.0135 2708 tcpipreg - ok
13:37:27.0161 2708 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:37:27.0163 2708 TDPIPE - ok
13:37:27.0231 2708 tdrpman273 (99527d49ee0a96fc25537c61b270a372) C:\Windows\system32\DRIVERS\tdrpm273.sys
13:37:27.0244 2708 tdrpman273 - ok
13:37:27.0277 2708 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
13:37:27.0279 2708 TDTCP - ok
13:37:27.0305 2708 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
13:37:27.0307 2708 tdx - ok
13:37:27.0326 2708 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
13:37:27.0327 2708 TermDD - ok
13:37:27.0404 2708 timounter (ebbaea02f0095a798000c7e06b16d41b) C:\Windows\system32\DRIVERS\timntr.sys
13:37:27.0414 2708 timounter - ok
13:37:27.0445 2708 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:37:27.0447 2708 tssecsrv - ok
13:37:27.0494 2708 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
13:37:27.0496 2708 tunnel - ok
13:37:27.0532 2708 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
13:37:27.0534 2708 uagp35 - ok
13:37:27.0561 2708 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
13:37:27.0565 2708 udfs - ok
13:37:27.0597 2708 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
13:37:27.0599 2708 uliagpkx - ok
13:37:27.0636 2708 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
13:37:27.0638 2708 umbus - ok
13:37:27.0663 2708 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
13:37:27.0664 2708 UmPass - ok
13:37:27.0691 2708 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
13:37:27.0693 2708 usbccgp - ok
13:37:27.0722 2708 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
13:37:27.0724 2708 usbcir - ok
13:37:27.0762 2708 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
13:37:27.0764 2708 usbehci - ok
13:37:27.0854 2708 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
13:37:27.0859 2708 usbhub - ok
13:37:27.0883 2708 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
13:37:27.0885 2708 usbohci - ok
13:37:27.0919 2708 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
13:37:27.0921 2708 usbprint - ok
13:37:27.0968 2708 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
13:37:27.0970 2708 usbscan - ok
13:37:28.0036 2708 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:37:28.0037 2708 USBSTOR - ok
13:37:28.0062 2708 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
13:37:28.0063 2708 usbuhci - ok
13:37:28.0163 2708 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\system32\Drivers\usbvideo.sys
13:37:28.0166 2708 usbvideo - ok
13:37:28.0239 2708 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
13:37:28.0240 2708 vdrvroot - ok
13:37:28.0279 2708 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:37:28.0281 2708 vga - ok
13:37:28.0307 2708 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:37:28.0308 2708 VgaSave - ok
13:37:28.0330 2708 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
13:37:28.0333 2708 vhdmp - ok
13:37:28.0352 2708 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
13:37:28.0354 2708 viaide - ok
13:37:28.0373 2708 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
13:37:28.0374 2708 volmgr - ok
13:37:28.0396 2708 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
13:37:28.0400 2708 volmgrx - ok
13:37:28.0416 2708 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
13:37:28.0419 2708 volsnap - ok
13:37:28.0444 2708 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
13:37:28.0448 2708 vsmraid - ok
13:37:28.0488 2708 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
13:37:28.0490 2708 vwifibus - ok
13:37:28.0510 2708 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
13:37:28.0512 2708 WacomPen - ok
13:37:28.0532 2708 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:37:28.0534 2708 WANARP - ok
13:37:28.0539 2708 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
13:37:28.0541 2708 Wanarpv6 - ok
13:37:28.0606 2708 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
13:37:28.0608 2708 Wd - ok
13:37:28.0624 2708 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:37:28.0631 2708 Wdf01000 - ok
13:37:28.0681 2708 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:37:28.0682 2708 WfpLwf - ok
13:37:28.0701 2708 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:37:28.0703 2708 WIMMount - ok
13:37:28.0826 2708 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
13:37:28.0828 2708 WinUsb - ok
13:37:28.0854 2708 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
13:37:28.0855 2708 WmiAcpi - ok
13:37:28.0891 2708 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:37:28.0892 2708 ws2ifsl - ok
13:37:28.0922 2708 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
13:37:28.0923 2708 WudfPf - ok
13:37:28.0942 2708 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:37:28.0945 2708 WUDFRd - ok
13:37:28.0993 2708 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:37:29.0009 2708 \Device\Harddisk0\DR0 - ok
13:37:29.0013 2708 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR7
13:37:29.0018 2708 \Device\Harddisk1\DR7 - ok
13:37:29.0022 2708 Boot (0x1200) (ce72ec9aee5497c42f64c6472ac6f3dc) \Device\Harddisk0\DR0\Partition0
13:37:29.0023 2708 \Device\Harddisk0\DR0\Partition0 - ok
13:37:29.0036 2708 Boot (0x1200) (1c1c0f551d0a9daa727eef0bb999d1dc) \Device\Harddisk0\DR0\Partition1
13:37:29.0037 2708 \Device\Harddisk0\DR0\Partition1 - ok
13:37:29.0040 2708 Boot (0x1200) (4744aa455f7ea4d6236531e58b726304) \Device\Harddisk1\DR7\Partition0
13:37:29.0042 2708 \Device\Harddisk1\DR7\Partition0 - ok
13:37:29.0043 2708 ============================================================
13:37:29.0043 2708 Scan finished
13:37:29.0043 2708 ============================================================
13:37:29.0053 1916 Detected object count: 0
13:37:29.0053 1916 Actual detected object count: 0

 

I go to safe mode with command prompt and get "c:\windows\system32" prompt. I typed in what you suggested and I got the error that it was not a recognized command or batch command(I think that was what it said.) I then went back to root and got the same error.
What did I do wrong? I don't have a cd..it is in a partition...
Thanks again...

 

sorry bout that...I had to select "repair my computer" to get there..
I followed your instruction and after typing in the command, I got an explaination of the commands that were available. I had already typed in the "bootrec fixmbr, so I typed in exit and rebooted. here is the log but it still shows problems I think.

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-04 16:19:17
-----------------------------
16:19:17.836 OS Version: Windows x64 6.1.7600
16:19:17.836 Number of processors: 2 586 0x170A
16:19:17.837 ComputerName: DEAN-PC UserName: DEAN
16:19:20.514 Initialize success
16:19:33.546 AVAST engine defs: 11103001
16:19:49.385 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:19:49.388 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
16:19:49.404 Disk 0 MBR read successfully
16:19:49.406 Disk 0 MBR scan
16:19:49.410 Disk 0 MBR:Alureon-I [Rtk]
16:19:49.415 Disk 0 TDL4@MBR code has been found
16:19:49.417 Disk 0 Windows 7 default MBR code found via API
16:19:49.420 Disk 0 MBR hidden
16:19:49.423 Disk 0 MBR [TDL4] **ROOTKIT**
16:19:49.426 Disk 0 trace - called modules:
16:19:49.432 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa8006169254]<<
16:19:49.435 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005fa1060]
16:19:49.439 3 CLASSPNP.SYS[fffff8800188743f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005ed5050]
16:19:49.772 \Driver\iaStor[0xfffffa8005e26060] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> 0xfffffa8006169254
16:19:52.337 AVAST engine scan C:\Windows
16:20:05.804 AVAST engine scan C:\Windows\system32
16:22:02.639 AVAST engine scan C:\Windows\system32\drivers
16:22:16.550 AVAST engine scan C:\Users\CRABTREE
16:29:32.506 AVAST engine scan C:\ProgramData
16:32:23.440 Scan finished successfully
16:33:00.667 Disk 0 MBR has been saved successfully to "C:\Users\CRABTREE\Desktop\MBR.dat "
16:33:00.672 The log file has been saved successfully to "C:\Users\CRABTREE\Desktop\aswMBR.txt "

 

I apologize...here goes:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-05 08:59:50
-----------------------------
08:59:50.748 OS Version: Windows x64 6.1.7600
08:59:50.748 Number of processors: 2 586 0x170A
08:59:50.748 ComputerName: DEAN-PC UserName: DEAN
08:59:52.324 Initialize success
09:00:10.983 AVAST engine defs: 11103001
09:00:14.556 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
09:00:14.556 Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 8
09:00:14.571 Disk 0 MBR read successfully
09:00:14.571 Disk 0 MBR scan
09:00:14.571 Disk 0 Windows 7 default MBR code
09:00:14.587 Service scanning
09:00:17.395 Modules scanning
09:00:17.395 Disk 0 trace - called modules:
09:00:17.426 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
09:00:17.426 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800641c060]
09:00:17.426 3 CLASSPNP.SYS[fffff880013d043f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8005efa050]
09:00:19.017 AVAST engine scan C:\Windows
09:00:23.026 AVAST engine scan C:\Windows\system32
09:01:38.749 AVAST engine scan C:\Windows\system32\drivers
09:01:46.986 AVAST engine scan C:\Users\CRABTREE
09:07:27.066 AVAST engine scan C:\ProgramData
09:10:00.415 Scan finished successfully
09:13:48.955 Disk 0 MBR has been saved successfully to "C:\Users\CRABTREE\Desktop\MBR.dat "
09:13:48.955 The log file has been saved successfully to "C:\Users\CRABTREE\Desktop\aswMBR.txt "

 

ComboFix 11-11-05.03 - DEAN 11/05/2011 16:21:23.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6109.4339 [GMT -5:00]
Running from: c:\users\CRABTREE\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Tarma Installer
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\_Setup.dll
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\20101219140954.log
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\20110125091409.log
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\_Default.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\AxInterop.ImageEnXLibrary_1.9000.0.0_L_75236aeec3d51fd0_MSIL.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\CFToolkit_4.1.0.0_a87e673e9ecb6e8e_MSIL.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\DROPPED_20100101190241.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\DROPPED_20100101190244.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\DROPPED_20100101190312.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\FreeOCR_2.1.0.8_L_075a6c69191ec1db_x86.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\Interop.ImageLibrary_1.9000.0.0_L_8cdfa8b955dbb1c7_MSIL.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Cache\Interop.PDFAX0717_7.17.0.0_L_3d5fa783dbb69c0f_MSIL.tiz
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Setup.dat
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Setup.exe
c:\programdata\Tarma Installer\{108A39BF-4ED1-4293-B11A-06BD521FB8F7}\Setup.ico
c:\users\Gene\Documents\iexplore.exe
c:\users\Gene\Documents\Readiris.DUS
c:\windows\system32\AutoRun.inf
c:\windows\SysWow64\jucheck.exe
c:\windows\SysWow64\jusched.exe
c:\windows\SysWow64\Thumbs.db
.
.
((((((((((((((((((((((((( Files Created from 2011-10-05 to 2011-11-05 )))))))))))))))))))))))))))))))
.
.
2011-11-05 21:30 . 2011-11-05 21:30 -------- d-----w- c:\users\Gene\AppData\Local\temp
2011-10-31 13:37 . 2011-10-31 14:42 -------- d-----w- C:\X-Plane 9
2011-10-26 18:57 . 2011-10-26 18:57 -------- d-----w- C:\symbols
2011-10-26 18:02 . 2011-10-26 18:57 -------- d-----w- c:\program files\Debugging Tools for Windows (x64)
2011-10-26 18:02 . 2011-10-26 18:02 -------- d-----w- c:\program files\Microsoft SDKs
2011-10-19 18:44 . 2011-10-19 18:44 -------- d-----w- c:\users\CRABTREE\AppData\Roaming\AVG2012
2011-10-19 18:42 . 2011-11-05 21:11 -------- d-----w- c:\programdata\AVG2012
2011-10-18 18:11 . 2011-10-18 22:27 -------- d--h--w- c:\users\CRABTREE\AppData\Roaming\Duojf
2011-10-18 18:11 . 2011-10-18 18:18 -------- d--h--w- c:\users\CRABTREE\AppData\Roaming\Tydije
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-18 20:41 . 2011-06-21 15:47 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-10-01 20:06 . 2011-10-01 20:06 285280 ----a-w- c:\windows\system32\drivers\afcdp.sys
2011-10-01 20:06 . 2011-07-15 22:23 1263200 ----a-w- c:\windows\system32\drivers\tdrpm273.sys
2011-10-01 20:06 . 2011-10-01 20:06 970336 ----a-w- c:\windows\system32\drivers\timntr.sys
2011-09-09 19:38 . 2011-09-09 19:38 525544 ----a-w- c:\windows\system32\deployJava1.dll
2011-09-05 13:13 . 2011-09-05 13:13 277088 ----a-w- c:\windows\system32\drivers\snapman.sys
2011-08-19 14:55 . 2011-08-19 14:57 94720 ----a-w- c:\windows\system32\antiwpa.dll
2011-08-11 20:49 . 2011-08-11 20:49 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll
2011-08-11 20:49 . 2011-08-11 20:49 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2011-08-11 20:48 . 2011-08-11 20:48 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2011-08-11 20:48 . 2011-08-11 20:48 539968 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IncrediMail "= "c:\program files (x86)\IncrediMail\bin\IncMail.exe" [2011-09-26 366024]
"ehTray.exe "= "c:\windows\ehome\ehTray.exe" [2009-07-14 163328]
"Sidebar "= "c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"RoboForm "= "c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-10-29 107000]
"swg "= "c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-08-08 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"{0228e555-4f9c-4e35-a3ec-b109a192b4c2} "= "c:\program files (x86)\Google\Gmail Notifier\gnotify.exe" [2005-07-15 479232]
"TrueImageMonitor.exe "= "c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2011-09-23 5550984]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"RoboForm "= "c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2011-10-29 107000]
.
c:\users\CRABTREE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Logitech . Product Registration.lnk - c:\program files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin "= 0 (0x0)
"ConsentPromptBehaviorUser "= 3 (0x3)
"EnableLUA "= 0 (0x0)
"EnableUIADesktopToggle "= 0 (0x0)
"PromptOnSecureDesktop "= 0 (0x0)
"EnableLinkedConnections "= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs "=c:\progra~2\Google\GOBCA7~1\GoogleDesktopNetwork3.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux "=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=" "
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate1c98ebdbdbb100;Google Update Service (gupdate1c98ebdbdbb100);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-09 135664]
R3 dc3d;MS Hardware Device Detection Driver (HID);c:\windows\system32\DRIVERS\dc3d.sys [x]
R3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files (x86)\Google\Google Desktop Search\GoogleDesktop.exe [2010-08-21 30192]
R3 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-09 135664]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-09 135664]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 tvnserver;TightVNC Server;c:\users\CRABTREE\AppData\Local\CrossLoop\tvnserver.exe [2010-07-21 814080]
R3 uvnc_service;uvnc_service;c:\users\CRABTREE\AppData\Local\CrossLoop\winvnc.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2011-09-05 3246040]
S2 CrossLoopService;CrossLoop Service;c:\users\CRABTREE\AppData\Local\CrossLoop\CrossLoopService.exe [2010-08-18 560848]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [x]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y62x64.sys [x]
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI;c:\windows\system32\drivers\IntcHdmi.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2009-06-17 17:11 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-02-06 c:\windows\Tasks\AWC Startup.job
- c:\program files (x86)\IObit\Advanced SystemCare 3\AWC.exe [2009-07-12 22:19]
.
2011-11-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-08-27 20:41]
.
2011-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-09 22:04]
.
2011-11-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-09 22:04]
.
2011-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570443451-2467324081-1727471922-1000Core.job
- c:\users\CRABTREE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 12:39]
.
2011-11-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2570443451-2467324081-1727471922-1000UA.job
- c:\users\CRABTREE\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-02 12:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl "= "c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-20 7981088]
"EvtMgr6 "= "c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-10-28 1680976]
"NvCplDaemon "= "c:\windows\system32\NvCpl.dll" [2008-05-23 15851040]
"NvMediaCenter "= "c:\windows\system32\NvMcTray.dll" [2008-05-23 82464]
"IgfxTray "= "c:\windows\system32\igfxtray.exe" [2011-02-12 162328]
"HotKeysCmds "= "c:\windows\system32\hkcmd.exe" [2011-02-12 386584]
"Persistence "= "c:\windows\system32\igfxpers.exe" [2011-02-12 417304]
"Acronis Scheduler2 Service "= "c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-02 390720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs "=0x0
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.gateway.com/rdr.aspx?b=ACGW&l=0409&m=dx4822&r=173601106206p0365v1j5k4871r25n
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = localhost
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Customize Menu - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Fill Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: RoboForm Toolbar - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: Save Forms - file://c:\program files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.1.254 192.168.1.254
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {AA25A56C-B654-4356-B390-DC3594B75C63} - hxxp://65.15.154.215:81/codebase/HCNetVideoActiveX.cab
FF - ProfilePath - c:\users\CRABTREE\AppData\Roaming\Mozilla\Firefox\Profiles\xzvs5cdp.default\
FF - prefs.js: browser.search.selectedEngine - Dogpile
FF - prefs.js: browser.startup.homepage - hxxp://att.my.yahoo.com/?_bc=1
FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&a=1uwsoPxbpd9&search=
FF - prefs.js: network.proxy.type - 4
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-TaskTray - (no file)
Notify-GoToAssist - (no file)
Toolbar-Locked - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-FloatLED_is1 - c:\program files (x86)\FloatLED\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977 "=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1f,1b,63,ed,c3,54,34,4c,a0,61,08,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81 "=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1f,1b,63,ed,c3,54,34,4c,a0,61,08,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@= "FlashBroker "
"LocalizedString "= "@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe,-101 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled "=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10w_ActiveX.exe "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Shockwave Flash Object "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@= "0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@= "ShockwaveFlash.ShockwaveFlash.10 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "ShockwaveFlash.ShockwaveFlash "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@= "Macromedia Flash Factory Object "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx "
"ThreadingModel "= "Apartment "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@= "FlashFactory.FlashFactory.1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@= "c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10w.ocx, 1 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@= "{D27CDB6B-AE6D-11cf-96B8-444553540000} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@= "FlashFactory.FlashFactory "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@= "IFlashBroker4 "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@= "{00020424-0000-0000-C000-000000000046} "
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@= "{FAB3E735-69C7-453B-A446-B6823C6DF1C9} "
"Version "= "1.0 "
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue "=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution "= "{15727DE6-F92D-4E46-ACB4-0E2C58B31A18} "
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key "= "ActionsPane3 "
"Location "= "c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd "
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0007\4&2e65fa43&0&UID16843008\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0007\4&2e65fa43&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\ACR0007\4&2e65fa43&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\Default_Monitor\4&2e65fa43&0&UID16843008\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\Default_Monitor\4&2e65fa43&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\Default_Monitor\4&2e65fa43&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\DELF003\4&2e65fa43&0&UID16843008\Device Parameters\MODES]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\DELF003\4&2e65fa43&0&UID16843008\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\DELF003\4&2e65fa43&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\DELF003\4&2e65fa43&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\HWP26A2\4&2e65fa43&0&UID16843008\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\HWP26A2\4&2e65fa43&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\HWP26A2\4&2e65fa43&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\SAM016B\4&2e65fa43&0&UID16843008\Properties\{540b947e-8b40-45bc-a8a2-6a0b894cbda2}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\SAM016B\4&2e65fa43&0&UID16843008\Properties\{83da6326-97a6-4088-9453-a1923f573b29}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Enum\DISPLAY\SAM016B\4&2e65fa43&0&UID16843008\Properties\{a8b865dd-2e3d-4094-ad97-e593a70c75d6}]
@DACL=(02 0000)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\IncrediMail\Bin\ImApp.exe
c:\program files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
.
**************************************************************************
.
Completion time: 2011-11-05 16:39:35 - machine was rebooted
ComboFix-quarantined-files.txt 2011-11-05 21:39
.
Pre-Run: 650,206,040,064 bytes free
Post-Run: 652,180,041,728 bytes free
.
- - End Of File - - 2103B0F82B44F0D541BF3C0F66F231B8

 

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 11/05/2011 at 16:47:22.
Operating System: Windows 7 Home Premium


Processes terminated by Rkill or while it was running:

C:\Users\CRABTREE\AppData\Local\CrossLoop\CrossLoopService.exe
C:\Windows\SysWOW64\rundll32.exe


Rkill completed on 11/05/2011 at 16:47:34.

 

FYI, crossloop is a program that is safe and I have used it for years...If it deleted it I can re-install.
Thanks again for your help