1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Computer is Infected with Backdoor.win32.zaccess...please help!!

Discussion in 'Virus & Other Malware Removal' started by rew0811, Dec 2, 2011.

Thread Status:
Not open for further replies.
Advertisement
  1. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    OS version: Microsoft Windows Vista Home Premium, Service Pack 2, 64 bit
    Processor: AMD Phenom (tm) 9150e Quad Core Processor, AMD64 Family 16
    Model 2 Stepping 3
    Processor Count 4
    RAM 3965 Mb
    Graphics Card: NVIDIA GeForce 6150SE nForce 430, 128mb
    Gard Drives: C: Total- 463461 MB, Free- 108039 MB; D: Total - 13476 MB,
    Free - 1842 MB;
    Motherboard: ECS, Nettle 3
    Antivirus: Kaspersky Internet Security, Updated and Enabled

    Hi,

    My computer has recently been infected with the Backdoor.win32.zaccess.aug virus and I am not able to remove it. I tried to manually remove it, but I was unable to do it. I was able to run the Hijack This scan successfully. I was able to download the DDS tool, however I was unable to open it once saved to my desktop. Please assist me in removing this virus from my computer. Thank you!!

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:55:28 AM, on 12/2/2011
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.19154)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\LimeWire\LimeWire.exe
    C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
    C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe
    C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
    C:\Program Files (x86)\FrostWire\FrostWire.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
    C:\Users\camel\Downloads\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {472734EA-242A-422b-ADF8-83D1E48CC825} - (no file)
    F2 - REG:system.ini: UserInit=c:\windows\syswow64\userinit.exe,
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
    O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O2 - BHO: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbisoH.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
    O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
    O3 - Toolbar: isoHunt Toolbar - {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbisoH.dll
    O3 - Toolbar: Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files (x86)\Search Toolbar\SearchToolbar.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    O4 - HKLM\..\Run: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    O4 - HKLM\..\Run: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [ReminderApp] C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe
    O4 - HKLM\..\Run: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
    O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
    O4 - Startup: LimeWire On Startup.lnk = C:\Program Files (x86)\LimeWire\LimeWire.exe
    O4 - Global Startup: Desktop Manager.lnk = C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: ImageMixer 3 SE Camera Monitor Ver.4.lnk = C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = ?
    O4 - Global Startup: PictureMover.lnk = C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
    O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
    O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photos1.walmart.com/WalmartActivia.cab
    O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    O16 - DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} (Enlite 2.x Simulation Engine Installer) - http://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Roxio UPnP Renderer 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
    O23 - Service: Roxio Upnp Server 9 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 9\RoxioUpnpService9.exe
    O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
    O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

    --
    End of file - 19237 bytes
     
  2. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
  3. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    bump...thanks in advance for your reply!
     
  4. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there and sorry for the delay
    my name is Daniel and I will be assisting you with your Malware related problems.

    Before we move on, please read the following points carefully.
    • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
    • Perform everything in the correct order. Sometimes one step requires the previous one.
    • If you have any problems while you are following my instructions, Stop there and tell me the exact nature of your problem.
    • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
    • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
    • If I don't hear from you within 3 days from this initial or any subsequent post, I will have to unsubscribe from this thread and move on to assist someone else.
    • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
    • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.



    Any error messages ?



    Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

    Download TDSSKiller.exe and save it to your desktop
    • Execute TDSSKiller.exe by doubleclicking on it.
    • Press Start Scan
    • If Malicious objects are found, do NOT select Cure. Change the action to Skip, and save the log.
    • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt

    Please post the contents of that log in your next reply.



    Please post in your next reply
    TDSSKiller log
     
  5. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    Hi Daniel...thanks so much for helping me.

    As far as the DDS, I did not receive any error message it just wouldn't open up.

    The virus has completely gone haywire now and it won't let me connect to the internet, so I cannot download the TTDS Killer file. I am connecting to this website through my laptop and I am hoping you can still assist me.
     
  6. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there

    Yes, it kills some related services and drivers which are required for inet access. Drives me crazy sometimes :D


    Can you transfer the tools we need with an USB Stick ?
     
  7. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    Oh yes good idea! Here is the log:

    13:16:41.0397 7752 TDSS rootkit removing tool 2.6.22.0 Dec 7 2011 13:21:06
    13:16:41.0407 7752 ============================================================
    13:16:41.0407 7752 Current date / time: 2011/12/08 13:16:41.0407
    13:16:41.0407 7752 SystemInfo:
    13:16:41.0407 7752
    13:16:41.0408 7752 OS Version: 6.0.6002 ServicePack: 2.0
    13:16:41.0408 7752 Product type: Workstation
    13:16:41.0408 7752 ComputerName: CAMEL-PC
    13:16:41.0408 7752 UserName: camel
    13:16:41.0409 7752 Windows directory: C:\Windows
    13:16:41.0409 7752 System windows directory: C:\Windows
    13:16:41.0409 7752 Running under WOW64
    13:16:41.0409 7752 Processor architecture: Intel x64
    13:16:41.0409 7752 Number of processors: 4
    13:16:41.0409 7752 Page size: 0x1000
    13:16:41.0409 7752 Boot type: Normal boot
    13:16:41.0409 7752 ============================================================
    13:16:44.0520 7752 Initialize success
    13:16:47.0442 7220 ============================================================
    13:16:47.0442 7220 Scan started
    13:16:47.0442 7220 Mode: Manual;
    13:16:47.0442 7220 ============================================================
    13:16:48.0933 7220 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
    13:16:48.0977 7220 ACPI - ok
    13:16:49.0180 7220 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
    13:16:49.0211 7220 adp94xx - ok
    13:16:49.0381 7220 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
    13:16:49.0559 7220 adpahci - ok
    13:16:49.0671 7220 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
    13:16:49.0679 7220 adpu160m - ok
    13:16:49.0816 7220 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
    13:16:49.0869 7220 adpu320 - ok
    13:16:50.0175 7220 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
    13:16:50.0332 7220 AFD - ok
    13:16:50.0463 7220 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
    13:16:50.0469 7220 agp440 - ok
    13:16:50.0509 7220 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
    13:16:50.0516 7220 aic78xx - ok
    13:16:50.0598 7220 aliide (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
    13:16:50.0603 7220 aliide - ok
    13:16:50.0663 7220 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
    13:16:50.0667 7220 amdide - ok
    13:16:50.0781 7220 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
    13:16:50.0786 7220 AmdK8 - ok
    13:16:50.0902 7220 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
    13:16:50.0982 7220 arc - ok
    13:16:51.0071 7220 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
    13:16:51.0116 7220 arcsas - ok
    13:16:51.0202 7220 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
    13:16:51.0227 7220 AsyncMac - ok
    13:16:51.0267 7220 atapi (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
    13:16:51.0269 7220 atapi - ok
    13:16:51.0390 7220 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
    13:16:51.0394 7220 blbdrive - ok
    13:16:51.0442 7220 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
    13:16:51.0445 7220 bowser - ok
    13:16:51.0481 7220 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
    13:16:51.0485 7220 BrFiltLo - ok
    13:16:51.0505 7220 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
    13:16:51.0510 7220 BrFiltUp - ok
    13:16:51.0546 7220 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
    13:16:51.0572 7220 Brserid - ok
    13:16:51.0608 7220 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
    13:16:51.0612 7220 BrSerWdm - ok
    13:16:51.0634 7220 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
    13:16:51.0639 7220 BrUsbMdm - ok
    13:16:51.0657 7220 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
    13:16:51.0661 7220 BrUsbSer - ok
    13:16:51.0696 7220 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
    13:16:51.0716 7220 BTHMODEM - ok
    13:16:51.0740 7220 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
    13:16:51.0745 7220 cdfs - ok
    13:16:51.0786 7220 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
    13:16:51.0791 7220 cdrom - ok
    13:16:51.0817 7220 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
    13:16:51.0823 7220 circlass - ok
    13:16:51.0903 7220 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
    13:16:51.0914 7220 CLFS - ok
    13:16:51.0968 7220 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
    13:16:51.0973 7220 cmdide - ok
    13:16:51.0997 7220 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\drivers\compbatt.sys
    13:16:52.0002 7220 Compbatt - ok
    13:16:52.0026 7220 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
    13:16:52.0029 7220 crcdisk - ok
    13:16:52.0103 7220 DCamUSBEMPIA (b1c55a95006d621d04fe4a23f86c0a54) C:\Windows\system32\DRIVERS\emDevice64.sys
    13:16:52.0113 7220 DCamUSBEMPIA - ok
    13:16:52.0159 7220 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
    13:16:52.0186 7220 DfsC - ok
    13:16:52.0263 7220 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
    13:16:52.0273 7220 disk - ok
    13:16:52.0333 7220 Dot4 (74c02b1717740c3b8039539e23e4b53f) C:\Windows\system32\DRIVERS\Dot4.sys
    13:16:52.0347 7220 Dot4 - ok
    13:16:52.0371 7220 Dot4Print (08321d1860235bf42cf2854234337aea) C:\Windows\system32\DRIVERS\Dot4Prt.sys
    13:16:52.0375 7220 Dot4Print - ok
    13:16:52.0397 7220 dot4usb (4adccf0124f2b6911d3786a5d0e779e5) C:\Windows\system32\DRIVERS\dot4usb.sys
    13:16:52.0401 7220 dot4usb - ok
    13:16:52.0464 7220 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
    13:16:52.0468 7220 drmkaud - ok
    13:16:52.0534 7220 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
    13:16:52.0563 7220 DXGKrnl - ok
    13:16:52.0618 7220 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
    13:16:52.0626 7220 E1G60 - ok
    13:16:52.0708 7220 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
    13:16:52.0720 7220 Ecache - ok
    13:16:52.0887 7220 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
    13:16:52.0935 7220 elxstor - ok
    13:16:52.0991 7220 emAudio (8543bb84cd5872cd1619183f5cbbe3f9) C:\Windows\system32\drivers\emAudio64.sys
    13:16:52.0995 7220 emAudio - ok
    13:16:53.0026 7220 ErrDev (bc3a58e938bb277e46bf4b3003b01abd) C:\Windows\system32\drivers\errdev.sys
    13:16:53.0029 7220 ErrDev - ok
    13:16:53.0118 7220 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
    13:16:53.0124 7220 exfat - ok
    13:16:53.0168 7220 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
    13:16:53.0173 7220 fastfat - ok
    13:16:53.0208 7220 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
    13:16:53.0212 7220 fdc - ok
    13:16:53.0245 7220 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
    13:16:53.0256 7220 FileInfo - ok
    13:16:53.0289 7220 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
    13:16:53.0293 7220 Filetrace - ok
    13:16:53.0340 7220 FiltUSBEMPIA (73fbb50c4d92adc30a9d57a269489a0b) C:\Windows\system32\DRIVERS\emFilter64.sys
    13:16:53.0361 7220 FiltUSBEMPIA - ok
    13:16:53.0386 7220 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    13:16:53.0390 7220 flpydisk - ok
    13:16:53.0426 7220 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
    13:16:53.0432 7220 FltMgr - ok
    13:16:53.0470 7220 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
    13:16:53.0476 7220 fssfltr - ok
    13:16:53.0500 7220 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
    13:16:53.0503 7220 Fs_Rec - ok
    13:16:53.0523 7220 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
    13:16:53.0529 7220 gagp30kx - ok
    13:16:53.0607 7220 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    13:16:53.0619 7220 GEARAspiWDM - ok
    13:16:53.0821 7220 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
    13:16:53.0855 7220 HDAudBus - ok
    13:16:53.0894 7220 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
    13:16:53.0910 7220 HidBth - ok
    13:16:53.0945 7220 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
    13:16:53.0950 7220 HidIr - ok
    13:16:54.0018 7220 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
    13:16:54.0066 7220 HidUsb - ok
    13:16:54.0137 7220 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
    13:16:54.0163 7220 HpCISSs - ok
    13:16:54.0336 7220 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
    13:16:54.0363 7220 HTTP - ok
    13:16:54.0395 7220 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
    13:16:54.0426 7220 i2omp - ok
    13:16:54.0466 7220 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
    13:16:54.0470 7220 i8042prt - ok
    13:16:54.0500 7220 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
    13:16:54.0528 7220 iaStorV - ok
    13:16:54.0594 7220 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
    13:16:54.0599 7220 iirsp - ok
    13:16:54.0756 7220 IntcAzAudAddService (5f885046a7f420989c8366324fd2ef60) C:\Windows\system32\drivers\RTKVHD64.sys
    13:16:54.0790 7220 IntcAzAudAddService - ok
    13:16:54.0821 7220 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
    13:16:54.0826 7220 intelide - ok
    13:16:54.0846 7220 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
    13:16:54.0851 7220 intelppm - ok
    13:16:54.0892 7220 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    13:16:54.0915 7220 IpFilterDriver - ok
    13:16:54.0953 7220 IpInIp - ok
    13:16:55.0008 7220 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
    13:16:55.0014 7220 IPMIDRV - ok
    13:16:55.0054 7220 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
    13:16:55.0061 7220 IPNAT - ok
    13:16:55.0119 7220 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
    13:16:55.0124 7220 IRENUM - ok
    13:16:55.0143 7220 is3srv - ok
    13:16:55.0166 7220 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
    13:16:55.0171 7220 isapnp - ok
    13:16:55.0225 7220 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
    13:16:55.0236 7220 iScsiPrt - ok
    13:16:55.0264 7220 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
    13:16:55.0268 7220 iteatapi - ok
    13:16:55.0298 7220 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
    13:16:55.0304 7220 iteraid - ok
    13:16:55.0327 7220 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
    13:16:55.0331 7220 kbdclass - ok
    13:16:55.0374 7220 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
    13:16:55.0379 7220 kbdhid - ok
    13:16:55.0578 7220 KL1 (e656fe10d6d27794afa08136685a69e8) C:\Windows\system32\DRIVERS\kl1.sys
    13:16:55.0596 7220 KL1 - ok
    13:16:55.0680 7220 kl2 (d865dd8b0448e3f963d68c04c532858f) C:\Windows\system32\DRIVERS\kl2.sys
    13:16:55.0683 7220 kl2 - ok
    13:16:55.0713 7220 KLIF (c7d4f357c482dd37e2b05f34093b7b0c) C:\Windows\system32\DRIVERS\klif.sys
    13:16:55.0731 7220 KLIF - ok
    13:16:55.0801 7220 KLIM6 (89fb5a33d7171b6d84f5eb721d5055e1) C:\Windows\system32\DRIVERS\klim6.sys
    13:16:55.0909 7220 KLIM6 - ok
    13:16:56.0100 7220 klmouflt (9468d07e91ba136d82415f5dfc1fe168) C:\Windows\system32\DRIVERS\klmouflt.sys
    13:16:56.0107 7220 klmouflt - ok
    13:16:56.0312 7220 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
    13:16:56.0332 7220 KSecDD - ok
    13:16:56.0370 7220 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
    13:16:56.0375 7220 ksthunk - ok
    13:16:56.0441 7220 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
    13:16:56.0446 7220 lltdio - ok
    13:16:56.0481 7220 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
    13:16:56.0488 7220 LSI_FC - ok
    13:16:56.0523 7220 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
    13:16:56.0530 7220 LSI_SAS - ok
    13:16:56.0588 7220 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
    13:16:56.0595 7220 LSI_SCSI - ok
    13:16:56.0622 7220 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
    13:16:56.0626 7220 luafv - ok
    13:16:56.0695 7220 MarvinBus (024da28053d57e9e32bee52600576bbb) C:\Windows\system32\DRIVERS\MarvinBus64.sys
    13:16:56.0701 7220 MarvinBus - ok
    13:16:56.0753 7220 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
    13:16:56.0755 7220 MBAMProtector - ok
    13:16:56.0806 7220 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
    13:16:56.0835 7220 megasas - ok
    13:16:56.0869 7220 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
    13:16:56.0888 7220 MegaSR - ok
    13:16:56.0922 7220 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
    13:16:56.0926 7220 Modem - ok
    13:16:56.0946 7220 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
    13:16:56.0951 7220 monitor - ok
    13:16:56.0971 7220 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
    13:16:56.0975 7220 mouclass - ok
    13:16:57.0004 7220 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
    13:16:57.0009 7220 mouhid - ok
    13:16:57.0046 7220 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
    13:16:57.0068 7220 MountMgr - ok
    13:16:57.0146 7220 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
    13:16:57.0153 7220 mpio - ok
    13:16:57.0186 7220 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
    13:16:57.0190 7220 mpsdrv - ok
    13:16:57.0218 7220 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
    13:16:57.0224 7220 Mraid35x - ok
    13:16:57.0268 7220 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
    13:16:57.0274 7220 MRxDAV - ok
    13:16:57.0309 7220 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
    13:16:57.0315 7220 mrxsmb - ok
    13:16:57.0354 7220 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    13:16:57.0364 7220 mrxsmb10 - ok
    13:16:57.0387 7220 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    13:16:57.0392 7220 mrxsmb20 - ok
    13:16:57.0411 7220 msahci (1ac860612b85d8e85ee257d372e39f4d) C:\Windows\system32\drivers\msahci.sys
    13:16:57.0416 7220 msahci - ok
    13:16:57.0437 7220 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
    13:16:57.0444 7220 msdsm - ok
    13:16:57.0475 7220 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
    13:16:57.0478 7220 Msfs - ok
    13:16:57.0499 7220 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
    13:16:57.0501 7220 msisadrv - ok
    13:16:57.0579 7220 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
    13:16:57.0584 7220 MSKSSRV - ok
    13:16:57.0609 7220 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
    13:16:57.0614 7220 MSPCLOCK - ok
    13:16:57.0649 7220 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
    13:16:57.0654 7220 MSPQM - ok
    13:16:57.0702 7220 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
    13:16:57.0711 7220 MsRPC - ok
    13:16:57.0730 7220 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
    13:16:57.0734 7220 mssmbios - ok
    13:16:57.0768 7220 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
    13:16:57.0774 7220 MSTEE - ok
    13:16:57.0803 7220 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
    13:16:57.0806 7220 Mup - ok
    13:16:57.0875 7220 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
    13:16:57.0899 7220 NativeWifiP - ok
    13:16:58.0144 7220 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
    13:16:58.0266 7220 NDIS - ok
    13:16:58.0308 7220 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
    13:16:58.0327 7220 NdisTapi - ok
    13:16:58.0361 7220 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
    13:16:58.0363 7220 Ndisuio - ok
    13:16:58.0433 7220 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
    13:16:58.0441 7220 NdisWan - ok
    13:16:58.0468 7220 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
    13:16:58.0472 7220 NDProxy - ok
    13:16:58.0514 7220 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
    13:16:58.0517 7220 NetBIOS - ok
    13:16:58.0681 7220 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
    13:16:58.0690 7220 netbt - ok
    13:16:58.0890 7220 netr7364 (0e27af88b9c2291d2fde9faaebd2e9a3) C:\Windows\system32\DRIVERS\netr7364.sys
    13:16:58.0926 7220 netr7364 - ok
    13:16:58.0953 7220 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
    13:16:58.0959 7220 nfrd960 - ok
    13:16:59.0005 7220 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
    13:16:59.0007 7220 Npfs - ok
    13:16:59.0032 7220 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
    13:16:59.0036 7220 nsiproxy - ok
    13:16:59.0100 7220 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
    13:16:59.0160 7220 Ntfs - ok
    13:16:59.0179 7220 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
    13:16:59.0181 7220 Null - ok
    13:16:59.0344 7220 NVENETFD (98350606682594521d56eccb5d01ecf7) C:\Windows\system32\DRIVERS\nvmfdx64.sys
    13:16:59.0389 7220 NVENETFD - ok
    13:16:59.0684 7220 nvlddmkm (e57f802ba29010c557b549392f7e3ca1) C:\Windows\system32\DRIVERS\nvlddmkm.sys
    13:16:59.0854 7220 nvlddmkm - ok
    13:17:00.0013 7220 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
    13:17:00.0029 7220 nvraid - ok
    13:17:00.0111 7220 nvrd64 (011db85affd2368348181c552e025d98) C:\Windows\system32\drivers\nvrd64.sys
    13:17:00.0123 7220 nvrd64 - ok
    13:17:00.0162 7220 nvsmu (16d36074b84da72d160233c8d132dc89) C:\Windows\system32\drivers\nvsmu.sys
    13:17:00.0167 7220 nvsmu - ok
    13:17:00.0187 7220 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
    13:17:00.0193 7220 nvstor - ok
    13:17:00.0209 7220 nvstor64 (fa6d13aa972967eb46862d0f0372a65a) C:\Windows\system32\drivers\nvstor64.sys
    13:17:00.0213 7220 nvstor64 - ok
    13:17:00.0247 7220 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
    13:17:00.0254 7220 nv_agp - ok
    13:17:00.0267 7220 NwlnkFlt - ok
    13:17:00.0282 7220 NwlnkFwd - ok
    13:17:00.0331 7220 ohci1394 (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
    13:17:00.0336 7220 ohci1394 - ok
    13:17:00.0399 7220 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
    13:17:00.0413 7220 Parport - ok
    13:17:00.0451 7220 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
    13:17:00.0455 7220 partmgr - ok
    13:17:00.0585 7220 PCD5SRVC{8AAF211B-043E02A9-05040000} (7204f835a4355d1ab2853e57c9ff177c) C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms
    13:17:00.0591 7220 PCD5SRVC{8AAF211B-043E02A9-05040000} - ok
    13:17:00.0627 7220 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
    13:17:00.0633 7220 pci - ok
    13:17:00.0678 7220 pciide (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
    13:17:00.0681 7220 pciide - ok
    13:17:00.0828 7220 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
    13:17:00.0841 7220 pcmcia - ok
    13:17:00.0911 7220 PCTCore (54e013b6d55b81c0aa1ebea80ff42383) C:\Windows\system32\drivers\PCTCore64.sys
    13:17:00.0926 7220 PCTCore - ok
    13:17:01.0005 7220 pctDS (ff43e3b1687e4e2140de6349ea5c7372) C:\Windows\system32\drivers\pctDS64.sys
    13:17:01.0019 7220 pctDS - ok
    13:17:01.0104 7220 pctEFA (60e9a05852af7e9cb11237c00aee4ccf) C:\Windows\system32\drivers\pctEFA64.sys
    13:17:01.0130 7220 pctEFA - ok
    13:17:01.0167 7220 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
    13:17:01.0186 7220 PEAUTH - ok
    13:17:01.0327 7220 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
    13:17:01.0339 7220 PptpMiniport - ok
    13:17:01.0371 7220 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\DRIVERS\processr.sys
    13:17:01.0375 7220 Processor - ok
    13:17:01.0422 7220 Ps2 (1d0a3f565397d08707f3d75b88586645) C:\Windows\system32\DRIVERS\PS2.sys
    13:17:01.0435 7220 Ps2 - ok
    13:17:01.0474 7220 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
    13:17:01.0479 7220 PSched - ok
    13:17:01.0526 7220 PxHlpa64 (a6bf0a9b5a30d743623ca0d3be35df05) C:\Windows\system32\Drivers\PxHlpa64.sys
    13:17:01.0529 7220 PxHlpa64 - ok
    13:17:01.0585 7220 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
    13:17:01.0628 7220 ql2300 - ok
    13:17:01.0661 7220 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
    13:17:01.0674 7220 ql40xx - ok
    13:17:01.0698 7220 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
    13:17:01.0703 7220 QWAVEdrv - ok
    13:17:01.0723 7220 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
    13:17:01.0726 7220 RasAcd - ok
    13:17:01.0765 7220 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
    13:17:01.0770 7220 Rasl2tp - ok
    13:17:01.0837 7220 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
    13:17:01.0854 7220 RasPppoe - ok
    13:17:01.0897 7220 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
    13:17:01.0902 7220 RasSstp - ok
    13:17:01.0973 7220 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
    13:17:01.0989 7220 rdbss - ok
    13:17:02.0007 7220 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
    13:17:02.0010 7220 RDPCDD - ok
    13:17:02.0040 7220 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
    13:17:02.0059 7220 rdpdr - ok
    13:17:02.0072 7220 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
    13:17:02.0075 7220 RDPENCDD - ok
    13:17:02.0135 7220 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
    13:17:02.0148 7220 RDPWD - ok
    13:17:02.0221 7220 RimUsb (5790bca445cc40df8b38c2c48608aac2) C:\Windows\system32\Drivers\RimUsb_AMD64.sys
    13:17:02.0235 7220 RimUsb - ok
    13:17:02.0282 7220 RimVSerPort (c903d49655b4aae46673f0aaa6be0f58) C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
    13:17:02.0285 7220 RimVSerPort - ok
    13:17:02.0300 7220 ROOTMODEM (6a0cf73b019cbc9255e23c9192ec3702) C:\Windows\system32\Drivers\RootMdm.sys
    13:17:02.0303 7220 ROOTMODEM - ok
    13:17:02.0399 7220 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
    13:17:02.0420 7220 rspndr - ok
    13:17:02.0467 7220 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
    13:17:02.0497 7220 sbp2port - ok
    13:17:02.0582 7220 ScanUSBEMPIA (eecbbf7d76300e5558d316983961ffc1) C:\Windows\system32\DRIVERS\emScan64.sys
    13:17:02.0591 7220 ScanUSBEMPIA - ok
    13:17:02.0780 7220 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
    13:17:02.0798 7220 secdrv - ok
    13:17:02.0832 7220 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
    13:17:02.0836 7220 Serenum - ok
    13:17:02.0876 7220 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
    13:17:02.0882 7220 Serial - ok
    13:17:02.0914 7220 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
    13:17:02.0924 7220 sermouse - ok
    13:17:02.0977 7220 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
    13:17:02.0983 7220 sffdisk - ok
    13:17:03.0021 7220 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
    13:17:03.0046 7220 sffp_mmc - ok
    13:17:03.0087 7220 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
    13:17:03.0093 7220 sffp_sd - ok
    13:17:03.0124 7220 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
    13:17:03.0130 7220 sfloppy - ok
    13:17:03.0200 7220 Sftfs (a40abfdcb75f835fdf3ce0cc64e4250d) C:\Windows\system32\DRIVERS\Sftfslh.sys
    13:17:03.0227 7220 Sftfs - ok
    13:17:03.0270 7220 Sftplay (411769ed1cb12d2b44217734347bdb7a) C:\Windows\system32\DRIVERS\Sftplaylh.sys
    13:17:03.0279 7220 Sftplay - ok
    13:17:03.0296 7220 Sftredir (a14d0df34bbb00ea94da16193d0c7957) C:\Windows\system32\DRIVERS\Sftredirlh.sys
    13:17:03.0297 7220 Sftredir - ok
    13:17:03.0376 7220 Sftvol (393b22addd89979eb1c60898f51c3648) C:\Windows\system32\DRIVERS\Sftvollh.sys
    13:17:03.0389 7220 Sftvol - ok
    13:17:03.0429 7220 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
    13:17:03.0434 7220 SiSRaid2 - ok
    13:17:03.0452 7220 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
    13:17:03.0457 7220 SiSRaid4 - ok
    13:17:03.0521 7220 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
    13:17:03.0526 7220 Smb - ok
    13:17:03.0610 7220 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
    13:17:03.0613 7220 spldr - ok
    13:17:03.0723 7220 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
    13:17:03.0750 7220 srv - ok
    13:17:03.0777 7220 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
    13:17:03.0784 7220 srv2 - ok
    13:17:03.0827 7220 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
    13:17:03.0836 7220 srvnet - ok
    13:17:03.0884 7220 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
    13:17:03.0887 7220 swenum - ok
    13:17:03.0911 7220 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
    13:17:03.0916 7220 Symc8xx - ok
    13:17:03.0938 7220 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
    13:17:03.0944 7220 Sym_hi - ok
    13:17:03.0970 7220 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
    13:17:03.0976 7220 Sym_u3 - ok
    13:17:04.0004 7220 szkg5 - ok
    13:17:04.0136 7220 Tcpip (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\drivers\tcpip.sys
    13:17:04.0171 7220 Tcpip - ok
    13:17:04.0220 7220 Tcpip6 (2cc45d932bd193cd4117321d469ad6b2) C:\Windows\system32\DRIVERS\tcpip.sys
    13:17:04.0240 7220 Tcpip6 - ok
    13:17:04.0282 7220 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
    13:17:04.0286 7220 tcpipreg - ok
    13:17:04.0314 7220 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
    13:17:04.0319 7220 TDPIPE - ok
    13:17:04.0351 7220 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
    13:17:04.0356 7220 TDTCP - ok
    13:17:04.0395 7220 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
    13:17:04.0400 7220 tdx - ok
    13:17:04.0452 7220 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
    13:17:04.0456 7220 TermDD - ok
    13:17:04.0514 7220 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
    13:17:04.0519 7220 tssecsrv - ok
    13:17:04.0534 7220 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
    13:17:04.0538 7220 tunmp - ok
    13:17:04.0611 7220 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
    13:17:04.0615 7220 tunnel - ok
    13:17:04.0633 7220 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
    13:17:04.0639 7220 uagp35 - ok
    13:17:04.0683 7220 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
    13:17:04.0693 7220 udfs - ok
    13:17:04.0723 7220 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
    13:17:04.0730 7220 uliagpkx - ok
    13:17:04.0768 7220 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
    13:17:04.0779 7220 uliahci - ok
    13:17:04.0803 7220 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
    13:17:04.0811 7220 UlSata - ok
    13:17:04.0833 7220 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
    13:17:04.0841 7220 ulsata2 - ok
    13:17:04.0855 7220 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
    13:17:04.0859 7220 umbus - ok
    13:17:04.0912 7220 USBAAPL64 (f724b03c3dfaacf08d17d38bf3333583) C:\Windows\system32\Drivers\usbaapl64.sys
    13:17:04.0917 7220 USBAAPL64 - ok
    13:17:04.0950 7220 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
    13:17:04.0958 7220 usbccgp - ok
    13:17:04.0983 7220 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
    13:17:04.0990 7220 usbcir - ok
    13:17:05.0028 7220 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
    13:17:05.0032 7220 usbehci - ok
    13:17:05.0083 7220 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
    13:17:05.0092 7220 usbhub - ok
    13:17:05.0129 7220 usbohci (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
    13:17:05.0133 7220 usbohci - ok
    13:17:05.0151 7220 usbprint (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
    13:17:05.0155 7220 usbprint - ok
    13:17:05.0172 7220 usbscan (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
    13:17:05.0177 7220 usbscan - ok
    13:17:05.0221 7220 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    13:17:05.0224 7220 USBSTOR - ok
    13:17:05.0262 7220 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
    13:17:05.0267 7220 usbuhci - ok
    13:17:05.0327 7220 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
    13:17:05.0332 7220 vga - ok
    13:17:05.0346 7220 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
    13:17:05.0349 7220 VgaSave - ok
    13:17:05.0381 7220 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
    13:17:05.0386 7220 viaide - ok
    13:17:05.0424 7220 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
    13:17:05.0428 7220 volmgr - ok
    13:17:05.0479 7220 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
    13:17:05.0498 7220 volmgrx - ok
    13:17:05.0561 7220 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
    13:17:05.0596 7220 volsnap - ok
    13:17:05.0641 7220 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
    13:17:05.0649 7220 vsmraid - ok
    13:17:05.0714 7220 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
    13:17:05.0719 7220 WacomPen - ok
    13:17:05.0777 7220 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
    13:17:05.0782 7220 Wanarp - ok
    13:17:05.0790 7220 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
    13:17:05.0793 7220 Wanarpv6 - ok
    13:17:05.0832 7220 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
    13:17:05.0838 7220 Wd - ok
    13:17:05.0888 7220 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
    13:17:05.0914 7220 Wdf01000 - ok
    13:17:06.0025 7220 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\drivers\wmiacpi.sys
    13:17:06.0030 7220 WmiAcpi - ok
    13:17:06.0091 7220 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
    13:17:06.0096 7220 WpdUsb - ok
    13:17:06.0115 7220 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
    13:17:06.0118 7220 ws2ifsl - ok
    13:17:06.0166 7220 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
    13:17:06.0171 7220 WUDFRd - ok
    13:17:06.0246 7220 {55662437-DA8C-40c0-AADA-2C816A897A49} (15cc7077d2dc28776cd430ecabbffd66) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
    13:17:06.0250 7220 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok
    13:17:06.0265 7220 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0
    13:17:06.0458 7220 \Device\Harddisk0\DR0 - ok
    13:17:06.0467 7220 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk1\DR6
    13:17:07.0537 7220 \Device\Harddisk1\DR6 - ok
    13:17:07.0544 7220 Boot (0x1200) (be7863dd5504d9c95b3a69dc0353f976) \Device\Harddisk0\DR0\Partition0
    13:17:07.0545 7220 \Device\Harddisk0\DR0\Partition0 - ok
    13:17:07.0550 7220 Boot (0x1200) (144eadad46a48df93733d26d53ed44ef) \Device\Harddisk0\DR0\Partition1
    13:17:07.0551 7220 \Device\Harddisk0\DR0\Partition1 - ok
    13:17:07.0559 7220 Boot (0x1200) (7de6b7d1493cd3a463bdcf26fc9ac195) \Device\Harddisk1\DR6\Partition0
    13:17:07.0560 7220 \Device\Harddisk1\DR6\Partition0 - ok
    13:17:07.0562 7220 ============================================================
    13:17:07.0562 7220 Scan finished
    13:17:07.0562 7220 ============================================================
    13:17:07.0575 7320 Detected object count: 0
    13:17:07.0575 7320 Actual detected object count: 0

    Thank you,
    Rhonda
     
  8. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Good work (y)


    Download ComboFix from one of these locations:

    Link 1
    Link 2


    * IMPORTANT- Save ComboFix.exe to your Desktop

    ====================================================


    Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to this topic How to disable your security applications


    ====================================================


    Double click on combofix.exe & follow the prompts.


    When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

    *Note - if after running ComboFix you see a message similar to 'registry key marked for deletion..' rebooting the machine will resolve that.
     
  9. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    ComboFix 11-12-08.01 - camel 12/08/2011 17:11:03.1.4 - x64
    Microsoft® Windows Vista&#8482; Home Premium 6.0.6002.2.1252.1.1033.18.3965.1412 [GMT -8:00]
    Running from: F:\ComboFix.exe
    AV: Kaspersky Internet Security *Disabled/Outdated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
    FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
    SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
    SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
    SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\program files (x86)\Search Toolbar
    c:\program files (x86)\Search Toolbar\icon.ico
    c:\program files (x86)\Search Toolbar\SearchToolbar.dll
    c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
    c:\program files (x86)\Search Toolbar\SearchToolbarUpdater.exe
    c:\users\camel\AppData\Roaming\.#
    c:\users\camel\AppData\Roaming\Mozilla\Firefox\Profiles\2e7qpr6k.default\searchplugins\bing-zugo.xml
    c:\windows\desktop
    c:\windows\desktop\Cook'n Recipe Organizer.lnk
    c:\windows\system32\consrv.dll
    c:\windows\System64
    .
    .
    ((((((((((((((((((((((((( Files Created from 2011-11-09 to 2011-12-09 )))))))))))))))))))))))))))))))
    .
    .
    2011-12-09 02:13 . 2011-12-09 02:13 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{54FC0CF2-3EAE-4204-BB6E-8DE19C77733F}\offreg.dll
    2011-12-09 02:08 . 2011-12-09 02:08 -------- d-----w- c:\users\Default\AppData\Local\temp
    2011-12-08 10:03 . 2011-11-30 10:21 8822856 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{54FC0CF2-3EAE-4204-BB6E-8DE19C77733F}\mpengine.dll
    2011-12-04 05:26 . 2011-12-04 05:26 677136 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-11-23 21:49 . 2011-12-09 00:59 -------- d-----w- c:\programdata\PC Tools
    2011-11-19 00:45 . 2011-11-19 00:45 -------- d-----w- c:\users\camel\AppData\Roaming\Malwarebytes
    2011-11-19 00:44 . 2011-11-19 00:44 -------- d-----w- c:\programdata\Malwarebytes
    2011-11-19 00:44 . 2011-09-01 01:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-11-19 00:44 . 2011-11-19 00:44 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
    2011-11-19 00:26 . 2011-11-19 00:26 -------- d-----w- c:\program files (x86)\STOPzilla!
    2011-11-19 00:26 . 2011-11-19 00:26 -------- d-----w- c:\program files (x86)\Common Files\iS3
    2011-11-19 00:26 . 2011-12-09 02:18 -------- d-----w- c:\programdata\STOPzilla!
    2011-11-17 05:37 . 2011-11-17 05:37 547880 ----a-r- c:\windows\SysWow64\SZComp5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 482344 ----a-r- c:\windows\SysWow64\SZBase5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 30248 ----a-r- c:\windows\SysWow64\IS3XDat5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 24616 ----a-r- c:\windows\SysWow64\SZIO5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 134184 ----a-r- c:\windows\SysWow64\IS3HTUI5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 740392 ----a-r- c:\windows\SysWow64\IS3Base5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 68648 ----a-r- c:\windows\SysWow64\IS3Hks5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 457768 ----a-r- c:\windows\SysWow64\IS3DBA5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 392232 ----a-r- c:\windows\SysWow64\IS3UI5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 232488 ----a-r- c:\windows\SysWow64\IS3Win325.dll
    2011-11-17 05:37 . 2011-11-17 05:37 105512 ----a-r- c:\windows\SysWow64\IS3Inet5.dll
    2011-11-17 05:37 . 2011-11-17 05:37 101416 ----a-r- c:\windows\SysWow64\IS3Svc5.dll
    2011-11-11 22:11 . 2011-11-11 22:11 -------- d-----w- c:\program files (x86)\Kaspersky Lab
    2011-11-11 22:11 . 2011-12-09 02:19 -------- d-----w- c:\programdata\Kaspersky Lab
    2011-11-10 22:32 . 2011-11-10 22:32 -------- d-----w- c:\programdata\Premium
    2011-11-10 22:32 . 2011-11-10 22:32 -------- d-----w- c:\programdata\InstallMate
    .
    .
    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2011-12-08 10:03 . 2009-10-03 08:15 270720 ------w- c:\windows\system32\MpSigStub.exe
    2011-11-06 21:43 . 2011-03-29 02:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
    2011-09-30 23:25 . 2011-10-12 04:35 1147904 ----a-w- c:\windows\system32\wininet.dll
    2011-09-30 23:21 . 2011-10-12 04:35 56832 ----a-w- c:\windows\system32\licmgr10.dll
    2011-09-30 23:21 . 2011-10-12 04:35 1538560 ----a-w- c:\windows\system32\inetcpl.cpl
    2011-09-30 23:20 . 2011-10-12 04:35 132096 ----a-w- c:\windows\system32\iesysprep.dll
    2011-09-30 23:20 . 2011-10-12 04:35 77312 ----a-w- c:\windows\system32\iesetup.dll
    2011-09-30 23:06 . 2011-10-12 04:35 916480 ----a-w- c:\windows\SysWow64\wininet.dll
    2011-09-30 23:02 . 2011-10-12 04:35 43520 ----a-w- c:\windows\SysWow64\licmgr10.dll
    2011-09-30 23:01 . 2011-10-12 04:35 1469440 ----a-w- c:\windows\SysWow64\inetcpl.cpl
    2011-09-30 23:01 . 2011-10-12 04:35 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
    2011-09-30 23:01 . 2011-10-12 04:35 71680 ----a-w- c:\windows\SysWow64\iesetup.dll
    2011-09-30 22:29 . 2011-10-12 04:35 479232 ----a-w- c:\windows\system32\html.iec
    2011-09-30 22:07 . 2011-10-12 04:35 385024 ----a-w- c:\windows\SysWow64\html.iec
    2011-09-30 21:48 . 2011-10-12 04:35 162816 ----a-w- c:\windows\system32\ieUnatt.exe
    2011-09-30 21:47 . 2011-10-12 04:35 1638912 ----a-w- c:\windows\system32\mshtml.tlb
    2011-09-30 21:29 . 2011-10-12 04:35 133632 ----a-w- c:\windows\SysWow64\ieUnatt.exe
    2011-09-30 21:28 . 2011-10-12 04:35 1638912 ----a-w- c:\windows\SysWow64\mshtml.tlb
    2011-09-26 19:21 . 2011-09-26 19:21 74768 ----a-r- c:\windows\SysWow64\drivers\SZKG64.sys
    2011-09-26 19:21 . 2011-09-26 19:21 74768 ----a-r- c:\windows\SysWow64\drivers\is3srv64.sys
    2011-09-20 21:06 . 2011-11-09 01:33 1426304 ----a-w- c:\windows\system32\drivers\tcpip.sys
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    2008-09-30 00:24 325000 ----a-w- c:\program files (x86)\AskBarDis\bar\bin\askBar.dll
    .
    [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
    2009-07-15 17:09 2224152 ----a-w- c:\program files (x86)\isoHunt\tbisoH.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
    "{3041d03e-fd4b-44e0-b742-2d9b88305f98}"= "c:\program files (x86)\AskBarDis\bar\bin\askBar.dll" [2008-09-30 325000]
    "{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "c:\program files (x86)\isoHunt\tbisoH.dll" [2009-07-15 2224152]
    .
    [HKEY_CLASSES_ROOT\clsid\{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
    [HKEY_CLASSES_ROOT\TypeLib\{4b1c1e16-6b34-430e-b074-5928eca4c150}]
    .
    [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}]
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
    "HPAdvisor"="c:\program files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe" [2008-10-17 972080]
    "swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-07-03 39408]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
    "ISUSPM"="c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2008-10-24 206112]
    "Messenger (Yahoo!)"="c:\program files (x86)\Yahoo!\Messenger\YahooMessenger.exe" [2009-05-27 4351216]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]
    "KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]
    "HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]
    "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
    "UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-14 210216]
    "UpdatePSTShortCut"="c:\program files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2008-09-11 210216]
    "TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-10-18 1152296]
    "CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-10-18 189736]
    "DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
    "ReminderApp"="c:\program files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe" [2006-11-02 156160]
    "BlackBerryAutoUpdate"="c:\program files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe" [2009-11-20 623960]
    "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2009-07-08 236016]
    "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-30 421888]
    "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-01-25 421160]
    "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" [2011-04-25 202296]
    "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-09-01 449608]
    .
    c:\users\camel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    LimeWire On Startup.lnk - c:\program files (x86)\LimeWire\LimeWire.exe [2009-9-30 503808]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    Desktop Manager.lnk - c:\program files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe [2009-11-19 1807704]
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
    ImageMixer 3 SE Camera Monitor Ver.4.lnk - c:\program files (x86)\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe [2009-12-7 253952]
    McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
    PictureMover.lnk - c:\program files (x86)\PictureMover\Bin\PictureMover.exe [2008-9-8 430080]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer2"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
    "DisableMonitoring"=dword:00000001
    .
    2;2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
    R0 is3srv;is3srv;c:\windows\SySWOW64\drivers\is3srv64.sys [2011-09-26 74768]
    R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-20 135664]
    R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-20 135664]
    R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
    R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
    R3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-09-10 25888]
    R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
    R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
    R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
    S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
    S0 szkg5;szkg5;c:\windows\SySWOW64\DRIVERS\szkg64.sys [2011-09-26 74768]
    S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [x]
    S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [x]
    S2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-09-26 27632]
    S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-09-01 366152]
    S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264]
    S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [x]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
    S3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;c:\windows\system32\DRIVERS\netr7364.sys [x]
    S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
    S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
    S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
    S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
    S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496]
    .
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Contents of the 'Scheduled Tasks' folder
    .
    2011-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-20 05:02]
    .
    2011-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-20 05:02]
    .
    2011-12-09 c:\windows\Tasks\PCDRScheduledMaintenance.job
    - c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2008-09-10 16:43]
    .
    2011-12-09 c:\windows\Tasks\User_Feed_Synchronization-{231111FA-70D8-49B4-BD69-FC8220D1E177}.job
    - c:\windows\system32\msfeedssync.exe [2011-10-12 21:29]
    .
    .
    --------- x86-64 -----------
    .
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-12 15853088]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-12 82464]
    "combofix"="c:\combofix\CF3414.3XE" [2008-01-21 363008]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "LoadAppInit_DLLs"=0x0
    .
    ------- Supplementary Scan -------
    .
    uStart Page = about:blank
    uLocal Page = c:\windows\system32\blank.htm
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uInternet Settings,ProxyOverride = *.local
    IE: Add to Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
    IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
    TCP: DhcpNameServer = 192.168.1.254
    CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
    FF - ProfilePath - c:\users\camel\AppData\Roaming\Mozilla\Firefox\Profiles\2e7qpr6k.default\
    FF - prefs.js: browser.startup.homepage - www.yahoo.com
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
    FF - prefs.js: network.proxy.type - 0
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    - - - - ORPHANS REMOVED - - - -
    .
    Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe
    Wow6432Node-HKLM-Run-hpqSRMon - (no file)
    WebBrowser-{A6E4A4EB-D169-4E99-8988-250FCBAFE767} - (no file)
    HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
    HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
    AddRemove-Search Toolbar - c:\program files (x86)\Search Toolbar\SearchToolbarUninstall.exe
    AddRemove-YInstHelper - c:\windows\system32\regsvr32
    .
    .
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{8AAF211B-043E02A9-05040000}]
    "ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC_x64.pkms"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]
    "ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
    @="Shockwave Flash"
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
    @Denied: (A 2) (Everyone)
    @=""
    .
    [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
    @="FlashBroker"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Classes]
    "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
    00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
    @Denied: (A) (Everyone)
    "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
    @Denied: (A) (Everyone)
    .
    [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
    "Key"="ActionsPane3"
    "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files (x86)\Bonjour\mDNSResponder.exe
    c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
    c:\program files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    c:\program files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    c:\program files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
    c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
    .
    **************************************************************************
    .
    Completion time: 2011-12-08 18:42:22 - machine was rebooted
    ComboFix-quarantined-files.txt 2011-12-09 02:42
    .
    Pre-Run: 112,384,471,040 bytes free
    Post-Run: 111,434,911,744 bytes free
    .
    - - End Of File - - 26AD88B1A30CB05A3331ACF613559CBB

    Thank you!
     
  10. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there,

    How is your system behaving now ?
     
  11. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    It seems as if its back to normal! I can connect to the internet and my Kaspersky is saying that there are no threats! I think it's fixed. Do I need to run a scan with my Kaspersky?

    Thank you!
     
  12. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Great :)

    I notice you have Malwarebytes' Anti-Malware installed on your machine. Please launch the program and select the update tab, then click on the check for updates button.

    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select Perform Quick scan, then click Scan.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Be sure that everything is checked, and click Remove Selected.
    • When completed, a log will open in Notepad. Save it to your desktop.

    Note: Malwarebytes' Anti-Malware may require a reboot to complete removals. After a reboot, if required, post that saved log in your next reply.



    Go here to run an online scanner from ESET.
    • Note: You will need to use Internet explorer for this scan
    • Turn off the real time scanner of any existing antivirus program while performing the online scan
    • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
    • When asked, allow the activex control to install
    • Click Start
    • Make sure that the option Remove found threats is unticked, and the option Scan unwanted applications is checked
    • Click Start
    • Wait for the scan to finish
    • Use notepad to open the logfile located at C:\Program Files(x86)\Eset\Eset Online Scanner\log.txt
    • Copy and paste that log in your next reply.



    [​IMG]
    Download DDS and save it to your desktop from here or here or here.
    Disable any script blocker, and then double click dds to run the tool.
    • When done, DDS will open two (2) logs:
      1. DDS.txt
      2. Attach.txt
    • Save both reports to your desktop.
    Please post both in your next reply



    Please post in your next reply
    MBAM Log
    log.txt
    dds.txt
    attach.txt
     
  13. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    Malwarebytes' Anti-Malware 1.51.2.1300
    www.malwarebytes.org
    Database version: 8338
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.19154
    12/8/2011 8:41:47 PM
    mbam-log-2011-12-08 (20-41-47).txt
    Scan type: Quick scan
    Objects scanned: 188579
    Time elapsed: 5 minute(s), 27 second(s)
    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0
    Memory Processes Infected:
    (No malicious items detected)
    Memory Modules Infected:
    (No malicious items detected)
    Registry Keys Infected:
    (No malicious items detected)
    Registry Values Infected:
    (No malicious items detected)
    Registry Data Items Infected:
    (No malicious items detected)
    Folders Infected:
    (No malicious items detected)
    Files Infected:
    (No malicious items detected)



    * I am having a problem running the scan for ESET. I am using the IE browser, but the page is not showing fully so I can't push the scan button. This is the message it left me with the details as to why the page won't open fully.

    Webpage error details
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64; Trident/4.0)
    Timestamp: Fri, 9 Dec 2011 05:41:58 UTC

    Message: Argument not optional
    Line: 49
    Char: 9
    Code: 0
    URI: http://www.eset.eu/eset-online-scanner-run?i_agree=Start


    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 8.0.6001.19154 BrowserJavaVersion: 1.6.0_24
    Run by camel at 21:53:35 on 2011-12-08
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.3965.1290 [GMT -8:00]
    .
    AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
    SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: STOPzilla Anti-Spyware *Disabled/Updated* {B2E69928-50DC-94CA-6A80-AAB054008761}
    FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
    C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
    c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
    C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe
    C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
    C:\Program Files (x86)\LimeWire\LimeWire.exe
    C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\notepad.exe
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
    C:\Windows\SysWOW64\NOTEPAD.EXE
    C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    C:\Windows\System32\svchost.exe -k HPZ12
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
    C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_clipbook.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe
    C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe
    C:\Program Files (x86)\Internet Explorer\IELowutil.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Windows\SysWOW64\cmd.exe
    C:\Windows\SysWOW64\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = about:blank
    mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=bestbuy&pf=cndt
    uInternet Settings,ProxyOverride = *.local
    uURLSearchHooks: H - No File
    mURLSearchHooks: isoHunt Toolbar: {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbisoH.dll
    mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
    BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
    BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
    BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO: isoHunt Toolbar: {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbisoH.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
    BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
    BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
    BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    TB: Microsoft Live Search Toolbar: {1e61ed7c-7cb8-49d6-b9e9-ab4c880c8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
    TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
    TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
    TB: isoHunt Toolbar: {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbisoH.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
    uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
    uRun: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    uRun: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    uRun: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_Plugin.exe -update plugin
    mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
    mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    mRun: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    mRun: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    mRun: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    mRun: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun: [ReminderApp] C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe
    mRun: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
    mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
    mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    StartupFolder: C:\Users\camel\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LIMEWI~1.LNK - C:\Program Files (x86)\LimeWire\LimeWire.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DESKTO~1.LNK - C:\Program Files (x86)\Research In Motion\BlackBerry\DesktopMgr.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\IMAGEM~1.LNK - C:\Program Files (x86)\PIXELA\ImageMixer 3 SE Ver.4\Transfer Utility\CameraMonitor.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\PICTUR~1.LNK - C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
    IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
    IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
    DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll
    DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos1.walmart.com/WalmartActivia.cab
    DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
    DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {B3E32D88-8E7F-468F-B0E2-3A300FD4A82C} - hxxp://myitlab.pearsoned.com/Pegasus/Modules/SIMIntegration/Resources/ax/stub.cab
    DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    TCP: DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{A4E21433-30FF-433A-A2CA-C9295CDF5DB1} : DhcpNameServer = 192.168.1.254
    TCP: Interfaces\{BD058D1D-35C6-4120-9E14-5186FC6DDAFC} : DhcpNameServer = 192.168.1.254
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    BHO-X64: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
    BHO-X64: 0x1 - No File
    BHO-X64: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    BHO-X64: HP Print Enhancer - No File
    BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO-X64: AcroIEHelperStub - No File
    BHO-X64: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
    BHO-X64: AskBar BHO - No File
    BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
    BHO-X64: IEVkbdBHO - No File
    BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    BHO-X64: isoHunt Toolbar: {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbisoH.dll
    BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll
    BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
    BHO-X64: URLRedirectionBHO - No File
    BHO-X64: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
    BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
    BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
    BHO-X64: link filter bho - No File
    BHO-X64: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll
    BHO-X64: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    BHO-X64: HP Smart BHO Class - No File
    TB-X64: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
    TB-X64: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll
    TB-X64: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
    TB-X64: isoHunt Toolbar: {a6e4a4eb-d169-4e99-8988-250fcbafe767} - C:\Program Files (x86)\isoHunt\tbisoH.dll
    TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    EB-X64: {555D4D79-4BD2-4094-A395-CFC534424A05} - No File
    mRun-x64: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    mRun-x64: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE
    mRun-x64: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    mRun-x64: [UpdateP2GoShortCut] "c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    mRun-x64: [UpdatePDIRShortCut] "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
    mRun-x64: [UpdatePSTShortCut] "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
    mRun-x64: [TSMAgent] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
    mRun-x64: [CLMLServer for HP TouchSmart] "c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
    mRun-x64: [DVDAgent] "c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
    mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun-x64: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    mRun-x64: [ReminderApp] C:\Program Files (x86)\Nova Development\Greeting Card Factory Photo Card Maker\ReminderApp.exe
    mRun-x64: [BlackBerryAutoUpdate] C:\Program Files (x86)\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background
    mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
    mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    IE-X64: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\camel\AppData\Roaming\Mozilla\Firefox\Profiles\2e7qpr6k.default\
    FF - prefs.js: browser.startup.homepage - www.yahoo.com
    FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?pc=ZUGO&form=ZGAADF&q=
    FF - prefs.js: network.proxy.type - 0
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    FF - plugin: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
    FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
    FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
    .
    ============= SERVICES / DRIVERS ===============
    .
    R?2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664]
    R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
    R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
    R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
    R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
    R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296]
    R2 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-11-18 366152]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264]
    R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
    R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
    R3 netr7364;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr7364.sys --> C:\Windows\system32\DRIVERS\netr7364.sys [?]
    R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
    R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
    R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
    R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
    S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
    S3 fssfltr;FssFltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
    S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
    S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-19 135664]
    S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-1-15 227232]
    S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
    S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC_x64.pkms [2008-9-9 25888]
    S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
    S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2010-2-4 89920]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== File Associations ===============
    .
    JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
    .
    =============== Created Last 30 ================
    .
    2011-12-09 05:27:19 -------- d-----w- C:\Program Files (x86)\ESET
    2011-12-09 02:17:12 -------- d-----w- C:\$RECYCLE.BIN
    2011-12-09 01:06:16 98816 ----a-w- C:\Windows\sed.exe
    2011-12-09 01:06:16 518144 ----a-w- C:\Windows\SWREG.exe
    2011-12-09 01:06:16 256000 ----a-w- C:\Windows\PEV.exe
    2011-12-09 01:06:16 208896 ----a-w- C:\Windows\MBR.exe
    2011-12-08 10:03:41 8822856 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{54FC0CF2-3EAE-4204-BB6E-8DE19C77733F}\mpengine.dll
    2011-12-04 05:26:41 677136 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
    2011-12-03 12:03:38 -------- d-----w- C:\Users\camel\AppData\Local\{FB1E80AA-2882-474B-8A07-B18745D6027E}
    2011-12-01 23:05:37 -------- d-----w- C:\Users\camel\AppData\Local\{68D2BB9F-28B9-471B-B441-69C179ABA6A6}
    2011-12-01 23:05:16 -------- d-----w- C:\Users\camel\AppData\Local\{C1FF04D6-5FDF-460D-932C-BB9F18D03BC2}
    2011-12-01 11:04:23 -------- d-----w- C:\Users\camel\AppData\Local\{2F866F70-85A7-4709-806D-686750C29739}
    2011-12-01 11:03:50 -------- d-----w- C:\Users\camel\AppData\Local\{164C7FA8-A4F7-49B2-B6A3-6494616A34E6}
    2011-11-30 23:01:39 -------- d-----w- C:\Users\camel\AppData\Local\{595CA00E-BFF7-4A89-B66B-816E5302B250}
    2011-11-30 23:00:55 -------- d-----w- C:\Users\camel\AppData\Local\{C92D3666-481C-436F-9163-BF88E8D8A9AC}
    2011-11-26 20:43:10 -------- d-----w- C:\Users\camel\AppData\Local\{903C0A21-9D05-466E-80FD-181172F242AC}
    2011-11-26 20:42:10 -------- d-----w- C:\Users\camel\AppData\Local\{3598D4B1-DAC3-48A1-891C-1BF0482F643A}
    2011-11-26 13:21:58 -------- d-----w- C:\Users\camel\AppData\Local\{82D57A8B-D86A-494A-9063-09A52007CF66}
    2011-11-26 13:17:21 -------- d-----w- C:\Users\camel\AppData\Local\{C5794F3A-1660-48AC-BFF9-6C24875FB1F3}
    2011-11-25 15:04:21 -------- d-----w- C:\Users\camel\AppData\Local\{2E3965E8-261F-4DFB-97C0-EB1897ED0834}
    2011-11-25 15:03:28 -------- d-----w- C:\Users\camel\AppData\Local\{561AA697-2A7D-4B44-913F-EE11EAFE37D8}
    2011-11-23 21:49:15 -------- d-----w- C:\ProgramData\PC Tools
    2011-11-23 20:31:22 -------- d-----w- C:\Users\camel\AppData\Local\{B920C6DB-538B-403D-AC33-90892625B40F}
    2011-11-23 20:30:56 -------- d-----w- C:\Users\camel\AppData\Local\{9A296D73-2670-4015-91C2-383D7C742DAB}
    2011-11-21 02:16:56 -------- d-----w- C:\Users\camel\AppData\Local\{F187CB11-02B2-4D8D-A3ED-136170897748}
    2011-11-21 02:16:24 -------- d-----w- C:\Users\camel\AppData\Local\{8840BAA1-3A2D-458D-85C3-472004E4986E}
    2011-11-19 04:40:14 -------- d-----w- C:\Users\camel\AppData\Local\{EE543D20-D9A7-439B-95DE-792A369FB03E}
    2011-11-19 04:39:19 -------- d-----w- C:\Users\camel\AppData\Local\{863E3E4A-B3E7-410E-9E48-A60C5431D3AA}
    2011-11-19 00:45:11 -------- d-----w- C:\Users\camel\AppData\Roaming\Malwarebytes
    2011-11-19 00:44:30 -------- d-----w- C:\ProgramData\Malwarebytes
    2011-11-19 00:44:25 25416 ----a-w- C:\Windows\System32\drivers\mbam.sys
    2011-11-19 00:44:24 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    2011-11-19 00:26:25 -------- d-----w- C:\Program Files (x86)\STOPzilla!
    2011-11-19 00:26:24 -------- d-----w- C:\Program Files (x86)\Common Files\iS3
    2011-11-19 00:26:23 -------- d-----w- C:\ProgramData\STOPzilla!
    2011-11-18 16:14:03 -------- d-----w- C:\Users\camel\AppData\Local\{033CA3D5-59CE-4045-A027-E2FB9E3D468F}
    2011-11-18 16:13:24 -------- d-----w- C:\Users\camel\AppData\Local\{74B028B4-3B0C-4E19-AED3-1792C109DA8A}
    2011-11-18 01:13:18 -------- d-----w- C:\Users\camel\AppData\Local\{AF9C9F55-FB61-453B-9A30-061361BF9C3D}
    2011-11-18 01:12:46 -------- d-----w- C:\Users\camel\AppData\Local\{6A8014FC-D082-471E-9B2C-C1C2A06977A5}
    2011-11-17 05:37:38 547880 ----a-r- C:\Windows\SysWow64\SZComp5.dll
    2011-11-17 05:37:38 482344 ----a-r- C:\Windows\SysWow64\SZBase5.dll
    2011-11-17 05:37:38 30248 ----a-r- C:\Windows\SysWow64\IS3XDat5.dll
    2011-11-17 05:37:38 24616 ----a-r- C:\Windows\SysWow64\SZIO5.dll
    2011-11-17 05:37:38 134184 ----a-r- C:\Windows\SysWow64\IS3HTUI5.dll
    2011-11-17 05:37:36 740392 ----a-r- C:\Windows\SysWow64\IS3Base5.dll
    2011-11-17 05:37:36 68648 ----a-r- C:\Windows\SysWow64\IS3Hks5.dll
    2011-11-17 05:37:36 457768 ----a-r- C:\Windows\SysWow64\IS3DBA5.dll
    2011-11-17 05:37:36 392232 ----a-r- C:\Windows\SysWow64\IS3UI5.dll
    2011-11-17 05:37:36 232488 ----a-r- C:\Windows\SysWow64\IS3Win325.dll
    2011-11-17 05:37:36 105512 ----a-r- C:\Windows\SysWow64\IS3Inet5.dll
    2011-11-17 05:37:36 101416 ----a-r- C:\Windows\SysWow64\IS3Svc5.dll
    2011-11-17 03:16:42 -------- d-----w- C:\Users\camel\AppData\Local\{945F7966-2ADE-4533-9439-7DC94745D66F}
    2011-11-17 03:16:09 -------- d-----w- C:\Users\camel\AppData\Local\{6667193F-87CB-41D2-8209-B428DF14AEE0}
    2011-11-16 11:18:59 -------- d-----w- C:\Users\camel\AppData\Local\{30BD6228-B0D2-44BE-A53F-C2B703BF20E6}
    2011-11-16 11:18:18 -------- d-----w- C:\Users\camel\AppData\Local\{BE81DA73-0C00-4ACA-95DA-88442AF741AC}
    2011-11-15 22:02:38 -------- d-----w- C:\Users\camel\AppData\Local\{AB8D043C-D1AD-4483-A1E7-4F6D46BDB4CB}
    2011-11-15 21:59:46 -------- d-----w- C:\Users\camel\AppData\Local\{0EE897CA-0014-4232-8BF1-DF7386094E70}
    2011-11-14 01:29:29 -------- d-----w- C:\Users\camel\AppData\Local\{9D50D735-1677-4664-B6F5-D3EAB92DE0F4}
    2011-11-14 01:28:56 -------- d-----w- C:\Users\camel\AppData\Local\{69FA1A75-09A2-4915-9182-555D2B66AE8A}
    2011-11-12 12:35:06 -------- d-----w- C:\Users\camel\AppData\Local\{88D01427-EFFE-4376-BC87-8474AB673FCB}
    2011-11-12 12:34:39 -------- d-----w- C:\Users\camel\AppData\Local\{BE71162E-470A-43BC-9428-345542259440}
    2011-11-11 22:11:39 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
    2011-11-11 22:11:37 -------- d-----w- C:\ProgramData\Kaspersky Lab
    2011-11-11 19:12:28 -------- d-----w- C:\Users\camel\AppData\Local\{C991E8F8-6A53-4762-BBDE-13F98179D96E}
    2011-11-11 19:12:06 -------- d-----w- C:\Users\camel\AppData\Local\{EE823DE4-2EC3-44E5-BED3-C9988DE08984}
    2011-11-10 22:32:41 -------- d-----w- C:\ProgramData\Premium
    2011-11-10 22:32:40 -------- d-----w- C:\ProgramData\InstallMate
    2011-11-10 02:40:01 -------- d-----w- C:\Users\camel\AppData\Local\{18FA2023-4646-4970-81C3-559192AD342D}
    2011-11-09 14:38:52 -------- d-----w- C:\Users\camel\AppData\Local\{1AADB914-CC35-417C-BE5B-0F005B60E4D3}
    2011-11-09 14:38:19 -------- d-----w- C:\Users\camel\AppData\Local\{59D77F0A-7581-4C42-B2E3-CC4FCC82FA66}
    2011-11-09 14:38:18 -------- d-----w- C:\Users\camel\AppData\Local\{B9AE323C-E8B6-4460-9FDB-F22935D11D08}
    .
    ==================== Find3M ====================
    .
    2011-12-08 10:03:38 270720 ------w- C:\Windows\System32\MpSigStub.exe
    2011-09-30 23:25:35 1147904 ----a-w- C:\Windows\System32\wininet.dll
    2011-09-30 23:21:20 56832 ----a-w- C:\Windows\System32\licmgr10.dll
    2011-09-30 23:21:00 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
    2011-09-30 23:20:40 132096 ----a-w- C:\Windows\System32\iesysprep.dll
    2011-09-30 23:20:39 77312 ----a-w- C:\Windows\System32\iesetup.dll
    2011-09-30 23:06:24 916480 ----a-w- C:\Windows\SysWow64\wininet.dll
    2011-09-30 23:02:06 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
    2011-09-30 23:01:51 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2011-09-30 23:01:34 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2011-09-30 23:01:34 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
    2011-09-30 22:29:23 479232 ----a-w- C:\Windows\System32\html.iec
    2011-09-30 22:07:25 385024 ----a-w- C:\Windows\SysWow64\html.iec
    2011-09-30 21:48:19 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
    2011-09-30 21:47:04 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
    2011-09-30 21:29:54 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2011-09-30 21:28:36 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2011-09-26 19:21:26 74768 ----a-r- C:\Windows\SysWow64\drivers\SZKG64.sys
    2011-09-26 19:21:26 74768 ----a-r- C:\Windows\SysWow64\drivers\is3srv64.sys
    2011-09-20 21:06:18 1426304 ----a-w- C:\Windows\System32\drivers\tcpip.sys
    .
    ============= FINISH: 21:56:09.35 ===============




    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 5/9/2009 9:24:42 AM
    System Uptime: 12/8/2011 6:13:08 PM (3 hours ago)
    .
    Motherboard: ECS | | Nettle3
    Processor: AMD Phenom(tm) 9150e Quad-Core Processor | Socket AM2 | 900/201mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 453 GiB total, 105.263 GiB free.
    D: is FIXED (NTFS) - 13 GiB total, 1.799 GiB free.
    E: is CDROM ()
    G: is Removable
    H: is Removable
    I: is Removable
    J: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP1213: 12/1/2011 3:00:12 AM - Windows Update
    RP1214: 12/1/2011 5:06:02 AM - StopZILLA! Restore Point.
    RP1215: 12/1/2011 4:05:13 PM - StopZILLA! Restore Point.
    RP1216: 12/2/2011 2:00:56 AM - Windows Update
    RP1217: 12/2/2011 3:00:14 AM - Windows Update
    RP1218: 12/2/2011 11:27:14 AM - Windows Update
    RP1219: 12/2/2011 4:30:38 PM - StopZILLA! Restore Point.
    RP1220: 12/3/2011 4:39:07 AM - Windows Update
    RP1221: 12/3/2011 5:58:13 AM - Windows Update
    RP1222: 12/3/2011 8:55:24 PM - Scheduled Checkpoint
    RP1223: 12/4/2011 3:00:12 AM - Windows Update
    RP1224: 12/5/2011 12:00:09 AM - Scheduled Checkpoint
    RP1225: 12/5/2011 3:00:12 AM - Windows Update
    RP1226: 12/6/2011 12:00:11 AM - Scheduled Checkpoint
    RP1227: 12/6/2011 1:51:05 AM - Windows Update
    RP1228: 12/6/2011 3:00:12 AM - Windows Update
    RP1229: 12/6/2011 9:13:51 PM - Scheduled Checkpoint
    RP1230: 12/7/2011 3:00:12 AM - Windows Update
    RP1231: 12/8/2011 12:00:13 AM - Scheduled Checkpoint
    RP1232: 12/8/2011 1:35:40 AM - Windows Update
    RP1233: 12/8/2011 2:02:51 AM - Windows Update
    RP1234: 12/8/2011 3:00:11 AM - Windows Update
    RP1235: 12/8/2011 7:26:19 PM - Scheduled Checkpoint
    .
    ==== Installed Programs ======================
    .
    4500_Help
    Acrobat.com
    ActiveCheck component for HP Active Support Library
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.6
    Apple Application Support
    Apple Software Update
    Ask Toolbar
    BitTorrent
    BlackBerry Desktop Software 5.0.1
    BlackBerry® Media Sync
    BPD_HPSU
    bpd_scan
    BPDSoftware
    BPDSoftware_Ini
    BufferChm
    CANON iMAGE GATEWAY Task for ZoomBrowser EX
    Canon Internet Library for ZoomBrowser EX
    Canon Utilities CameraWindow
    Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
    Canon Utilities MyCamera
    Canon Utilities RemoteCapture Task for ZoomBrowser EX
    Canon Utilities ZoomBrowser EX
    Canon ZoomBrowser EX Memory Card Utility
    Compatibility Pack for the 2007 Office system
    Cook'n Recipe Organizer
    CopyTrans Suite Remove Only
    Coupon Printer for Windows
    CustomerResearchQFolder
    CyberLink DVD Suite Deluxe
    D3DX10
    Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Destination Component
    DeviceDiscovery
    DeviceManagementQFolder
    DocMgr
    DocProc
    DocProcQFolder
    Dominoes Stars
    Enhanced Multimedia Keyboard Solution
    ESET Online Scanner v3
    eSupportQFolder
    Fax
    FrostWire 4.21.1
    Full Tilt Poker
    Google Chrome
    Google Earth
    Google Toolbar for Internet Explorer
    Google Update Helper
    GPBaseService
    Graboid Video 1.71
    Greeting Card Factory Photo Card Maker
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP Active Support Library
    HP Customer Experience Enhancements
    HP Demo
    HP MediaSmart DVD
    HP MediaSmart Music/Photo/Video
    HP Photosmart Essential 2.5
    HP Picasso Media Center Add-In
    HP Recovery Manager RSS
    HP Total Care Advisor
    HP Total Care Setup
    HP Update
    HPAsset component for HP Active Support Library
    HPProductAssistant
    HPSSupply
    ImageMixer 3 SE Ver.4 Transfer Utility
    ImageMixer 3 SE Ver.4 Video Tools
    isoHunt Toolbar
    J4500
    Java Auto Updater
    Java(TM) 6 Update 24
    Java(TM) 6 Update 7
    Junk Mail filter update
    Juno Preloader
    Kaspersky Internet Security 2012
    KODAK Gallery Upload Software
    LabelPrint
    LightScribe System Software 1.14.25.1
    LightScribe Template Labeler
    LimeWire 5.3.6
    Malwarebytes' Anti-Malware version 1.51.2.1300
    MarketResearch
    McAfee Security Scan Plus
    Mesh Runtime
    Messenger Companion
    Microsoft Live Search Toolbar
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Home and Business 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Works
    Minute Menu Kids
    Mozilla Firefox 8.0 (x86 en-US)
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Music Transfer Utility Ver.1
    muvee Reveal
    My HP Games
    NetZero For Riverdeep
    NetZero Preloader
    PictureMover
    Pinnacle Studio 12
    PokerStars
    Power2Go
    PowerDirector
    ProductContext
    PSSWCORE
    Python 2.5.2
    QuickTime
    Realtek High Definition Audio Driver
    Roxio Media Manager
    Safari
    Scan
    Search Toolbar
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft Excel 2010 (KB2553070)
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    Segoe UI
    SmartWebPrinting
    SolutionCenter
    SPORE Creature Creator Trial Edition
    Status
    STOPzilla
    Toolbox
    TrayApp
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft Office 2010 (KB2494150)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
    Update for Microsoft Outlook Social Connector (KB2583935)
    VideoToolkit01
    VLC media player 1.0.1
    WebReg
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Yahoo! Install Manager
    Yahoo! Messenger
    Yahoo! Software Update
    Yahoo! Toolbar
    .
    ==== Event Viewer Messages From Past Week ========
    .
    12/8/2011 6:29:19 PM, Error: Service Control Manager [7034] - The STOPzilla Service service terminated unexpectedly. It has done this 1 time(s).
    12/8/2011 6:21:41 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    12/8/2011 6:20:22 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: A device attached to the system is not functioning.
    12/8/2011 6:18:54 PM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: A device attached to the system is not functioning.
    12/8/2011 6:16:08 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Beep is3srv
    12/8/2011 6:16:08 PM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
    12/8/2011 6:16:07 PM, Error: Service Control Manager [7022] - The Client Virtualization Handler service hung on starting.
    12/8/2011 6:15:08 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Roxio Hard Drive Watcher 9 service to connect.
    12/8/2011 6:09:38 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
    12/8/2011 6:06:36 PM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    12/8/2011 4:59:41 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 2 time(s).
    12/8/2011 4:58:42 PM, Error: Service Control Manager [7034] - The PC Tools Security Service service terminated unexpectedly. It has done this 1 time(s).
    12/8/2011 2:03:26 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s).
    12/8/2011 2:03:26 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s).
    12/8/2011 1:37:46 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.117.614.0).
    12/6/2011 6:02:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
    12/6/2011 6:02:11 PM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/6/2011 6:02:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
    12/6/2011 5:54:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: is3srv
    12/6/2011 5:53:25 PM, Error: Service Control Manager [7024] - The Bonjour Service service terminated with service-specific error 10107 (0x277B).
    12/6/2011 5:53:25 PM, Error: Service Control Manager [7001] - The Windows Firewall service depends on the Windows Firewall Authorization Driver service which failed to start because of the following error: Cannot create a file when that file already exists.
    12/6/2011 5:53:25 PM, Error: Service Control Manager [7000] - The Windows Firewall Authorization Driver service failed to start due to the following error: Cannot create a file when that file already exists.
    12/3/2011 7:21:18 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
    12/3/2011 5:30:04 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {657C7A59-4FEC-4C06-A354-607B1EB184FB}. The error: "5" Happened while starting this command: "C:\Program Files (x86)\HP\Digital Imaging\Product Assistant\bin\hprblog.exe" -Embedding
    12/3/2011 5:29:51 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {6295DF2D-35EE-11D1-8707-00C04FD93327} as /. The error: "5" Happened while starting this command: C:\Windows\System32\mobsync.exe -Embedding
    12/3/2011 5:26:40 PM, Error: Microsoft-Windows-DistributedCOM [10000] - Unable to start a DCOM Server: {FFF2D28F-E4EE-44D9-8104-8E71556757F6}. The error: "5" Happened while starting this command: "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe" -Embedding
    12/3/2011 4:28:17 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
    12/3/2011 4:28:17 AM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/3/2011 4:24:46 AM, Error: Service Control Manager [7000] - The HP Health Check Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    12/3/2011 4:24:41 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Health Check Service service to connect.
    12/3/2011 4:22:00 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WSearch service.
    12/3/2011 4:16:00 AM, Error: EventLog [6008] - The previous system shutdown at 4:14:00 AM on 12/3/2011 was unexpected.
    12/3/2011 3:58:50 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the PlugPlay service.
    12/3/2011 3:53:15 AM, Error: EventLog [6008] - The previous system shutdown at 12:30:58 AM on 12/3/2011 was unexpected.
    12/3/2011 11:08:42 AM, Error: EventLog [6008] - The previous system shutdown at 11:06:22 AM on 12/3/2011 was unexpected.
    12/2/2011 2:06:52 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0xc8000408: Definition Update for Windows Defender - KB915597 (Definition 1.117.154.0).
    12/2/2011 11:30:49 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.117.154.0).
    12/1/2011 12:26:37 AM, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
    12/1/2011 12:13:28 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
    12/1/2011 12:13:28 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
    12/1/2011 12:03:11 PM, Error: EventLog [6008] - The previous system shutdown at 11:41:06 AM on 12/1/2011 was unexpected.
    .
    ==== End Of File ===========================

    Thank you (I hope I did everything right!)
     
  14. Larusso

    Larusso

    Joined:
    Aug 9, 2011
    Messages:
    808
    Hy there,

    try to run ESET with Firefox. It will prompt you to download esetsmartinstaller_enu.exe.
    Disable all other Security Software and start the file with Rightclick --> "Run as Admin"

    ESET should start now. Please follow my instructions above :)
     
  15. rew0811

    rew0811 Thread Starter

    Joined:
    Dec 2, 2011
    Messages:
    24
    [email protected] as CAB hook log:
    OnlineScanner64.ocx - registred OK
    OnlineScanner.ocx - registred OK
    [email protected] as downloader log:
    all ok
    # version=7
    # OnlineScannerApp.exe=1.0.0.1
    # OnlineScanner.ocx=1.0.0.6583
    # api_version=3.0.2
    # EOSSerial=3ac1bb6666aec24a921e2e2aafdc381b
    # end=finished
    # remove_checked=false
    # archives_checked=false
    # unwanted_checked=true
    # unsafe_checked=false
    # antistealth_checked=true
    # utc_time=2011-12-09 08:00:13
    # local_time=2011-12-09 12:00:13 (-0800, Pacific Standard Time)
    # country="United States"
    # lang=1033
    # osver=6.0.6002 NT Service Pack 2
    # compatibility_mode=1280 16777215 100 0 2317972 2317972 0 0
    # compatibility_mode=5892 16776638 100 56 0 160048977 0 0
    # compatibility_mode=8192 67108863 100 0 0 0 0 0
    # scanned=319308
    # found=1
    # cleaned=0
    # scan_time=10541
    C:\Qoobox\Quarantine\C\Program Files (x86)\Search Toolbar\SearchToolbar.dll.vir Win32/Toolbar.Zugo application (unable to clean) 00000000000000000000000000000000 I


    Thank you,
    Rhonda
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1029412

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice