anthonyq

Hi MrCharlie, everythings seems to be still working as it should. The reason why Photoshop was opening on start up and trying to open a file, was because there was a INI file in the Start Up folder, which I have now deleted, Once again thank you very much for sorting out my problems. MrT

Will do, thank you for your help so far. Regards T

MrC Seeing as you say it looks O.K. Shall I run the laptop for a while to see how it goes then report back

TDSSKiller Scan as requested. 18:20:05.0730 3332 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04 18:20:06.0665 3332 ============================================================ 18:20:06.0665 3332 Current date / time: 2012/01/19 18:20:06.0664 18:20:06.0665 3332 SystemInfo: 18:20:06.0665 3332 18:20:06.0665 3332 OS Version: 6.0.6002 ServicePack: 2.0 18:20:06.0665 3332 Product type: Workstation 18:20:06.0665 3332 ComputerName: TOSHLAPTOP 18:20:06.0666 3332 UserName: Tony 18:20:06.0666 3332 Windows directory: C:\Windows 18:20:06.0666 3332 System windows directory: C:\Windows 18:20:06.0666 3332 Processor architecture: Intel x86 18:20:06.0666 3332 Number of processors: 2 18:20:06.0666 3332 Page size: 0x1000 18:20:06.0666 3332 Boot type: Normal boot 18:20:06.0666 3332 ============================================================ 18:20:09.0491 3332 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 18:20:09.0551 3332 Initialize success 18:20:30.0928 4520 ============================================================ 18:20:30.0928 4520 Scan started 18:20:30.0928 4520 Mode: Manual; SigCheck; TDLFS; 18:20:30.0928 4520 ============================================================ 18:20:32.0195 4520 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 18:20:32.0526 4520 ACPI - ok 18:20:32.0773 4520 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 18:20:32.0870 4520 adp94xx - ok 18:20:33.0070 4520 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 18:20:33.0118 4520 adpahci - ok 18:20:33.0157 4520 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 18:20:33.0200 4520 adpu160m - ok 18:20:33.0231 4520 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 18:20:33.0267 4520 adpu320 - ok 18:20:33.0509 4520 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 18:20:33.0679 4520 AFD - ok 18:20:33.0971 4520 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys 18:20:34.0466 4520 AgereSoftModem - ok 18:20:34.0625 4520 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 18:20:34.0656 4520 agp440 - ok 18:20:34.0706 4520 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 18:20:34.0738 4520 aic78xx - ok 18:20:34.0769 4520 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 18:20:34.0808 4520 aliide - ok 18:20:34.0842 4520 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 18:20:34.0879 4520 amdagp - ok 18:20:35.0042 4520 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 18:20:35.0080 4520 amdide - ok 18:20:35.0105 4520 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 18:20:35.0409 4520 AmdK7 - ok 18:20:35.0573 4520 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 18:20:35.0704 4520 AmdK8 - ok 18:20:35.0745 4520 Apowersoft_AudioDevice (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys 18:20:35.0855 4520 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - warning 18:20:35.0855 4520 Apowersoft_AudioDevice - detected UnsignedFile.Multi.Generic (1) 18:20:36.0022 4520 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 18:20:36.0063 4520 arc - ok 18:20:36.0089 4520 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 18:20:36.0128 4520 arcsas - ok 18:20:36.0183 4520 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 18:20:36.0390 4520 AsyncMac - ok 18:20:36.0542 4520 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 18:20:36.0575 4520 atapi - ok 18:20:36.0637 4520 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 18:20:36.0724 4520 Beep - ok 18:20:36.0747 4520 blbdrive - ok 18:20:36.0814 4520 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 18:20:36.0983 4520 bowser - ok 18:20:37.0037 4520 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 18:20:37.0153 4520 BrFiltLo - ok 18:20:37.0333 4520 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 18:20:37.0407 4520 BrFiltUp - ok 18:20:37.0449 4520 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 18:20:37.0557 4520 Brserid - ok 18:20:37.0709 4520 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 18:20:37.0832 4520 BrSerWdm - ok 18:20:37.0869 4520 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 18:20:37.0950 4520 BrUsbMdm - ok 18:20:37.0982 4520 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 18:20:38.0077 4520 BrUsbSer - ok 18:20:38.0230 4520 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 18:20:38.0335 4520 BTHMODEM - ok 18:20:38.0343 4520 catchme - ok 18:20:38.0393 4520 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 18:20:38.0451 4520 cdfs - ok 18:20:38.0602 4520 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 18:20:38.0665 4520 cdrom - ok 18:20:38.0717 4520 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys 18:20:38.0911 4520 cfwids - ok 18:20:39.0076 4520 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 18:20:39.0174 4520 circlass - ok 18:20:39.0217 4520 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 18:20:39.0268 4520 CLFS - ok 18:20:39.0336 4520 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 18:20:39.0431 4520 CmBatt - ok 18:20:39.0582 4520 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 18:20:39.0619 4520 cmdide - ok 18:20:39.0662 4520 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 18:20:39.0698 4520 Compbatt - ok 18:20:39.0717 4520 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 18:20:39.0753 4520 crcdisk - ok 18:20:39.0775 4520 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 18:20:39.0860 4520 Crusoe - ok 18:20:40.0040 4520 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 18:20:40.0115 4520 DfsC - ok 18:20:40.0150 4520 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 18:20:40.0182 4520 disk - ok 18:20:40.0258 4520 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 18:20:40.0356 4520 drmkaud - ok 18:20:40.0525 4520 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 18:20:40.0766 4520 DXGKrnl - ok 18:20:40.0916 4520 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys 18:20:41.0002 4520 E100B - ok 18:20:41.0059 4520 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 18:20:41.0195 4520 E1G60 - ok 18:20:41.0376 4520 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 18:20:41.0425 4520 Ecache - ok 18:20:41.0496 4520 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 18:20:41.0547 4520 elxstor - ok 18:20:41.0681 4520 EraserUtilRebootDrv - ok 18:20:41.0874 4520 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 18:20:41.0977 4520 exfat - ok 18:20:42.0025 4520 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 18:20:42.0108 4520 fastfat - ok 18:20:42.0270 4520 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 18:20:42.0391 4520 fdc - ok 18:20:42.0466 4520 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 18:20:42.0503 4520 FileInfo - ok 18:20:42.0662 4520 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 18:20:42.0746 4520 Filetrace - ok 18:20:42.0781 4520 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 18:20:42.0901 4520 flpydisk - ok 18:20:42.0951 4520 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 18:20:42.0996 4520 FltMgr - ok 18:20:43.0145 4520 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS 18:20:43.0308 4520 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 18:20:43.0308 4520 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 18:20:43.0408 4520 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 18:20:43.0492 4520 Fs_Rec - ok 18:20:43.0642 4520 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys 18:20:43.0814 4520 FwLnk - ok 18:20:43.0845 4520 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 18:20:43.0881 4520 gagp30kx - ok 18:20:43.0934 4520 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys 18:20:43.0990 4520 grmnusb - ok 18:20:44.0187 4520 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 18:20:44.0321 4520 HdAudAddService - ok 18:20:44.0385 4520 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 18:20:44.0489 4520 HDAudBus - ok 18:20:44.0643 4520 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 18:20:44.0767 4520 HidBth - ok 18:20:44.0794 4520 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 18:20:44.0922 4520 HidIr - ok 18:20:45.0090 4520 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 18:20:45.0166 4520 HidUsb - ok 18:20:45.0232 4520 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 18:20:45.0269 4520 HpCISSs - ok 18:20:45.0361 4520 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 18:20:45.0510 4520 HTTP - ok 18:20:45.0665 4520 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 18:20:45.0701 4520 i2omp - ok 18:20:45.0751 4520 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 18:20:45.0832 4520 i8042prt - ok 18:20:45.0875 4520 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 18:20:45.0921 4520 iaStorV - ok 18:20:46.0090 4520 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 18:20:46.0131 4520 iirsp - ok 18:20:46.0249 4520 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys 18:20:46.0667 4520 IntcAzAudAddService - ok 18:20:46.0832 4520 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 18:20:46.0859 4520 intelide - ok 18:20:46.0905 4520 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 18:20:46.0976 4520 intelppm - ok 18:20:47.0023 4520 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:20:47.0105 4520 IpFilterDriver - ok 18:20:47.0253 4520 IpInIp - ok 18:20:47.0298 4520 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 18:20:47.0425 4520 IPMIDRV - ok 18:20:47.0474 4520 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 18:20:47.0563 4520 IPNAT - ok 18:20:47.0720 4520 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 18:20:47.0805 4520 IRENUM - ok 18:20:47.0873 4520 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 18:20:47.0912 4520 isapnp - ok 18:20:48.0083 4520 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 18:20:48.0133 4520 iScsiPrt - ok 18:20:48.0203 4520 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 18:20:48.0243 4520 iteatapi - ok 18:20:48.0263 4520 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 18:20:48.0302 4520 iteraid - ok 18:20:48.0354 4520 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 18:20:48.0390 4520 kbdclass - ok 18:20:48.0542 4520 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 18:20:48.0645 4520 kbdhid - ok 18:20:48.0694 4520 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys 18:20:48.0809 4520 KMWDFILTER - ok 18:20:48.0852 4520 KR10I (1e0d65f7ffeb4e99b2eec1ccb5754cc8) C:\Windows\system32\drivers\kr10i.sys 18:20:48.0995 4520 KR10I - ok 18:20:49.0148 4520 KR10N (0f9e83709cbb60b1549f3a65d0ab6e4f) C:\Windows\system32\drivers\kr10n.sys 18:20:49.0285 4520 KR10N - ok 18:20:49.0348 4520 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 18:20:49.0597 4520 KSecDD - ok 18:20:49.0783 4520 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 18:20:49.0869 4520 lltdio - ok 18:20:49.0929 4520 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 18:20:49.0968 4520 LSI_FC - ok 18:20:49.0991 4520 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 18:20:50.0034 4520 LSI_SAS - ok 18:20:50.0199 4520 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 18:20:50.0239 4520 LSI_SCSI - ok 18:20:50.0300 4520 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 18:20:50.0393 4520 luafv - ok 18:20:50.0471 4520 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 18:20:50.0508 4520 megasas - ok 18:20:50.0676 4520 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys 18:20:50.0830 4520 mfeapfk - ok 18:20:50.0907 4520 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys 18:20:51.0081 4520 mfeavfk - ok 18:20:51.0232 4520 mfeavfk01 - ok 18:20:51.0306 4520 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys 18:20:51.0451 4520 mfebopk - ok 18:20:51.0504 4520 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys 18:20:51.0636 4520 mfefirek - ok 18:20:51.0812 4520 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys 18:20:52.0066 4520 mfehidk - ok 18:20:52.0218 4520 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys 18:20:52.0390 4520 mfenlfk - ok 18:20:52.0466 4520 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys 18:20:52.0603 4520 mferkdet - ok 18:20:52.0760 4520 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys 18:20:52.0916 4520 mferkdk - ok 18:20:52.0964 4520 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys 18:20:53.0097 4520 mfesmfk - ok 18:20:53.0278 4520 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys 18:20:53.0369 4520 mfewfpk - ok 18:20:53.0424 4520 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 18:20:53.0491 4520 Modem - ok 18:20:53.0546 4520 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 18:20:53.0610 4520 monitor - ok 18:20:53.0761 4520 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 18:20:53.0789 4520 mouclass - ok 18:20:53.0830 4520 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys 18:20:53.0925 4520 moufiltr ( UnsignedFile.Multi.Generic ) - warning 18:20:53.0925 4520 moufiltr - detected UnsignedFile.Multi.Generic (1) 18:20:53.0973 4520 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 18:20:54.0077 4520 mouhid - ok 18:20:54.0233 4520 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 18:20:54.0269 4520 MountMgr - ok 18:20:54.0313 4520 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 18:20:54.0351 4520 mpio - ok 18:20:54.0408 4520 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 18:20:54.0477 4520 mpsdrv - ok 18:20:54.0649 4520 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 18:20:54.0689 4520 Mraid35x - ok 18:20:54.0740 4520 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 18:20:54.0834 4520 MRxDAV - ok 18:20:54.0892 4520 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 18:20:55.0206 4520 mrxsmb - ok 18:20:55.0328 4520 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:20:55.0681 4520 mrxsmb10 - ok 18:20:55.0736 4520 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:20:56.0001 4520 mrxsmb20 - ok 18:20:56.0116 4520 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 18:20:56.0141 4520 msahci - ok 18:20:56.0183 4520 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 18:20:56.0211 4520 msdsm - ok 18:20:56.0269 4520 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 18:20:56.0332 4520 Msfs - ok 18:20:56.0453 4520 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 18:20:56.0479 4520 msisadrv - ok 18:20:56.0547 4520 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 18:20:56.0600 4520 MSKSSRV - ok 18:20:56.0622 4520 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 18:20:56.0693 4520 MSPCLOCK - ok 18:20:56.0803 4520 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 18:20:56.0854 4520 MSPQM - ok 18:20:56.0925 4520 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 18:20:56.0961 4520 MsRPC - ok 18:20:57.0027 4520 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 18:20:57.0054 4520 mssmbios - ok 18:20:57.0082 4520 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 18:20:57.0172 4520 MSTEE - ok 18:20:57.0280 4520 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 18:20:57.0321 4520 Mup - ok 18:20:57.0406 4520 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 18:20:57.0477 4520 NativeWifiP - ok 18:20:57.0543 4520 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 18:20:57.0648 4520 NDIS - ok 18:20:57.0777 4520 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 18:20:57.0854 4520 NdisTapi - ok 18:20:57.0926 4520 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 18:20:57.0998 4520 Ndisuio - ok 18:20:58.0050 4520 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 18:20:58.0114 4520 NdisWan - ok 18:20:58.0237 4520 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 18:20:58.0290 4520 NDProxy - ok 18:20:58.0341 4520 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 18:20:58.0396 4520 NetBIOS - ok 18:20:58.0436 4520 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 18:20:58.0491 4520 netbt - ok 18:20:58.0710 4520 NETw3v32 (acc6170d80c69e50145b370023b64ed3) C:\Windows\system32\DRIVERS\NETw3v32.sys 18:20:58.0987 4520 NETw3v32 - ok 18:20:59.0238 4520 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys 18:20:59.0748 4520 NETw4v32 - ok 18:21:00.0058 4520 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys 18:21:00.0844 4520 NETw5v32 - ok 18:21:01.0015 4520 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 18:21:01.0057 4520 nfrd960 - ok 18:21:01.0144 4520 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys 18:21:01.0385 4520 NPF - ok 18:21:01.0581 4520 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 18:21:01.0615 4520 Npfs - ok 18:21:01.0667 4520 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 18:21:01.0726 4520 nsiproxy - ok 18:21:01.0806 4520 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 18:21:01.0887 4520 Ntfs - ok 18:21:02.0055 4520 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 18:21:02.0170 4520 ntrigdigi - ok 18:21:02.0253 4520 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 18:21:02.0325 4520 Null - ok 18:21:02.0652 4520 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:21:03.0455 4520 nvlddmkm - ok 18:21:03.0624 4520 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 18:21:03.0685 4520 nvraid - ok 18:21:03.0718 4520 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 18:21:03.0759 4520 nvstor - ok 18:21:03.0787 4520 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 18:21:03.0820 4520 nv_agp - ok 18:21:03.0834 4520 NwlnkFlt - ok 18:21:03.0851 4520 NwlnkFwd - ok 18:21:03.0908 4520 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 18:21:03.0974 4520 ohci1394 - ok 18:21:04.0169 4520 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 18:21:04.0270 4520 Parport - ok 18:21:04.0322 4520 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 18:21:04.0348 4520 partmgr - ok 18:21:04.0375 4520 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 18:21:04.0441 4520 Parvdm - ok 18:21:04.0457 4520 pccsmcfd - ok 18:21:04.0626 4520 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 18:21:04.0654 4520 pci - ok 18:21:04.0716 4520 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 18:21:04.0745 4520 pciide - ok 18:21:04.0795 4520 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys 18:21:04.0834 4520 pcmcia - ok 18:21:05.0020 4520 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 18:21:05.0223 4520 PEAUTH - ok 18:21:05.0454 4520 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 18:21:05.0546 4520 PptpMiniport - ok 18:21:05.0602 4520 PRISM_A02 (ba3ffbd0abdf45c9160e66cb27f8f8ab) C:\Windows\system32\DRIVERS\PRISMA02.sys 18:21:05.0824 4520 PRISM_A02 - ok 18:21:05.0977 4520 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 18:21:06.0059 4520 Processor - ok 18:21:06.0108 4520 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 18:21:06.0140 4520 PSched - ok 18:21:06.0208 4520 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 18:21:06.0355 4520 ql2300 - ok 18:21:06.0522 4520 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 18:21:06.0551 4520 ql40xx - ok 18:21:06.0611 4520 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 18:21:06.0680 4520 QWAVEdrv - ok 18:21:06.0726 4520 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 18:21:06.0809 4520 RasAcd - ok 18:21:06.0970 4520 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 18:21:07.0040 4520 Rasl2tp - ok 18:21:07.0109 4520 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 18:21:07.0160 4520 RasPppoe - ok 18:21:07.0184 4520 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 18:21:07.0225 4520 RasSstp - ok 18:21:07.0428 4520 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 18:21:07.0489 4520 rdbss - ok 18:21:07.0559 4520 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 18:21:07.0628 4520 RDPCDD - ok 18:21:07.0790 4520 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 18:21:07.0916 4520 rdpdr - ok 18:21:07.0965 4520 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 18:21:08.0034 4520 RDPENCDD - ok 18:21:08.0091 4520 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 18:21:08.0159 4520 RDPWD - ok 18:21:08.0368 4520 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 18:21:08.0438 4520 rspndr - ok 18:21:08.0566 4520 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 18:21:08.0703 4520 SASDIFSV - ok 18:21:08.0743 4520 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 18:21:08.0890 4520 SASKUTIL - ok 18:21:09.0046 4520 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 18:21:09.0089 4520 sbp2port - ok 18:21:09.0162 4520 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 18:21:09.0249 4520 sdbus - ok 18:21:09.0288 4520 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 18:21:09.0406 4520 secdrv - ok 18:21:09.0598 4520 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 18:21:09.0718 4520 Serenum - ok 18:21:09.0756 4520 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 18:21:09.0841 4520 Serial - ok 18:21:09.0894 4520 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 18:21:09.0948 4520 sermouse - ok 18:21:10.0132 4520 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 18:21:10.0183 4520 sffdisk - ok 18:21:10.0235 4520 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 18:21:10.0314 4520 sffp_mmc - ok 18:21:10.0370 4520 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 18:21:10.0417 4520 sffp_sd - ok 18:21:10.0582 4520 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 18:21:10.0703 4520 sfloppy - ok 18:21:10.0782 4520 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 18:21:10.0822 4520 sisagp - ok 18:21:10.0988 4520 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 18:21:11.0029 4520 SiSRaid2 - ok 18:21:11.0058 4520 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 18:21:11.0099 4520 SiSRaid4 - ok 18:21:11.0202 4520 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 18:21:11.0284 4520 Smb - ok 18:21:11.0447 4520 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys 18:21:11.0592 4520 snapman - ok 18:21:11.0639 4520 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 18:21:11.0677 4520 spldr - ok 18:21:11.0748 4520 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 18:21:12.0066 4520 srv - ok 18:21:12.0228 4520 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 18:21:12.0530 4520 srv2 - ok 18:21:12.0690 4520 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 18:21:12.0817 4520 srvnet - ok 18:21:12.0895 4520 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 18:21:12.0917 4520 swenum - ok 18:21:12.0965 4520 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 18:21:12.0990 4520 Symc8xx - ok 18:21:13.0150 4520 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 18:21:13.0175 4520 Sym_hi - ok 18:21:13.0202 4520 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 18:21:13.0231 4520 Sym_u3 - ok 18:21:13.0287 4520 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys 18:21:13.0398 4520 SynTP - ok 18:21:13.0493 4520 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys 18:21:13.0709 4520 Tcpip - ok 18:21:13.0906 4520 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys 18:21:14.0025 4520 Tcpip6 - ok 18:21:14.0199 4520 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 18:21:14.0282 4520 tcpipreg - ok 18:21:14.0323 4520 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys 18:21:14.0501 4520 tdcmdpst - ok 18:21:14.0664 4520 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 18:21:14.0707 4520 TDPIPE - ok 18:21:14.0765 4520 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys 18:21:14.0898 4520 tdrpman - ok 18:21:15.0066 4520 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 18:21:15.0132 4520 TDTCP - ok 18:21:15.0178 4520 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 18:21:15.0231 4520 tdx - ok 18:21:15.0282 4520 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 18:21:15.0343 4520 TermDD - ok 18:21:15.0538 4520 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys 18:21:15.0788 4520 tifm21 - ok 18:21:15.0953 4520 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys 18:21:16.0045 4520 tifsfilter - ok 18:21:16.0090 4520 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys 18:21:16.0261 4520 timounter - ok 18:21:16.0424 4520 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\drivers\Tosrfcom.sys 18:21:16.0500 4520 Tosrfcom - ok 18:21:16.0526 4520 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys 18:21:16.0663 4520 tosrfec - ok 18:21:16.0847 4520 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys 18:21:16.0855 4520 TrueSight ( UnsignedFile.Multi.Generic ) - warning 18:21:16.0855 4520 TrueSight - detected UnsignedFile.Multi.Generic (1) 18:21:16.0916 4520 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 18:21:16.0987 4520 tssecsrv - ok 18:21:17.0043 4520 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 18:21:17.0104 4520 tunmp - ok 18:21:17.0261 4520 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 18:21:17.0310 4520 tunnel - ok 18:21:17.0366 4520 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 18:21:17.0604 4520 TVALZ - ok 18:21:17.0760 4520 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 18:21:17.0785 4520 uagp35 - ok 18:21:17.0843 4520 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 18:21:17.0908 4520 udfs - ok 18:21:17.0951 4520 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 18:21:17.0976 4520 uliagpkx - ok 18:21:18.0008 4520 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 18:21:18.0045 4520 uliahci - ok 18:21:18.0205 4520 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 18:21:18.0232 4520 UlSata - ok 18:21:18.0257 4520 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 18:21:18.0283 4520 ulsata2 - ok 18:21:18.0333 4520 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 18:21:18.0396 4520 umbus - ok 18:21:18.0438 4520 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys 18:21:18.0534 4520 usbccgp - ok 18:21:18.0691 4520 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 18:21:18.0797 4520 usbcir - ok 18:21:18.0846 4520 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 18:21:18.0919 4520 usbehci - ok 18:21:18.0964 4520 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 18:21:19.0026 4520 usbhub - ok 18:21:19.0177 4520 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 18:21:19.0275 4520 usbohci - ok 18:21:19.0338 4520 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 18:21:19.0401 4520 usbprint - ok 18:21:19.0449 4520 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:21:19.0501 4520 USBSTOR - ok 18:21:19.0667 4520 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 18:21:19.0735 4520 usbuhci - ok 18:21:19.0903 4520 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys 18:21:20.0136 4520 VClone - ok 18:21:20.0330 4520 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 18:21:20.0395 4520 vga - ok 18:21:20.0449 4520 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 18:21:20.0500 4520 VgaSave - ok 18:21:20.0526 4520 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 18:21:20.0557 4520 viaagp - ok 18:21:20.0585 4520 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 18:21:20.0714 4520 ViaC7 - ok 18:21:20.0870 4520 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 18:21:20.0908 4520 viaide - ok 18:21:20.0961 4520 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 18:21:21.0003 4520 volmgr - ok 18:21:21.0059 4520 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 18:21:21.0109 4520 volmgrx - ok 18:21:21.0146 4520 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 18:21:21.0194 4520 volsnap - ok 18:21:21.0350 4520 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 18:21:21.0393 4520 vsmraid - ok 18:21:21.0453 4520 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 18:21:21.0574 4520 WacomPen - ok 18:21:21.0620 4520 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 18:21:21.0682 4520 Wanarp - ok 18:21:21.0689 4520 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 18:21:21.0743 4520 Wanarpv6 - ok 18:21:21.0913 4520 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 18:21:21.0937 4520 Wd - ok 18:21:21.0996 4520 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 18:21:22.0077 4520 Wdf01000 - ok 18:21:22.0289 4520 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 18:21:22.0403 4520 WmiAcpi - ok 18:21:22.0556 4520 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 18:21:22.0602 4520 WpdUsb - ok 18:21:22.0701 4520 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 18:21:22.0766 4520 ws2ifsl - ok 18:21:22.0839 4520 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 18:21:22.0929 4520 WUDFRd - ok 18:21:22.0996 4520 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 18:21:23.0160 4520 \Device\Harddisk0\DR0 - ok 18:21:23.0164 4520 Boot (0x1200) (fc6b5db762ffa41293e29022604d802f) \Device\Harddisk0\DR0\Partition0 18:21:23.0166 4520 \Device\Harddisk0\DR0\Partition0 - ok 18:21:23.0190 4520 Boot (0x1200) (67e32ccee8af990de07decd5caf89274) \Device\Harddisk0\DR0\Partition1 18:21:23.0192 4520 \Device\Harddisk0\DR0\Partition1 - ok 18:21:23.0192 4520 ============================================================ 18:21:23.0192 4520 Scan finished 18:21:23.0192 4520 ============================================================ 18:21:23.0205 4204 Detected object count: 4 18:21:23.0205 4204 Actual detected object count: 4 18:21:50.0849 4204 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - skipped by user 18:21:50.0850 4204 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:21:50.0851 4204 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 18:21:50.0851 4204 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:21:50.0856 4204 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user 18:21:50.0856 4204 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:21:50.0856 4204 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user 18:21:50.0857 4204 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:22:17.0323 2084 Deinitialize success

Scans as requested. Farbar Service Scanner Version: 18-01-2012 01 Ran by Tony (administrator) on 19-01-2012 at 17:49:41 Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=DWORD:0 System Restore: ============ SDRSVC Service is not running. Checking service configuration: The start type of SDRSVC service is OK. The ImagePath of SDRSVC service is OK. The ServiceDll of SDRSVC service is OK. Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist. VSS Service is not running. Checking service configuration: The start type of VSS service is OK. The ImagePath of VSS service is OK. System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: =========== File Check: ======== C:\Windows\system32\nsisvc.dll => MD5 is legit C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit C:\Windows\system32\dhcpcsvc.dll => MD5 is legit C:\Windows\system32\Drivers\afd.sys => MD5 is legit C:\Windows\system32\Drivers\tdx.sys => MD5 is legit C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit C:\Windows\system32\dnsrslvr.dll => MD5 is legit C:\Windows\system32\mpssvc.dll => MD5 is legit C:\Windows\system32\bfe.dll => MD5 is legit C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit C:\Windows\system32\SDRSVC.dll => MD5 is legit C:\Windows\system32\vssvc.exe => MD5 is legit C:\Windows\system32\wscsvc.dll => MD5 is legit C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\system32\wuaueng.dll => MD5 is legit C:\Windows\system32\qmgr.dll [2009-05-29 18:21] - [2009-04-11 06:28] - 0758784 ____A (Microsoft Corporation) 93952506C6D67330367F7E7934B6A02F C:\Windows\system32\es.dll => MD5 is legit C:\Windows\system32\cryptsvc.dll [2009-05-29 18:20] - [2009-04-11 06:28] - 0129024 ____A (Microsoft Corporation) FB27772BEAF8E1D28CCD825C09DA939B C:\Windows\system32\svchost.exe => MD5 is legit C:\Windows\system32\rpcss.dll => MD5 is legit **** End of log **** RogueKiller V6.2.4 [01/12/2012] by Tigzy mail: tigzyRK<at>gmail<dot>com Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/ Blog: http://tigzyrk.blogspot.com Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version Started in : Normal mode User: Tony [Admin rights] Mode: Scan -- Date : 01/19/2012 17:54:22 ¤¤¤ Bad processes: 0 ¤¤¤ ¤¤¤ Registry Entries: 6 ¤¤¤ [HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND [HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver: [LOADED] ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: +++++ --- User --- [MBR] e1105d90bb405f118578d64a17dbfc8f [bSP] 4afd33af9ebf647cb5b164d7e7a88c91 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 1572 Mo 1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 3074048 | Size: 59768 Mo 2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 119810048 | Size: 58689 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2].txt >> RKreport[1].txt ; RKreport[2].txt

I have restored back to 2 days ago 17/01/2012 at 19:25:33. Looking back through my postings I have not mentioned that at start up Photoshop opens up which it is not configered to. There is a message that photoshop cannot open this kind of file. I am now able to see the file which apears on the desktop I presume it is the same file(see below) Although Photoshop still opens on start up. I don't seem able to paste the word file or the pictures, this is what the error says . Message Title: FsUsbServiceMsg Program Path: C:\Windows\system32\FsUsbExService.Exe

My latest System Restore point is 2 days ago 17/01/2012 at 19:25:33 Do you want me to restore to this time?

MrC, sorry if I got it wrong, I don't know how I deleted so many. When it had scanned it found 4 the boxes were set to Skip, I thought I had to change the 4 to delete which I did. I cannot remember seeing "TDSS File System" I will do a system restore to the latest time and post back.

MrC, I tried to copy/paste the results of the scan with TDSSKiller but was told that the posting was to long to post. I have now attached it as a file. I hope this is o.k. TDSSKiller.2.7.5.0_19.01.2012_14.44.07_log 2nd Scan.txt

MrC when you say Vista and Windows 7 users: 1. These tools MUST be run from the executable. (.exe) every time you run them 2. With Admin Rights (Right click, choose "Run as Administrator") are you reffering to the TTDSSKiller Download?

Hi, I think it found 6 items,5 said Skip 1 said Cure. Not sure if I should have done anything at this stage,so I clicked on continue,hope that is what you wanted. Regards 11:27:48.0090 5596 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24 11:27:50.0095 5596 ============================================================ 11:27:50.0095 5596 Current date / time: 2012/01/19 11:27:50.0095 11:27:50.0095 5596 SystemInfo: 11:27:50.0095 5596 11:27:50.0095 5596 OS Version: 6.0.6002 ServicePack: 2.0 11:27:50.0095 5596 Product type: Workstation 11:27:50.0095 5596 ComputerName: TOSHLAPTOP 11:27:50.0096 5596 UserName: Tony 11:27:50.0096 5596 Windows directory: C:\Windows 11:27:50.0096 5596 System windows directory: C:\Windows 11:27:50.0096 5596 Processor architecture: Intel x86 11:27:50.0096 5596 Number of processors: 2 11:27:50.0096 5596 Page size: 0x1000 11:27:50.0096 5596 Boot type: Normal boot 11:27:50.0096 5596 ============================================================ 11:27:52.0306 5596 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 11:27:52.0355 5596 Initialize success 11:29:36.0484 5924 ============================================================ 11:29:36.0484 5924 Scan started 11:29:36.0485 5924 Mode: Manual; SigCheck; TDLFS; 11:29:36.0485 5924 ============================================================ 11:29:38.0286 5924 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 11:29:38.0537 5924 ACPI - ok 11:29:38.0707 5924 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 11:29:38.0780 5924 adp94xx - ok 11:29:38.0849 5924 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 11:29:38.0877 5924 adpahci - ok 11:29:38.0993 5924 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 11:29:39.0019 5924 adpu160m - ok 11:29:39.0088 5924 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 11:29:39.0115 5924 adpu320 - ok 11:29:39.0178 5924 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 11:29:39.0444 5924 AFD - ok 11:29:39.0680 5924 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys 11:29:39.0837 5924 AgereSoftModem - ok 11:29:39.0994 5924 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys 11:29:40.0020 5924 agp440 - ok 11:29:40.0086 5924 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 11:29:40.0120 5924 aic78xx - ok 11:29:40.0149 5924 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys 11:29:40.0180 5924 aliide - ok 11:29:40.0210 5924 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys 11:29:40.0243 5924 amdagp - ok 11:29:40.0277 5924 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys 11:29:40.0309 5924 amdide - ok 11:29:40.0463 5924 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 11:29:40.0817 5924 AmdK7 - ok 11:29:40.0974 5924 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 11:29:41.0059 5924 AmdK8 - ok 11:29:41.0107 5924 Apowersoft_AudioDevice (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys 11:29:41.0148 5924 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - warning 11:29:41.0148 5924 Apowersoft_AudioDevice - detected UnsignedFile.Multi.Generic (1) 11:29:41.0312 5924 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 11:29:41.0338 5924 arc - ok 11:29:41.0368 5924 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 11:29:41.0393 5924 arcsas - ok 11:29:41.0451 5924 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 11:29:41.0665 5924 AsyncMac - ok 11:29:41.0810 5924 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 11:29:41.0830 5924 atapi - ok 11:29:41.0883 5924 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 11:29:41.0945 5924 Beep - ok 11:29:41.0964 5924 blbdrive - ok 11:29:42.0026 5924 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 11:29:42.0134 5924 bowser - ok 11:29:42.0183 5924 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 11:29:42.0343 5924 BrFiltLo - ok 11:29:42.0523 5924 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 11:29:42.0587 5924 BrFiltUp - ok 11:29:42.0628 5924 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 11:29:42.0720 5924 Brserid - ok 11:29:42.0754 5924 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 11:29:42.0848 5924 BrSerWdm - ok 11:29:42.0903 5924 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 11:29:42.0985 5924 BrUsbMdm - ok 11:29:43.0094 5924 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 11:29:43.0185 5924 BrUsbSer - ok 11:29:43.0242 5924 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 11:29:43.0338 5924 BTHMODEM - ok 11:29:43.0346 5924 catchme - ok 11:29:43.0394 5924 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 11:29:43.0460 5924 cdfs - ok 11:29:43.0563 5924 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 11:29:43.0622 5924 cdrom - ok 11:29:43.0718 5924 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys 11:29:44.0361 5924 cfwids - ok 11:29:44.0522 5924 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 11:29:44.0607 5924 circlass - ok 11:29:44.0651 5924 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 11:29:44.0686 5924 CLFS - ok 11:29:44.0749 5924 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys 11:29:44.0833 5924 CmBatt - ok 11:29:44.0984 5924 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys 11:29:45.0016 5924 cmdide - ok 11:29:45.0063 5924 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys 11:29:45.0084 5924 Compbatt - ok 11:29:45.0103 5924 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 11:29:45.0125 5924 crcdisk - ok 11:29:45.0154 5924 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 11:29:45.0235 5924 Crusoe - ok 11:29:45.0419 5924 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 11:29:45.0544 5924 DfsC - ok 11:29:45.0585 5924 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 11:29:45.0613 5924 disk - ok 11:29:45.0781 5924 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 11:29:45.0859 5924 drmkaud - ok 11:29:45.0926 5924 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 11:29:46.0011 5924 DXGKrnl - ok 11:29:46.0194 5924 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys 11:29:46.0249 5924 E100B - ok 11:29:46.0292 5924 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 11:29:46.0398 5924 E1G60 - ok 11:29:46.0565 5924 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 11:29:46.0616 5924 Ecache - ok 11:29:46.0706 5924 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 11:29:46.0735 5924 elxstor - ok 11:29:46.0858 5924 EraserUtilRebootDrv - ok 11:29:47.0040 5924 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 11:29:47.0179 5924 exfat - ok 11:29:47.0225 5924 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 11:29:47.0290 5924 fastfat - ok 11:29:47.0470 5924 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys 11:29:47.0547 5924 fdc - ok 11:29:47.0621 5924 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 11:29:47.0641 5924 FileInfo - ok 11:29:47.0795 5924 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 11:29:47.0856 5924 Filetrace - ok 11:29:47.0892 5924 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 11:29:47.0990 5924 flpydisk - ok 11:29:48.0039 5924 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 11:29:48.0068 5924 FltMgr - ok 11:29:48.0228 5924 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS 11:29:48.0254 5924 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning 11:29:48.0254 5924 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1) 11:29:48.0341 5924 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys 11:29:48.0377 5924 Fs_Rec - ok 11:29:48.0420 5924 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys 11:29:48.0508 5924 FwLnk - ok 11:29:48.0667 5924 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 11:29:48.0692 5924 gagp30kx - ok 11:29:48.0745 5924 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys 11:29:48.0830 5924 grmnusb - ok 11:29:48.0864 5924 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys 11:29:48.0967 5924 HdAudAddService - ok 11:29:49.0139 5924 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 11:29:49.0196 5924 HDAudBus - ok 11:29:49.0365 5924 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 11:29:49.0458 5924 HidBth - ok 11:29:49.0483 5924 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 11:29:49.0572 5924 HidIr - ok 11:29:49.0668 5924 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 11:29:49.0705 5924 HidUsb - ok 11:29:49.0821 5924 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 11:29:49.0842 5924 HpCISSs - ok 11:29:49.0961 5924 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 11:29:50.0092 5924 HTTP - ok 11:29:50.0208 5924 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 11:29:50.0233 5924 i2omp - ok 11:29:50.0361 5924 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 11:29:50.0435 5924 i8042prt - ok 11:29:50.0475 5924 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 11:29:50.0517 5924 iaStorV - ok 11:29:50.0645 5924 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 11:29:50.0679 5924 iirsp - ok 11:29:50.0837 5924 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys 11:29:51.0243 5924 IntcAzAudAddService - ok 11:29:51.0421 5924 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys 11:29:51.0448 5924 intelide - ok 11:29:51.0526 5924 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 11:29:51.0590 5924 intelppm - ok 11:29:51.0645 5924 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:29:51.0715 5924 IpFilterDriver - ok 11:29:51.0863 5924 IpInIp - ok 11:29:51.0908 5924 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 11:29:52.0005 5924 IPMIDRV - ok 11:29:52.0061 5924 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 11:29:52.0124 5924 IPNAT - ok 11:29:52.0275 5924 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 11:29:52.0383 5924 IRENUM - ok 11:29:52.0439 5924 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys 11:29:52.0459 5924 isapnp - ok 11:29:52.0504 5924 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 11:29:52.0528 5924 iScsiPrt - ok 11:29:52.0702 5924 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 11:29:52.0727 5924 iteatapi - ok 11:29:52.0751 5924 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 11:29:52.0778 5924 iteraid - ok 11:29:52.0842 5924 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 11:29:52.0865 5924 kbdclass - ok 11:29:52.0897 5924 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys 11:29:52.0959 5924 kbdhid - ok 11:29:53.0004 5924 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys 11:29:53.0085 5924 KMWDFILTER - ok 11:29:53.0240 5924 KR10I (1e0d65f7ffeb4e99b2eec1ccb5754cc8) C:\Windows\system32\drivers\kr10i.sys 11:29:53.0317 5924 KR10I - ok 11:29:53.0381 5924 KR10N (0f9e83709cbb60b1549f3a65d0ab6e4f) C:\Windows\system32\drivers\kr10n.sys 11:29:53.0458 5924 KR10N - ok 11:29:53.0624 5924 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 11:29:53.0662 5924 KSecDD - ok 11:29:53.0860 5924 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 11:29:53.0915 5924 lltdio - ok 11:29:54.0239 5924 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 11:29:54.0260 5924 LSI_FC - ok 11:29:54.0290 5924 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 11:29:54.0323 5924 LSI_SAS - ok 11:29:54.0498 5924 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 11:29:54.0524 5924 LSI_SCSI - ok 11:29:54.0577 5924 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 11:29:54.0659 5924 luafv - ok 11:29:54.0870 5924 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 11:29:54.0902 5924 megasas - ok 11:29:54.0963 5924 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys 11:29:54.0984 5924 mfeapfk - ok 11:29:55.0049 5924 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys 11:29:55.0073 5924 mfeavfk - ok 11:29:55.0230 5924 mfeavfk01 - ok 11:29:55.0538 5924 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys 11:29:55.0568 5924 mfebopk - ok 11:29:55.0637 5924 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys 11:29:55.0714 5924 mfefirek - ok 11:29:55.0899 5924 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys 11:29:55.0955 5924 mfehidk - ok 11:29:56.0071 5924 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys 11:29:56.0091 5924 mfenlfk - ok 11:29:56.0242 5924 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys 11:29:56.0265 5924 mferkdet - ok 11:29:56.0414 5924 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys 11:29:56.0439 5924 mferkdk - ok 11:29:56.0495 5924 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys 11:29:56.0519 5924 mfesmfk - ok 11:29:56.0577 5924 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys 11:29:56.0604 5924 mfewfpk - ok 11:29:56.0766 5924 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 11:29:56.0844 5924 Modem - ok 11:29:56.0933 5924 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 11:29:56.0990 5924 monitor - ok 11:29:57.0037 5924 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 11:29:57.0056 5924 mouclass - ok 11:29:57.0175 5924 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys 11:29:57.0204 5924 moufiltr ( UnsignedFile.Multi.Generic ) - warning 11:29:57.0204 5924 moufiltr - detected UnsignedFile.Multi.Generic (1) 11:29:57.0282 5924 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 11:29:57.0408 5924 mouhid - ok 11:29:57.0464 5924 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 11:29:57.0489 5924 MountMgr - ok 11:29:57.0600 5924 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 11:29:57.0634 5924 mpio - ok 11:29:57.0729 5924 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 11:29:57.0787 5924 mpsdrv - ok 11:29:57.0835 5924 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 11:29:57.0856 5924 Mraid35x - ok 11:29:57.0983 5924 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 11:29:58.0084 5924 MRxDAV - ok 11:29:58.0179 5924 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:29:58.0262 5924 mrxsmb - ok 11:29:58.0381 5924 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:29:58.0439 5924 mrxsmb10 - ok 11:29:58.0511 5924 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:29:58.0563 5924 mrxsmb20 - ok 11:29:58.0613 5924 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys 11:29:58.0633 5924 msahci - ok 11:29:58.0736 5924 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 11:29:58.0756 5924 msdsm - ok 11:29:58.0866 5924 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 11:29:58.0930 5924 Msfs - ok 11:29:58.0972 5924 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 11:29:58.0997 5924 msisadrv - ok 11:29:59.0133 5924 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 11:29:59.0183 5924 MSKSSRV - ok 11:29:59.0235 5924 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 11:29:59.0310 5924 MSPCLOCK - ok 11:29:59.0345 5924 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 11:29:59.0386 5924 MSPQM - ok 11:29:59.0444 5924 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 11:29:59.0470 5924 MsRPC - ok 11:29:59.0591 5924 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 11:29:59.0611 5924 mssmbios - ok 11:29:59.0690 5924 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 11:29:59.0749 5924 MSTEE - ok 11:29:59.0788 5924 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 11:29:59.0816 5924 Mup - ok 11:29:59.0937 5924 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 11:29:59.0985 5924 NativeWifiP - ok 11:30:00.0096 5924 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 11:30:00.0193 5924 NDIS - ok 11:30:00.0329 5924 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 11:30:00.0403 5924 NdisTapi - ok 11:30:00.0479 5924 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 11:30:00.0525 5924 Ndisuio - ok 11:30:00.0591 5924 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 11:30:00.0626 5924 NdisWan - ok 11:30:00.0734 5924 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 11:30:00.0796 5924 NDProxy - ok 11:30:00.0860 5924 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 11:30:00.0919 5924 NetBIOS - ok 11:30:00.0967 5924 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 11:30:01.0024 5924 netbt - ok 11:30:01.0228 5924 NETw3v32 (acc6170d80c69e50145b370023b64ed3) C:\Windows\system32\DRIVERS\NETw3v32.sys 11:30:01.0567 5924 NETw3v32 - ok 11:30:01.0830 5924 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys 11:30:02.0308 5924 NETw4v32 - ok 11:30:02.0664 5924 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys 11:30:03.0309 5924 NETw5v32 - ok 11:30:03.0489 5924 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 11:30:03.0522 5924 nfrd960 - ok 11:30:03.0595 5924 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys 11:30:03.0628 5924 NPF - ok 11:30:03.0688 5924 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 11:30:03.0738 5924 Npfs - ok 11:30:03.0896 5924 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 11:30:03.0961 5924 nsiproxy - ok 11:30:04.0046 5924 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 11:30:04.0102 5924 Ntfs - ok 11:30:04.0251 5924 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 11:30:04.0354 5924 ntrigdigi - ok 11:30:04.0404 5924 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 11:30:04.0467 5924 Null - ok 11:30:04.0770 5924 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys 11:30:05.0316 5924 nvlddmkm - ok 11:30:05.0486 5924 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 11:30:05.0512 5924 nvraid - ok 11:30:05.0570 5924 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 11:30:05.0604 5924 nvstor - ok 11:30:05.0639 5924 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys 11:30:05.0668 5924 nv_agp - ok 11:30:05.0682 5924 NwlnkFlt - ok 11:30:05.0698 5924 NwlnkFwd - ok 11:30:05.0760 5924 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys 11:30:05.0814 5924 ohci1394 - ok 11:30:05.0998 5924 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 11:30:06.0062 5924 Parport - ok 11:30:06.0118 5924 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys 11:30:06.0145 5924 partmgr - ok 11:30:06.0171 5924 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 11:30:06.0234 5924 Parvdm - ok 11:30:06.0251 5924 pccsmcfd - ok 11:30:06.0341 5924 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 11:30:06.0387 5924 pci - ok 11:30:06.0512 5924 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys 11:30:06.0532 5924 pciide - ok 11:30:06.0625 5924 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys 11:30:06.0659 5924 pcmcia - ok 11:30:06.0738 5924 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 11:30:07.0017 5924 PEAUTH - ok 11:30:07.0228 5924 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 11:30:07.0298 5924 PptpMiniport - ok 11:30:07.0351 5924 PRISM_A02 (ba3ffbd0abdf45c9160e66cb27f8f8ab) C:\Windows\system32\DRIVERS\PRISMA02.sys 11:30:07.0470 5924 PRISM_A02 - ok 11:30:07.0638 5924 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 11:30:07.0735 5924 Processor - ok 11:30:07.0791 5924 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 11:30:07.0833 5924 PSched - ok 11:30:07.0912 5924 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 11:30:07.0968 5924 ql2300 - ok 11:30:08.0127 5924 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 11:30:08.0152 5924 ql40xx - ok 11:30:08.0216 5924 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 11:30:08.0301 5924 QWAVEdrv - ok 11:30:08.0387 5924 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 11:30:08.0450 5924 RasAcd - ok 11:30:08.0608 5924 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:30:08.0650 5924 Rasl2tp - ok 11:30:08.0714 5924 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 11:30:08.0770 5924 RasPppoe - ok 11:30:08.0800 5924 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 11:30:08.0843 5924 RasSstp - ok 11:30:09.0000 5924 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 11:30:09.0064 5924 rdbss - ok 11:30:09.0131 5924 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:30:09.0215 5924 RDPCDD - ok 11:30:09.0428 5924 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys 11:30:09.0511 5924 rdpdr - ok 11:30:09.0559 5924 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 11:30:09.0598 5924 RDPENCDD - ok 11:30:09.0651 5924 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys 11:30:09.0704 5924 RDPWD - ok 11:30:09.0895 5924 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 11:30:09.0945 5924 rspndr - ok 11:30:10.0060 5924 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 11:30:10.0086 5924 SASDIFSV - ok 11:30:10.0104 5924 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 11:30:10.0129 5924 SASKUTIL - ok 11:30:10.0285 5924 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 11:30:10.0312 5924 sbp2port - ok 11:30:10.0378 5924 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys 11:30:10.0434 5924 sdbus - ok 11:30:10.0471 5924 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 11:30:10.0562 5924 secdrv - ok 11:30:10.0748 5924 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 11:30:10.0823 5924 Serenum - ok 11:30:10.0861 5924 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 11:30:10.0946 5924 Serial - ok 11:30:10.0988 5924 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 11:30:11.0050 5924 sermouse - ok 11:30:11.0237 5924 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys 11:30:11.0299 5924 sffdisk - ok 11:30:11.0352 5924 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys 11:30:11.0412 5924 sffp_mmc - ok 11:30:11.0464 5924 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys 11:30:11.0496 5924 sffp_sd - ok 11:30:11.0653 5924 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 11:30:11.0743 5924 sfloppy - ok 11:30:11.0808 5924 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys 11:30:11.0834 5924 sisagp - ok 11:30:12.0004 5924 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 11:30:12.0030 5924 SiSRaid2 - ok 11:30:12.0174 5924 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 11:30:12.0196 5924 SiSRaid4 - ok 11:30:12.0328 5924 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 11:30:12.0385 5924 Smb - ok 11:30:12.0551 5924 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys 11:30:12.0580 5924 snapman - ok 11:30:12.0632 5924 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 11:30:12.0652 5924 spldr - ok 11:30:12.0718 5924 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 11:30:12.0801 5924 srv - ok 11:30:12.0965 5924 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 11:30:13.0037 5924 srv2 - ok 11:30:13.0061 5924 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 11:30:13.0103 5924 srvnet - ok 11:30:13.0199 5924 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 11:30:13.0231 5924 swenum - ok 11:30:13.0391 5924 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 11:30:13.0424 5924 Symc8xx - ok 11:30:13.0454 5924 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 11:30:13.0486 5924 Sym_hi - ok 11:30:13.0517 5924 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 11:30:13.0550 5924 Sym_u3 - ok 11:30:13.0614 5924 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys 11:30:13.0653 5924 SynTP - ok 11:30:13.0851 5924 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys 11:30:14.0067 5924 Tcpip - ok 11:30:14.0265 5924 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys 11:30:14.0401 5924 Tcpip6 - ok 11:30:14.0581 5924 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys 11:30:14.0763 5924 tcpipreg - ok 11:30:14.0926 5924 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys 11:30:15.0021 5924 tdcmdpst - ok 11:30:15.0080 5924 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 11:30:15.0143 5924 TDPIPE - ok 11:30:15.0202 5924 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys 11:30:15.0233 5924 tdrpman - ok 11:30:15.0392 5924 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 11:30:15.0452 5924 TDTCP - ok 11:30:15.0504 5924 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 11:30:15.0538 5924 tdx - ok 11:30:15.0586 5924 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 11:30:15.0615 5924 TermDD - ok 11:30:15.0797 5924 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys 11:30:15.0902 5924 tifm21 - ok 11:30:15.0956 5924 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys 11:30:15.0980 5924 tifsfilter - ok 11:30:16.0027 5924 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys 11:30:16.0066 5924 timounter - ok 11:30:16.0227 5924 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\drivers\Tosrfcom.sys 11:30:16.0274 5924 Tosrfcom - ok 11:30:16.0307 5924 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys 11:30:16.0391 5924 tosrfec - ok 11:30:16.0569 5924 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys 11:30:16.0582 5924 TrueSight ( UnsignedFile.Multi.Generic ) - warning 11:30:16.0583 5924 TrueSight - detected UnsignedFile.Multi.Generic (1) 11:30:16.0641 5924 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:30:16.0687 5924 tssecsrv - ok 11:30:16.0735 5924 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 11:30:16.0815 5924 tunmp - ok 11:30:16.0975 5924 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 11:30:17.0006 5924 tunnel - ok 11:30:17.0069 5924 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS 11:30:17.0093 5924 TVALZ - ok 11:30:17.0152 5924 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 11:30:17.0173 5924 uagp35 - ok 11:30:17.0224 5924 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 11:30:17.0281 5924 udfs - ok 11:30:17.0454 5924 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys 11:30:17.0475 5924 uliagpkx - ok 11:30:17.0500 5924 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 11:30:17.0526 5924 uliahci - ok 11:30:17.0552 5924 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 11:30:17.0574 5924 UlSata - ok 11:30:17.0738 5924 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 11:30:17.0762 5924 ulsata2 - ok 11:30:17.0814 5924 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 11:30:17.0875 5924 umbus - ok 11:30:17.0918 5924 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys 11:30:18.0004 5924 usbccgp - ok 11:30:18.0161 5924 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 11:30:18.0238 5924 usbcir - ok 11:30:18.0293 5924 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 11:30:18.0343 5924 usbehci - ok 11:30:18.0377 5924 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 11:30:18.0414 5924 usbhub - ok 11:30:18.0569 5924 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 11:30:18.0663 5924 usbohci - ok 11:30:18.0774 5924 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 11:30:18.0850 5924 usbprint - ok 11:30:19.0029 5924 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:30:19.0079 5924 USBSTOR - ok 11:30:19.0137 5924 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 11:30:19.0170 5924 usbuhci - ok 11:30:19.0228 5924 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys 11:30:19.0292 5924 VClone - ok 11:30:19.0444 5924 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 11:30:19.0516 5924 vga - ok 11:30:19.0574 5924 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 11:30:19.0623 5924 VgaSave - ok 11:30:19.0652 5924 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys 11:30:19.0677 5924 viaagp - ok 11:30:19.0698 5924 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 11:30:19.0795 5924 ViaC7 - ok 11:30:19.0928 5924 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys 11:30:19.0952 5924 viaide - ok 11:30:20.0120 5924 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 11:30:20.0156 5924 volmgr - ok 11:30:20.0338 5924 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 11:30:20.0480 5924 volmgrx - ok 11:30:20.0603 5924 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 11:30:20.0639 5924 volsnap - ok 11:30:20.0719 5924 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 11:30:20.0746 5924 vsmraid - ok 11:30:20.0844 5924 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 11:30:21.0086 5924 WacomPen - ok 11:30:21.0222 5924 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 11:30:21.0257 5924 Wanarp - ok 11:30:21.0337 5924 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 11:30:21.0375 5924 Wanarpv6 - ok 11:30:21.0616 5924 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 11:30:21.0643 5924 Wd - ok 11:30:21.0721 5924 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 11:30:21.0809 5924 Wdf01000 - ok 11:30:22.0091 5924 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys 11:30:22.0200 5924 WmiAcpi - ok 11:30:22.0303 5924 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 11:30:22.0362 5924 WpdUsb - ok 11:30:22.0492 5924 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 11:30:22.0549 5924 ws2ifsl - ok 11:30:22.0652 5924 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:30:22.0799 5924 WUDFRd - ok 11:30:22.0899 5924 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 11:30:22.0928 5924 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected 11:30:22.0928 5924 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0) 11:30:23.0138 5924 \Device\Harddisk0\DR0 ( TDSS File System ) - warning 11:30:23.0138 5924 \Device\Harddisk0\DR0 - detected TDSS File System (1) 11:30:23.0162 5924 Boot (0x1200) (fc6b5db762ffa41293e29022604d802f) \Device\Harddisk0\DR0\Partition0 11:30:23.0163 5924 \Device\Harddisk0\DR0\Partition0 - ok 11:30:23.0181 5924 Boot (0x1200) (67e32ccee8af990de07decd5caf89274) \Device\Harddisk0\DR0\Partition1 11:30:23.0183 5924 \Device\Harddisk0\DR0\Partition1 - ok 11:30:23.0183 5924 ============================================================ 11:30:23.0183 5924 Scan finished 11:30:23.0183 5924 ============================================================ 11:30:23.0200 5892 Detected object count: 6 11:30:23.0200 5892 Actual detected object count: 6 11:31:22.0828 5892 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - skipped by user 11:31:22.0828 5892 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:31:22.0831 5892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user 11:31:22.0831 5892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:31:22.0835 5892 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user 11:31:22.0835 5892 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:31:22.0839 5892 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user 11:31:22.0839 5892 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip 11:31:22.0907 5892 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot 11:31:22.0908 5892 \Device\Harddisk0\DR0 - ok 11:31:22.0909 5892 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure 11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user 11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip 11:32:56.0876 3896 Deinitialize success

ListParts Scan Results ListParts by Farbar Ran by Tony on 18-01-2012 at 20:15:43 Windows Vista (X86) Running From: E:\Tony\Desktop ************************************************************ ========================= Memory info ====================== Percentage of memory in use: 59% Total physical RAM: 2045.31 MB Available physical RAM: 836.63 MB Total Pagefile: 4331.91 MB Available Pagefile: 2805.41 MB Total Virtual: 2047.88 MB Available Virtual: 1967.06 MB ======================= Partitions ========================= 1 Drive c: (Vista) (Fixed) (Total:55.66 GB) (Free:4.2 GB) NTFS ==>[system with boot components (obtained from reading drive)] 2 Drive e: (Data) (Fixed) (Total:54.66 GB) (Free:16.95 GB) NTFS Disk ### Status Size Free Dyn Gpt -------- ---------- ------- ------- --- --- Disk 0 Online 112 GB 0 B Partitions of Disk 0: =============== Partition ### Type Size Offset ------------- ---------------- ------- ------- Partition 1 OEM 1500 MB 1024 KB Partition 2 Primary 56 GB 1501 MB Partition 3 Primary 55 GB 57 GB Partition 4 Primary 1488 KB 112 GB Disk: 0 Partition 1 Type : 27 Hidden: Yes Active: No There is no volume associated with this partition. Disk: 0 Partition 2 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 1 C Vista NTFS Partition 56 GB Healthy System (partition with boot components) Disk: 0 Partition 3 Type : 07 Hidden: No Active: No Volume ### Ltr Label Fs Type Size Status Info ---------- --- ----------- ----- ---------- ------- --------- -------- * Volume 2 E Data NTFS Partition 55 GB Healthy Disk: 0 Partition 4 Type : 17 (Suspicious Type) Hidden: Yes Active: Yes There is no volume associated with this partition. The boot configuration data store could not be opened. The system cannot find the file specified. ****** End Of Log ******

3 of 3 postings with results of scans. Extras.Tex Scan OTL Extras logfile created on: 18/01/2012 18:38:31 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = E:\Tony\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.63% Memory free 4.23 Gb Paging File | 2.86 Gb Available in Paging File | 67.58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55.66 Gb Total Space | 4.23 Gb Free Space | 7.59% Space Free | Partition Type: NTFS Drive E: | 54.66 Gb Total Space | 16.95 Gb Free Space | 31.01% Space Free | Partition Type: NTFS Computer Name: TOSHLAPTOP | User Name: Tony | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) .html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found [HKEY_USERS\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 1 "FirewallOverride" = 0 "VistaSp1" = Reg Error: Unknown registry data type -- File not found "VistaSp2" = Reg Error: Unknown registry data type -- File not found [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02B242E1-0F5A-4766-B84C-95410E29227C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{1D497719-ED9F-45A7-93CA-B00359535382}" = lport=10243 | protocol=6 | dir=in | app=system | "{22A6DA44-2296-4F8C-B420-ADB8F8339B25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{28873CC7-3517-432A-B0C7-8A4BBF162602}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{3838061B-A414-4DBC-B7BA-8987B7AAF3D0}" = lport=2869 | protocol=6 | dir=in | app=system | "{474B282C-6981-4202-B333-4D2A582E7E02}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{5AC33984-5CEC-4325-90D7-44C47D6BC8B5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5DAD3693-2AE5-4BEC-8338-D0D57451624D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{63718C6B-4833-44D7-AF42-55B14BDE2AD2}" = lport=2869 | protocol=6 | dir=in | app=system | "{79AA6432-9175-4FC0-8231-585F09907746}" = lport=2869 | protocol=6 | dir=in | app=system | "{7E0BDC57-6929-4ABB-B860-7FF601569989}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{7EEC9108-758D-4D43-8944-0B3E602A78BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{81C3723A-2CA3-48A2-BCE0-D264D7E0F496}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{8DC32B60-2159-4B18-90BA-720421225D09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{8EBA8386-3965-4258-94D9-060339539546}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | "{920A3A6D-6727-460C-B5E1-62B703028CE0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{9894A214-A5C4-495C-A738-356B14ABD31D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{A953FCB7-C937-4DC4-B809-A1B868F5C825}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{B82E172A-4B23-4171-BC61-C8B4DA0EED56}" = lport=2869 | protocol=6 | dir=in | app=system | "{CAA91289-D34A-45DD-B521-BAD060EC7EED}" = rport=10243 | protocol=6 | dir=out | app=system | "{E2C5F753-82DE-4A71-BA5E-50F99B22EB7F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F29FCE75-52F5-4BDB-882B-CC4DD04A633A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00FA05F3-94F3-4EB2-A8C9-3BB04E9775A2}" = protocol=17 | dir=in | app=c:\program files\o2\bin\wificfg.exe | "{0A13C39F-AE20-4D15-9C22-DF489D6E9729}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{0B0C161C-7909-45F9-B566-302902788199}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{0EBF63C0-0052-4044-BCD5-C11CD910788B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{13B73393-BF68-4DDE-BFFD-18E37B8A4AB6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{1D8E1A26-B5CC-4A8B-82DA-9E76E77143D2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{1E49A516-E29A-4917-8B9C-B164F59C4CDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{2712C155-1C2E-474D-AA5C-5933981630AB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{276570D8-7D73-4C51-A4CA-E2BCE1B491D4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{297E1764-50E0-4DA8-9F7F-8E01161904CD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{2A7CB954-D876-4E7D-A174-63C7B26185D3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{3F0AD14A-D50B-4BFE-B4CC-9F7F38A1A8FA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{4EF48426-469A-457F-96CE-F5367C79E0CC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe | "{58F4EB47-3AC4-449D-8B74-00FB379171DA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | "{5FC4F128-A435-4792-98E1-4C867E26B56E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5FDAE6BF-682F-4B6F-AA96-64F95CA48220}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{6304CBA4-9AA8-497D-9232-04269313E302}" = protocol=17 | dir=in | app=c:\program files\o2\agent\bin\bcont.exe | "{667139F4-1876-4528-967A-C11308CAB69B}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe | "{761E6B3A-2232-4644-8282-365CFA1FC227}" = protocol=6 | dir=in | app=c:\program files\o2\agent\bin\bcont_nm.exe | "{77CCF2CC-B0F0-443D-A864-06EF634D6CE1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{794B07C2-F8A2-4E5D-927B-1CDD2335A05F}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe | "{795CC4C9-4D3A-4FEA-B366-1470354F49F9}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{8062E58E-896C-4C93-8004-4702871350B1}" = protocol=6 | dir=in | app=c:\program files\o2\agent\bin\bcont.exe | "{83C709E2-42CD-4CDA-8D50-973C2BC0BF6B}" = protocol=17 | dir=in | app=c:\program files\common files\supportsoft\bin\ssrc.exe | "{8A660352-1B52-42C5-B098-A8E9E2133A81}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{92B64A61-9C1D-4CF4-A7A3-59CBFE172C7F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{99D2CE0A-DCD4-4B4F-B110-991D8CFD321A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | "{9FF04AF6-99DE-4B9F-A594-0AB10FD35FC3}" = protocol=6 | dir=out | app=system | "{ADFC2D84-54DE-4C71-8AD5-0862D930F0DF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{B0CC5B83-0203-488A-8E8C-2EA4DB4E06FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{B0FE688F-214F-473A-BD72-EA6AF75D9433}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe | "{BD12F343-4345-4424-96FE-1DA51EF32B67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{C3740A59-CCBD-4475-8181-0ABF6503BC13}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe | "{DC4BFCE0-F0A8-471F-AE4F-25BD59C98836}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{E0120A07-C0AB-47EB-8034-E804C3EE6D2C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | "{E02C558F-7A37-45D1-8614-0D52FD990F70}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe | "{E0689AE3-911B-4B58-AB9F-3565237DD977}" = protocol=17 | dir=in | app=c:\program files\o2\agent\bin\bcont_nm.exe | "{E6501D52-C907-41DA-BBAF-51DCD2B3F836}" = protocol=6 | dir=in | app=c:\program files\common files\supportsoft\bin\ssrc.exe | "{F136CD88-B850-4226-B8D2-F0DB843ED25E}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe | "{F984ECAC-A5C7-4E68-AB7C-0CAD369FBC98}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FD0D248B-B65A-4C92-AFE6-A0C083A90F20}" = protocol=6 | dir=in | app=c:\program files\o2\bin\wificfg.exe | "TCP Query User{2763BAD4-76DC-4979-93FC-C178AEBBC1D7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "TCP Query User{D90F8E15-141C-4619-974B-56521E160445}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{143228CD-0B6B-4A48-86B9-728220BE37E6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | "UDP Query User{48E45402-7026-4B94-AB6A-04EEC4762414}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0020FEE2-7CDB-4250-B04B-81D68D3CA18B}" = "{059AE187-404C-47C5-B846-097DAF59DC44}" = Adobe Stock Photos 1.0 "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0F4F4815-76AD-4B26-8763-72F3344041C2}" = TOSHIBA Manuals "{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300" = Canon iP3300 "{1240A058-8BCE-4A3B-BF82-6E5B801D71BA}" = Garmin City Navigator Europe NT 2009 Update "{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA "{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2 "{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25 "{27237DBF-81A7-4569-908C-48427460B7BA}" = The Panorama Factory V5 m32 Edition "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0 "{2BA8A909-F17C-4AE5-85C1-9107B7A60D26}" = Toshiba TEMPRO "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater "{3A3923F8-AA05-4281-9F6F-DC6F85D0092D}" = Garmin POI Loader "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3D3D1E03-D506-4163-B600-82EE27FC5A89}" = Microsoft Camera Codec Pack "{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor "{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}" = O2 Broadband Assistant "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5508128A-2C7B-46B5-81F9-58E8E8115F0B}" = AdblockIE "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator "{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI "{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053 "{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{70FF1E06-E533-4552-B384-DA4EE4AC1615}" = Photo Print Calendar from YOKOHAMA Ver.3.00E beta "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{74892A2F-57B2-48E4-81C3-1E21E12A470B}" = TOSHIBA Supervisor Password "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In "{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007 "{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92CA58DD-4475-461C-828B-4A832B1EC080}" = Noiseware Community Edition "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95140000-007F-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync "{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B57A7B53-0662-4AC0-9352-2AE2D8212A9F}" = Garmin Communicator Plugin "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0 "{B77A308F-85F5-4D68-8CB5-313332CB2779}" = TOSHIBA Hardware Setup "{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49 "{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree "{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CA8AC9B9-AEEA-4078-9B34-5E7A160E6861}" = Free Grids for Word 2007 "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 2.20 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "{F1B1BB41-2494-4FC2-BEF7-9C282B6815A8}" = Image Resizer Powertoy Clone for Windows "{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA "{F2F8B712-8770-4058-8EDF-FBA80A6C952F}" = Instant JPEG From RAW "{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729) "{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01 "{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU "45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0) "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "ASAP Utilities_is1" = ASAP Utilities "aTube Catcher" = aTube Catcher "Audacity_is1" = Audacity 1.2.6 "BabylonToolbar" = Babylon toolbar on IE "Canon RAW Codec" = Canon RAW Codec "CCleaner" = CCleaner "Digital Image Recovery_is1" = Digital Image Recovery 1.47 "DivX Setup.divx.com" = DivX Setup "DVD Flick_is1" = DVD Flick 1.3.0.7 "ESET Online Scanner" = ESET Online Scanner v3 "ExtractNow_is1" = ExtractNow "Foxit Reader" = Foxit Reader "Freemake Audio Converter_is1" = Freemake Audio Converter version 1.1.0 "ieSpell" = ieSpell "ImgBurn" = ImgBurn "InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA "InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center "InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio "InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package "IrfanView" = IrfanView (remove only) "LAME for Audacity_is1" = LAME v3.98.3 for Audacity "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "MozBackup" = MozBackup 1.4.9 "Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US) "MSC" = McAfee Internet Security "MyDefrag v4.3.1_is1" = MyDefrag v4.3.1 "Neat Image_is1" = Neat Image v5 Demo (with plug-in) "NVIDIA Drivers" = NVIDIA Drivers "Picasa 3" = Picasa 3 "QuicktimeAlt_is1" = QuickTime Alternative 1.81 "RealAlt_is1" = Real Alternative 1.52 "Recuva" = Recuva "SpywareBlaster_is1" = SpywareBlaster 4.5 "SynTPDeinstKey" = Synaptics Pointing Device Driver "SystemRequirementsLab" = System Requirements Lab "ULTIMATER" = Microsoft Office Ultimate 2007 "Veetle TV" = Veetle TV "VLC media player" = VLC media player 1.1.11 "vShare" = vShare Plugin "Windows Media Encoder 9" = Windows Media Encoder 9 Series "WinLiveSuite" = Windows Live Essentials "WinPcapInst" = WinPcap 4.1.2 "Xvid Video Codec 1.3.2" = Xvid Video Codec "ZhornStickies" = Stickies 7.1b ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Dropbox" = Dropbox "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 17/01/2012 15:39:59 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 17/01/2012 15:39:59 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 17/01/2012 15:56:29 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 17/01/2012 15:56:29 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 17/01/2012 16:03:57 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 17/01/2012 16:03:57 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 18/01/2012 13:59:55 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 18/01/2012 14:11:51 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013 Description = Error - 18/01/2012 14:34:52 | Computer Name = ToshLaptop | Source = Application Error | ID = 1000 Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module DropboxExt.14.dll, version 1.0.0.14, time stamp 0x4bfd6926, exception code 0xc0000005, fault offset 0x0000446c, process id 0x914, application start time 0x01ccd5f307cdf00d. Error - 18/01/2012 14:46:12 | Computer Name = ToshLaptop | Source = Application Error | ID = 1000 Description = Faulting application Explorer.exe, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module DropboxExt.14.dll, version 1.0.0.14, time stamp 0x4bfd6926, exception code 0xc0000005, fault offset 0x0000446c, process id 0x14d8, application start time 0x01ccd60fe3836aad. [ Media Center Events ] Error - 03/04/2008 10:56:17 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0 Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError returned 10000105 Process: DefaultDomain Object Name: Media Center Guide Error - 16/04/2008 16:20:53 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. Error - 18/04/2008 06:03:59 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. Error - 23/05/2008 15:26:00 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. Error - 25/05/2008 05:33:59 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0 Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight. Error - 13/06/2008 05:59:16 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0 Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError returned 10000105 Process: DefaultDomain Object Name: Media Center Guide Error - 13/06/2008 05:59:20 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0 Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Process: DefaultDomain Object Name: Media Center Guide Error - 06/07/2008 10:25:18 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0 Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Process: DefaultDomain Object Name: Media Center Guide Error - 17/07/2008 13:14:36 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0 Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Process: DefaultDomain Object Name: Media Center Guide Error - 05/09/2008 15:57:45 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0 Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError returned 10000105 Process: DefaultDomain Object Name: Media Center Guide [ OSession Events ] Error - 18/10/2008 15:29:03 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1255 seconds with 900 seconds of active time. This session ended with a crash. Error - 27/03/2009 08:02:12 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 754 seconds with 0 seconds of active time. This session ended with a crash. Error - 16/04/2009 10:06:10 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1867 seconds with 660 seconds of active time. This session ended with a crash. Error - 13/01/2011 14:20:58 | Computer Name = ToshLaptop | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 319 seconds with 120 seconds of active time. This session ended with a crash. Error - 02/07/2011 16:36:47 | Computer Name = ToshLaptop | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 135 seconds with 0 seconds of active time. This session ended with a crash. [ System Events ] Error - 18/01/2012 06:16:29 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199 Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume . Error - 18/01/2012 11:08:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199 Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume . Error - 18/01/2012 11:08:26 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199 Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume . Error - 18/01/2012 11:08:26 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199 Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume . Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7001 Description = Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7000 Description = Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7001 Description = Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7026 Description = Error - 18/01/2012 11:09:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199 Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume . Error - 18/01/2012 11:29:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199 Description = The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume . < End of report >

2nd Posting of 3 of Scans OTL.Txt Scan. OTL logfile created on: 18/01/2012 18:38:31 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = E:\Tony\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy 2.00 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.63% Memory free 4.23 Gb Paging File | 2.86 Gb Available in Paging File | 67.58% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 55.66 Gb Total Space | 4.23 Gb Free Space | 7.59% Space Free | Partition Type: NTFS Drive E: | 54.66 Gb Total Space | 16.95 Gb Free Space | 31.01% Space Free | Partition Type: NTFS Computer Name: TOSHLAPTOP | User Name: Tony | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/01/18 18:37:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com PRC - [2012/01/17 19:58:31 | 001,130,496 | ---- | M] (Zhorn Software) -- C:\Program Files\Stickies\stickies.exe PRC - [2011/12/22 16:38:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe PRC - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe PRC - [2011/02/07 16:42:10 | 000,477,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MSC\McUICnt.exe PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe PRC - [2010/12/14 07:31:12 | 000,184,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSM\McSmtFwk.exe PRC - [2010/08/27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2008/06/24 18:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe PRC - [2007/06/07 15:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\O2\bin\sprtsvc.exe PRC - [2006/12/14 19:06:14 | 000,428,152 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe PRC - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe PRC - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe PRC - [2006/09/12 07:03:00 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe PRC - [2006/08/23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe PRC - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe ========== Modules (No Company Name) ========== MOD - [2012/01/17 19:58:30 | 000,049,152 | ---- | M] () -- C:\Program Files\Stickies\shook70.dll MOD - [2011/12/22 16:38:40 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll MOD - [2011/11/15 20:08:02 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL ========== Win32 Services (SafeList) ========== SRV - [2011/10/18 16:59:54 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS) SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp) SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire) SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield) SRV - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE) SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc) SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc) SRV - [2010/09/24 16:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist) SRV - [2010/08/27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO) SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService) SRV - [2010/06/25 17:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental) SRV - [2008/06/24 18:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc) SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2007/06/07 15:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\O2\bin\sprtsvc.exe -- (sprtsvc_O2) SupportSoft Sprocket Service (O2) SRV - [2006/12/14 19:06:14 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv) SRV - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs) SRV - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service) SRV - [2006/09/12 07:03:00 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio) SRV - [2006/08/23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper) SRV - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv) ========== Driver Services (SafeList) ========== DRV - [2012/01/16 19:55:08 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter) DRV - [2012/01/16 19:55:08 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter) DRV - [2012/01/16 19:54:59 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman) DRV - [2012/01/16 19:54:56 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman) DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk) DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek) DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk) DRV - [2011/10/15 13:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk) DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk) DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet) DRV - [2011/10/15 13:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk) DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk) DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids) DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV) DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL) DRV - [2010/12/30 14:19:40 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice) DRV - [2010/06/25 17:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF) DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk) DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk) DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk) DRV - [2009/01/30 08:12:00 | 007,544,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm) DRV - [2008/11/17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel® DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER) DRV - [2007/11/09 04:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ) DRV - [2007/09/26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel® DRV - [2007/01/09 08:22:28 | 000,006,144 | ---- | M] (Chic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr) DRV - [2006/11/19 22:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk) DRV - [2006/10/30 08:42:28 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel® DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec) DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst) DRV - [2006/08/31 05:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem) DRV - [2006/07/06 12:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21) DRV - [2006/02/14 17:50:52 | 000,216,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I) DRV - [2006/02/14 17:41:20 | 000,208,256 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N) DRV - [2005/08/01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom) DRV - [2004/03/30 17:29:48 | 000,374,816 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PRISMA02.sys -- (PRISM_A02) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = E:\Tony\Desktop IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tonyquarmby.webs.com/ IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Secure Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3 FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1 FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5 FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1 FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0 FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=mcafee&p=" FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll () FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc) FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/09 18:37:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/18 15:12:29 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/22 16:38:43 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/17 19:33:08 | 000,000,000 | ---D | M] [2012/01/11 18:07:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Extensions [2011/01/16 15:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\4ddpy4my.Default User\extensions [2011/01/16 15:01:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\4ddpy4my.Default User\extensions\vshare@toolbar [2012/01/06 10:31:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions [2008/09/08 18:42:30 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(179) [2012/01/04 08:24:58 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2010/04/27 16:14:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011/09/29 19:08:15 | 000,000,000 | ---D | M] (Worksmedia kiosk) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{3D72F2D1-EC9F-47d8-AF1F-E9F027FCA20C} [2010/08/29 19:55:26 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492} [2011/07/04 16:45:50 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\en-GB@dictionaries.addons.mozilla.org [2011/08/14 11:23:34 | 000,002,571 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\searchplugins\askcom.xml [2011/01/16 15:14:32 | 000,001,583 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\searchplugins\web-search.xml [2012/01/16 19:31:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2012/01/16 19:31:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2012/01/18 15:12:29 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE () (No name found) -- C:\USERS\TONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8W1JRLX1.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI () (No name found) -- C:\USERS\TONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8W1JRLX1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011/12/22 16:38:42 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2004/07/02 13:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\components\np32asw.dll [2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll [2004/07/02 13:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll [2011/05/23 09:37:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2007/04/05 17:12:50 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\mozilla firefox\plugins\npdsplay.dll [2009/07/15 12:07:07 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll [2008/06/30 21:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll [2007/04/05 17:14:35 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npwmsdrm.dll [2010/01/01 08:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2011/09/07 12:12:38 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml [2011/11/09 17:53:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml O1 HOSTS File: ([2011/05/17 14:07:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO) O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227165111.dll (McAfee, Inc.) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (no name) - {8B68564D-53FD-4293-B80C-993A9F3988EE} - No CLSID value found. O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.) O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.) O4 - HKLM..\Run: [NPSStartup] File not found O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA) O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM () O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM () O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software) O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch...acker_url.pl?EN File not found O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: internet ([]about in Trusted sites) O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites) O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: microsoft.com ([office] http in Trusted sites) O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites) O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites) O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: office.com ([]http in Trusted sites) O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: ukhairdressers.com ([www] http in Trusted sites) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C05DF91-ED39-4D58-99F1-092B34C46930}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5291AF49-A5C9-4154-90AC-597BAF10F533}: DhcpNameServer = 192.168.1.254 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\vsharechrome - No CLSID value found O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.) O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com) O24 - Desktop WallPaper: C:\Users\Tony\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O24 - Desktop BackupWallPaper: C:\Users\Tony\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com) O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\System32\relog_ap.dll (Acronis) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2012/01/18 18:37:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com [2012/01/18 18:32:51 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\RK_Quarantine [2012/01/18 18:28:52 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\Malwarebyte Asst [2012/01/18 17:07:30 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\HUMAX HDR-FOXT2 [2012/01/18 15:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee [2012/01/17 19:40:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [2012/01/17 18:56:42 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\dvdmf-20070731144350 [2012/01/17 15:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2012/01/16 20:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio [2012/01/16 20:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny [2012/01/16 20:14:05 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Downloaded Installations [2012/01/16 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster [2012/01/16 19:32:50 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll [2012/01/16 19:32:50 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll [2012/01/16 19:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft [2012/01/16 19:32:49 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll [2012/01/16 19:32:49 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax [2012/01/16 19:32:48 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax [2012/01/16 19:32:48 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax [2012/01/16 19:32:48 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax [2012/01/16 19:32:47 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax [2012/01/16 19:32:40 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax [2012/01/16 19:32:37 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax [2012/01/16 19:32:33 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax [2012/01/16 19:32:32 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax [2012/01/16 19:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar [2012/01/16 19:31:44 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Babylon [2012/01/16 19:31:40 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Babylon [2012/01/16 19:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2012/01/16 19:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft [2012/01/16 19:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smoky City Design [2012/01/16 19:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Smoky City Design [2012/01/16 18:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012/01/16 18:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2012/01/16 08:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER [2012/01/16 07:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2012/01/15 22:07:33 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\EnablePinToStart [2012/01/14 10:18:53 | 014,054,768 | ---- | C] (SUPERAntiSpyware.com) -- E:\Tony\Desktop\SUPERAntiSpyware.exe [2012/01/13 22:19:05 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\All_Users_Home_Premium [2012/01/13 21:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/01/12 15:41:37 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check [2012/01/11 15:18:21 | 000,000,000 | ---D | C] -- E:\Tony\Documents\Golf Club Ladies Section [2012/01/10 18:10:31 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Moonchild Productions [2012/01/10 18:10:30 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Moonchild Productions [2011/12/30 14:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix [2011/12/30 14:25:38 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Citrix [3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/01/18 18:37:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com [2012/01/18 18:36:09 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/18 18:32:42 | 000,787,456 | ---- | M] () -- E:\Tony\Desktop\RogueKiller.exe [2012/01/18 18:30:13 | 000,334,421 | ---- | M] () -- E:\Tony\Desktop\FSS.exe [2012/01/18 18:01:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945816239-1367927972-834362508-1000UA.job [2012/01/18 17:08:23 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012/01/18 17:08:23 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012/01/18 17:07:24 | 000,101,384 | ---- | M] () -- C:\ProgramData\nvModes.001 [2012/01/18 15:15:15 | 000,001,700 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk [2012/01/18 15:12:01 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Untitled.URL [2012/01/18 15:08:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/01/18 10:01:04 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945816239-1367927972-834362508-1000Core.job [2012/01/17 21:30:53 | 000,000,059 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Huddersfield Town Welcome.URL [2012/01/17 21:05:12 | 000,000,086 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Buy Samsung BD-DT7800M HDD 500GB Digital Recorder, Freeview HD with Built-in Wi-Fi online at JohnLewis.com.URL [2012/01/17 20:56:25 | 000,002,611 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk [2012/01/17 20:53:59 | 000,000,098 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital TV receivers & recorders 2011 winner - What Hi-Fi Sound and Vision Awards whathifi.com.URL [2012/01/17 20:41:33 | 000,000,071 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\ThatCable HDMI review from the experts at whathifi.com.URL [2012/01/17 20:35:25 | 000,000,105 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Toshiba Support Forums Toshiba Product Recovery.URL [2012/01/17 19:58:31 | 000,000,805 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk [2012/01/17 19:58:31 | 000,000,589 | ---- | M] () -- C:\Windows\uninstallstickies.bat [2012/01/17 19:06:53 | 000,101,384 | ---- | M] () -- C:\ProgramData\nvModes.dat [2012/01/17 17:32:12 | 000,000,695 | ---- | M] () -- E:\Tony\Desktop\ExtractNow.lnk [2012/01/17 15:54:31 | 007,711,788 | ---- | M] () -- E:\Tony\Documents\Firefox 9.0.1 (en-US) - 2012-01-17.pcv [2012/01/17 12:07:33 | 000,000,110 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Panasonic DMREX83 Black DVD Recorder HDD 250GB Freeview Richer Sounds.URL [2012/01/17 10:21:56 | 000,000,122 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Humax HDR-FOXT2 Freeview+ HD Box 500GB Hard Drive PVR Richer Sounds.URL [2012/01/16 20:26:15 | 000,000,078 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Removal - HijackThis Logs - Malwarebytes Forum.URL [2012/01/16 19:54:53 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk [2012/01/16 19:38:00 | 000,000,727 | ---- | M] () -- E:\Tony\Desktop\SpywareBlaster.lnk [2012/01/16 19:32:04 | 000,000,237 | ---- | M] () -- C:\user.js [2012/01/16 19:20:51 | 000,000,077 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [2012/01/16 18:13:01 | 000,000,079 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\General Malwarebytes' Anti-Malware Forum - Malwarebytes Forum.URL [2012/01/16 18:11:35 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\search redirected - Malwarebytes Forum.URL [2012/01/16 08:16:26 | 000,002,639 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk [2012/01/16 08:15:26 | 000,416,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012/01/16 07:28:08 | 000,614,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012/01/16 07:28:08 | 000,111,882 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012/01/15 22:07:11 | 000,000,128 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Enable Pin to Start Menu for Folders in Windows Vista XP - How-To Geek.URL [2012/01/15 22:03:36 | 000,000,123 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pin Any Folder to the Vista Start Menu the Easy Way - How-To Geek.URL [2012/01/15 17:34:31 | 000,000,116 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - Restore Missing Default Shortcuts - Vista Forums.URL [2012/01/15 14:51:29 | 000,119,185 | ---- | M] () -- E:\Tony\Desktop\System Restore Failure.jpg [2012/01/15 13:28:52 | 000,001,356 | ---- | M] () -- C:\Users\Tony\AppData\Local\d3d9caps.dat [2012/01/15 10:50:30 | 000,000,112 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\CLICK FREE C2 Portable Hard Drive - 500GB buy online Currys.URL [2012/01/15 10:40:27 | 000,000,145 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\500GB ClickFree C2N USB 3.0 External Portable Home Backup Drive - HDD - 527N3-1004-300 - Scan.co.uk.URL [2012/01/15 10:30:13 | 000,000,066 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Clickfree C2 Portable Backup Clickfree Automatic Backup.URL [2012/01/14 22:18:41 | 000,000,845 | ---- | M] () -- E:\Tony\Desktop\CCleaner.lnk [2012/01/14 22:00:40 | 000,000,080 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Open Talk Forum Digital Photography Review.URL [2012/01/14 21:30:01 | 000,000,062 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Canon Digital Photography Forums - Powered by vBulletin.URL [2012/01/14 21:24:30 | 000,000,047 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\BBC - Homepage.URL [2012/01/14 11:34:55 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\DATM - Down At The Mac - Huddersfield Town Forum - Talk of the Town.URL [2012/01/14 11:14:56 | 000,000,091 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How come i cant find microsoft word processor on my computer - Yahoo! Answers.URL [2012/01/14 10:31:26 | 000,000,209 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Sign In.URL [2012/01/14 10:23:04 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012/01/14 10:22:05 | 014,054,768 | ---- | M] (SUPERAntiSpyware.com) -- E:\Tony\Desktop\SUPERAntiSpyware.exe [2012/01/14 10:18:05 | 000,000,050 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.URL [2012/01/14 09:32:18 | 000,000,071 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Helproom - Forums - PC Advisor.URL [2012/01/14 09:30:13 | 000,000,074 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - All Programs are missing - Vista Help.URL [2012/01/14 09:14:55 | 000,000,081 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\post virus removal all start menu programs empty.URL [2012/01/14 08:39:24 | 000,000,515 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Music - Shortcut.lnk [2012/01/14 08:39:17 | 000,000,528 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pictures - Shortcut.lnk [2012/01/14 08:35:40 | 000,000,149 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How do I get programs back onto my StartAll programs menu They disappeared yesterday -- Office, Games,.URL [2012/01/13 22:50:35 | 000,001,610 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk [2012/01/13 22:16:14 | 000,000,104 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk [2012/01/13 21:19:05 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/13 21:04:35 | 001,008,141 | ---- | M] () -- E:\Tony\Desktop\rkill.exe [2012/01/13 20:24:27 | 000,684,297 | ---- | M] () -- E:\Tony\Desktop\unhide.exe [2012/01/11 16:19:08 | 000,001,180 | ---- | M] () -- E:\Tony\Documents\cc_20120111_161902.reg [2012/01/04 13:02:31 | 000,750,815 | ---- | M] () -- E:\Tony\Desktop\manual_retuning.pdf [2011/12/31 19:36:16 | 000,000,598 | ---- | M] () -- E:\Tony\Documents\cc_20111231_193610.reg [2011/12/30 14:25:36 | 000,103,784 | ---- | M] () -- C:\Users\Tony\GoToAssistDownloadHelper.exe [2011/12/23 18:07:54 | 062,982,162 | ---- | M] () -- E:\Tony\Desktop\Marys Calendar 2012.psd [2011/12/23 14:41:04 | 000,527,461 | R--- | M] () -- E:\Tony\Documents\TextMaskTutorial.pdf [2011/12/22 15:22:49 | 001,959,439 | ---- | M] () -- E:\Tony\Desktop\2012 Calendar Photoshop .psd [3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/01/18 18:32:59 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys [2012/01/18 18:32:43 | 000,787,456 | ---- | C] () -- E:\Tony\Desktop\RogueKiller.exe [2012/01/18 18:30:16 | 000,334,421 | ---- | C] () -- E:\Tony\Desktop\FSS.exe [2012/01/18 15:12:01 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Untitled.URL [2012/01/17 21:30:53 | 000,000,059 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Huddersfield Town Welcome.URL [2012/01/17 21:05:12 | 000,000,086 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Buy Samsung BD-DT7800M HDD 500GB Digital Recorder, Freeview HD with Built-in Wi-Fi online at JohnLewis.com.URL [2012/01/17 20:53:59 | 000,000,098 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital TV receivers & recorders 2011 winner - What Hi-Fi Sound and Vision Awards whathifi.com.URL [2012/01/17 20:41:33 | 000,000,071 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\ThatCable HDMI review from the experts at whathifi.com.URL [2012/01/17 19:58:31 | 000,000,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk [2012/01/17 19:40:12 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk [2012/01/17 19:40:12 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk [2012/01/17 19:40:12 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012/01/17 19:40:12 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk [2012/01/17 19:40:12 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk [2012/01/17 19:40:12 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk [2012/01/17 19:40:12 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk [2012/01/17 19:40:12 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk [2012/01/17 19:40:12 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk [2012/01/17 19:40:11 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012/01/17 19:04:15 | 000,000,105 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Toshiba Support Forums Toshiba Product Recovery.URL [2012/01/17 15:54:24 | 007,711,788 | ---- | C] () -- E:\Tony\Documents\Firefox 9.0.1 (en-US) - 2012-01-17.pcv [2012/01/17 12:07:33 | 000,000,110 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Panasonic DMREX83 Black DVD Recorder HDD 250GB Freeview Richer Sounds.URL [2012/01/17 10:21:56 | 000,000,122 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Humax HDR-FOXT2 Freeview+ HD Box 500GB Hard Drive PVR Richer Sounds.URL [2012/01/16 20:26:15 | 000,000,078 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Removal - HijackThis Logs - Malwarebytes Forum.URL [2012/01/16 19:54:53 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk [2012/01/16 19:38:00 | 000,000,727 | ---- | C] () -- E:\Tony\Desktop\SpywareBlaster.lnk [2012/01/16 19:32:49 | 000,121,344 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.ax [2012/01/16 19:32:49 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll [2012/01/16 19:32:47 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax [2012/01/16 19:32:44 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax [2012/01/16 19:32:41 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax [2012/01/16 19:32:37 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax [2012/01/16 19:32:33 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax [2012/01/16 19:32:33 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax [2012/01/16 19:32:32 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax [2012/01/16 19:32:32 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax [2012/01/16 19:32:02 | 000,000,237 | ---- | C] () -- C:\user.js [2012/01/16 19:20:51 | 000,000,077 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf [2012/01/16 18:50:26 | 000,001,713 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba TEMPRO Alerts.lnk [2012/01/16 18:13:01 | 000,000,079 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\General Malwarebytes' Anti-Malware Forum - Malwarebytes Forum.URL [2012/01/16 18:11:35 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\search redirected - Malwarebytes Forum.URL [2012/01/16 08:16:26 | 000,002,639 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk [2012/01/16 08:15:40 | 000,002,611 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk [2012/01/15 22:07:11 | 000,000,128 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Enable Pin to Start Menu for Folders in Windows Vista XP - How-To Geek.URL [2012/01/15 22:03:36 | 000,000,123 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pin Any Folder to the Vista Start Menu the Easy Way - How-To Geek.URL [2012/01/15 17:34:31 | 000,000,116 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - Restore Missing Default Shortcuts - Vista Forums.URL [2012/01/15 14:51:15 | 000,119,185 | ---- | C] () -- E:\Tony\Desktop\System Restore Failure.jpg [2012/01/15 10:50:30 | 000,000,112 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\CLICK FREE C2 Portable Hard Drive - 500GB buy online Currys.URL [2012/01/15 10:40:27 | 000,000,145 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\500GB ClickFree C2N USB 3.0 External Portable Home Backup Drive - HDD - 527N3-1004-300 - Scan.co.uk.URL [2012/01/15 10:30:13 | 000,000,066 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Clickfree C2 Portable Backup Clickfree Automatic Backup.URL [2012/01/14 22:18:41 | 000,000,845 | ---- | C] () -- E:\Tony\Desktop\CCleaner.lnk [2012/01/14 22:00:40 | 000,000,080 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Open Talk Forum Digital Photography Review.URL [2012/01/14 21:30:01 | 000,000,062 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Canon Digital Photography Forums - Powered by vBulletin.URL [2012/01/14 21:24:30 | 000,000,047 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\BBC - Homepage.URL [2012/01/14 11:34:55 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\DATM - Down At The Mac - Huddersfield Town Forum - Talk of the Town.URL [2012/01/14 11:14:56 | 000,000,091 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How come i cant find microsoft word processor on my computer - Yahoo! Answers.URL [2012/01/14 10:31:26 | 000,000,209 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Sign In.URL [2012/01/14 10:23:04 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk [2012/01/14 10:18:05 | 000,000,050 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.URL [2012/01/14 09:32:18 | 000,000,071 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Helproom - Forums - PC Advisor.URL [2012/01/14 09:30:13 | 000,000,074 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - All Programs are missing - Vista Help.URL [2012/01/14 09:14:55 | 000,000,081 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\post virus removal all start menu programs empty.URL [2012/01/14 08:39:24 | 000,000,515 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Music - Shortcut.lnk [2012/01/14 08:39:17 | 000,000,528 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pictures - Shortcut.lnk [2012/01/14 08:35:40 | 000,000,149 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How do I get programs back onto my StartAll programs menu They disappeared yesterday -- Office, Games,.URL [2012/01/13 22:50:35 | 000,001,610 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk [2012/01/13 22:16:14 | 000,000,104 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk [2012/01/13 21:19:05 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk [2012/01/13 21:04:24 | 001,008,141 | ---- | C] () -- E:\Tony\Desktop\rkill.exe [2012/01/13 20:24:29 | 000,684,297 | ---- | C] () -- E:\Tony\Desktop\unhide.exe [2012/01/13 17:55:55 | 000,000,954 | ---- | C] () -- E:\Tony\Desktop\Internet Explorer.lnk [2012/01/12 16:04:57 | 000,001,700 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk [2012/01/11 16:19:04 | 000,001,180 | ---- | C] () -- E:\Tony\Documents\cc_20120111_161902.reg [2012/01/04 13:02:28 | 000,750,815 | ---- | C] () -- E:\Tony\Desktop\manual_retuning.pdf [2011/12/31 19:36:14 | 000,000,598 | ---- | C] () -- E:\Tony\Documents\cc_20111231_193610.reg [2011/12/30 14:25:34 | 000,103,784 | ---- | C] () -- C:\Users\Tony\GoToAssistDownloadHelper.exe [2011/12/23 16:52:55 | 062,982,162 | ---- | C] () -- E:\Tony\Desktop\Marys Calendar 2012.psd [2011/12/23 14:41:07 | 000,527,461 | R--- | C] () -- E:\Tony\Documents\TextMaskTutorial.pdf [2011/12/22 15:22:49 | 001,959,439 | ---- | C] () -- E:\Tony\Desktop\2012 Calendar Photoshop .psd [2011/05/13 17:03:11 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys [2011/03/05 18:10:49 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011/03/05 18:10:49 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2010/12/29 16:19:33 | 000,709,456 | ---- | C] () -- C:\Windows\is-NDSD7.exe [2010/10/23 12:57:34 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll [2010/10/23 12:33:41 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010/10/23 12:33:41 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2010/07/08 14:48:17 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2010/06/25 17:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll [2009/10/03 10:56:27 | 000,004,096 | ---- | C] () -- C:\Users\Tony\AppData\Local\keyfile3.drm [2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll [2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe [2009/05/29 18:21:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2009/05/29 18:21:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2009/05/27 17:01:35 | 000,101,384 | ---- | C] () -- C:\ProgramData\nvModes.dat [2009/05/27 17:01:35 | 000,101,384 | ---- | C] () -- C:\ProgramData\nvModes.001 [2009/01/02 16:25:23 | 000,022,528 | ---- | C] () -- C:\Windows\exeshl.dll [2009/01/02 16:25:23 | 000,000,090 | ---- | C] () -- C:\Windows\netctrl.ini [2008/11/06 15:33:45 | 000,000,125 | ---- | C] () -- C:\Windows\AndreaMosaicPortrait.INI [2008/11/05 20:33:20 | 000,000,220 | ---- | C] () -- C:\Windows\AndreaMosaic.INI [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll [2008/07/23 10:13:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2008/06/17 14:48:16 | 000,000,728 | ---- | C] () -- C:\Windows\{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}_WiseFW.ini [2008/05/13 01:53:16 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll [2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys [2007/06/29 14:42:36 | 000,167,504 | ---- | C] () -- C:\Windows\System32\mlfcache.dat [2007/03/25 15:19:26 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2007/03/25 14:28:26 | 000,014,230 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate [2007/03/22 19:23:29 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI [2007/03/14 10:29:33 | 000,001,801 | ---- | C] () -- C:\Windows\mozver.dat [2007/03/13 20:35:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2007/02/23 19:28:51 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI [2007/02/01 19:36:58 | 000,064,000 | ---- | C] () -- C:\Users\Tony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007/02/01 15:41:33 | 000,278,528 | ---- | C] () -- C:\Program Files\Common Files\FDEUnInstaller.exe [2007/02/01 13:07:53 | 000,000,102 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\wklnhst.dat [2007/02/01 12:37:06 | 000,012,978 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\nvModes.dat [2007/02/01 12:37:06 | 000,012,978 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\nvModes.001 [2007/02/01 11:26:56 | 000,001,356 | ---- | C] () -- C:\Users\Tony\AppData\Local\d3d9caps.dat [2006/12/15 11:57:23 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll [2006/12/15 11:57:23 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll [2006/12/15 11:57:23 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll [2006/12/15 11:57:23 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll [2006/12/15 11:57:23 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll [2006/12/15 11:57:23 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll [2006/12/15 11:40:24 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI [2006/12/15 11:22:30 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini [2006/12/15 11:22:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll [2006/12/15 11:22:30 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini [2006/12/15 11:22:30 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini [2006/12/15 11:19:10 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat [2006/12/15 11:19:10 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat [2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2006/11/02 12:47:37 | 000,416,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 10:33:01 | 000,614,658 | ---- | C] () -- C:\Windows\System32\perfh009.dat [2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat [2006/11/02 10:33:01 | 000,111,882 | ---- | C] () -- C:\Windows\System32\perfc009.dat [2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat [2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat [2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT [2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat [2006/10/31 17:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll [2006/08/10 15:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll [2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll ========== LOP Check ========== [2008/11/25 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Alfac [2011/08/15 16:59:52 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Apowersoft [2009/12/31 20:37:15 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ASAP Utilities [2010/09/16 12:40:04 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Ashampoo [2009/05/04 14:55:01 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Audio Record Edit Toolbox Pro [2009/05/04 14:26:07 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Audio Recorder for Free [2008/06/28 20:09:34 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Auslogics [2012/01/16 19:31:40 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Babylon [2009/03/10 13:05:42 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\DeepBurner [2012/01/14 22:41:10 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Dropbox [2009/07/15 12:07:24 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Foxit [2010/03/04 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Foxit Software [2008/11/08 21:15:21 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\GARMIN [2011/08/15 15:50:04 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\GrabPro [2010/12/07 19:05:36 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\gtk-2.0 [2007/04/30 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ieSpell [2011/10/15 10:56:08 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Imagenomic [2008/05/26 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ImgBurn [2008/03/22 12:30:02 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\InterVideo [2009/02/24 16:59:28 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\IObit [2010/03/02 20:08:53 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\IrfanView [2012/01/10 19:01:54 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Moonchild Productions [2008/10/06 11:03:02 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\MSNStockQuote [2011/05/24 11:25:49 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Opera [2011/08/15 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Orbit [2010/05/31 09:57:07 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Password Solutions [2011/03/05 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\PC Suite [2011/03/11 20:08:09 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\picpick [2009/02/05 15:48:39 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Prish [2011/08/15 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ProgSense [2010/01/22 18:04:59 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\RawTherapee [2012/01/16 20:36:50 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Samsung [2010/07/08 14:53:46 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Soluto [2012/01/18 15:08:46 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\stickies [2009/05/27 16:36:18 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\SystemRequirementsLab [2007/02/01 13:08:03 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Template [2007/05/18 17:02:55 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\toshiba [2012/01/17 19:33:38 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Ulead Systems [2008/02/01 19:42:40 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Vso [2010/11/18 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Webshots [2009/09/04 11:56:29 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\WinBatch [2008/10/29 18:59:50 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\XnView [2012/01/18 10:37:12 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:5C321E34 < End of report >