anthonyq
-
Posts
34 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by anthonyq
-
-
Will do, thank you for your help so far.
Regards T
-
MrC
Seeing as you say it looks O.K.
Shall I run the laptop for a while to see how it goes then report back
-
TDSSKiller Scan as requested.
18:20:05.0730 3332 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04
18:20:06.0665 3332 ============================================================
18:20:06.0665 3332 Current date / time: 2012/01/19 18:20:06.0664
18:20:06.0665 3332 SystemInfo:
18:20:06.0665 3332
18:20:06.0665 3332 OS Version: 6.0.6002 ServicePack: 2.0
18:20:06.0665 3332 Product type: Workstation
18:20:06.0665 3332 ComputerName: TOSHLAPTOP
18:20:06.0666 3332 UserName: Tony
18:20:06.0666 3332 Windows directory: C:\Windows
18:20:06.0666 3332 System windows directory: C:\Windows
18:20:06.0666 3332 Processor architecture: Intel x86
18:20:06.0666 3332 Number of processors: 2
18:20:06.0666 3332 Page size: 0x1000
18:20:06.0666 3332 Boot type: Normal boot
18:20:06.0666 3332 ============================================================
18:20:09.0491 3332 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:20:09.0551 3332 Initialize success
18:20:30.0928 4520 ============================================================
18:20:30.0928 4520 Scan started
18:20:30.0928 4520 Mode: Manual; SigCheck; TDLFS;
18:20:30.0928 4520 ============================================================
18:20:32.0195 4520 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
18:20:32.0526 4520 ACPI - ok
18:20:32.0773 4520 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
18:20:32.0870 4520 adp94xx - ok
18:20:33.0070 4520 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
18:20:33.0118 4520 adpahci - ok
18:20:33.0157 4520 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
18:20:33.0200 4520 adpu160m - ok
18:20:33.0231 4520 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
18:20:33.0267 4520 adpu320 - ok
18:20:33.0509 4520 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
18:20:33.0679 4520 AFD - ok
18:20:33.0971 4520 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys
18:20:34.0466 4520 AgereSoftModem - ok
18:20:34.0625 4520 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
18:20:34.0656 4520 agp440 - ok
18:20:34.0706 4520 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
18:20:34.0738 4520 aic78xx - ok
18:20:34.0769 4520 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
18:20:34.0808 4520 aliide - ok
18:20:34.0842 4520 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
18:20:34.0879 4520 amdagp - ok
18:20:35.0042 4520 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
18:20:35.0080 4520 amdide - ok
18:20:35.0105 4520 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
18:20:35.0409 4520 AmdK7 - ok
18:20:35.0573 4520 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
18:20:35.0704 4520 AmdK8 - ok
18:20:35.0745 4520 Apowersoft_AudioDevice (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
18:20:35.0855 4520 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - warning
18:20:35.0855 4520 Apowersoft_AudioDevice - detected UnsignedFile.Multi.Generic (1)
18:20:36.0022 4520 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
18:20:36.0063 4520 arc - ok
18:20:36.0089 4520 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
18:20:36.0128 4520 arcsas - ok
18:20:36.0183 4520 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
18:20:36.0390 4520 AsyncMac - ok
18:20:36.0542 4520 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
18:20:36.0575 4520 atapi - ok
18:20:36.0637 4520 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
18:20:36.0724 4520 Beep - ok
18:20:36.0747 4520 blbdrive - ok
18:20:36.0814 4520 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
18:20:36.0983 4520 bowser - ok
18:20:37.0037 4520 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
18:20:37.0153 4520 BrFiltLo - ok
18:20:37.0333 4520 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
18:20:37.0407 4520 BrFiltUp - ok
18:20:37.0449 4520 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
18:20:37.0557 4520 Brserid - ok
18:20:37.0709 4520 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
18:20:37.0832 4520 BrSerWdm - ok
18:20:37.0869 4520 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
18:20:37.0950 4520 BrUsbMdm - ok
18:20:37.0982 4520 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
18:20:38.0077 4520 BrUsbSer - ok
18:20:38.0230 4520 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
18:20:38.0335 4520 BTHMODEM - ok
18:20:38.0343 4520 catchme - ok
18:20:38.0393 4520 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
18:20:38.0451 4520 cdfs - ok
18:20:38.0602 4520 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
18:20:38.0665 4520 cdrom - ok
18:20:38.0717 4520 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
18:20:38.0911 4520 cfwids - ok
18:20:39.0076 4520 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
18:20:39.0174 4520 circlass - ok
18:20:39.0217 4520 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
18:20:39.0268 4520 CLFS - ok
18:20:39.0336 4520 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
18:20:39.0431 4520 CmBatt - ok
18:20:39.0582 4520 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
18:20:39.0619 4520 cmdide - ok
18:20:39.0662 4520 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
18:20:39.0698 4520 Compbatt - ok
18:20:39.0717 4520 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
18:20:39.0753 4520 crcdisk - ok
18:20:39.0775 4520 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
18:20:39.0860 4520 Crusoe - ok
18:20:40.0040 4520 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
18:20:40.0115 4520 DfsC - ok
18:20:40.0150 4520 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
18:20:40.0182 4520 disk - ok
18:20:40.0258 4520 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
18:20:40.0356 4520 drmkaud - ok
18:20:40.0525 4520 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
18:20:40.0766 4520 DXGKrnl - ok
18:20:40.0916 4520 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys
18:20:41.0002 4520 E100B - ok
18:20:41.0059 4520 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
18:20:41.0195 4520 E1G60 - ok
18:20:41.0376 4520 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
18:20:41.0425 4520 Ecache - ok
18:20:41.0496 4520 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
18:20:41.0547 4520 elxstor - ok
18:20:41.0681 4520 EraserUtilRebootDrv - ok
18:20:41.0874 4520 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
18:20:41.0977 4520 exfat - ok
18:20:42.0025 4520 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
18:20:42.0108 4520 fastfat - ok
18:20:42.0270 4520 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
18:20:42.0391 4520 fdc - ok
18:20:42.0466 4520 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
18:20:42.0503 4520 FileInfo - ok
18:20:42.0662 4520 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
18:20:42.0746 4520 Filetrace - ok
18:20:42.0781 4520 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
18:20:42.0901 4520 flpydisk - ok
18:20:42.0951 4520 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
18:20:42.0996 4520 FltMgr - ok
18:20:43.0145 4520 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
18:20:43.0308 4520 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
18:20:43.0308 4520 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
18:20:43.0408 4520 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
18:20:43.0492 4520 Fs_Rec - ok
18:20:43.0642 4520 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
18:20:43.0814 4520 FwLnk - ok
18:20:43.0845 4520 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
18:20:43.0881 4520 gagp30kx - ok
18:20:43.0934 4520 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys
18:20:43.0990 4520 grmnusb - ok
18:20:44.0187 4520 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
18:20:44.0321 4520 HdAudAddService - ok
18:20:44.0385 4520 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
18:20:44.0489 4520 HDAudBus - ok
18:20:44.0643 4520 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
18:20:44.0767 4520 HidBth - ok
18:20:44.0794 4520 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
18:20:44.0922 4520 HidIr - ok
18:20:45.0090 4520 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
18:20:45.0166 4520 HidUsb - ok
18:20:45.0232 4520 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
18:20:45.0269 4520 HpCISSs - ok
18:20:45.0361 4520 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
18:20:45.0510 4520 HTTP - ok
18:20:45.0665 4520 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
18:20:45.0701 4520 i2omp - ok
18:20:45.0751 4520 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
18:20:45.0832 4520 i8042prt - ok
18:20:45.0875 4520 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
18:20:45.0921 4520 iaStorV - ok
18:20:46.0090 4520 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
18:20:46.0131 4520 iirsp - ok
18:20:46.0249 4520 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys
18:20:46.0667 4520 IntcAzAudAddService - ok
18:20:46.0832 4520 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
18:20:46.0859 4520 intelide - ok
18:20:46.0905 4520 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
18:20:46.0976 4520 intelppm - ok
18:20:47.0023 4520 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:20:47.0105 4520 IpFilterDriver - ok
18:20:47.0253 4520 IpInIp - ok
18:20:47.0298 4520 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
18:20:47.0425 4520 IPMIDRV - ok
18:20:47.0474 4520 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
18:20:47.0563 4520 IPNAT - ok
18:20:47.0720 4520 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
18:20:47.0805 4520 IRENUM - ok
18:20:47.0873 4520 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
18:20:47.0912 4520 isapnp - ok
18:20:48.0083 4520 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
18:20:48.0133 4520 iScsiPrt - ok
18:20:48.0203 4520 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
18:20:48.0243 4520 iteatapi - ok
18:20:48.0263 4520 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
18:20:48.0302 4520 iteraid - ok
18:20:48.0354 4520 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
18:20:48.0390 4520 kbdclass - ok
18:20:48.0542 4520 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
18:20:48.0645 4520 kbdhid - ok
18:20:48.0694 4520 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
18:20:48.0809 4520 KMWDFILTER - ok
18:20:48.0852 4520 KR10I (1e0d65f7ffeb4e99b2eec1ccb5754cc8) C:\Windows\system32\drivers\kr10i.sys
18:20:48.0995 4520 KR10I - ok
18:20:49.0148 4520 KR10N (0f9e83709cbb60b1549f3a65d0ab6e4f) C:\Windows\system32\drivers\kr10n.sys
18:20:49.0285 4520 KR10N - ok
18:20:49.0348 4520 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
18:20:49.0597 4520 KSecDD - ok
18:20:49.0783 4520 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
18:20:49.0869 4520 lltdio - ok
18:20:49.0929 4520 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
18:20:49.0968 4520 LSI_FC - ok
18:20:49.0991 4520 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
18:20:50.0034 4520 LSI_SAS - ok
18:20:50.0199 4520 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
18:20:50.0239 4520 LSI_SCSI - ok
18:20:50.0300 4520 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
18:20:50.0393 4520 luafv - ok
18:20:50.0471 4520 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
18:20:50.0508 4520 megasas - ok
18:20:50.0676 4520 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
18:20:50.0830 4520 mfeapfk - ok
18:20:50.0907 4520 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
18:20:51.0081 4520 mfeavfk - ok
18:20:51.0232 4520 mfeavfk01 - ok
18:20:51.0306 4520 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
18:20:51.0451 4520 mfebopk - ok
18:20:51.0504 4520 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
18:20:51.0636 4520 mfefirek - ok
18:20:51.0812 4520 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
18:20:52.0066 4520 mfehidk - ok
18:20:52.0218 4520 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
18:20:52.0390 4520 mfenlfk - ok
18:20:52.0466 4520 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
18:20:52.0603 4520 mferkdet - ok
18:20:52.0760 4520 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
18:20:52.0916 4520 mferkdk - ok
18:20:52.0964 4520 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
18:20:53.0097 4520 mfesmfk - ok
18:20:53.0278 4520 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
18:20:53.0369 4520 mfewfpk - ok
18:20:53.0424 4520 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
18:20:53.0491 4520 Modem - ok
18:20:53.0546 4520 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
18:20:53.0610 4520 monitor - ok
18:20:53.0761 4520 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
18:20:53.0789 4520 mouclass - ok
18:20:53.0830 4520 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys
18:20:53.0925 4520 moufiltr ( UnsignedFile.Multi.Generic ) - warning
18:20:53.0925 4520 moufiltr - detected UnsignedFile.Multi.Generic (1)
18:20:53.0973 4520 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
18:20:54.0077 4520 mouhid - ok
18:20:54.0233 4520 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
18:20:54.0269 4520 MountMgr - ok
18:20:54.0313 4520 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
18:20:54.0351 4520 mpio - ok
18:20:54.0408 4520 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
18:20:54.0477 4520 mpsdrv - ok
18:20:54.0649 4520 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
18:20:54.0689 4520 Mraid35x - ok
18:20:54.0740 4520 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
18:20:54.0834 4520 MRxDAV - ok
18:20:54.0892 4520 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
18:20:55.0206 4520 mrxsmb - ok
18:20:55.0328 4520 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:20:55.0681 4520 mrxsmb10 - ok
18:20:55.0736 4520 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:20:56.0001 4520 mrxsmb20 - ok
18:20:56.0116 4520 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
18:20:56.0141 4520 msahci - ok
18:20:56.0183 4520 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
18:20:56.0211 4520 msdsm - ok
18:20:56.0269 4520 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
18:20:56.0332 4520 Msfs - ok
18:20:56.0453 4520 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
18:20:56.0479 4520 msisadrv - ok
18:20:56.0547 4520 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
18:20:56.0600 4520 MSKSSRV - ok
18:20:56.0622 4520 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
18:20:56.0693 4520 MSPCLOCK - ok
18:20:56.0803 4520 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
18:20:56.0854 4520 MSPQM - ok
18:20:56.0925 4520 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
18:20:56.0961 4520 MsRPC - ok
18:20:57.0027 4520 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
18:20:57.0054 4520 mssmbios - ok
18:20:57.0082 4520 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
18:20:57.0172 4520 MSTEE - ok
18:20:57.0280 4520 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
18:20:57.0321 4520 Mup - ok
18:20:57.0406 4520 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
18:20:57.0477 4520 NativeWifiP - ok
18:20:57.0543 4520 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
18:20:57.0648 4520 NDIS - ok
18:20:57.0777 4520 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
18:20:57.0854 4520 NdisTapi - ok
18:20:57.0926 4520 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
18:20:57.0998 4520 Ndisuio - ok
18:20:58.0050 4520 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
18:20:58.0114 4520 NdisWan - ok
18:20:58.0237 4520 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
18:20:58.0290 4520 NDProxy - ok
18:20:58.0341 4520 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
18:20:58.0396 4520 NetBIOS - ok
18:20:58.0436 4520 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
18:20:58.0491 4520 netbt - ok
18:20:58.0710 4520 NETw3v32 (acc6170d80c69e50145b370023b64ed3) C:\Windows\system32\DRIVERS\NETw3v32.sys
18:20:58.0987 4520 NETw3v32 - ok
18:20:59.0238 4520 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
18:20:59.0748 4520 NETw4v32 - ok
18:21:00.0058 4520 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
18:21:00.0844 4520 NETw5v32 - ok
18:21:01.0015 4520 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
18:21:01.0057 4520 nfrd960 - ok
18:21:01.0144 4520 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
18:21:01.0385 4520 NPF - ok
18:21:01.0581 4520 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
18:21:01.0615 4520 Npfs - ok
18:21:01.0667 4520 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
18:21:01.0726 4520 nsiproxy - ok
18:21:01.0806 4520 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
18:21:01.0887 4520 Ntfs - ok
18:21:02.0055 4520 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
18:21:02.0170 4520 ntrigdigi - ok
18:21:02.0253 4520 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
18:21:02.0325 4520 Null - ok
18:21:02.0652 4520 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:21:03.0455 4520 nvlddmkm - ok
18:21:03.0624 4520 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
18:21:03.0685 4520 nvraid - ok
18:21:03.0718 4520 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
18:21:03.0759 4520 nvstor - ok
18:21:03.0787 4520 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
18:21:03.0820 4520 nv_agp - ok
18:21:03.0834 4520 NwlnkFlt - ok
18:21:03.0851 4520 NwlnkFwd - ok
18:21:03.0908 4520 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
18:21:03.0974 4520 ohci1394 - ok
18:21:04.0169 4520 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
18:21:04.0270 4520 Parport - ok
18:21:04.0322 4520 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
18:21:04.0348 4520 partmgr - ok
18:21:04.0375 4520 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
18:21:04.0441 4520 Parvdm - ok
18:21:04.0457 4520 pccsmcfd - ok
18:21:04.0626 4520 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
18:21:04.0654 4520 pci - ok
18:21:04.0716 4520 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
18:21:04.0745 4520 pciide - ok
18:21:04.0795 4520 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
18:21:04.0834 4520 pcmcia - ok
18:21:05.0020 4520 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
18:21:05.0223 4520 PEAUTH - ok
18:21:05.0454 4520 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
18:21:05.0546 4520 PptpMiniport - ok
18:21:05.0602 4520 PRISM_A02 (ba3ffbd0abdf45c9160e66cb27f8f8ab) C:\Windows\system32\DRIVERS\PRISMA02.sys
18:21:05.0824 4520 PRISM_A02 - ok
18:21:05.0977 4520 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
18:21:06.0059 4520 Processor - ok
18:21:06.0108 4520 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
18:21:06.0140 4520 PSched - ok
18:21:06.0208 4520 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
18:21:06.0355 4520 ql2300 - ok
18:21:06.0522 4520 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
18:21:06.0551 4520 ql40xx - ok
18:21:06.0611 4520 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
18:21:06.0680 4520 QWAVEdrv - ok
18:21:06.0726 4520 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
18:21:06.0809 4520 RasAcd - ok
18:21:06.0970 4520 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
18:21:07.0040 4520 Rasl2tp - ok
18:21:07.0109 4520 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
18:21:07.0160 4520 RasPppoe - ok
18:21:07.0184 4520 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
18:21:07.0225 4520 RasSstp - ok
18:21:07.0428 4520 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
18:21:07.0489 4520 rdbss - ok
18:21:07.0559 4520 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
18:21:07.0628 4520 RDPCDD - ok
18:21:07.0790 4520 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
18:21:07.0916 4520 rdpdr - ok
18:21:07.0965 4520 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
18:21:08.0034 4520 RDPENCDD - ok
18:21:08.0091 4520 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
18:21:08.0159 4520 RDPWD - ok
18:21:08.0368 4520 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
18:21:08.0438 4520 rspndr - ok
18:21:08.0566 4520 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:21:08.0703 4520 SASDIFSV - ok
18:21:08.0743 4520 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:21:08.0890 4520 SASKUTIL - ok
18:21:09.0046 4520 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
18:21:09.0089 4520 sbp2port - ok
18:21:09.0162 4520 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
18:21:09.0249 4520 sdbus - ok
18:21:09.0288 4520 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
18:21:09.0406 4520 secdrv - ok
18:21:09.0598 4520 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
18:21:09.0718 4520 Serenum - ok
18:21:09.0756 4520 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
18:21:09.0841 4520 Serial - ok
18:21:09.0894 4520 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
18:21:09.0948 4520 sermouse - ok
18:21:10.0132 4520 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
18:21:10.0183 4520 sffdisk - ok
18:21:10.0235 4520 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
18:21:10.0314 4520 sffp_mmc - ok
18:21:10.0370 4520 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
18:21:10.0417 4520 sffp_sd - ok
18:21:10.0582 4520 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
18:21:10.0703 4520 sfloppy - ok
18:21:10.0782 4520 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
18:21:10.0822 4520 sisagp - ok
18:21:10.0988 4520 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
18:21:11.0029 4520 SiSRaid2 - ok
18:21:11.0058 4520 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
18:21:11.0099 4520 SiSRaid4 - ok
18:21:11.0202 4520 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
18:21:11.0284 4520 Smb - ok
18:21:11.0447 4520 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys
18:21:11.0592 4520 snapman - ok
18:21:11.0639 4520 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
18:21:11.0677 4520 spldr - ok
18:21:11.0748 4520 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
18:21:12.0066 4520 srv - ok
18:21:12.0228 4520 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
18:21:12.0530 4520 srv2 - ok
18:21:12.0690 4520 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
18:21:12.0817 4520 srvnet - ok
18:21:12.0895 4520 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
18:21:12.0917 4520 swenum - ok
18:21:12.0965 4520 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
18:21:12.0990 4520 Symc8xx - ok
18:21:13.0150 4520 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
18:21:13.0175 4520 Sym_hi - ok
18:21:13.0202 4520 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
18:21:13.0231 4520 Sym_u3 - ok
18:21:13.0287 4520 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
18:21:13.0398 4520 SynTP - ok
18:21:13.0493 4520 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
18:21:13.0709 4520 Tcpip - ok
18:21:13.0906 4520 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
18:21:14.0025 4520 Tcpip6 - ok
18:21:14.0199 4520 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
18:21:14.0282 4520 tcpipreg - ok
18:21:14.0323 4520 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
18:21:14.0501 4520 tdcmdpst - ok
18:21:14.0664 4520 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
18:21:14.0707 4520 TDPIPE - ok
18:21:14.0765 4520 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys
18:21:14.0898 4520 tdrpman - ok
18:21:15.0066 4520 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
18:21:15.0132 4520 TDTCP - ok
18:21:15.0178 4520 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
18:21:15.0231 4520 tdx - ok
18:21:15.0282 4520 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
18:21:15.0343 4520 TermDD - ok
18:21:15.0538 4520 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys
18:21:15.0788 4520 tifm21 - ok
18:21:15.0953 4520 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys
18:21:16.0045 4520 tifsfilter - ok
18:21:16.0090 4520 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys
18:21:16.0261 4520 timounter - ok
18:21:16.0424 4520 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\drivers\Tosrfcom.sys
18:21:16.0500 4520 Tosrfcom - ok
18:21:16.0526 4520 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
18:21:16.0663 4520 tosrfec - ok
18:21:16.0847 4520 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
18:21:16.0855 4520 TrueSight ( UnsignedFile.Multi.Generic ) - warning
18:21:16.0855 4520 TrueSight - detected UnsignedFile.Multi.Generic (1)
18:21:16.0916 4520 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
18:21:16.0987 4520 tssecsrv - ok
18:21:17.0043 4520 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
18:21:17.0104 4520 tunmp - ok
18:21:17.0261 4520 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
18:21:17.0310 4520 tunnel - ok
18:21:17.0366 4520 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
18:21:17.0604 4520 TVALZ - ok
18:21:17.0760 4520 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
18:21:17.0785 4520 uagp35 - ok
18:21:17.0843 4520 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
18:21:17.0908 4520 udfs - ok
18:21:17.0951 4520 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
18:21:17.0976 4520 uliagpkx - ok
18:21:18.0008 4520 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
18:21:18.0045 4520 uliahci - ok
18:21:18.0205 4520 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
18:21:18.0232 4520 UlSata - ok
18:21:18.0257 4520 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
18:21:18.0283 4520 ulsata2 - ok
18:21:18.0333 4520 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
18:21:18.0396 4520 umbus - ok
18:21:18.0438 4520 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
18:21:18.0534 4520 usbccgp - ok
18:21:18.0691 4520 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
18:21:18.0797 4520 usbcir - ok
18:21:18.0846 4520 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
18:21:18.0919 4520 usbehci - ok
18:21:18.0964 4520 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
18:21:19.0026 4520 usbhub - ok
18:21:19.0177 4520 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
18:21:19.0275 4520 usbohci - ok
18:21:19.0338 4520 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
18:21:19.0401 4520 usbprint - ok
18:21:19.0449 4520 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:21:19.0501 4520 USBSTOR - ok
18:21:19.0667 4520 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
18:21:19.0735 4520 usbuhci - ok
18:21:19.0903 4520 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
18:21:20.0136 4520 VClone - ok
18:21:20.0330 4520 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
18:21:20.0395 4520 vga - ok
18:21:20.0449 4520 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
18:21:20.0500 4520 VgaSave - ok
18:21:20.0526 4520 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
18:21:20.0557 4520 viaagp - ok
18:21:20.0585 4520 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
18:21:20.0714 4520 ViaC7 - ok
18:21:20.0870 4520 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
18:21:20.0908 4520 viaide - ok
18:21:20.0961 4520 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
18:21:21.0003 4520 volmgr - ok
18:21:21.0059 4520 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
18:21:21.0109 4520 volmgrx - ok
18:21:21.0146 4520 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
18:21:21.0194 4520 volsnap - ok
18:21:21.0350 4520 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
18:21:21.0393 4520 vsmraid - ok
18:21:21.0453 4520 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
18:21:21.0574 4520 WacomPen - ok
18:21:21.0620 4520 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:21:21.0682 4520 Wanarp - ok
18:21:21.0689 4520 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
18:21:21.0743 4520 Wanarpv6 - ok
18:21:21.0913 4520 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
18:21:21.0937 4520 Wd - ok
18:21:21.0996 4520 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
18:21:22.0077 4520 Wdf01000 - ok
18:21:22.0289 4520 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
18:21:22.0403 4520 WmiAcpi - ok
18:21:22.0556 4520 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
18:21:22.0602 4520 WpdUsb - ok
18:21:22.0701 4520 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
18:21:22.0766 4520 ws2ifsl - ok
18:21:22.0839 4520 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
18:21:22.0929 4520 WUDFRd - ok
18:21:22.0996 4520 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
18:21:23.0160 4520 \Device\Harddisk0\DR0 - ok
18:21:23.0164 4520 Boot (0x1200) (fc6b5db762ffa41293e29022604d802f) \Device\Harddisk0\DR0\Partition0
18:21:23.0166 4520 \Device\Harddisk0\DR0\Partition0 - ok
18:21:23.0190 4520 Boot (0x1200) (67e32ccee8af990de07decd5caf89274) \Device\Harddisk0\DR0\Partition1
18:21:23.0192 4520 \Device\Harddisk0\DR0\Partition1 - ok
18:21:23.0192 4520 ============================================================
18:21:23.0192 4520 Scan finished
18:21:23.0192 4520 ============================================================
18:21:23.0205 4204 Detected object count: 4
18:21:23.0205 4204 Actual detected object count: 4
18:21:50.0849 4204 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:50.0850 4204 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:21:50.0851 4204 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:50.0851 4204 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:21:50.0856 4204 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:50.0856 4204 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:21:50.0856 4204 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
18:21:50.0857 4204 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:22:17.0323 2084 Deinitialize success
-
Scans as requested.
Farbar Service Scanner Version: 18-01-2012 01
Ran by Tony (administrator) on 19-01-2012 at 17:49:41
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
===========
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-05-29 18:21] - [2009-04-11 06:28] - 0758784 ____A (Microsoft Corporation) 93952506C6D67330367F7E7934B6A02F
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2009-05-29 18:20] - [2009-04-11 06:28] - 0129024 ____A (Microsoft Corporation) FB27772BEAF8E1D28CCD825C09DA939B
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: Tony [Admin rights]
Mode: Scan -- Date : 01/19/2012 17:54:22
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Registry Entries: 6 ¤¤¤
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] e1105d90bb405f118578d64a17dbfc8f
[bSP] 4afd33af9ebf647cb5b164d7e7a88c91 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 1572 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 3074048 | Size: 59768 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 119810048 | Size: 58689 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
-
I have restored back to 2 days ago 17/01/2012 at 19:25:33.
Looking back through my postings I have not mentioned that at start up Photoshop opens up which it is not configered to. There is a message that photoshop cannot open this kind of file. I am now able to see the file which apears on the desktop I presume it is the same file(see below) Although Photoshop still opens on start up. I don't seem able to paste the word file or the pictures, this is what the error says .
Message Title: FsUsbServiceMsg
Program Path: C:\Windows\system32\FsUsbExService.Exe
-
My latest System Restore point is 2 days ago 17/01/2012 at 19:25:33
Do you want me to restore to this time?
-
MrC, sorry if I got it wrong, I don't know how I deleted so many. When it had scanned it found 4 the boxes were set to Skip, I thought I had to change the 4 to delete which I did. I cannot remember seeing "TDSS File System"
I will do a system restore to the latest time and post back.
-
MrC,
I tried to copy/paste the results of the scan with TDSSKiller but was told that the posting was to long to post.
I have now attached it as a file. I hope this is o.k.
-
MrC
when you say
Vista and Windows 7 users:
1. These tools MUST be run from the executable. (.exe) every time you run them
2. With Admin Rights (Right click, choose "Run as Administrator")
are you reffering to the TTDSSKiller Download?
-
Hi,
I think it found 6 items,5 said Skip 1 said Cure. Not sure if I should have done anything at this stage,so I clicked on continue,hope that is what you wanted.
Regards
11:27:48.0090 5596 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24
11:27:50.0095 5596 ============================================================
11:27:50.0095 5596 Current date / time: 2012/01/19 11:27:50.0095
11:27:50.0095 5596 SystemInfo:
11:27:50.0095 5596
11:27:50.0095 5596 OS Version: 6.0.6002 ServicePack: 2.0
11:27:50.0095 5596 Product type: Workstation
11:27:50.0095 5596 ComputerName: TOSHLAPTOP
11:27:50.0096 5596 UserName: Tony
11:27:50.0096 5596 Windows directory: C:\Windows
11:27:50.0096 5596 System windows directory: C:\Windows
11:27:50.0096 5596 Processor architecture: Intel x86
11:27:50.0096 5596 Number of processors: 2
11:27:50.0096 5596 Page size: 0x1000
11:27:50.0096 5596 Boot type: Normal boot
11:27:50.0096 5596 ============================================================
11:27:52.0306 5596 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:27:52.0355 5596 Initialize success
11:29:36.0484 5924 ============================================================
11:29:36.0484 5924 Scan started
11:29:36.0485 5924 Mode: Manual; SigCheck; TDLFS;
11:29:36.0485 5924 ============================================================
11:29:38.0286 5924 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
11:29:38.0537 5924 ACPI - ok
11:29:38.0707 5924 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
11:29:38.0780 5924 adp94xx - ok
11:29:38.0849 5924 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
11:29:38.0877 5924 adpahci - ok
11:29:38.0993 5924 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
11:29:39.0019 5924 adpu160m - ok
11:29:39.0088 5924 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
11:29:39.0115 5924 adpu320 - ok
11:29:39.0178 5924 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
11:29:39.0444 5924 AFD - ok
11:29:39.0680 5924 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys
11:29:39.0837 5924 AgereSoftModem - ok
11:29:39.0994 5924 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
11:29:40.0020 5924 agp440 - ok
11:29:40.0086 5924 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
11:29:40.0120 5924 aic78xx - ok
11:29:40.0149 5924 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
11:29:40.0180 5924 aliide - ok
11:29:40.0210 5924 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
11:29:40.0243 5924 amdagp - ok
11:29:40.0277 5924 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
11:29:40.0309 5924 amdide - ok
11:29:40.0463 5924 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
11:29:40.0817 5924 AmdK7 - ok
11:29:40.0974 5924 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
11:29:41.0059 5924 AmdK8 - ok
11:29:41.0107 5924 Apowersoft_AudioDevice (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
11:29:41.0148 5924 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - warning
11:29:41.0148 5924 Apowersoft_AudioDevice - detected UnsignedFile.Multi.Generic (1)
11:29:41.0312 5924 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
11:29:41.0338 5924 arc - ok
11:29:41.0368 5924 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
11:29:41.0393 5924 arcsas - ok
11:29:41.0451 5924 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
11:29:41.0665 5924 AsyncMac - ok
11:29:41.0810 5924 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
11:29:41.0830 5924 atapi - ok
11:29:41.0883 5924 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
11:29:41.0945 5924 Beep - ok
11:29:41.0964 5924 blbdrive - ok
11:29:42.0026 5924 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
11:29:42.0134 5924 bowser - ok
11:29:42.0183 5924 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
11:29:42.0343 5924 BrFiltLo - ok
11:29:42.0523 5924 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
11:29:42.0587 5924 BrFiltUp - ok
11:29:42.0628 5924 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
11:29:42.0720 5924 Brserid - ok
11:29:42.0754 5924 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
11:29:42.0848 5924 BrSerWdm - ok
11:29:42.0903 5924 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
11:29:42.0985 5924 BrUsbMdm - ok
11:29:43.0094 5924 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
11:29:43.0185 5924 BrUsbSer - ok
11:29:43.0242 5924 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
11:29:43.0338 5924 BTHMODEM - ok
11:29:43.0346 5924 catchme - ok
11:29:43.0394 5924 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
11:29:43.0460 5924 cdfs - ok
11:29:43.0563 5924 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
11:29:43.0622 5924 cdrom - ok
11:29:43.0718 5924 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys
11:29:44.0361 5924 cfwids - ok
11:29:44.0522 5924 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
11:29:44.0607 5924 circlass - ok
11:29:44.0651 5924 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
11:29:44.0686 5924 CLFS - ok
11:29:44.0749 5924 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
11:29:44.0833 5924 CmBatt - ok
11:29:44.0984 5924 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
11:29:45.0016 5924 cmdide - ok
11:29:45.0063 5924 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
11:29:45.0084 5924 Compbatt - ok
11:29:45.0103 5924 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
11:29:45.0125 5924 crcdisk - ok
11:29:45.0154 5924 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
11:29:45.0235 5924 Crusoe - ok
11:29:45.0419 5924 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
11:29:45.0544 5924 DfsC - ok
11:29:45.0585 5924 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
11:29:45.0613 5924 disk - ok
11:29:45.0781 5924 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
11:29:45.0859 5924 drmkaud - ok
11:29:45.0926 5924 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
11:29:46.0011 5924 DXGKrnl - ok
11:29:46.0194 5924 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys
11:29:46.0249 5924 E100B - ok
11:29:46.0292 5924 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
11:29:46.0398 5924 E1G60 - ok
11:29:46.0565 5924 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
11:29:46.0616 5924 Ecache - ok
11:29:46.0706 5924 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
11:29:46.0735 5924 elxstor - ok
11:29:46.0858 5924 EraserUtilRebootDrv - ok
11:29:47.0040 5924 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
11:29:47.0179 5924 exfat - ok
11:29:47.0225 5924 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
11:29:47.0290 5924 fastfat - ok
11:29:47.0470 5924 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
11:29:47.0547 5924 fdc - ok
11:29:47.0621 5924 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
11:29:47.0641 5924 FileInfo - ok
11:29:47.0795 5924 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
11:29:47.0856 5924 Filetrace - ok
11:29:47.0892 5924 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
11:29:47.0990 5924 flpydisk - ok
11:29:48.0039 5924 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
11:29:48.0068 5924 FltMgr - ok
11:29:48.0228 5924 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS
11:29:48.0254 5924 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
11:29:48.0254 5924 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
11:29:48.0341 5924 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
11:29:48.0377 5924 Fs_Rec - ok
11:29:48.0420 5924 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
11:29:48.0508 5924 FwLnk - ok
11:29:48.0667 5924 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
11:29:48.0692 5924 gagp30kx - ok
11:29:48.0745 5924 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys
11:29:48.0830 5924 grmnusb - ok
11:29:48.0864 5924 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
11:29:48.0967 5924 HdAudAddService - ok
11:29:49.0139 5924 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
11:29:49.0196 5924 HDAudBus - ok
11:29:49.0365 5924 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
11:29:49.0458 5924 HidBth - ok
11:29:49.0483 5924 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
11:29:49.0572 5924 HidIr - ok
11:29:49.0668 5924 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
11:29:49.0705 5924 HidUsb - ok
11:29:49.0821 5924 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
11:29:49.0842 5924 HpCISSs - ok
11:29:49.0961 5924 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
11:29:50.0092 5924 HTTP - ok
11:29:50.0208 5924 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
11:29:50.0233 5924 i2omp - ok
11:29:50.0361 5924 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
11:29:50.0435 5924 i8042prt - ok
11:29:50.0475 5924 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
11:29:50.0517 5924 iaStorV - ok
11:29:50.0645 5924 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
11:29:50.0679 5924 iirsp - ok
11:29:50.0837 5924 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys
11:29:51.0243 5924 IntcAzAudAddService - ok
11:29:51.0421 5924 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
11:29:51.0448 5924 intelide - ok
11:29:51.0526 5924 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
11:29:51.0590 5924 intelppm - ok
11:29:51.0645 5924 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:29:51.0715 5924 IpFilterDriver - ok
11:29:51.0863 5924 IpInIp - ok
11:29:51.0908 5924 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
11:29:52.0005 5924 IPMIDRV - ok
11:29:52.0061 5924 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
11:29:52.0124 5924 IPNAT - ok
11:29:52.0275 5924 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
11:29:52.0383 5924 IRENUM - ok
11:29:52.0439 5924 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
11:29:52.0459 5924 isapnp - ok
11:29:52.0504 5924 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
11:29:52.0528 5924 iScsiPrt - ok
11:29:52.0702 5924 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
11:29:52.0727 5924 iteatapi - ok
11:29:52.0751 5924 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
11:29:52.0778 5924 iteraid - ok
11:29:52.0842 5924 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
11:29:52.0865 5924 kbdclass - ok
11:29:52.0897 5924 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
11:29:52.0959 5924 kbdhid - ok
11:29:53.0004 5924 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys
11:29:53.0085 5924 KMWDFILTER - ok
11:29:53.0240 5924 KR10I (1e0d65f7ffeb4e99b2eec1ccb5754cc8) C:\Windows\system32\drivers\kr10i.sys
11:29:53.0317 5924 KR10I - ok
11:29:53.0381 5924 KR10N (0f9e83709cbb60b1549f3a65d0ab6e4f) C:\Windows\system32\drivers\kr10n.sys
11:29:53.0458 5924 KR10N - ok
11:29:53.0624 5924 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
11:29:53.0662 5924 KSecDD - ok
11:29:53.0860 5924 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
11:29:53.0915 5924 lltdio - ok
11:29:54.0239 5924 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
11:29:54.0260 5924 LSI_FC - ok
11:29:54.0290 5924 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
11:29:54.0323 5924 LSI_SAS - ok
11:29:54.0498 5924 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
11:29:54.0524 5924 LSI_SCSI - ok
11:29:54.0577 5924 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
11:29:54.0659 5924 luafv - ok
11:29:54.0870 5924 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
11:29:54.0902 5924 megasas - ok
11:29:54.0963 5924 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys
11:29:54.0984 5924 mfeapfk - ok
11:29:55.0049 5924 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys
11:29:55.0073 5924 mfeavfk - ok
11:29:55.0230 5924 mfeavfk01 - ok
11:29:55.0538 5924 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys
11:29:55.0568 5924 mfebopk - ok
11:29:55.0637 5924 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys
11:29:55.0714 5924 mfefirek - ok
11:29:55.0899 5924 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys
11:29:55.0955 5924 mfehidk - ok
11:29:56.0071 5924 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys
11:29:56.0091 5924 mfenlfk - ok
11:29:56.0242 5924 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys
11:29:56.0265 5924 mferkdet - ok
11:29:56.0414 5924 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys
11:29:56.0439 5924 mferkdk - ok
11:29:56.0495 5924 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys
11:29:56.0519 5924 mfesmfk - ok
11:29:56.0577 5924 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys
11:29:56.0604 5924 mfewfpk - ok
11:29:56.0766 5924 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
11:29:56.0844 5924 Modem - ok
11:29:56.0933 5924 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
11:29:56.0990 5924 monitor - ok
11:29:57.0037 5924 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
11:29:57.0056 5924 mouclass - ok
11:29:57.0175 5924 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys
11:29:57.0204 5924 moufiltr ( UnsignedFile.Multi.Generic ) - warning
11:29:57.0204 5924 moufiltr - detected UnsignedFile.Multi.Generic (1)
11:29:57.0282 5924 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
11:29:57.0408 5924 mouhid - ok
11:29:57.0464 5924 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
11:29:57.0489 5924 MountMgr - ok
11:29:57.0600 5924 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
11:29:57.0634 5924 mpio - ok
11:29:57.0729 5924 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
11:29:57.0787 5924 mpsdrv - ok
11:29:57.0835 5924 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
11:29:57.0856 5924 Mraid35x - ok
11:29:57.0983 5924 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
11:29:58.0084 5924 MRxDAV - ok
11:29:58.0179 5924 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:29:58.0262 5924 mrxsmb - ok
11:29:58.0381 5924 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:29:58.0439 5924 mrxsmb10 - ok
11:29:58.0511 5924 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:29:58.0563 5924 mrxsmb20 - ok
11:29:58.0613 5924 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
11:29:58.0633 5924 msahci - ok
11:29:58.0736 5924 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
11:29:58.0756 5924 msdsm - ok
11:29:58.0866 5924 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
11:29:58.0930 5924 Msfs - ok
11:29:58.0972 5924 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
11:29:58.0997 5924 msisadrv - ok
11:29:59.0133 5924 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
11:29:59.0183 5924 MSKSSRV - ok
11:29:59.0235 5924 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
11:29:59.0310 5924 MSPCLOCK - ok
11:29:59.0345 5924 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
11:29:59.0386 5924 MSPQM - ok
11:29:59.0444 5924 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
11:29:59.0470 5924 MsRPC - ok
11:29:59.0591 5924 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
11:29:59.0611 5924 mssmbios - ok
11:29:59.0690 5924 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
11:29:59.0749 5924 MSTEE - ok
11:29:59.0788 5924 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
11:29:59.0816 5924 Mup - ok
11:29:59.0937 5924 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
11:29:59.0985 5924 NativeWifiP - ok
11:30:00.0096 5924 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
11:30:00.0193 5924 NDIS - ok
11:30:00.0329 5924 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
11:30:00.0403 5924 NdisTapi - ok
11:30:00.0479 5924 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
11:30:00.0525 5924 Ndisuio - ok
11:30:00.0591 5924 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
11:30:00.0626 5924 NdisWan - ok
11:30:00.0734 5924 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
11:30:00.0796 5924 NDProxy - ok
11:30:00.0860 5924 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
11:30:00.0919 5924 NetBIOS - ok
11:30:00.0967 5924 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
11:30:01.0024 5924 netbt - ok
11:30:01.0228 5924 NETw3v32 (acc6170d80c69e50145b370023b64ed3) C:\Windows\system32\DRIVERS\NETw3v32.sys
11:30:01.0567 5924 NETw3v32 - ok
11:30:01.0830 5924 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys
11:30:02.0308 5924 NETw4v32 - ok
11:30:02.0664 5924 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys
11:30:03.0309 5924 NETw5v32 - ok
11:30:03.0489 5924 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
11:30:03.0522 5924 nfrd960 - ok
11:30:03.0595 5924 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys
11:30:03.0628 5924 NPF - ok
11:30:03.0688 5924 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
11:30:03.0738 5924 Npfs - ok
11:30:03.0896 5924 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
11:30:03.0961 5924 nsiproxy - ok
11:30:04.0046 5924 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
11:30:04.0102 5924 Ntfs - ok
11:30:04.0251 5924 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
11:30:04.0354 5924 ntrigdigi - ok
11:30:04.0404 5924 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
11:30:04.0467 5924 Null - ok
11:30:04.0770 5924 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:30:05.0316 5924 nvlddmkm - ok
11:30:05.0486 5924 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
11:30:05.0512 5924 nvraid - ok
11:30:05.0570 5924 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
11:30:05.0604 5924 nvstor - ok
11:30:05.0639 5924 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
11:30:05.0668 5924 nv_agp - ok
11:30:05.0682 5924 NwlnkFlt - ok
11:30:05.0698 5924 NwlnkFwd - ok
11:30:05.0760 5924 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
11:30:05.0814 5924 ohci1394 - ok
11:30:05.0998 5924 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
11:30:06.0062 5924 Parport - ok
11:30:06.0118 5924 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
11:30:06.0145 5924 partmgr - ok
11:30:06.0171 5924 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
11:30:06.0234 5924 Parvdm - ok
11:30:06.0251 5924 pccsmcfd - ok
11:30:06.0341 5924 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
11:30:06.0387 5924 pci - ok
11:30:06.0512 5924 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys
11:30:06.0532 5924 pciide - ok
11:30:06.0625 5924 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys
11:30:06.0659 5924 pcmcia - ok
11:30:06.0738 5924 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
11:30:07.0017 5924 PEAUTH - ok
11:30:07.0228 5924 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
11:30:07.0298 5924 PptpMiniport - ok
11:30:07.0351 5924 PRISM_A02 (ba3ffbd0abdf45c9160e66cb27f8f8ab) C:\Windows\system32\DRIVERS\PRISMA02.sys
11:30:07.0470 5924 PRISM_A02 - ok
11:30:07.0638 5924 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
11:30:07.0735 5924 Processor - ok
11:30:07.0791 5924 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
11:30:07.0833 5924 PSched - ok
11:30:07.0912 5924 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
11:30:07.0968 5924 ql2300 - ok
11:30:08.0127 5924 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
11:30:08.0152 5924 ql40xx - ok
11:30:08.0216 5924 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
11:30:08.0301 5924 QWAVEdrv - ok
11:30:08.0387 5924 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
11:30:08.0450 5924 RasAcd - ok
11:30:08.0608 5924 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:30:08.0650 5924 Rasl2tp - ok
11:30:08.0714 5924 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
11:30:08.0770 5924 RasPppoe - ok
11:30:08.0800 5924 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
11:30:08.0843 5924 RasSstp - ok
11:30:09.0000 5924 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
11:30:09.0064 5924 rdbss - ok
11:30:09.0131 5924 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:30:09.0215 5924 RDPCDD - ok
11:30:09.0428 5924 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
11:30:09.0511 5924 rdpdr - ok
11:30:09.0559 5924 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
11:30:09.0598 5924 RDPENCDD - ok
11:30:09.0651 5924 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
11:30:09.0704 5924 RDPWD - ok
11:30:09.0895 5924 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
11:30:09.0945 5924 rspndr - ok
11:30:10.0060 5924 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
11:30:10.0086 5924 SASDIFSV - ok
11:30:10.0104 5924 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
11:30:10.0129 5924 SASKUTIL - ok
11:30:10.0285 5924 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
11:30:10.0312 5924 sbp2port - ok
11:30:10.0378 5924 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
11:30:10.0434 5924 sdbus - ok
11:30:10.0471 5924 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
11:30:10.0562 5924 secdrv - ok
11:30:10.0748 5924 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
11:30:10.0823 5924 Serenum - ok
11:30:10.0861 5924 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
11:30:10.0946 5924 Serial - ok
11:30:10.0988 5924 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
11:30:11.0050 5924 sermouse - ok
11:30:11.0237 5924 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
11:30:11.0299 5924 sffdisk - ok
11:30:11.0352 5924 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
11:30:11.0412 5924 sffp_mmc - ok
11:30:11.0464 5924 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
11:30:11.0496 5924 sffp_sd - ok
11:30:11.0653 5924 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
11:30:11.0743 5924 sfloppy - ok
11:30:11.0808 5924 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
11:30:11.0834 5924 sisagp - ok
11:30:12.0004 5924 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
11:30:12.0030 5924 SiSRaid2 - ok
11:30:12.0174 5924 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
11:30:12.0196 5924 SiSRaid4 - ok
11:30:12.0328 5924 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
11:30:12.0385 5924 Smb - ok
11:30:12.0551 5924 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys
11:30:12.0580 5924 snapman - ok
11:30:12.0632 5924 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
11:30:12.0652 5924 spldr - ok
11:30:12.0718 5924 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
11:30:12.0801 5924 srv - ok
11:30:12.0965 5924 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
11:30:13.0037 5924 srv2 - ok
11:30:13.0061 5924 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
11:30:13.0103 5924 srvnet - ok
11:30:13.0199 5924 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
11:30:13.0231 5924 swenum - ok
11:30:13.0391 5924 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
11:30:13.0424 5924 Symc8xx - ok
11:30:13.0454 5924 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
11:30:13.0486 5924 Sym_hi - ok
11:30:13.0517 5924 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
11:30:13.0550 5924 Sym_u3 - ok
11:30:13.0614 5924 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
11:30:13.0653 5924 SynTP - ok
11:30:13.0851 5924 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys
11:30:14.0067 5924 Tcpip - ok
11:30:14.0265 5924 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys
11:30:14.0401 5924 Tcpip6 - ok
11:30:14.0581 5924 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
11:30:14.0763 5924 tcpipreg - ok
11:30:14.0926 5924 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
11:30:15.0021 5924 tdcmdpst - ok
11:30:15.0080 5924 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
11:30:15.0143 5924 TDPIPE - ok
11:30:15.0202 5924 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys
11:30:15.0233 5924 tdrpman - ok
11:30:15.0392 5924 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
11:30:15.0452 5924 TDTCP - ok
11:30:15.0504 5924 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
11:30:15.0538 5924 tdx - ok
11:30:15.0586 5924 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
11:30:15.0615 5924 TermDD - ok
11:30:15.0797 5924 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys
11:30:15.0902 5924 tifm21 - ok
11:30:15.0956 5924 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys
11:30:15.0980 5924 tifsfilter - ok
11:30:16.0027 5924 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys
11:30:16.0066 5924 timounter - ok
11:30:16.0227 5924 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\drivers\Tosrfcom.sys
11:30:16.0274 5924 Tosrfcom - ok
11:30:16.0307 5924 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
11:30:16.0391 5924 tosrfec - ok
11:30:16.0569 5924 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys
11:30:16.0582 5924 TrueSight ( UnsignedFile.Multi.Generic ) - warning
11:30:16.0583 5924 TrueSight - detected UnsignedFile.Multi.Generic (1)
11:30:16.0641 5924 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:30:16.0687 5924 tssecsrv - ok
11:30:16.0735 5924 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
11:30:16.0815 5924 tunmp - ok
11:30:16.0975 5924 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
11:30:17.0006 5924 tunnel - ok
11:30:17.0069 5924 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
11:30:17.0093 5924 TVALZ - ok
11:30:17.0152 5924 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
11:30:17.0173 5924 uagp35 - ok
11:30:17.0224 5924 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
11:30:17.0281 5924 udfs - ok
11:30:17.0454 5924 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
11:30:17.0475 5924 uliagpkx - ok
11:30:17.0500 5924 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
11:30:17.0526 5924 uliahci - ok
11:30:17.0552 5924 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
11:30:17.0574 5924 UlSata - ok
11:30:17.0738 5924 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
11:30:17.0762 5924 ulsata2 - ok
11:30:17.0814 5924 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
11:30:17.0875 5924 umbus - ok
11:30:17.0918 5924 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys
11:30:18.0004 5924 usbccgp - ok
11:30:18.0161 5924 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
11:30:18.0238 5924 usbcir - ok
11:30:18.0293 5924 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
11:30:18.0343 5924 usbehci - ok
11:30:18.0377 5924 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
11:30:18.0414 5924 usbhub - ok
11:30:18.0569 5924 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
11:30:18.0663 5924 usbohci - ok
11:30:18.0774 5924 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
11:30:18.0850 5924 usbprint - ok
11:30:19.0029 5924 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:30:19.0079 5924 USBSTOR - ok
11:30:19.0137 5924 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
11:30:19.0170 5924 usbuhci - ok
11:30:19.0228 5924 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys
11:30:19.0292 5924 VClone - ok
11:30:19.0444 5924 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
11:30:19.0516 5924 vga - ok
11:30:19.0574 5924 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
11:30:19.0623 5924 VgaSave - ok
11:30:19.0652 5924 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
11:30:19.0677 5924 viaagp - ok
11:30:19.0698 5924 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
11:30:19.0795 5924 ViaC7 - ok
11:30:19.0928 5924 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
11:30:19.0952 5924 viaide - ok
11:30:20.0120 5924 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
11:30:20.0156 5924 volmgr - ok
11:30:20.0338 5924 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
11:30:20.0480 5924 volmgrx - ok
11:30:20.0603 5924 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
11:30:20.0639 5924 volsnap - ok
11:30:20.0719 5924 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
11:30:20.0746 5924 vsmraid - ok
11:30:20.0844 5924 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
11:30:21.0086 5924 WacomPen - ok
11:30:21.0222 5924 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:30:21.0257 5924 Wanarp - ok
11:30:21.0337 5924 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
11:30:21.0375 5924 Wanarpv6 - ok
11:30:21.0616 5924 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
11:30:21.0643 5924 Wd - ok
11:30:21.0721 5924 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
11:30:21.0809 5924 Wdf01000 - ok
11:30:22.0091 5924 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
11:30:22.0200 5924 WmiAcpi - ok
11:30:22.0303 5924 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
11:30:22.0362 5924 WpdUsb - ok
11:30:22.0492 5924 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
11:30:22.0549 5924 ws2ifsl - ok
11:30:22.0652 5924 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:30:22.0799 5924 WUDFRd - ok
11:30:22.0899 5924 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:30:22.0928 5924 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
11:30:22.0928 5924 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)
11:30:23.0138 5924 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
11:30:23.0138 5924 \Device\Harddisk0\DR0 - detected TDSS File System (1)
11:30:23.0162 5924 Boot (0x1200) (fc6b5db762ffa41293e29022604d802f) \Device\Harddisk0\DR0\Partition0
11:30:23.0163 5924 \Device\Harddisk0\DR0\Partition0 - ok
11:30:23.0181 5924 Boot (0x1200) (67e32ccee8af990de07decd5caf89274) \Device\Harddisk0\DR0\Partition1
11:30:23.0183 5924 \Device\Harddisk0\DR0\Partition1 - ok
11:30:23.0183 5924 ============================================================
11:30:23.0183 5924 Scan finished
11:30:23.0183 5924 ============================================================
11:30:23.0200 5892 Detected object count: 6
11:30:23.0200 5892 Actual detected object count: 6
11:31:22.0828 5892 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:22.0828 5892 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:22.0831 5892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:22.0831 5892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:22.0835 5892 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:22.0835 5892 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:22.0839 5892 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user
11:31:22.0839 5892 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:31:22.0907 5892 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot
11:31:22.0908 5892 \Device\Harddisk0\DR0 - ok
11:31:22.0909 5892 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
11:32:56.0876 3896 Deinitialize success
-
ListParts Scan Results
ListParts by Farbar
Ran by Tony on 18-01-2012 at 20:15:43
Windows Vista (X86)
Running From: E:\Tony\Desktop
************************************************************
========================= Memory info ======================
Percentage of memory in use: 59%
Total physical RAM: 2045.31 MB
Available physical RAM: 836.63 MB
Total Pagefile: 4331.91 MB
Available Pagefile: 2805.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.06 MB
======================= Partitions =========================
1 Drive c: (Vista) (Fixed) (Total:55.66 GB) (Free:4.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]
2 Drive e: (Data) (Fixed) (Total:54.66 GB) (Free:16.95 GB) NTFS
Disk ### Status Size Free Dyn Gpt
-------- ---------- ------- ------- --- ---
Disk 0 Online 112 GB 0 B
Partitions of Disk 0:
===============
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 OEM 1500 MB 1024 KB
Partition 2 Primary 56 GB 1501 MB
Partition 3 Primary 55 GB 57 GB
Partition 4 Primary 1488 KB 112 GB
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
There is no volume associated with this partition.
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C Vista NTFS Partition 56 GB Healthy System (partition with boot components)
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 E Data NTFS Partition 55 GB Healthy
Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: Yes
There is no volume associated with this partition.
The boot configuration data store could not be opened.
The system cannot find the file specified.
****** End Of Log ******
-
3 of 3 postings with results of scans.
Extras.Tex Scan
OTL Extras logfile created on: 18/01/2012 18:38:31 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\Tony\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.63% Memory free
4.23 Gb Paging File | 2.86 Gb Available in Paging File | 67.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.66 Gb Total Space | 4.23 Gb Free Space | 7.59% Space Free | Partition Type: NTFS
Drive E: | 54.66 Gb Total Space | 16.95 Gb Free Space | 31.01% Space Free | Partition Type: NTFS
Computer Name: TOSHLAPTOP | User Name: Tony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 1
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02B242E1-0F5A-4766-B84C-95410E29227C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{1D497719-ED9F-45A7-93CA-B00359535382}" = lport=10243 | protocol=6 | dir=in | app=system |
"{22A6DA44-2296-4F8C-B420-ADB8F8339B25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{28873CC7-3517-432A-B0C7-8A4BBF162602}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{3838061B-A414-4DBC-B7BA-8987B7AAF3D0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{474B282C-6981-4202-B333-4D2A582E7E02}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{5AC33984-5CEC-4325-90D7-44C47D6BC8B5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5DAD3693-2AE5-4BEC-8338-D0D57451624D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{63718C6B-4833-44D7-AF42-55B14BDE2AD2}" = lport=2869 | protocol=6 | dir=in | app=system |
"{79AA6432-9175-4FC0-8231-585F09907746}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7E0BDC57-6929-4ABB-B860-7FF601569989}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{7EEC9108-758D-4D43-8944-0B3E602A78BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{81C3723A-2CA3-48A2-BCE0-D264D7E0F496}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8DC32B60-2159-4B18-90BA-720421225D09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8EBA8386-3965-4258-94D9-060339539546}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{920A3A6D-6727-460C-B5E1-62B703028CE0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9894A214-A5C4-495C-A738-356B14ABD31D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A953FCB7-C937-4DC4-B809-A1B868F5C825}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B82E172A-4B23-4171-BC61-C8B4DA0EED56}" = lport=2869 | protocol=6 | dir=in | app=system |
"{CAA91289-D34A-45DD-B521-BAD060EC7EED}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E2C5F753-82DE-4A71-BA5E-50F99B22EB7F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F29FCE75-52F5-4BDB-882B-CC4DD04A633A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FA05F3-94F3-4EB2-A8C9-3BB04E9775A2}" = protocol=17 | dir=in | app=c:\program files\o2\bin\wificfg.exe |
"{0A13C39F-AE20-4D15-9C22-DF489D6E9729}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0B0C161C-7909-45F9-B566-302902788199}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{0EBF63C0-0052-4044-BCD5-C11CD910788B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{13B73393-BF68-4DDE-BFFD-18E37B8A4AB6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{1D8E1A26-B5CC-4A8B-82DA-9E76E77143D2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{1E49A516-E29A-4917-8B9C-B164F59C4CDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2712C155-1C2E-474D-AA5C-5933981630AB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{276570D8-7D73-4C51-A4CA-E2BCE1B491D4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{297E1764-50E0-4DA8-9F7F-8E01161904CD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{2A7CB954-D876-4E7D-A174-63C7B26185D3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{3F0AD14A-D50B-4BFE-B4CC-9F7F38A1A8FA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{4EF48426-469A-457F-96CE-F5367C79E0CC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |
"{58F4EB47-3AC4-449D-8B74-00FB379171DA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{5FC4F128-A435-4792-98E1-4C867E26B56E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5FDAE6BF-682F-4B6F-AA96-64F95CA48220}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6304CBA4-9AA8-497D-9232-04269313E302}" = protocol=17 | dir=in | app=c:\program files\o2\agent\bin\bcont.exe |
"{667139F4-1876-4528-967A-C11308CAB69B}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |
"{761E6B3A-2232-4644-8282-365CFA1FC227}" = protocol=6 | dir=in | app=c:\program files\o2\agent\bin\bcont_nm.exe |
"{77CCF2CC-B0F0-443D-A864-06EF634D6CE1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{794B07C2-F8A2-4E5D-927B-1CDD2335A05F}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe |
"{795CC4C9-4D3A-4FEA-B366-1470354F49F9}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{8062E58E-896C-4C93-8004-4702871350B1}" = protocol=6 | dir=in | app=c:\program files\o2\agent\bin\bcont.exe |
"{83C709E2-42CD-4CDA-8D50-973C2BC0BF6B}" = protocol=17 | dir=in | app=c:\program files\common files\supportsoft\bin\ssrc.exe |
"{8A660352-1B52-42C5-B098-A8E9E2133A81}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{92B64A61-9C1D-4CF4-A7A3-59CBFE172C7F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{99D2CE0A-DCD4-4B4F-B110-991D8CFD321A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{9FF04AF6-99DE-4B9F-A594-0AB10FD35FC3}" = protocol=6 | dir=out | app=system |
"{ADFC2D84-54DE-4C71-8AD5-0862D930F0DF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{B0CC5B83-0203-488A-8E8C-2EA4DB4E06FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0FE688F-214F-473A-BD72-EA6AF75D9433}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe |
"{BD12F343-4345-4424-96FE-1DA51EF32B67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C3740A59-CCBD-4475-8181-0ABF6503BC13}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe |
"{DC4BFCE0-F0A8-471F-AE4F-25BD59C98836}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E0120A07-C0AB-47EB-8034-E804C3EE6D2C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{E02C558F-7A37-45D1-8614-0D52FD990F70}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe |
"{E0689AE3-911B-4B58-AB9F-3565237DD977}" = protocol=17 | dir=in | app=c:\program files\o2\agent\bin\bcont_nm.exe |
"{E6501D52-C907-41DA-BBAF-51DCD2B3F836}" = protocol=6 | dir=in | app=c:\program files\common files\supportsoft\bin\ssrc.exe |
"{F136CD88-B850-4226-B8D2-F0DB843ED25E}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe |
"{F984ECAC-A5C7-4E68-AB7C-0CAD369FBC98}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD0D248B-B65A-4C92-AFE6-A0C083A90F20}" = protocol=6 | dir=in | app=c:\program files\o2\bin\wificfg.exe |
"TCP Query User{2763BAD4-76DC-4979-93FC-C178AEBBC1D7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{D90F8E15-141C-4619-974B-56521E160445}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{143228CD-0B6B-4A48-86B9-728220BE37E6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{48E45402-7026-4B94-AB6A-04EEC4762414}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0020FEE2-7CDB-4250-B04B-81D68D3CA18B}" =
"{059AE187-404C-47C5-B846-097DAF59DC44}" = Adobe Stock Photos 1.0
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = TOSHIBA Manuals
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300" = Canon iP3300
"{1240A058-8BCE-4A3B-BF82-6E5B801D71BA}" = Garmin City Navigator Europe NT 2009 Update
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25
"{27237DBF-81A7-4569-908C-48427460B7BA}" = The Panorama Factory V5 m32 Edition
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0
"{2BA8A909-F17C-4AE5-85C1-9107B7A60D26}" = Toshiba TEMPRO
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater
"{3A3923F8-AA05-4281-9F6F-DC6F85D0092D}" = Garmin POI Loader
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3D1E03-D506-4163-B600-82EE27FC5A89}" = Microsoft Camera Codec Pack
"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor
"{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}" = O2 Broadband Assistant
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5508128A-2C7B-46B5-81F9-58E8E8115F0B}" = AdblockIE
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{70FF1E06-E533-4552-B384-DA4EE4AC1615}" = Photo Print Calendar from YOKOHAMA Ver.3.00E beta
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74892A2F-57B2-48E4-81C3-1E21E12A470B}" = TOSHIBA Supervisor Password
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007
"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92CA58DD-4475-461C-828B-4A832B1EC080}" = Noiseware Community Edition
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007F-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B57A7B53-0662-4AC0-9352-2AE2D8212A9F}" = Garmin Communicator Plugin
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0
"{B77A308F-85F5-4D68-8CB5-313332CB2779}" = TOSHIBA Hardware Setup
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CA8AC9B9-AEEA-4078-9B34-5E7A160E6861}" = Free Grids for Word 2007
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 2.20
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F1B1BB41-2494-4FC2-BEF7-9C282B6815A8}" = Image Resizer Powertoy Clone for Windows
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F2F8B712-8770-4058-8EDF-FBA80A6C952F}" = Instant JPEG From RAW
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"ASAP Utilities_is1" = ASAP Utilities
"aTube Catcher" = aTube Catcher
"Audacity_is1" = Audacity 1.2.6
"BabylonToolbar" = Babylon toolbar on IE
"Canon RAW Codec" = Canon RAW Codec
"CCleaner" = CCleaner
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"DivX Setup.divx.com" = DivX Setup
"DVD Flick_is1" = DVD Flick 1.3.0.7
"ESET Online Scanner" = ESET Online Scanner v3
"ExtractNow_is1" = ExtractNow
"Foxit Reader" = Foxit Reader
"Freemake Audio Converter_is1" = Freemake Audio Converter version 1.1.0
"ieSpell" = ieSpell
"ImgBurn" = ImgBurn
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"IrfanView" = IrfanView (remove only)
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MozBackup" = MozBackup 1.4.9
"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)
"MSC" = McAfee Internet Security
"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1
"Neat Image_is1" = Neat Image v5 Demo (with plug-in)
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa 3" = Picasa 3
"QuicktimeAlt_is1" = QuickTime Alternative 1.81
"RealAlt_is1" = Real Alternative 1.52
"Recuva" = Recuva
"SpywareBlaster_is1" = SpywareBlaster 4.5
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"SystemRequirementsLab" = System Requirements Lab
"ULTIMATER" = Microsoft Office Ultimate 2007
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 1.1.11
"vShare" = vShare Plugin
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.2
"Xvid Video Codec 1.3.2" = Xvid Video Codec
"ZhornStickies" = Stickies 7.1b
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 17/01/2012 15:39:59 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 17/01/2012 15:39:59 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 17/01/2012 15:56:29 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 17/01/2012 15:56:29 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 17/01/2012 16:03:57 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 17/01/2012 16:03:57 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 18/01/2012 13:59:55 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 18/01/2012 14:11:51 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013
Description =
Error - 18/01/2012 14:34:52 | Computer Name = ToshLaptop | Source = Application Error | ID = 1000
Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module DropboxExt.14.dll, version 1.0.0.14, time stamp 0x4bfd6926,
exception code 0xc0000005, fault offset 0x0000446c, process id 0x914, application
start time 0x01ccd5f307cdf00d.
Error - 18/01/2012 14:46:12 | Computer Name = ToshLaptop | Source = Application Error | ID = 1000
Description = Faulting application Explorer.exe, version 6.0.6002.18005, time stamp
0x49e01da5, faulting module DropboxExt.14.dll, version 1.0.0.14, time stamp 0x4bfd6926,
exception code 0xc0000005, fault offset 0x0000446c, process id 0x14d8, application
start time 0x01ccd60fe3836aad.
[ Media Center Events ]
Error - 03/04/2008 10:56:17 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 16/04/2008 16:20:53 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 18/04/2008 06:03:59 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 23/05/2008 15:26:00 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 25/05/2008 05:33:59 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.
Error - 13/06/2008 05:59:16 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 13/06/2008 05:59:20 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 06/07/2008 10:25:18 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 17/07/2008 13:14:36 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
Error - 05/09/2008 15:57:45 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0
Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError
returned 10000105 Process: DefaultDomain Object Name: Media Center Guide
[ OSession Events ]
Error - 18/10/2008 15:29:03 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1255
seconds with 900 seconds of active time. This session ended with a crash.
Error - 27/03/2009 08:02:12 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 754
seconds with 0 seconds of active time. This session ended with a crash.
Error - 16/04/2009 10:06:10 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1867
seconds with 660 seconds of active time. This session ended with a crash.
Error - 13/01/2011 14:20:58 | Computer Name = ToshLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 319
seconds with 120 seconds of active time. This session ended with a crash.
Error - 02/07/2011 16:36:47 | Computer Name = ToshLaptop | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 135
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 18/01/2012 06:16:29 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 18/01/2012 11:08:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 18/01/2012 11:08:26 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 18/01/2012 11:08:26 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7001
Description =
Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7000
Description =
Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7001
Description =
Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7026
Description =
Error - 18/01/2012 11:09:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
Error - 18/01/2012 11:29:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199
Description = The file system structure on the disk is corrupt and unusable. Please
run the chkdsk utility on the volume .
< End of report >
-
2nd Posting of 3 of Scans
OTL.Txt Scan.
OTL logfile created on: 18/01/2012 18:38:31 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = E:\Tony\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
2.00 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.63% Memory free
4.23 Gb Paging File | 2.86 Gb Available in Paging File | 67.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 55.66 Gb Total Space | 4.23 Gb Free Space | 7.59% Space Free | Partition Type: NTFS
Drive E: | 54.66 Gb Total Space | 16.95 Gb Free Space | 31.01% Space Free | Partition Type: NTFS
Computer Name: TOSHLAPTOP | User Name: Tony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/01/18 18:37:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com
PRC - [2012/01/17 19:58:31 | 001,130,496 | ---- | M] (Zhorn Software) -- C:\Program Files\Stickies\stickies.exe
PRC - [2011/12/22 16:38:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe
PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011/02/07 16:42:10 | 000,477,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MSC\McUICnt.exe
PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2010/12/14 07:31:12 | 000,184,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSM\McSmtFwk.exe
PRC - [2010/08/27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe
PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe
PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/06/24 18:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
PRC - [2007/06/07 15:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\O2\bin\sprtsvc.exe
PRC - [2006/12/14 19:06:14 | 000,428,152 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe
PRC - [2006/09/12 07:03:00 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006/08/23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
========== Modules (No Company Name) ==========
MOD - [2012/01/17 19:58:30 | 000,049,152 | ---- | M] () -- C:\Program Files\Stickies\shook70.dll
MOD - [2011/12/22 16:38:40 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/11/15 20:08:02 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL
========== Win32 Services (SafeList) ==========
SRV - [2011/10/18 16:59:54 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)
SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)
SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/09/24 16:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2010/08/27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)
SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2010/06/25 17:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2008/06/24 18:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)
SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/06/07 15:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\O2\bin\sprtsvc.exe -- (sprtsvc_O2) SupportSoft Sprocket Service (O2)
SRV - [2006/12/14 19:06:14 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2006/09/12 07:03:00 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/08/23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
========== Driver Services (SafeList) ==========
DRV - [2012/01/16 19:55:08 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)
DRV - [2012/01/16 19:55:08 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2012/01/16 19:54:59 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)
DRV - [2012/01/16 19:54:56 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman)
DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/10/15 13:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)
DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/10/15 13:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)
DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/12/30 14:19:40 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2010/06/25 17:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)
DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)
DRV - [2009/01/30 08:12:00 | 007,544,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008/11/17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®
DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2007/11/09 04:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007/09/26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®
DRV - [2007/01/09 08:22:28 | 000,006,144 | ---- | M] (Chic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr)
DRV - [2006/11/19 22:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/10/30 08:42:28 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®
DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/08/31 05:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/07/06 12:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)
DRV - [2006/02/14 17:50:52 | 000,216,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/02/14 17:41:20 | 000,208,256 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2005/08/01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/03/30 17:29:48 | 000,374,816 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PRISMA02.sys -- (PRISM_A02)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = E:\Tony\Desktop
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tonyquarmby.webs.com/
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=mcafee&p="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/09 18:37:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/18 15:12:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/22 16:38:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/17 19:33:08 | 000,000,000 | ---D | M]
[2012/01/11 18:07:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Extensions
[2011/01/16 15:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\4ddpy4my.Default User\extensions
[2011/01/16 15:01:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\4ddpy4my.Default User\extensions\vshare@toolbar
[2012/01/06 10:31:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions
[2008/09/08 18:42:30 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(179)
[2012/01/04 08:24:58 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
[2010/04/27 16:14:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/09/29 19:08:15 | 000,000,000 | ---D | M] (Worksmedia kiosk) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{3D72F2D1-EC9F-47d8-AF1F-E9F027FCA20C}
[2010/08/29 19:55:26 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}
[2011/07/04 16:45:50 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\en-GB@dictionaries.addons.mozilla.org
[2011/08/14 11:23:34 | 000,002,571 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\searchplugins\askcom.xml
[2011/01/16 15:14:32 | 000,001,583 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\searchplugins\web-search.xml
[2012/01/16 19:31:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/01/16 19:31:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2012/01/18 15:12:29 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE
() (No name found) -- C:\USERS\TONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8W1JRLX1.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\USERS\TONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8W1JRLX1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011/12/22 16:38:42 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2004/07/02 13:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\components\np32asw.dll
[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2004/07/02 13:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll
[2011/05/23 09:37:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2007/04/05 17:12:50 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\mozilla firefox\plugins\npdsplay.dll
[2009/07/15 12:07:07 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll
[2008/06/30 21:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll
[2007/04/05 17:14:35 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npwmsdrm.dll
[2010/01/01 08:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/07 12:12:38 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2011/11/09 17:53:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
O1 HOSTS File: ([2011/05/17 14:07:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227165111.dll (McAfee, Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {8B68564D-53FD-4293-B80C-993A9F3988EE} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()
O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()
O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)
O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch...acker_url.pl?EN File not found
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: microsoft.com ([office] http in Trusted sites)
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites)
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites)
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: office.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: ukhairdressers.com ([www] http in Trusted sites)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C05DF91-ED39-4D58-99F1-092B34C46930}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5291AF49-A5C9-4154-90AC-597BAF10F533}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\vsharechrome - No CLSID value found
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\Tony\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Tony\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\System32\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/01/18 18:37:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com
[2012/01/18 18:32:51 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\RK_Quarantine
[2012/01/18 18:28:52 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\Malwarebyte Asst
[2012/01/18 17:07:30 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\HUMAX HDR-FOXT2
[2012/01/18 15:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2012/01/17 19:40:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2012/01/17 18:56:42 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\dvdmf-20070731144350
[2012/01/17 15:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012/01/16 20:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio
[2012/01/16 20:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny
[2012/01/16 20:14:05 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Downloaded Installations
[2012/01/16 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/01/16 19:32:50 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2012/01/16 19:32:50 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2012/01/16 19:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012/01/16 19:32:49 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2012/01/16 19:32:49 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2012/01/16 19:32:48 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2012/01/16 19:32:48 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2012/01/16 19:32:48 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2012/01/16 19:32:47 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2012/01/16 19:32:40 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2012/01/16 19:32:37 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax
[2012/01/16 19:32:33 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2012/01/16 19:32:32 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2012/01/16 19:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012/01/16 19:31:44 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Babylon
[2012/01/16 19:31:40 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Babylon
[2012/01/16 19:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012/01/16 19:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2012/01/16 19:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smoky City Design
[2012/01/16 19:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Smoky City Design
[2012/01/16 18:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012/01/16 18:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
[2012/01/16 08:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2012/01/16 07:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2012/01/15 22:07:33 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\EnablePinToStart
[2012/01/14 10:18:53 | 014,054,768 | ---- | C] (SUPERAntiSpyware.com) -- E:\Tony\Desktop\SUPERAntiSpyware.exe
[2012/01/13 22:19:05 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\All_Users_Home_Premium
[2012/01/13 21:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/01/12 15:41:37 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check
[2012/01/11 15:18:21 | 000,000,000 | ---D | C] -- E:\Tony\Documents\Golf Club Ladies Section
[2012/01/10 18:10:31 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Moonchild Productions
[2012/01/10 18:10:30 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Moonchild Productions
[2011/12/30 14:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix
[2011/12/30 14:25:38 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Citrix
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/01/18 18:37:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com
[2012/01/18 18:36:09 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/18 18:32:42 | 000,787,456 | ---- | M] () -- E:\Tony\Desktop\RogueKiller.exe
[2012/01/18 18:30:13 | 000,334,421 | ---- | M] () -- E:\Tony\Desktop\FSS.exe
[2012/01/18 18:01:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945816239-1367927972-834362508-1000UA.job
[2012/01/18 17:08:23 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 17:08:23 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/01/18 17:07:24 | 000,101,384 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012/01/18 15:15:15 | 000,001,700 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2012/01/18 15:12:01 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Untitled.URL
[2012/01/18 15:08:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/01/18 10:01:04 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945816239-1367927972-834362508-1000Core.job
[2012/01/17 21:30:53 | 000,000,059 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Huddersfield Town Welcome.URL
[2012/01/17 21:05:12 | 000,000,086 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Buy Samsung BD-DT7800M HDD 500GB Digital Recorder, Freeview HD with Built-in Wi-Fi online at JohnLewis.com.URL
[2012/01/17 20:56:25 | 000,002,611 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2012/01/17 20:53:59 | 000,000,098 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital TV receivers & recorders 2011 winner - What Hi-Fi Sound and Vision Awards whathifi.com.URL
[2012/01/17 20:41:33 | 000,000,071 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\ThatCable HDMI review from the experts at whathifi.com.URL
[2012/01/17 20:35:25 | 000,000,105 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Toshiba Support Forums Toshiba Product Recovery.URL
[2012/01/17 19:58:31 | 000,000,805 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2012/01/17 19:58:31 | 000,000,589 | ---- | M] () -- C:\Windows\uninstallstickies.bat
[2012/01/17 19:06:53 | 000,101,384 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012/01/17 17:32:12 | 000,000,695 | ---- | M] () -- E:\Tony\Desktop\ExtractNow.lnk
[2012/01/17 15:54:31 | 007,711,788 | ---- | M] () -- E:\Tony\Documents\Firefox 9.0.1 (en-US) - 2012-01-17.pcv
[2012/01/17 12:07:33 | 000,000,110 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Panasonic DMREX83 Black DVD Recorder HDD 250GB Freeview Richer Sounds.URL
[2012/01/17 10:21:56 | 000,000,122 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Humax HDR-FOXT2 Freeview+ HD Box 500GB Hard Drive PVR Richer Sounds.URL
[2012/01/16 20:26:15 | 000,000,078 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Removal - HijackThis Logs - Malwarebytes Forum.URL
[2012/01/16 19:54:53 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk
[2012/01/16 19:38:00 | 000,000,727 | ---- | M] () -- E:\Tony\Desktop\SpywareBlaster.lnk
[2012/01/16 19:32:04 | 000,000,237 | ---- | M] () -- C:\user.js
[2012/01/16 19:20:51 | 000,000,077 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/01/16 18:13:01 | 000,000,079 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\General Malwarebytes' Anti-Malware Forum - Malwarebytes Forum.URL
[2012/01/16 18:11:35 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\search redirected - Malwarebytes Forum.URL
[2012/01/16 08:16:26 | 000,002,639 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2012/01/16 08:15:26 | 000,416,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/01/16 07:28:08 | 000,614,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/01/16 07:28:08 | 000,111,882 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/01/15 22:07:11 | 000,000,128 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Enable Pin to Start Menu for Folders in Windows Vista XP - How-To Geek.URL
[2012/01/15 22:03:36 | 000,000,123 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pin Any Folder to the Vista Start Menu the Easy Way - How-To Geek.URL
[2012/01/15 17:34:31 | 000,000,116 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - Restore Missing Default Shortcuts - Vista Forums.URL
[2012/01/15 14:51:29 | 000,119,185 | ---- | M] () -- E:\Tony\Desktop\System Restore Failure.jpg
[2012/01/15 13:28:52 | 000,001,356 | ---- | M] () -- C:\Users\Tony\AppData\Local\d3d9caps.dat
[2012/01/15 10:50:30 | 000,000,112 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\CLICK FREE C2 Portable Hard Drive - 500GB buy online Currys.URL
[2012/01/15 10:40:27 | 000,000,145 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\500GB ClickFree C2N USB 3.0 External Portable Home Backup Drive - HDD - 527N3-1004-300 - Scan.co.uk.URL
[2012/01/15 10:30:13 | 000,000,066 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Clickfree C2 Portable Backup Clickfree Automatic Backup.URL
[2012/01/14 22:18:41 | 000,000,845 | ---- | M] () -- E:\Tony\Desktop\CCleaner.lnk
[2012/01/14 22:00:40 | 000,000,080 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Open Talk Forum Digital Photography Review.URL
[2012/01/14 21:30:01 | 000,000,062 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Canon Digital Photography Forums - Powered by vBulletin.URL
[2012/01/14 21:24:30 | 000,000,047 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\BBC - Homepage.URL
[2012/01/14 11:34:55 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\DATM - Down At The Mac - Huddersfield Town Forum - Talk of the Town.URL
[2012/01/14 11:14:56 | 000,000,091 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How come i cant find microsoft word processor on my computer - Yahoo! Answers.URL
[2012/01/14 10:31:26 | 000,000,209 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Sign In.URL
[2012/01/14 10:23:04 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/01/14 10:22:05 | 014,054,768 | ---- | M] (SUPERAntiSpyware.com) -- E:\Tony\Desktop\SUPERAntiSpyware.exe
[2012/01/14 10:18:05 | 000,000,050 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.URL
[2012/01/14 09:32:18 | 000,000,071 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Helproom - Forums - PC Advisor.URL
[2012/01/14 09:30:13 | 000,000,074 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - All Programs are missing - Vista Help.URL
[2012/01/14 09:14:55 | 000,000,081 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\post virus removal all start menu programs empty.URL
[2012/01/14 08:39:24 | 000,000,515 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Music - Shortcut.lnk
[2012/01/14 08:39:17 | 000,000,528 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pictures - Shortcut.lnk
[2012/01/14 08:35:40 | 000,000,149 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How do I get programs back onto my StartAll programs menu They disappeared yesterday -- Office, Games,.URL
[2012/01/13 22:50:35 | 000,001,610 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2012/01/13 22:16:14 | 000,000,104 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk
[2012/01/13 21:19:05 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/13 21:04:35 | 001,008,141 | ---- | M] () -- E:\Tony\Desktop\rkill.exe
[2012/01/13 20:24:27 | 000,684,297 | ---- | M] () -- E:\Tony\Desktop\unhide.exe
[2012/01/11 16:19:08 | 000,001,180 | ---- | M] () -- E:\Tony\Documents\cc_20120111_161902.reg
[2012/01/04 13:02:31 | 000,750,815 | ---- | M] () -- E:\Tony\Desktop\manual_retuning.pdf
[2011/12/31 19:36:16 | 000,000,598 | ---- | M] () -- E:\Tony\Documents\cc_20111231_193610.reg
[2011/12/30 14:25:36 | 000,103,784 | ---- | M] () -- C:\Users\Tony\GoToAssistDownloadHelper.exe
[2011/12/23 18:07:54 | 062,982,162 | ---- | M] () -- E:\Tony\Desktop\Marys Calendar 2012.psd
[2011/12/23 14:41:04 | 000,527,461 | R--- | M] () -- E:\Tony\Documents\TextMaskTutorial.pdf
[2011/12/22 15:22:49 | 001,959,439 | ---- | M] () -- E:\Tony\Desktop\2012 Calendar Photoshop .psd
[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/01/18 18:32:59 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys
[2012/01/18 18:32:43 | 000,787,456 | ---- | C] () -- E:\Tony\Desktop\RogueKiller.exe
[2012/01/18 18:30:16 | 000,334,421 | ---- | C] () -- E:\Tony\Desktop\FSS.exe
[2012/01/18 15:12:01 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Untitled.URL
[2012/01/17 21:30:53 | 000,000,059 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Huddersfield Town Welcome.URL
[2012/01/17 21:05:12 | 000,000,086 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Buy Samsung BD-DT7800M HDD 500GB Digital Recorder, Freeview HD with Built-in Wi-Fi online at JohnLewis.com.URL
[2012/01/17 20:53:59 | 000,000,098 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital TV receivers & recorders 2011 winner - What Hi-Fi Sound and Vision Awards whathifi.com.URL
[2012/01/17 20:41:33 | 000,000,071 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\ThatCable HDMI review from the experts at whathifi.com.URL
[2012/01/17 19:58:31 | 000,000,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk
[2012/01/17 19:40:12 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk
[2012/01/17 19:40:12 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk
[2012/01/17 19:40:12 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012/01/17 19:40:12 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk
[2012/01/17 19:40:12 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk
[2012/01/17 19:40:12 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk
[2012/01/17 19:40:12 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
[2012/01/17 19:40:12 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk
[2012/01/17 19:40:12 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk
[2012/01/17 19:40:11 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012/01/17 19:04:15 | 000,000,105 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Toshiba Support Forums Toshiba Product Recovery.URL
[2012/01/17 15:54:24 | 007,711,788 | ---- | C] () -- E:\Tony\Documents\Firefox 9.0.1 (en-US) - 2012-01-17.pcv
[2012/01/17 12:07:33 | 000,000,110 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Panasonic DMREX83 Black DVD Recorder HDD 250GB Freeview Richer Sounds.URL
[2012/01/17 10:21:56 | 000,000,122 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Humax HDR-FOXT2 Freeview+ HD Box 500GB Hard Drive PVR Richer Sounds.URL
[2012/01/16 20:26:15 | 000,000,078 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Removal - HijackThis Logs - Malwarebytes Forum.URL
[2012/01/16 19:54:53 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk
[2012/01/16 19:38:00 | 000,000,727 | ---- | C] () -- E:\Tony\Desktop\SpywareBlaster.lnk
[2012/01/16 19:32:49 | 000,121,344 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.ax
[2012/01/16 19:32:49 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2012/01/16 19:32:47 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2012/01/16 19:32:44 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2012/01/16 19:32:41 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2012/01/16 19:32:37 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2012/01/16 19:32:33 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2012/01/16 19:32:33 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2012/01/16 19:32:32 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2012/01/16 19:32:32 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2012/01/16 19:32:02 | 000,000,237 | ---- | C] () -- C:\user.js
[2012/01/16 19:20:51 | 000,000,077 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
[2012/01/16 18:50:26 | 000,001,713 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba TEMPRO Alerts.lnk
[2012/01/16 18:13:01 | 000,000,079 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\General Malwarebytes' Anti-Malware Forum - Malwarebytes Forum.URL
[2012/01/16 18:11:35 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\search redirected - Malwarebytes Forum.URL
[2012/01/16 08:16:26 | 000,002,639 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk
[2012/01/16 08:15:40 | 000,002,611 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk
[2012/01/15 22:07:11 | 000,000,128 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Enable Pin to Start Menu for Folders in Windows Vista XP - How-To Geek.URL
[2012/01/15 22:03:36 | 000,000,123 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pin Any Folder to the Vista Start Menu the Easy Way - How-To Geek.URL
[2012/01/15 17:34:31 | 000,000,116 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - Restore Missing Default Shortcuts - Vista Forums.URL
[2012/01/15 14:51:15 | 000,119,185 | ---- | C] () -- E:\Tony\Desktop\System Restore Failure.jpg
[2012/01/15 10:50:30 | 000,000,112 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\CLICK FREE C2 Portable Hard Drive - 500GB buy online Currys.URL
[2012/01/15 10:40:27 | 000,000,145 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\500GB ClickFree C2N USB 3.0 External Portable Home Backup Drive - HDD - 527N3-1004-300 - Scan.co.uk.URL
[2012/01/15 10:30:13 | 000,000,066 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Clickfree C2 Portable Backup Clickfree Automatic Backup.URL
[2012/01/14 22:18:41 | 000,000,845 | ---- | C] () -- E:\Tony\Desktop\CCleaner.lnk
[2012/01/14 22:00:40 | 000,000,080 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Open Talk Forum Digital Photography Review.URL
[2012/01/14 21:30:01 | 000,000,062 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Canon Digital Photography Forums - Powered by vBulletin.URL
[2012/01/14 21:24:30 | 000,000,047 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\BBC - Homepage.URL
[2012/01/14 11:34:55 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\DATM - Down At The Mac - Huddersfield Town Forum - Talk of the Town.URL
[2012/01/14 11:14:56 | 000,000,091 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How come i cant find microsoft word processor on my computer - Yahoo! Answers.URL
[2012/01/14 10:31:26 | 000,000,209 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Sign In.URL
[2012/01/14 10:23:04 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/01/14 10:18:05 | 000,000,050 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.URL
[2012/01/14 09:32:18 | 000,000,071 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Helproom - Forums - PC Advisor.URL
[2012/01/14 09:30:13 | 000,000,074 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - All Programs are missing - Vista Help.URL
[2012/01/14 09:14:55 | 000,000,081 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\post virus removal all start menu programs empty.URL
[2012/01/14 08:39:24 | 000,000,515 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Music - Shortcut.lnk
[2012/01/14 08:39:17 | 000,000,528 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pictures - Shortcut.lnk
[2012/01/14 08:35:40 | 000,000,149 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How do I get programs back onto my StartAll programs menu They disappeared yesterday -- Office, Games,.URL
[2012/01/13 22:50:35 | 000,001,610 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk
[2012/01/13 22:16:14 | 000,000,104 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk
[2012/01/13 21:19:05 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/13 21:04:24 | 001,008,141 | ---- | C] () -- E:\Tony\Desktop\rkill.exe
[2012/01/13 20:24:29 | 000,684,297 | ---- | C] () -- E:\Tony\Desktop\unhide.exe
[2012/01/13 17:55:55 | 000,000,954 | ---- | C] () -- E:\Tony\Desktop\Internet Explorer.lnk
[2012/01/12 16:04:57 | 000,001,700 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk
[2012/01/11 16:19:04 | 000,001,180 | ---- | C] () -- E:\Tony\Documents\cc_20120111_161902.reg
[2012/01/04 13:02:28 | 000,750,815 | ---- | C] () -- E:\Tony\Desktop\manual_retuning.pdf
[2011/12/31 19:36:14 | 000,000,598 | ---- | C] () -- E:\Tony\Documents\cc_20111231_193610.reg
[2011/12/30 14:25:34 | 000,103,784 | ---- | C] () -- C:\Users\Tony\GoToAssistDownloadHelper.exe
[2011/12/23 16:52:55 | 062,982,162 | ---- | C] () -- E:\Tony\Desktop\Marys Calendar 2012.psd
[2011/12/23 14:41:07 | 000,527,461 | R--- | C] () -- E:\Tony\Documents\TextMaskTutorial.pdf
[2011/12/22 15:22:49 | 001,959,439 | ---- | C] () -- E:\Tony\Desktop\2012 Calendar Photoshop .psd
[2011/05/13 17:03:11 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/03/05 18:10:49 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2011/03/05 18:10:49 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010/12/29 16:19:33 | 000,709,456 | ---- | C] () -- C:\Windows\is-NDSD7.exe
[2010/10/23 12:57:34 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010/10/23 12:33:41 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010/10/23 12:33:41 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010/07/08 14:48:17 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010/06/25 17:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2009/10/03 10:56:27 | 000,004,096 | ---- | C] () -- C:\Users\Tony\AppData\Local\keyfile3.drm
[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe
[2009/05/29 18:21:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009/05/29 18:21:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009/05/27 17:01:35 | 000,101,384 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009/05/27 17:01:35 | 000,101,384 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009/01/02 16:25:23 | 000,022,528 | ---- | C] () -- C:\Windows\exeshl.dll
[2009/01/02 16:25:23 | 000,000,090 | ---- | C] () -- C:\Windows\netctrl.ini
[2008/11/06 15:33:45 | 000,000,125 | ---- | C] () -- C:\Windows\AndreaMosaicPortrait.INI
[2008/11/05 20:33:20 | 000,000,220 | ---- | C] () -- C:\Windows\AndreaMosaic.INI
[2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2008/07/23 10:13:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008/06/17 14:48:16 | 000,000,728 | ---- | C] () -- C:\Windows\{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}_WiseFW.ini
[2008/05/13 01:53:16 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007/06/29 14:42:36 | 000,167,504 | ---- | C] () -- C:\Windows\System32\mlfcache.dat
[2007/03/25 15:19:26 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007/03/25 14:28:26 | 000,014,230 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2007/03/22 19:23:29 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI
[2007/03/14 10:29:33 | 000,001,801 | ---- | C] () -- C:\Windows\mozver.dat
[2007/03/13 20:35:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2007/02/23 19:28:51 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2007/02/01 19:36:58 | 000,064,000 | ---- | C] () -- C:\Users\Tony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/02/01 15:41:33 | 000,278,528 | ---- | C] () -- C:\Program Files\Common Files\FDEUnInstaller.exe
[2007/02/01 13:07:53 | 000,000,102 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\wklnhst.dat
[2007/02/01 12:37:06 | 000,012,978 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\nvModes.dat
[2007/02/01 12:37:06 | 000,012,978 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\nvModes.001
[2007/02/01 11:26:56 | 000,001,356 | ---- | C] () -- C:\Users\Tony\AppData\Local\d3d9caps.dat
[2006/12/15 11:57:23 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2006/12/15 11:57:23 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2006/12/15 11:57:23 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2006/12/15 11:57:23 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2006/12/15 11:57:23 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2006/12/15 11:57:23 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2006/12/15 11:40:24 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2006/12/15 11:22:30 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2006/12/15 11:22:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2006/12/15 11:22:30 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2006/12/15 11:22:30 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2006/12/15 11:19:10 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2006/12/15 11:19:10 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 12:47:37 | 000,416,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006/11/02 10:33:01 | 000,614,658 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006/11/02 10:33:01 | 000,111,882 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006/10/31 17:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006/08/10 15:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll
[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
========== LOP Check ==========
[2008/11/25 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Alfac
[2011/08/15 16:59:52 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Apowersoft
[2009/12/31 20:37:15 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ASAP Utilities
[2010/09/16 12:40:04 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Ashampoo
[2009/05/04 14:55:01 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Audio Record Edit Toolbox Pro
[2009/05/04 14:26:07 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Audio Recorder for Free
[2008/06/28 20:09:34 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Auslogics
[2012/01/16 19:31:40 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Babylon
[2009/03/10 13:05:42 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\DeepBurner
[2012/01/14 22:41:10 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Dropbox
[2009/07/15 12:07:24 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Foxit
[2010/03/04 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Foxit Software
[2008/11/08 21:15:21 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\GARMIN
[2011/08/15 15:50:04 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\GrabPro
[2010/12/07 19:05:36 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\gtk-2.0
[2007/04/30 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ieSpell
[2011/10/15 10:56:08 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Imagenomic
[2008/05/26 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ImgBurn
[2008/03/22 12:30:02 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\InterVideo
[2009/02/24 16:59:28 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\IObit
[2010/03/02 20:08:53 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\IrfanView
[2012/01/10 19:01:54 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Moonchild Productions
[2008/10/06 11:03:02 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\MSNStockQuote
[2011/05/24 11:25:49 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Opera
[2011/08/15 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Orbit
[2010/05/31 09:57:07 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Password Solutions
[2011/03/05 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\PC Suite
[2011/03/11 20:08:09 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\picpick
[2009/02/05 15:48:39 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Prish
[2011/08/15 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ProgSense
[2010/01/22 18:04:59 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\RawTherapee
[2012/01/16 20:36:50 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Samsung
[2010/07/08 14:53:46 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Soluto
[2012/01/18 15:08:46 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\stickies
[2009/05/27 16:36:18 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\SystemRequirementsLab
[2007/02/01 13:08:03 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Template
[2007/05/18 17:02:55 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\toshiba
[2012/01/17 19:33:38 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Ulead Systems
[2008/02/01 19:42:40 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Vso
[2010/11/18 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Webshots
[2009/09/04 11:56:29 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\WinBatch
[2008/10/29 18:59:50 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\XnView
[2012/01/18 10:37:12 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:5C321E34
< End of report >
-
Hi MrCharlie,
thank you for your assistance, plesae find below results of the scans you asked for. At the end or in the process of the scan a notice came up that Explorer had stoped working. Does this normally Happen? I will have to post the results as 2 postings as the results are to long to post in one.
Farbar Service Scanner Version: 18-01-2012
Ran by Tony (administrator) on 18-01-2012 at 18:31:06
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=DWORD:0
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
===========
File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll
[2009-05-29 18:20] - [2009-04-11 06:28] - 0204288 ____A (Microsoft Corporation)
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll
[2009-05-29 18:21] - [2009-04-11 06:28] - 0758784 ____A (Microsoft Corporation) 93952506C6D67330367F7E7934B6A02F
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll
[2009-05-29 18:20] - [2009-04-11 06:28] - 0129024 ____A (Microsoft Corporation) FB27772BEAF8E1D28CCD825C09DA939B
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
**** End of log ****
Rogue Killer Scan
RogueKiller V6.2.4 [01/12/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User: Tony [Admin rights]
Mode: Scan -- Date : 01/18/2012 18:36:28
¤¤¤ Bad processes: 1 ¤¤¤
[bLACKLIST] d3d10_1.dll -- C:\Windows\system32\d3d10_1.dll -> UNLOADED
¤¤¤ Registry Entries: 6 ¤¤¤
[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [LOADED] ¤¤¤
¤¤¤ Infection : Root.MBR ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: +++++
--- User ---
[MBR] e1105d90bb405f118578d64a17dbfc8f
[bSP] 4afd33af9ebf647cb5b164d7e7a88c91 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 1572 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 3074048 | Size: 59768 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 119810048 | Size: 58689 Mo
User = LL1 ... OK!
User != LL2 ... KO!
--- LL2 ---
[MBR] acb7588782496e353aae57f64ae676a8
[bSP] 4afd33af9ebf647cb5b164d7e7a88c91 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 1572 Mo
1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 3074048 | Size: 59768 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 119810048 | Size: 58689 Mo
3 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 234438656 | Size: 1 Mo
Finished : << RKreport[1].txt >>
RKreport[1].txt
-
Sorry about posting in the wrong forum I have re-posted in the Malware Removal forum
-
Hi
Please can you help, I've got the dreaded google (search) redirct problem, usually to "easy a-z" but there are other sites. I have run Malwarebytes, McAfee antivirus and Super Anti Spyware to no avail. I use a Toshiba A100 Laptop running Windows Vista
Regards.
-
Hi
Please can you help, I've got the dreaded google (search) redirct problem, usually to "easy a-z" but there are other sites. I have run Malwarebytes, McAfee antivirus and Super Anti Spyware to no avail. I use a Toshiba A100 Laptop running Windows Vista
Regards.
-
Hi screen 317,
thank you for all your help and advice.
Regards anthonyq
-
Hi screen317
I have done as you asked,but have not downloaded "Adobe Reader" as I prefer "Foxit Reader" is that O.K.
I notice that the report after using ESET shows that I have IE8 installed (see below) but I have IE9 installed.
Other than the points above everything seems to be running O.K
Results of screen317's Security Check version 0.99.11
Windows Vista Service Pack 2 (UAC is disabled!)
Internet Explorer 8
-
Hi screen317
please find the files that you asked for.
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# plugin-container.exe=2.0.1
# OnlineScanner.ocx=1.0.0.6522
# api_version=3.0.2
# EOSSerial=f7c87011f86b9c4eb35d662b4c477c1b
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-05-20 04:30:55
# local_time=2011-05-20 05:30:55 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=9
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=768 16777215 100 0 131064973 131064973 0 0
# compatibility_mode=5121 16777213 100 75 9324084 19414995 0 0
# compatibility_mode=5892 16776574 100 100 40522165 143431391 0 0
# compatibility_mode=8192 67108863 100 0 224 224 0 0
# scanned=153263
# found=0
# cleaned=0
# scan_time=10392
Results of screen317's Security Check version 0.99.11
Windows Vista Service Pack 2 (UAC is disabled!)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Disabled!
ESET Online Scanner v3
McAfee Internet Security
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
Malwarebytes' Anti-Malware
CCleaner
Java 6 Update 22
Out of date Java installed!
Adobe Flash Player 10.2.159.1
````````````````````````````````
Process Check:
objlist.exe by Laurent
``````````End of Log````````````
-
screen 317.
please find below the 3 files you requested. Coped/pasted.
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6598
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
17/05/2011 14:39:25
mbam-log-2011-05-17 (14-39-25).txt
Scan type: Quick scan
Objects scanned: 148513
Time elapsed: 9 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
CombiFix Log 17 05 2011
ComboFix 11-05-16.03 - Tony 17/05/2011 14:54:04.1.2 - x86
Microsoft
-
Hi screen317,
while I was awaiting a reply I ran Hitman Pro 3 which seems to have solved the problem. I later read on the Malwarebytes Forum,that I should not install other software while awaiting a reply,sorry about that. Would you advise me to still run a scan and post ect.
-
I posted in a different forum and was asked to run various things and post in this forum,with the following problem.
When using Google/Bing search,and click to go to a site I am taken to a completely different site. Have run Malwarebytes-Superantispyware-McAfee AV and Stinger. but still have the problem. Toshiba laptop running Windows Vista.
The results of the various scans are as follows.
Log File
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6562
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
12/05/2011 21:11:40
mbam-log-2011-05-12 (21-11-40).txt
Scan type: Full scan (C:\|E:\|)
Objects scanned: 279133
Time elapsed: 1 hour(s), 21 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
DDs.tet
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Tony at 8:36:12.86 on 13/05/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Microsoft
-
I posted in a different forum and was asked to run various things and post in this forum,with the following problem.
When using Google/Bing search,and click to go to a site I am taken to a completely different site. Have run Malwarebytes-Superantispyware-McAfee AV and Stinger. but still have the problem. Toshiba laptop running Windows Vista.
The results of the various scans are as follows.
Log File
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org
Database version: 6562
Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421
12/05/2011 21:11:40
mbam-log-2011-05-12 (21-11-40).txt
Scan type: Full scan (C:\|E:\|)
Objects scanned: 279133
Time elapsed: 1 hour(s), 21 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
DDs.tet
.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Tony at 8:36:12.86 on 13/05/2011
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_22
Microsoft
search redirected
in Resolved Malware Removal Logs
Posted
Hi MrCharlie,
everythings seems to be still working as it should. The reason why Photoshop was opening on start up and trying to open a file, was because there was a INI file in the Start Up folder, which I have now deleted,
Once again thank you very much for sorting out my problems.
MrT