search redirected

[anthonyq]

Hi

Please can you help, I've got the dreaded google (search) redirct problem, usually to "easy a-z" but there are other sites. I have run Malwarebytes, McAfee antivirus and Super Anti Spyware to no avail. I use a Toshiba A100 Laptop running Windows Vista

Regards.

[MrCharlie]

Welcome to the forum.

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
  
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update
    

  [*]Press "Scan".

  [*]It will create a log (FSS.txt) in the same directory the tool is run.

  [*]Please copy and paste the log to your reply.

-------------

Next..........

Please download and run RogueKiller.

Choose 1 to scan the system

Post back the report.

-------------------------

Last.......

Please download OTL from one of the links below:

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com (<---renamed version)

Save it to your desktop.

Double click on the icon on your desktop.

Click the Scan All Users checkbox.

Push the Quick Scan button.

The scan will take about 10 minutes...depends on your hard drive size.

Two reports will open, copy and paste them in a reply here: (or attach them as .txt files)

OTL.txt <-- Will be opened

Extra.txt <-- Will be minimized

MrC

[anthonyq]

Hi MrCharlie,

thank you for your assistance, plesae find below results of the scans you asked for. At the end or in the process of the scan a notice came up that Explorer had stoped working. Does this normally Happen? I will have to post the results as 2 postings as the results are to long to post in one.

Farbar Service Scanner Version: 18-01-2012

Ran by Tony (administrator) on 18-01-2012 at 18:31:06

Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:

The start type of VSS service is OK.

The ImagePath of VSS service is OK.

System Restore Disabled Policy:

========================

Security Center:

============

Windows Update:

===========

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcsvc.dll

[2009-05-29 18:20] - [2009-04-11 06:28] - 0204288 ____A (Microsoft Corporation)

C:\Windows\system32\Drivers\afd.sys => MD5 is legit

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\wscsvc.dll => MD5 is legit

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\system32\wuaueng.dll => MD5 is legit

C:\Windows\system32\qmgr.dll

[2009-05-29 18:21] - [2009-04-11 06:28] - 0758784 ____A (Microsoft Corporation) 93952506C6D67330367F7E7934B6A02F

C:\Windows\system32\es.dll => MD5 is legit

C:\Windows\system32\cryptsvc.dll

[2009-05-29 18:20] - [2009-04-11 06:28] - 0129024 ____A (Microsoft Corporation) FB27772BEAF8E1D28CCD825C09DA939B

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

Rogue Killer Scan

RogueKiller V6.2.4 [01/12/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User: Tony [Admin rights]

Mode: Scan -- Date : 01/18/2012 18:36:28

¤¤¤ Bad processes: 1 ¤¤¤

[bLACKLIST] d3d10_1.dll -- C:\Windows\system32\d3d10_1.dll -> UNLOADED

¤¤¤ Registry Entries: 6 ¤¤¤

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : Root.MBR ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] e1105d90bb405f118578d64a17dbfc8f

[bSP] 4afd33af9ebf647cb5b164d7e7a88c91 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 1572 Mo

1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 3074048 | Size: 59768 Mo

2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 119810048 | Size: 58689 Mo

User = LL1 ... OK!

User != LL2 ... KO!

--- LL2 ---

[MBR] acb7588782496e353aae57f64ae676a8

[bSP] 4afd33af9ebf647cb5b164d7e7a88c91 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 1572 Mo

1 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 3074048 | Size: 59768 Mo

2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 119810048 | Size: 58689 Mo

3 - [ACTIVE] NTFS [HIDDEN!] Offset (sectors): 234438656 | Size: 1 Mo

Finished : << RKreport[1].txt >>

RKreport[1].txt

[anthonyq]

2nd Posting of 3 of Scans

OTL.Txt Scan.

OTL logfile created on: 18/01/2012 18:38:31 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = E:\Tony\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.63% Memory free

4.23 Gb Paging File | 2.86 Gb Available in Paging File | 67.58% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 55.66 Gb Total Space | 4.23 Gb Free Space | 7.59% Space Free | Partition Type: NTFS

Drive E: | 54.66 Gb Total Space | 16.95 Gb Free Space | 31.01% Space Free | Partition Type: NTFS

Computer Name: TOSHLAPTOP | User Name: Tony | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/01/18 18:37:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com

PRC - [2012/01/17 19:58:31 | 001,130,496 | ---- | M] (Zhorn Software) -- C:\Program Files\Stickies\stickies.exe

PRC - [2011/12/22 16:38:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe

PRC - [2011/11/22 17:18:26 | 001,318,816 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe

PRC - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe

PRC - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

PRC - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe

PRC - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe

PRC - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

PRC - [2011/02/07 16:42:10 | 000,477,560 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\MSC\McUICnt.exe

PRC - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

PRC - [2010/12/14 07:31:12 | 000,184,552 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSM\McSmtFwk.exe

PRC - [2010/08/27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe

PRC - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe

PRC - [2009/04/11 06:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2008/06/24 18:56:38 | 000,431,384 | ---- | M] (Seagate) -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

PRC - [2007/06/07 15:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\O2\bin\sprtsvc.exe

PRC - [2006/12/14 19:06:14 | 000,428,152 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

PRC - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

PRC - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe

PRC - [2006/09/12 07:03:00 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe

PRC - [2006/08/23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

PRC - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe

========== Modules (No Company Name) ==========

MOD - [2012/01/17 19:58:30 | 000,049,152 | ---- | M] () -- C:\Program Files\Stickies\shook70.dll

MOD - [2011/12/22 16:38:40 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll

MOD - [2011/11/15 20:08:02 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll

MOD - [2011/10/05 03:52:30 | 000,756,048 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL

========== Win32 Services (SafeList) ==========

SRV - [2011/10/18 16:59:54 | 000,361,976 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)

SRV - [2011/10/18 14:32:30 | 000,150,856 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Windows\System32\mfevtps.exe -- (mfevtp)

SRV - [2011/10/18 14:28:34 | 000,160,608 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV - [2011/10/18 14:28:18 | 000,166,288 | ---- | M] () [unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV - [2011/08/11 23:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2011/08/10 10:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)

SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)

SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV - [2011/01/27 18:28:14 | 000,214,904 | ---- | M] (McAfee, Inc.) [unknown | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV - [2010/09/24 16:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)

SRV - [2010/08/27 12:14:42 | 000,124,368 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService) Notebook Performance Tuning Service (TEMPRO)

SRV - [2010/07/04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2010/06/25 17:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2008/06/24 18:56:38 | 000,431,384 | ---- | M] (Seagate) [Auto | Running] -- C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe -- (SgtSch2Svc)

SRV - [2008/01/19 07:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2007/06/07 15:19:40 | 000,202,280 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\O2\bin\sprtsvc.exe -- (sprtsvc_O2) SupportSoft Sprocket Service (O2)

SRV - [2006/12/14 19:06:14 | 000,428,152 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)

SRV - [2006/11/14 20:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)

SRV - [2006/10/31 22:40:16 | 000,077,824 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- c:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)

SRV - [2006/09/12 07:03:00 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)

SRV - [2006/08/23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)

SRV - [2006/05/25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)

========== Driver Services (SafeList) ==========

DRV - [2012/01/16 19:55:08 | 000,441,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\timntr.sys -- (timounter)

DRV - [2012/01/16 19:55:08 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)

DRV - [2012/01/16 19:54:59 | 000,132,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\snapman.sys -- (snapman)

DRV - [2012/01/16 19:54:56 | 000,368,480 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tdrpman.sys -- (tdrpman)

DRV - [2011/10/15 13:16:16 | 000,464,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfehidk.sys -- (mfehidk)

DRV - [2011/10/15 13:16:16 | 000,338,176 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfefirek.sys -- (mfefirek)

DRV - [2011/10/15 13:16:16 | 000,180,816 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeavfk.sys -- (mfeavfk)

DRV - [2011/10/15 13:16:16 | 000,165,680 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfewfpk.sys -- (mfewfpk)

DRV - [2011/10/15 13:16:16 | 000,121,256 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfeapfk.sys -- (mfeapfk)

DRV - [2011/10/15 13:16:16 | 000,087,656 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\mferkdet.sys -- (mferkdet)

DRV - [2011/10/15 13:16:16 | 000,064,880 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\System32\drivers\mfenlfk.sys -- (mfenlfk)

DRV - [2011/10/15 13:16:16 | 000,059,456 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\mfebopk.sys -- (mfebopk)

DRV - [2011/10/15 13:16:16 | 000,057,600 | ---- | M] (McAfee, Inc.) [Kernel | Unknown | Running] -- C:\Windows\System32\drivers\cfwids.sys -- (cfwids)

DRV - [2011/07/22 16:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)

DRV - [2011/07/12 21:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2010/12/30 14:19:40 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)

DRV - [2010/06/25 17:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\npf.sys -- (NPF)

DRV - [2010/06/14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2009/09/16 09:22:48 | 000,040,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mfesmfk.sys -- (mfesmfk)

DRV - [2009/09/16 09:22:14 | 000,034,248 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mferkdk.sys -- (mferkdk)

DRV - [2009/01/30 08:12:00 | 007,544,832 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2008/11/17 15:40:22 | 003,668,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32) Intel®

DRV - [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV - [2007/11/09 04:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)

DRV - [2007/09/26 13:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel®

DRV - [2007/01/09 08:22:28 | 000,006,144 | ---- | M] (Chic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\moufiltr.sys -- (moufiltr)

DRV - [2006/11/19 22:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)

DRV - [2006/10/30 08:42:28 | 001,786,880 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NETw3v32.sys -- (NETw3v32) Intel®

DRV - [2006/10/23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)

DRV - [2006/10/18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)

DRV - [2006/08/31 05:53:00 | 001,161,152 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2006/07/06 12:44:00 | 000,168,448 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tifm21.sys -- (tifm21)

DRV - [2006/02/14 17:50:52 | 000,216,320 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)

DRV - [2006/02/14 17:41:20 | 000,208,256 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)

DRV - [2005/08/01 16:45:08 | 000,064,896 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\tosrfcom.sys -- (Tosrfcom)

DRV - [2004/03/30 17:29:48 | 000,374,816 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PRISMA02.sys -- (PRISM_A02)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = E:\Tony\Desktop

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?ocid=OIE9HP

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://tonyquarmby.webs.com/

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "Secure Search"

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "http://www.google.co.uk/"

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3

FF - prefs.js..extensions.enabledItems: en-GB@dictionaries.addons.mozilla.org:1.19.1

FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5

FF - prefs.js..extensions.enabledItems: {B17C1C5A-04B1-11DB-9804-B622A1EF5492}:1.2.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}:2.12.21.1

FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0

FF - prefs.js..keyword.URL: "http://uk.search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~1\mcafee\msc\npmcsn~1.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2571: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1739: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files\Veetle\plugins\npVeetle.dll (Veetle Inc)

FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files\Veetle\Player\npvlc.dll (Veetle Inc)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Tony\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/11/09 18:37:59 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files\Common Files\McAfee\SystemCore [2012/01/18 15:12:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/22 16:38:43 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/01/17 19:33:08 | 000,000,000 | ---D | M]

[2012/01/11 18:07:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Extensions

[2011/01/16 15:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\4ddpy4my.Default User\extensions

[2011/01/16 15:01:54 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\4ddpy4my.Default User\extensions\vshare@toolbar

[2012/01/06 10:31:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions

[2008/09/08 18:42:30 | 000,000,000 | ---D | M] ("ColorfulTabs") -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe}(179)

[2012/01/04 08:24:58 | 000,000,000 | ---D | M] (IE Tab 2 (FF 3.6+)) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}

[2010/04/27 16:14:20 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/09/29 19:08:15 | 000,000,000 | ---D | M] (Worksmedia kiosk) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{3D72F2D1-EC9F-47d8-AF1F-E9F027FCA20C}

[2010/08/29 19:55:26 | 000,000,000 | ---D | M] (Password Exporter) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}

[2011/07/04 16:45:50 | 000,000,000 | ---D | M] (British English Dictionary) -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\extensions\en-GB@dictionaries.addons.mozilla.org

[2011/08/14 11:23:34 | 000,002,571 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\searchplugins\askcom.xml

[2011/01/16 15:14:32 | 000,001,583 | ---- | M] () -- C:\Users\Tony\AppData\Roaming\Mozilla\Firefox\Profiles\8w1jrlx1.default\searchplugins\web-search.xml

[2012/01/16 19:31:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions

[2012/01/16 19:31:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com

[2012/01/18 15:12:29 | 000,000,000 | ---D | M] (McAfee ScriptScan for Firefox) -- C:\PROGRAM FILES\COMMON FILES\MCAFEE\SYSTEMCORE

() (No name found) -- C:\USERS\TONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8W1JRLX1.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI

() (No name found) -- C:\USERS\TONY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8W1JRLX1.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2011/12/22 16:38:42 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2004/07/02 13:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\components\np32asw.dll

[2011/04/14 13:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll

[2004/07/02 13:51:00 | 000,327,904 | ---- | M] (Macromedia, Inc.) -- C:\Program Files\mozilla firefox\plugins\np32asw.dll

[2011/05/23 09:37:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2007/04/05 17:12:50 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Program Files\mozilla firefox\plugins\npdsplay.dll

[2009/07/15 12:07:07 | 000,072,960 | ---- | M] (Foxit Software Company) -- C:\Program Files\mozilla firefox\plugins\npFoxitReaderPlugin.dll

[2008/06/30 21:02:00 | 000,663,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npOGAPlugin.dll

[2007/04/05 17:14:35 | 000,010,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\npwmsdrm.dll

[2010/01/01 08:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2011/09/07 12:12:38 | 000,002,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

[2011/11/09 17:53:19 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

O1 HOSTS File: ([2011/05/17 14:07:53 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20111227165111.dll (McAfee, Inc.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (no name) - {8B68564D-53FD-4293-B80C-993A9F3988EE} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKU\.DEFAULT..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)

O4 - HKU\S-1-5-18..\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\TOPI.exe (TOSHIBA)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: &ieSpell Options - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Check &Spelling - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)

O8 - Extra context menu item: Lookup on Merriam Webster - C:\Program Files\ieSpell\Merriam Webster.HTM ()

O8 - Extra context menu item: Lookup on Wikipedia - C:\Program Files\ieSpell\wikipedia.HTM ()

O9 - Extra Button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)

O9 - Extra 'Tools' menuitem : ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)

O9 - Extra 'Tools' menuitem : ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll (Red Egg Software)

O9 - Extra Button: eBay - {C08CAF1D-C0A3-40D5-9970-06D067EAC017} - http://www.webtip.ch...acker_url.pl?EN File not found

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: internet ([]about in Trusted sites)

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: mcafee.com ([]http in Trusted sites)

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: mcafee.com ([]https in Trusted sites)

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: microsoft.com ([office] http in Trusted sites)

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: o2.co.uk ([*.broadband] http in Trusted sites)

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: o2.co.uk ([*.broadband] https in Trusted sites)

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: office.com ([]http in Trusted sites)

O15 - HKU\S-1-5-21-945816239-1367927972-834362508-1000\..Trusted Domains: ukhairdressers.com ([www] http in Trusted sites)

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C05DF91-ED39-4D58-99F1-092B34C46930}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5291AF49-A5C9-4154-90AC-597BAF10F533}: DhcpNameServer = 192.168.1.254

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\vsharechrome - No CLSID value found

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O24 - Desktop WallPaper: C:\Users\Tony\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O24 - Desktop BackupWallPaper: C:\Users\Tony\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\System32\relog_ap.dll (Acronis)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 21:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/01/18 18:37:47 | 000,584,192 | ---- | C] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com

[2012/01/18 18:32:51 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\RK_Quarantine

[2012/01/18 18:28:52 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\Malwarebyte Asst

[2012/01/18 17:07:30 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\HUMAX HDR-FOXT2

[2012/01/18 15:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2012/01/17 19:40:15 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC

[2012/01/17 18:56:42 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\dvdmf-20070731144350

[2012/01/17 15:53:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup

[2012/01/16 20:45:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung New PC Studio

[2012/01/16 20:35:36 | 000,000,000 | ---D | C] -- C:\Program Files\MarkAny

[2012/01/16 20:14:05 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Downloaded Installations

[2012/01/16 19:38:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

[2012/01/16 19:32:50 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll

[2012/01/16 19:32:50 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll

[2012/01/16 19:32:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft

[2012/01/16 19:32:49 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll

[2012/01/16 19:32:49 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax

[2012/01/16 19:32:48 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax

[2012/01/16 19:32:48 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax

[2012/01/16 19:32:48 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax

[2012/01/16 19:32:47 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax

[2012/01/16 19:32:40 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax

[2012/01/16 19:32:37 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax

[2012/01/16 19:32:33 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax

[2012/01/16 19:32:32 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax

[2012/01/16 19:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar

[2012/01/16 19:31:44 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Babylon

[2012/01/16 19:31:40 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Babylon

[2012/01/16 19:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

[2012/01/16 19:31:03 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft

[2012/01/16 19:03:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smoky City Design

[2012/01/16 19:03:31 | 000,000,000 | ---D | C] -- C:\Program Files\Smoky City Design

[2012/01/16 18:46:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN

[2012/01/16 18:30:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid

[2012/01/16 08:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2012/01/16 07:59:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio

[2012/01/15 22:07:33 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\EnablePinToStart

[2012/01/14 10:18:53 | 014,054,768 | ---- | C] (SUPERAntiSpyware.com) -- E:\Tony\Desktop\SUPERAntiSpyware.exe

[2012/01/13 22:19:05 | 000,000,000 | ---D | C] -- E:\Tony\Desktop\All_Users_Home_Premium

[2012/01/13 21:19:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/01/12 15:41:37 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Check

[2012/01/11 15:18:21 | 000,000,000 | ---D | C] -- E:\Tony\Documents\Golf Club Ladies Section

[2012/01/10 18:10:31 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Moonchild Productions

[2012/01/10 18:10:30 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Roaming\Moonchild Productions

[2011/12/30 14:25:56 | 000,000,000 | ---D | C] -- C:\Program Files\Citrix

[2011/12/30 14:25:38 | 000,000,000 | ---D | C] -- C:\Users\Tony\AppData\Local\Citrix

[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/01/18 18:37:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- E:\Tony\Desktop\OTL.com

[2012/01/18 18:36:09 | 000,111,872 | ---- | M] () -- C:\Windows\System32\drivers\TrueSight.sys

[2012/01/18 18:32:42 | 000,787,456 | ---- | M] () -- E:\Tony\Desktop\RogueKiller.exe

[2012/01/18 18:30:13 | 000,334,421 | ---- | M] () -- E:\Tony\Desktop\FSS.exe

[2012/01/18 18:01:01 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945816239-1367927972-834362508-1000UA.job

[2012/01/18 17:08:23 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012/01/18 17:08:23 | 000,003,296 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012/01/18 17:07:24 | 000,101,384 | ---- | M] () -- C:\ProgramData\nvModes.001

[2012/01/18 15:15:15 | 000,001,700 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk

[2012/01/18 15:12:01 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Untitled.URL

[2012/01/18 15:08:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/01/18 10:01:04 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-945816239-1367927972-834362508-1000Core.job

[2012/01/17 21:30:53 | 000,000,059 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Huddersfield Town Welcome.URL

[2012/01/17 21:05:12 | 000,000,086 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Buy Samsung BD-DT7800M HDD 500GB Digital Recorder, Freeview HD with Built-in Wi-Fi online at JohnLewis.com.URL

[2012/01/17 20:56:25 | 000,002,611 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk

[2012/01/17 20:53:59 | 000,000,098 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital TV receivers & recorders 2011 winner - What Hi-Fi Sound and Vision Awards whathifi.com.URL

[2012/01/17 20:41:33 | 000,000,071 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\ThatCable HDMI review from the experts at whathifi.com.URL

[2012/01/17 20:35:25 | 000,000,105 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Toshiba Support Forums Toshiba Product Recovery.URL

[2012/01/17 19:58:31 | 000,000,805 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk

[2012/01/17 19:58:31 | 000,000,589 | ---- | M] () -- C:\Windows\uninstallstickies.bat

[2012/01/17 19:06:53 | 000,101,384 | ---- | M] () -- C:\ProgramData\nvModes.dat

[2012/01/17 17:32:12 | 000,000,695 | ---- | M] () -- E:\Tony\Desktop\ExtractNow.lnk

[2012/01/17 15:54:31 | 007,711,788 | ---- | M] () -- E:\Tony\Documents\Firefox 9.0.1 (en-US) - 2012-01-17.pcv

[2012/01/17 12:07:33 | 000,000,110 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Panasonic DMREX83 Black DVD Recorder HDD 250GB Freeview Richer Sounds.URL

[2012/01/17 10:21:56 | 000,000,122 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Humax HDR-FOXT2 Freeview+ HD Box 500GB Hard Drive PVR Richer Sounds.URL

[2012/01/16 20:26:15 | 000,000,078 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Removal - HijackThis Logs - Malwarebytes Forum.URL

[2012/01/16 19:54:53 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk

[2012/01/16 19:38:00 | 000,000,727 | ---- | M] () -- E:\Tony\Desktop\SpywareBlaster.lnk

[2012/01/16 19:32:04 | 000,000,237 | ---- | M] () -- C:\user.js

[2012/01/16 19:20:51 | 000,000,077 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

[2012/01/16 18:13:01 | 000,000,079 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\General Malwarebytes' Anti-Malware Forum - Malwarebytes Forum.URL

[2012/01/16 18:11:35 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\search redirected - Malwarebytes Forum.URL

[2012/01/16 08:16:26 | 000,002,639 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk

[2012/01/16 08:15:26 | 000,416,760 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012/01/16 07:28:08 | 000,614,658 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012/01/16 07:28:08 | 000,111,882 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012/01/15 22:07:11 | 000,000,128 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Enable Pin to Start Menu for Folders in Windows Vista XP - How-To Geek.URL

[2012/01/15 22:03:36 | 000,000,123 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pin Any Folder to the Vista Start Menu the Easy Way - How-To Geek.URL

[2012/01/15 17:34:31 | 000,000,116 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - Restore Missing Default Shortcuts - Vista Forums.URL

[2012/01/15 14:51:29 | 000,119,185 | ---- | M] () -- E:\Tony\Desktop\System Restore Failure.jpg

[2012/01/15 13:28:52 | 000,001,356 | ---- | M] () -- C:\Users\Tony\AppData\Local\d3d9caps.dat

[2012/01/15 10:50:30 | 000,000,112 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\CLICK FREE C2 Portable Hard Drive - 500GB buy online Currys.URL

[2012/01/15 10:40:27 | 000,000,145 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\500GB ClickFree C2N USB 3.0 External Portable Home Backup Drive - HDD - 527N3-1004-300 - Scan.co.uk.URL

[2012/01/15 10:30:13 | 000,000,066 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Clickfree C2 Portable Backup Clickfree Automatic Backup.URL

[2012/01/14 22:18:41 | 000,000,845 | ---- | M] () -- E:\Tony\Desktop\CCleaner.lnk

[2012/01/14 22:00:40 | 000,000,080 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Open Talk Forum Digital Photography Review.URL

[2012/01/14 21:30:01 | 000,000,062 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Canon Digital Photography Forums - Powered by vBulletin.URL

[2012/01/14 21:24:30 | 000,000,047 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\BBC - Homepage.URL

[2012/01/14 11:34:55 | 000,000,083 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\DATM - Down At The Mac - Huddersfield Town Forum - Talk of the Town.URL

[2012/01/14 11:14:56 | 000,000,091 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How come i cant find microsoft word processor on my computer - Yahoo! Answers.URL

[2012/01/14 10:31:26 | 000,000,209 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Sign In.URL

[2012/01/14 10:23:04 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2012/01/14 10:22:05 | 014,054,768 | ---- | M] (SUPERAntiSpyware.com) -- E:\Tony\Desktop\SUPERAntiSpyware.exe

[2012/01/14 10:18:05 | 000,000,050 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.URL

[2012/01/14 09:32:18 | 000,000,071 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Helproom - Forums - PC Advisor.URL

[2012/01/14 09:30:13 | 000,000,074 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - All Programs are missing - Vista Help.URL

[2012/01/14 09:14:55 | 000,000,081 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\post virus removal all start menu programs empty.URL

[2012/01/14 08:39:24 | 000,000,515 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Music - Shortcut.lnk

[2012/01/14 08:39:17 | 000,000,528 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pictures - Shortcut.lnk

[2012/01/14 08:35:40 | 000,000,149 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How do I get programs back onto my StartAll programs menu They disappeared yesterday -- Office, Games,.URL

[2012/01/13 22:50:35 | 000,001,610 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk

[2012/01/13 22:16:14 | 000,000,104 | ---- | M] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk

[2012/01/13 21:19:05 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/01/13 21:04:35 | 001,008,141 | ---- | M] () -- E:\Tony\Desktop\rkill.exe

[2012/01/13 20:24:27 | 000,684,297 | ---- | M] () -- E:\Tony\Desktop\unhide.exe

[2012/01/11 16:19:08 | 000,001,180 | ---- | M] () -- E:\Tony\Documents\cc_20120111_161902.reg

[2012/01/04 13:02:31 | 000,750,815 | ---- | M] () -- E:\Tony\Desktop\manual_retuning.pdf

[2011/12/31 19:36:16 | 000,000,598 | ---- | M] () -- E:\Tony\Documents\cc_20111231_193610.reg

[2011/12/30 14:25:36 | 000,103,784 | ---- | M] () -- C:\Users\Tony\GoToAssistDownloadHelper.exe

[2011/12/23 18:07:54 | 062,982,162 | ---- | M] () -- E:\Tony\Desktop\Marys Calendar 2012.psd

[2011/12/23 14:41:04 | 000,527,461 | R--- | M] () -- E:\Tony\Documents\TextMaskTutorial.pdf

[2011/12/22 15:22:49 | 001,959,439 | ---- | M] () -- E:\Tony\Desktop\2012 Calendar Photoshop .psd

[3 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]

[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/01/18 18:32:59 | 000,111,872 | ---- | C] () -- C:\Windows\System32\drivers\TrueSight.sys

[2012/01/18 18:32:43 | 000,787,456 | ---- | C] () -- E:\Tony\Desktop\RogueKiller.exe

[2012/01/18 18:30:16 | 000,334,421 | ---- | C] () -- E:\Tony\Desktop\FSS.exe

[2012/01/18 15:12:01 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Untitled.URL

[2012/01/17 21:30:53 | 000,000,059 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Huddersfield Town Welcome.URL

[2012/01/17 21:05:12 | 000,000,086 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Buy Samsung BD-DT7800M HDD 500GB Digital Recorder, Freeview HD with Built-in Wi-Fi online at JohnLewis.com.URL

[2012/01/17 20:53:59 | 000,000,098 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital TV receivers & recorders 2011 winner - What Hi-Fi Sound and Vision Awards whathifi.com.URL

[2012/01/17 20:41:33 | 000,000,071 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\ThatCable HDMI review from the experts at whathifi.com.URL

[2012/01/17 19:58:31 | 000,000,805 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Stickies.lnk

[2012/01/17 19:40:12 | 000,001,950 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Photo Gallery.lnk

[2012/01/17 19:40:12 | 000,001,852 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Collaboration.lnk

[2012/01/17 19:40:12 | 000,001,803 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2012/01/17 19:40:12 | 000,001,770 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Calendar.lnk

[2012/01/17 19:40:12 | 000,001,768 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Movie Maker.lnk

[2012/01/17 19:40:12 | 000,001,757 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Defender.lnk

[2012/01/17 19:40:12 | 000,001,743 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

[2012/01/17 19:40:12 | 000,001,703 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Contacts.lnk

[2012/01/17 19:40:12 | 000,000,604 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live.lnk

[2012/01/17 19:40:11 | 000,001,630 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2012/01/17 19:04:15 | 000,000,105 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Toshiba Support Forums Toshiba Product Recovery.URL

[2012/01/17 15:54:24 | 007,711,788 | ---- | C] () -- E:\Tony\Documents\Firefox 9.0.1 (en-US) - 2012-01-17.pcv

[2012/01/17 12:07:33 | 000,000,110 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Panasonic DMREX83 Black DVD Recorder HDD 250GB Freeview Richer Sounds.URL

[2012/01/17 10:21:56 | 000,000,122 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Humax HDR-FOXT2 Freeview+ HD Box 500GB Hard Drive PVR Richer Sounds.URL

[2012/01/16 20:26:15 | 000,000,078 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Removal - HijackThis Logs - Malwarebytes Forum.URL

[2012/01/16 19:54:53 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Seagate DiscWizard.lnk

[2012/01/16 19:38:00 | 000,000,727 | ---- | C] () -- E:\Tony\Desktop\SpywareBlaster.lnk

[2012/01/16 19:32:49 | 000,121,344 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.ax

[2012/01/16 19:32:49 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll

[2012/01/16 19:32:47 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax

[2012/01/16 19:32:44 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax

[2012/01/16 19:32:41 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax

[2012/01/16 19:32:37 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax

[2012/01/16 19:32:33 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax

[2012/01/16 19:32:33 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax

[2012/01/16 19:32:32 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax

[2012/01/16 19:32:32 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax

[2012/01/16 19:32:02 | 000,000,237 | ---- | C] () -- C:\user.js

[2012/01/16 19:20:51 | 000,000,077 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

[2012/01/16 18:50:26 | 000,001,713 | ---- | C] () -- C:\Users\Public\Desktop\Toshiba TEMPRO Alerts.lnk

[2012/01/16 18:13:01 | 000,000,079 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\General Malwarebytes' Anti-Malware Forum - Malwarebytes Forum.URL

[2012/01/16 18:11:35 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\search redirected - Malwarebytes Forum.URL

[2012/01/16 08:16:26 | 000,002,639 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Excel 2007.lnk

[2012/01/16 08:15:40 | 000,002,611 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2007.lnk

[2012/01/15 22:07:11 | 000,000,128 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Enable Pin to Start Menu for Folders in Windows Vista XP - How-To Geek.URL

[2012/01/15 22:03:36 | 000,000,123 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pin Any Folder to the Vista Start Menu the Easy Way - How-To Geek.URL

[2012/01/15 17:34:31 | 000,000,116 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - Restore Missing Default Shortcuts - Vista Forums.URL

[2012/01/15 14:51:15 | 000,119,185 | ---- | C] () -- E:\Tony\Desktop\System Restore Failure.jpg

[2012/01/15 10:50:30 | 000,000,112 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\CLICK FREE C2 Portable Hard Drive - 500GB buy online Currys.URL

[2012/01/15 10:40:27 | 000,000,145 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\500GB ClickFree C2N USB 3.0 External Portable Home Backup Drive - HDD - 527N3-1004-300 - Scan.co.uk.URL

[2012/01/15 10:30:13 | 000,000,066 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Clickfree C2 Portable Backup Clickfree Automatic Backup.URL

[2012/01/14 22:18:41 | 000,000,845 | ---- | C] () -- E:\Tony\Desktop\CCleaner.lnk

[2012/01/14 22:00:40 | 000,000,080 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Open Talk Forum Digital Photography Review.URL

[2012/01/14 21:30:01 | 000,000,062 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Canon Digital Photography Forums - Powered by vBulletin.URL

[2012/01/14 21:24:30 | 000,000,047 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\BBC - Homepage.URL

[2012/01/14 11:34:55 | 000,000,083 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\DATM - Down At The Mac - Huddersfield Town Forum - Talk of the Town.URL

[2012/01/14 11:14:56 | 000,000,091 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How come i cant find microsoft word processor on my computer - Yahoo! Answers.URL

[2012/01/14 10:31:26 | 000,000,209 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Sign In.URL

[2012/01/14 10:23:04 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2012/01/14 10:18:05 | 000,000,050 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Google.URL

[2012/01/14 09:32:18 | 000,000,071 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Helproom - Forums - PC Advisor.URL

[2012/01/14 09:30:13 | 000,000,074 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Menu - All Programs are missing - Vista Help.URL

[2012/01/14 09:14:55 | 000,000,081 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\post virus removal all start menu programs empty.URL

[2012/01/14 08:39:24 | 000,000,515 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Music - Shortcut.lnk

[2012/01/14 08:39:17 | 000,000,528 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Pictures - Shortcut.lnk

[2012/01/14 08:35:40 | 000,000,149 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\How do I get programs back onto my StartAll programs menu They disappeared yesterday -- Office, Games,.URL

[2012/01/13 22:50:35 | 000,001,610 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Snipping Tool.lnk

[2012/01/13 22:16:14 | 000,000,104 | ---- | C] () -- C:\Users\Tony\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet - Shortcut.lnk

[2012/01/13 21:19:05 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/01/13 21:04:24 | 001,008,141 | ---- | C] () -- E:\Tony\Desktop\rkill.exe

[2012/01/13 20:24:29 | 000,684,297 | ---- | C] () -- E:\Tony\Desktop\unhide.exe

[2012/01/13 17:55:55 | 000,000,954 | ---- | C] () -- E:\Tony\Desktop\Internet Explorer.lnk

[2012/01/12 16:04:57 | 000,001,700 | ---- | C] () -- C:\Users\Public\Desktop\McAfee Internet Security.lnk

[2012/01/11 16:19:04 | 000,001,180 | ---- | C] () -- E:\Tony\Documents\cc_20120111_161902.reg

[2012/01/04 13:02:28 | 000,750,815 | ---- | C] () -- E:\Tony\Desktop\manual_retuning.pdf

[2011/12/31 19:36:14 | 000,000,598 | ---- | C] () -- E:\Tony\Documents\cc_20111231_193610.reg

[2011/12/30 14:25:34 | 000,103,784 | ---- | C] () -- C:\Users\Tony\GoToAssistDownloadHelper.exe

[2011/12/23 16:52:55 | 062,982,162 | ---- | C] () -- E:\Tony\Desktop\Marys Calendar 2012.psd

[2011/12/23 14:41:07 | 000,527,461 | R--- | C] () -- E:\Tony\Documents\TextMaskTutorial.pdf

[2011/12/22 15:22:49 | 001,959,439 | ---- | C] () -- E:\Tony\Desktop\2012 Calendar Photoshop .psd

[2011/05/13 17:03:11 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys

[2011/03/05 18:10:49 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll

[2011/03/05 18:10:49 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys

[2010/12/29 16:19:33 | 000,709,456 | ---- | C] () -- C:\Windows\is-NDSD7.exe

[2010/10/23 12:57:34 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2010/10/23 12:33:41 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010/10/23 12:33:41 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010/07/08 14:48:17 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

[2010/06/25 17:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll

[2009/10/03 10:56:27 | 000,004,096 | ---- | C] () -- C:\Users\Tony\AppData\Local\keyfile3.drm

[2009/08/03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/08/03 14:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe

[2009/05/29 18:21:05 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009/05/29 18:21:04 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009/05/27 17:01:35 | 000,101,384 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2009/05/27 17:01:35 | 000,101,384 | ---- | C] () -- C:\ProgramData\nvModes.001

[2009/01/02 16:25:23 | 000,022,528 | ---- | C] () -- C:\Windows\exeshl.dll

[2009/01/02 16:25:23 | 000,000,090 | ---- | C] () -- C:\Windows\netctrl.ini

[2008/11/06 15:33:45 | 000,000,125 | ---- | C] () -- C:\Windows\AndreaMosaicPortrait.INI

[2008/11/05 20:33:20 | 000,000,220 | ---- | C] () -- C:\Windows\AndreaMosaic.INI

[2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll

[2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll

[2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll

[2008/07/23 10:13:32 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2008/06/17 14:48:16 | 000,000,728 | ---- | C] () -- C:\Windows\{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}_WiseFW.ini

[2008/05/13 01:53:16 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2007/10/25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2007/06/29 14:42:36 | 000,167,504 | ---- | C] () -- C:\Windows\System32\mlfcache.dat

[2007/03/25 15:19:26 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2007/03/25 14:28:26 | 000,014,230 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate

[2007/03/22 19:23:29 | 000,000,000 | ---- | C] () -- C:\Windows\ToDisc.INI

[2007/03/14 10:29:33 | 000,001,801 | ---- | C] () -- C:\Windows\mozver.dat

[2007/03/13 20:35:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2007/02/23 19:28:51 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI

[2007/02/01 19:36:58 | 000,064,000 | ---- | C] () -- C:\Users\Tony\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2007/02/01 15:41:33 | 000,278,528 | ---- | C] () -- C:\Program Files\Common Files\FDEUnInstaller.exe

[2007/02/01 13:07:53 | 000,000,102 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\wklnhst.dat

[2007/02/01 12:37:06 | 000,012,978 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\nvModes.dat

[2007/02/01 12:37:06 | 000,012,978 | ---- | C] () -- C:\Users\Tony\AppData\Roaming\nvModes.001

[2007/02/01 11:26:56 | 000,001,356 | ---- | C] () -- C:\Users\Tony\AppData\Local\d3d9caps.dat

[2006/12/15 11:57:23 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll

[2006/12/15 11:57:23 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll

[2006/12/15 11:57:23 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll

[2006/12/15 11:57:23 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll

[2006/12/15 11:57:23 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll

[2006/12/15 11:57:23 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll

[2006/12/15 11:40:24 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI

[2006/12/15 11:22:30 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini

[2006/12/15 11:22:30 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll

[2006/12/15 11:22:30 | 000,010,150 | ---- | C] () -- C:\Windows\System32\tosmreg.ini

[2006/12/15 11:22:30 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini

[2006/12/15 11:19:10 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat

[2006/12/15 11:19:10 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat

[2006/11/02 12:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 12:47:37 | 000,416,760 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 12:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 10:33:01 | 000,614,658 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 10:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 10:33:01 | 000,111,882 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 10:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 10:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 08:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 08:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 07:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 07:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006/10/31 17:37:00 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll

[2006/08/10 15:00:52 | 000,094,208 | ---- | C] () -- C:\Windows\System32\TosBtHcrpAPI.dll

[2005/07/22 21:30:20 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll

========== LOP Check ==========

[2008/11/25 16:30:32 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Alfac

[2011/08/15 16:59:52 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Apowersoft

[2009/12/31 20:37:15 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ASAP Utilities

[2010/09/16 12:40:04 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Ashampoo

[2009/05/04 14:55:01 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Audio Record Edit Toolbox Pro

[2009/05/04 14:26:07 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Audio Recorder for Free

[2008/06/28 20:09:34 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Auslogics

[2012/01/16 19:31:40 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Babylon

[2009/03/10 13:05:42 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\DeepBurner

[2012/01/14 22:41:10 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Dropbox

[2009/07/15 12:07:24 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Foxit

[2010/03/04 18:54:00 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Foxit Software

[2008/11/08 21:15:21 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\GARMIN

[2011/08/15 15:50:04 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\GrabPro

[2010/12/07 19:05:36 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\gtk-2.0

[2007/04/30 12:33:27 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ieSpell

[2011/10/15 10:56:08 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Imagenomic

[2008/05/26 18:32:37 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ImgBurn

[2008/03/22 12:30:02 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\InterVideo

[2009/02/24 16:59:28 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\IObit

[2010/03/02 20:08:53 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\IrfanView

[2012/01/10 19:01:54 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Moonchild Productions

[2008/10/06 11:03:02 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\MSNStockQuote

[2011/05/24 11:25:49 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Opera

[2011/08/15 16:47:34 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Orbit

[2010/05/31 09:57:07 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Password Solutions

[2011/03/05 18:43:19 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\PC Suite

[2011/03/11 20:08:09 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\picpick

[2009/02/05 15:48:39 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Prish

[2011/08/15 15:50:10 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\ProgSense

[2010/01/22 18:04:59 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\RawTherapee

[2012/01/16 20:36:50 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Samsung

[2010/07/08 14:53:46 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Soluto

[2012/01/18 15:08:46 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\stickies

[2009/05/27 16:36:18 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\SystemRequirementsLab

[2007/02/01 13:08:03 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Template

[2007/05/18 17:02:55 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\toshiba

[2012/01/17 19:33:38 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Ulead Systems

[2008/02/01 19:42:40 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Vso

[2010/11/18 19:57:23 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\Webshots

[2009/09/04 11:56:29 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\WinBatch

[2008/10/29 18:59:50 | 000,000,000 | ---D | M] -- C:\Users\Tony\AppData\Roaming\XnView

[2012/01/18 10:37:12 | 000,032,554 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 104 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >

[anthonyq]

3 of 3 postings with results of scans.

Extras.Tex Scan

OTL Extras logfile created on: 18/01/2012 18:38:31 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = E:\Tony\Desktop

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

2.00 Gb Total Physical Memory | 0.91 Gb Available Physical Memory | 45.63% Memory free

4.23 Gb Paging File | 2.86 Gb Available in Paging File | 67.58% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 55.66 Gb Total Space | 4.23 Gb Free Space | 7.59% Space Free | Partition Type: NTFS

Drive E: | 54.66 Gb Total Space | 16.95 Gb Free Space | 31.01% Space Free | Partition Type: NTFS

Computer Name: TOSHLAPTOP | User Name: Tony | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found

[HKEY_USERS\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiSpyware]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 1

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02B242E1-0F5A-4766-B84C-95410E29227C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{1D497719-ED9F-45A7-93CA-B00359535382}" = lport=10243 | protocol=6 | dir=in | app=system |

"{22A6DA44-2296-4F8C-B420-ADB8F8339B25}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{28873CC7-3517-432A-B0C7-8A4BBF162602}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{3838061B-A414-4DBC-B7BA-8987B7AAF3D0}" = lport=2869 | protocol=6 | dir=in | app=system |

"{474B282C-6981-4202-B333-4D2A582E7E02}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{5AC33984-5CEC-4325-90D7-44C47D6BC8B5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{5DAD3693-2AE5-4BEC-8338-D0D57451624D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{63718C6B-4833-44D7-AF42-55B14BDE2AD2}" = lport=2869 | protocol=6 | dir=in | app=system |

"{79AA6432-9175-4FC0-8231-585F09907746}" = lport=2869 | protocol=6 | dir=in | app=system |

"{7E0BDC57-6929-4ABB-B860-7FF601569989}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{7EEC9108-758D-4D43-8944-0B3E602A78BB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{81C3723A-2CA3-48A2-BCE0-D264D7E0F496}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{8DC32B60-2159-4B18-90BA-720421225D09}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{8EBA8386-3965-4258-94D9-060339539546}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{920A3A6D-6727-460C-B5E1-62B703028CE0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{9894A214-A5C4-495C-A738-356B14ABD31D}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{A953FCB7-C937-4DC4-B809-A1B868F5C825}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{B82E172A-4B23-4171-BC61-C8B4DA0EED56}" = lport=2869 | protocol=6 | dir=in | app=system |

"{CAA91289-D34A-45DD-B521-BAD060EC7EED}" = rport=10243 | protocol=6 | dir=out | app=system |

"{E2C5F753-82DE-4A71-BA5E-50F99B22EB7F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F29FCE75-52F5-4BDB-882B-CC4DD04A633A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{00FA05F3-94F3-4EB2-A8C9-3BB04E9775A2}" = protocol=17 | dir=in | app=c:\program files\o2\bin\wificfg.exe |

"{0A13C39F-AE20-4D15-9C22-DF489D6E9729}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{0B0C161C-7909-45F9-B566-302902788199}" = dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{0EBF63C0-0052-4044-BCD5-C11CD910788B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{13B73393-BF68-4DDE-BFFD-18E37B8A4AB6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{1D8E1A26-B5CC-4A8B-82DA-9E76E77143D2}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{1E49A516-E29A-4917-8B9C-B164F59C4CDD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{2712C155-1C2E-474D-AA5C-5933981630AB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{276570D8-7D73-4C51-A4CA-E2BCE1B491D4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{297E1764-50E0-4DA8-9F7F-8E01161904CD}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{2A7CB954-D876-4E7D-A174-63C7B26185D3}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{3F0AD14A-D50B-4BFE-B4CC-9F7F38A1A8FA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{4EF48426-469A-457F-96CE-F5367C79E0CC}" = protocol=6 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsvsvr.exe |

"{58F4EB47-3AC4-449D-8B74-00FB379171DA}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |

"{5FC4F128-A435-4792-98E1-4C867E26B56E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{5FDAE6BF-682F-4B6F-AA96-64F95CA48220}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{6304CBA4-9AA8-497D-9232-04269313E302}" = protocol=17 | dir=in | app=c:\program files\o2\agent\bin\bcont.exe |

"{667139F4-1876-4528-967A-C11308CAB69B}" = protocol=17 | dir=in | app=c:\program files\samsung\samsung new pc studio\npsasvr.exe |

"{761E6B3A-2232-4644-8282-365CFA1FC227}" = protocol=6 | dir=in | app=c:\program files\o2\agent\bin\bcont_nm.exe |

"{77CCF2CC-B0F0-443D-A864-06EF634D6CE1}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{794B07C2-F8A2-4E5D-927B-1CDD2335A05F}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe |

"{795CC4C9-4D3A-4FEA-B366-1470354F49F9}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |

"{8062E58E-896C-4C93-8004-4702871350B1}" = protocol=6 | dir=in | app=c:\program files\o2\agent\bin\bcont.exe |

"{83C709E2-42CD-4CDA-8D50-973C2BC0BF6B}" = protocol=17 | dir=in | app=c:\program files\common files\supportsoft\bin\ssrc.exe |

"{8A660352-1B52-42C5-B098-A8E9E2133A81}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{92B64A61-9C1D-4CF4-A7A3-59CBFE172C7F}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{99D2CE0A-DCD4-4B4F-B110-991D8CFD321A}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{9FF04AF6-99DE-4B9F-A594-0AB10FD35FC3}" = protocol=6 | dir=out | app=system |

"{ADFC2D84-54DE-4C71-8AD5-0862D930F0DF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{B0CC5B83-0203-488A-8E8C-2EA4DB4E06FB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{B0FE688F-214F-473A-BD72-EA6AF75D9433}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe |

"{BD12F343-4345-4424-96FE-1DA51EF32B67}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{C3740A59-CCBD-4475-8181-0ABF6503BC13}" = protocol=6 | dir=in | app=c:\windows\system32\rundll32.exe |

"{DC4BFCE0-F0A8-471F-AE4F-25BD59C98836}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{E0120A07-C0AB-47EB-8034-E804C3EE6D2C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{E02C558F-7A37-45D1-8614-0D52FD990F70}" = protocol=6 | dir=in | app=c:\program files\veetle\player\veetlenet.exe |

"{E0689AE3-911B-4B58-AB9F-3565237DD977}" = protocol=17 | dir=in | app=c:\program files\o2\agent\bin\bcont_nm.exe |

"{E6501D52-C907-41DA-BBAF-51DCD2B3F836}" = protocol=6 | dir=in | app=c:\program files\common files\supportsoft\bin\ssrc.exe |

"{F136CD88-B850-4226-B8D2-F0DB843ED25E}" = protocol=17 | dir=in | app=c:\windows\system32\rundll32.exe |

"{F984ECAC-A5C7-4E68-AB7C-0CAD369FBC98}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{FD0D248B-B65A-4C92-AFE6-A0C083A90F20}" = protocol=6 | dir=in | app=c:\program files\o2\bin\wificfg.exe |

"TCP Query User{2763BAD4-76DC-4979-93FC-C178AEBBC1D7}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"TCP Query User{D90F8E15-141C-4619-974B-56521E160445}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{143228CD-0B6B-4A48-86B9-728220BE37E6}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

"UDP Query User{48E45402-7026-4B94-AB6A-04EEC4762414}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0020FEE2-7CDB-4250-B04B-81D68D3CA18B}" =

"{059AE187-404C-47C5-B846-097DAF59DC44}" = Adobe Stock Photos 1.0

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F4F4815-76AD-4B26-8763-72F3344041C2}" = TOSHIBA Manuals

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP3300" = Canon iP3300

"{1240A058-8BCE-4A3B-BF82-6E5B801D71BA}" = Garmin City Navigator Europe NT 2009 Update

"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA

"{2290A680-4083-410A-ADCC-7092C67FC052}" = Toshiba Online Product Information

"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2

"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java 6 Update 25

"{27237DBF-81A7-4569-908C-48427460B7BA}" = The Panorama Factory V5 m32 Edition

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1" = Inpaint 3.0

"{2BA8A909-F17C-4AE5-85C1-9107B7A60D26}" = Toshiba TEMPRO

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{366FFC89-C800-4366-B903-B9C4314109A5}" = Garmin WebUpdater

"{3A3923F8-AA05-4281-9F6F-DC6F85D0092D}" = Garmin POI Loader

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3D3D1E03-D506-4163-B600-82EE27FC5A89}" = Microsoft Camera Codec Pack

"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor

"{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}" = O2 Broadband Assistant

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5508128A-2C7B-46B5-81F9-58E8E8115F0B}" = AdblockIE

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{70FF1E06-E533-4552-B384-DA4EE4AC1615}" = Photo Print Calendar from YOKOHAMA Ver.3.00E beta

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{74892A2F-57B2-48E4-81C3-1E21E12A470B}" = TOSHIBA Supervisor Password

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8AAB4176-A747-493A-A42C-B63CFADFD8E3}" = NVIDIA PhysX

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ULTIMATER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ULTIMATER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ULTIMATER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ULTIMATER_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ULTIMATER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{91120000-002E-0000-0000-0000000FF1CE}" = Microsoft Office Ultimate 2007

"{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{92CA58DD-4475-461C-828B-4A832B1EC080}" = Noiseware Community Edition

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007F-0409-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync

"{B1102A25-3AA3-446B-AA0F-A699B07A02FD}" = Garmin USB Drivers

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B57A7B53-0662-4AC0-9352-2AE2D8212A9F}" = Garmin Communicator Plugin

"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser

"{B74D4E10-6884-0000-0000-000000000103}" = Adobe Bridge 1.0

"{B77A308F-85F5-4D68-8CB5-313332CB2779}" = TOSHIBA Hardware Setup

"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49

"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree

"{C43E4B9C-14C8-4EB0-998B-85211B6EDD61}" = Seagate DiscWizard

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{CA8AC9B9-AEEA-4078-9B34-5E7A160E6861}" = Free Grids for Word 2007

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1" = FotoSketcher 2.20

"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0

"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{F1B1BB41-2494-4FC2-BEF7-9C282B6815A8}" = Image Resizer Powertoy Clone for Windows

"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA

"{F2F8B712-8770-4058-8EDF-FBA80A6C952F}" = Instant JPEG From RAW

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)

"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01

"{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = TIPCI

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU

"45A7283175C62FAC673F913C1F532C5361F97841" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (03/08/2007 2.2.1.0)

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"ASAP Utilities_is1" = ASAP Utilities

"aTube Catcher" = aTube Catcher

"Audacity_is1" = Audacity 1.2.6

"BabylonToolbar" = Babylon toolbar on IE

"Canon RAW Codec" = Canon RAW Codec

"CCleaner" = CCleaner

"Digital Image Recovery_is1" = Digital Image Recovery 1.47

"DivX Setup.divx.com" = DivX Setup

"DVD Flick_is1" = DVD Flick 1.3.0.7

"ESET Online Scanner" = ESET Online Scanner v3

"ExtractNow_is1" = ExtractNow

"Foxit Reader" = Foxit Reader

"Freemake Audio Converter_is1" = Freemake Audio Converter version 1.1.0

"ieSpell" = ieSpell

"ImgBurn" = ImgBurn

"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for TOSHIBA

"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"InstallShield_{F7B05784-334C-4F76-8BAB-30ABEB7FD534}" = Texas Instruments PCIxx21/x515/xx12 drivers.

"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package

"IrfanView" = IrfanView (remove only)

"LAME for Audacity_is1" = LAME v3.98.3 for Audacity

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.0.1800

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"MozBackup" = MozBackup 1.4.9

"Mozilla Firefox 9.0.1 (x86 en-US)" = Mozilla Firefox 9.0.1 (x86 en-US)

"MSC" = McAfee Internet Security

"MyDefrag v4.3.1_is1" = MyDefrag v4.3.1

"Neat Image_is1" = Neat Image v5 Demo (with plug-in)

"NVIDIA Drivers" = NVIDIA Drivers

"Picasa 3" = Picasa 3

"QuicktimeAlt_is1" = QuickTime Alternative 1.81

"RealAlt_is1" = Real Alternative 1.52

"Recuva" = Recuva

"SpywareBlaster_is1" = SpywareBlaster 4.5

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"SystemRequirementsLab" = System Requirements Lab

"ULTIMATER" = Microsoft Office Ultimate 2007

"Veetle TV" = Veetle TV

"VLC media player" = VLC media player 1.1.11

"vShare" = vShare Plugin

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

"WinPcapInst" = WinPcap 4.1.2

"Xvid Video Codec 1.3.2" = Xvid Video Codec

"ZhornStickies" = Stickies 7.1b

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-945816239-1367927972-834362508-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Dropbox" = Dropbox

"Google Chrome" = Google Chrome

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 17/01/2012 15:39:59 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 17/01/2012 15:39:59 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 17/01/2012 15:56:29 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 17/01/2012 15:56:29 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 17/01/2012 16:03:57 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 17/01/2012 16:03:57 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 18/01/2012 13:59:55 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 18/01/2012 14:11:51 | Computer Name = ToshLaptop | Source = Windows Search Service | ID = 3013

Description =

Error - 18/01/2012 14:34:52 | Computer Name = ToshLaptop | Source = Application Error | ID = 1000

Description = Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp

0x49e01da5, faulting module DropboxExt.14.dll, version 1.0.0.14, time stamp 0x4bfd6926,

exception code 0xc0000005, fault offset 0x0000446c, process id 0x914, application

start time 0x01ccd5f307cdf00d.

Error - 18/01/2012 14:46:12 | Computer Name = ToshLaptop | Source = Application Error | ID = 1000

Description = Faulting application Explorer.exe, version 6.0.6002.18005, time stamp

0x49e01da5, faulting module DropboxExt.14.dll, version 1.0.0.14, time stamp 0x4bfd6926,

exception code 0xc0000005, fault offset 0x0000446c, process id 0x14d8, application

start time 0x01ccd60fe3836aad.

[ Media Center Events ]

Error - 03/04/2008 10:56:17 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 16/04/2008 16:20:53 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 18/04/2008 06:03:59 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 23/05/2008 15:26:00 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 25/05/2008 05:33:59 | Computer Name = Tony-PC | Source = MCUpdate | ID = 0

Description = DownloadPackgeTask.SubTasksComplete: failed downloading package MCESpotlight.

Error - 13/06/2008 05:59:16 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerAccumulate failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 13/06/2008 05:59:20 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 06/07/2008 10:25:18 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 17/07/2008 13:14:36 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

Error - 05/09/2008 15:57:45 | Computer Name = Tony-PC | Source = Media Center Guide | ID = 0

Description = Event Info: ERROR: SqmApiWrapper.TimerRecord failed; Win32 GetLastError

returned 10000105 Process: DefaultDomain Object Name: Media Center Guide

[ OSession Events ]

Error - 18/10/2008 15:29:03 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1255

seconds with 900 seconds of active time. This session ended with a crash.

Error - 27/03/2009 08:02:12 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 754

seconds with 0 seconds of active time. This session ended with a crash.

Error - 16/04/2009 10:06:10 | Computer Name = Tony-PC | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6331.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 1867

seconds with 660 seconds of active time. This session ended with a crash.

Error - 13/01/2011 14:20:58 | Computer Name = ToshLaptop | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 319

seconds with 120 seconds of active time. This session ended with a crash.

Error - 02/07/2011 16:36:47 | Computer Name = ToshLaptop | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 135

seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 18/01/2012 06:16:29 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume .

Error - 18/01/2012 11:08:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume .

Error - 18/01/2012 11:08:26 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume .

Error - 18/01/2012 11:08:26 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume .

Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7001

Description =

Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7000

Description =

Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7001

Description =

Error - 18/01/2012 11:09:05 | Computer Name = ToshLaptop | Source = Service Control Manager | ID = 7026

Description =

Error - 18/01/2012 11:09:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume .

Error - 18/01/2012 11:29:16 | Computer Name = ToshLaptop | Source = Ntfs | ID = 262199

Description = The file system structure on the disk is corrupt and unusable. Please

run the chkdsk utility on the volume .

< End of report >

[MrCharlie]

While I look over the log........

Please download Listparts

Put a check by the List BCD

Run the tool, click Scan and post the log (Result.txt) it makes

MrC

[anthonyq]

ListParts Scan Results

ListParts by Farbar

Ran by Tony on 18-01-2012 at 20:15:43

Windows Vista (X86)

Running From: E:\Tony\Desktop

************************************************************

========================= Memory info ======================

Percentage of memory in use: 59%

Total physical RAM: 2045.31 MB

Available physical RAM: 836.63 MB

Total Pagefile: 4331.91 MB

Available Pagefile: 2805.41 MB

Total Virtual: 2047.88 MB

Available Virtual: 1967.06 MB

======================= Partitions =========================

1 Drive c: (Vista) (Fixed) (Total:55.66 GB) (Free:4.2 GB) NTFS ==>[system with boot components (obtained from reading drive)]

2 Drive e: (Data) (Fixed) (Total:54.66 GB) (Free:16.95 GB) NTFS

Disk ### Status Size Free Dyn Gpt

-------- ---------- ------- ------- --- ---

Disk 0 Online 112 GB 0 B

Partitions of Disk 0:

===============

Partition ### Type Size Offset

------------- ---------------- ------- -------

Partition 1 OEM 1500 MB 1024 KB

Partition 2 Primary 56 GB 1501 MB

Partition 3 Primary 55 GB 57 GB

Partition 4 Primary 1488 KB 112 GB

Disk: 0

Partition 1

Type : 27

Hidden: Yes

Active: No

There is no volume associated with this partition.

Disk: 0

Partition 2

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 1 C Vista NTFS Partition 56 GB Healthy System (partition with boot components)

Disk: 0

Partition 3

Type : 07

Hidden: No

Active: No

Volume ### Ltr Label Fs Type Size Status Info

---------- --- ----------- ----- ---------- ------- --------- --------

* Volume 2 E Data NTFS Partition 55 GB Healthy

Disk: 0

Partition 4

Type : 17 (Suspicious Type)

Hidden: Yes

Active: Yes

There is no volume associated with this partition.

The boot configuration data store could not be opened.

The system cannot find the file specified.

****** End Of Log ******

[MrCharlie]

Please download and run TDSSKiller as outlined in the post below:

http://forums.malwar...ndpost&p=499595

If a suspicious object is detected, the default action will be Skip, click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Post back the log, MrC

[anthonyq]

Hi,

I think it found 6 items,5 said Skip 1 said Cure. Not sure if I should have done anything at this stage,so I clicked on continue,hope that is what you wanted.

Regards

11:27:48.0090 5596 TDSS rootkit removing tool 2.7.5.0 Jan 18 2012 09:26:24

11:27:50.0095 5596 ============================================================

11:27:50.0095 5596 Current date / time: 2012/01/19 11:27:50.0095

11:27:50.0095 5596 SystemInfo:

11:27:50.0095 5596

11:27:50.0095 5596 OS Version: 6.0.6002 ServicePack: 2.0

11:27:50.0095 5596 Product type: Workstation

11:27:50.0095 5596 ComputerName: TOSHLAPTOP

11:27:50.0096 5596 UserName: Tony

11:27:50.0096 5596 Windows directory: C:\Windows

11:27:50.0096 5596 System windows directory: C:\Windows

11:27:50.0096 5596 Processor architecture: Intel x86

11:27:50.0096 5596 Number of processors: 2

11:27:50.0096 5596 Page size: 0x1000

11:27:50.0096 5596 Boot type: Normal boot

11:27:50.0096 5596 ============================================================

11:27:52.0306 5596 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

11:27:52.0355 5596 Initialize success

11:29:36.0484 5924 ============================================================

11:29:36.0484 5924 Scan started

11:29:36.0485 5924 Mode: Manual; SigCheck; TDLFS;

11:29:36.0485 5924 ============================================================

11:29:38.0286 5924 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

11:29:38.0537 5924 ACPI - ok

11:29:38.0707 5924 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

11:29:38.0780 5924 adp94xx - ok

11:29:38.0849 5924 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

11:29:38.0877 5924 adpahci - ok

11:29:38.0993 5924 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

11:29:39.0019 5924 adpu160m - ok

11:29:39.0088 5924 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

11:29:39.0115 5924 adpu320 - ok

11:29:39.0178 5924 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

11:29:39.0444 5924 AFD - ok

11:29:39.0680 5924 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys

11:29:39.0837 5924 AgereSoftModem - ok

11:29:39.0994 5924 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

11:29:40.0020 5924 agp440 - ok

11:29:40.0086 5924 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

11:29:40.0120 5924 aic78xx - ok

11:29:40.0149 5924 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

11:29:40.0180 5924 aliide - ok

11:29:40.0210 5924 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

11:29:40.0243 5924 amdagp - ok

11:29:40.0277 5924 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

11:29:40.0309 5924 amdide - ok

11:29:40.0463 5924 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

11:29:40.0817 5924 AmdK7 - ok

11:29:40.0974 5924 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

11:29:41.0059 5924 AmdK8 - ok

11:29:41.0107 5924 Apowersoft_AudioDevice (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys

11:29:41.0148 5924 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - warning

11:29:41.0148 5924 Apowersoft_AudioDevice - detected UnsignedFile.Multi.Generic (1)

11:29:41.0312 5924 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

11:29:41.0338 5924 arc - ok

11:29:41.0368 5924 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

11:29:41.0393 5924 arcsas - ok

11:29:41.0451 5924 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

11:29:41.0665 5924 AsyncMac - ok

11:29:41.0810 5924 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

11:29:41.0830 5924 atapi - ok

11:29:41.0883 5924 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

11:29:41.0945 5924 Beep - ok

11:29:41.0964 5924 blbdrive - ok

11:29:42.0026 5924 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

11:29:42.0134 5924 bowser - ok

11:29:42.0183 5924 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

11:29:42.0343 5924 BrFiltLo - ok

11:29:42.0523 5924 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

11:29:42.0587 5924 BrFiltUp - ok

11:29:42.0628 5924 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

11:29:42.0720 5924 Brserid - ok

11:29:42.0754 5924 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

11:29:42.0848 5924 BrSerWdm - ok

11:29:42.0903 5924 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

11:29:42.0985 5924 BrUsbMdm - ok

11:29:43.0094 5924 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

11:29:43.0185 5924 BrUsbSer - ok

11:29:43.0242 5924 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

11:29:43.0338 5924 BTHMODEM - ok

11:29:43.0346 5924 catchme - ok

11:29:43.0394 5924 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

11:29:43.0460 5924 cdfs - ok

11:29:43.0563 5924 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

11:29:43.0622 5924 cdrom - ok

11:29:43.0718 5924 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys

11:29:44.0361 5924 cfwids - ok

11:29:44.0522 5924 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

11:29:44.0607 5924 circlass - ok

11:29:44.0651 5924 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

11:29:44.0686 5924 CLFS - ok

11:29:44.0749 5924 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

11:29:44.0833 5924 CmBatt - ok

11:29:44.0984 5924 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

11:29:45.0016 5924 cmdide - ok

11:29:45.0063 5924 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

11:29:45.0084 5924 Compbatt - ok

11:29:45.0103 5924 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

11:29:45.0125 5924 crcdisk - ok

11:29:45.0154 5924 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

11:29:45.0235 5924 Crusoe - ok

11:29:45.0419 5924 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

11:29:45.0544 5924 DfsC - ok

11:29:45.0585 5924 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

11:29:45.0613 5924 disk - ok

11:29:45.0781 5924 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

11:29:45.0859 5924 drmkaud - ok

11:29:45.0926 5924 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

11:29:46.0011 5924 DXGKrnl - ok

11:29:46.0194 5924 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys

11:29:46.0249 5924 E100B - ok

11:29:46.0292 5924 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

11:29:46.0398 5924 E1G60 - ok

11:29:46.0565 5924 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

11:29:46.0616 5924 Ecache - ok

11:29:46.0706 5924 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

11:29:46.0735 5924 elxstor - ok

11:29:46.0858 5924 EraserUtilRebootDrv - ok

11:29:47.0040 5924 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

11:29:47.0179 5924 exfat - ok

11:29:47.0225 5924 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

11:29:47.0290 5924 fastfat - ok

11:29:47.0470 5924 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

11:29:47.0547 5924 fdc - ok

11:29:47.0621 5924 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

11:29:47.0641 5924 FileInfo - ok

11:29:47.0795 5924 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

11:29:47.0856 5924 Filetrace - ok

11:29:47.0892 5924 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

11:29:47.0990 5924 flpydisk - ok

11:29:48.0039 5924 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

11:29:48.0068 5924 FltMgr - ok

11:29:48.0228 5924 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS

11:29:48.0254 5924 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning

11:29:48.0254 5924 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)

11:29:48.0341 5924 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

11:29:48.0377 5924 Fs_Rec - ok

11:29:48.0420 5924 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys

11:29:48.0508 5924 FwLnk - ok

11:29:48.0667 5924 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

11:29:48.0692 5924 gagp30kx - ok

11:29:48.0745 5924 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys

11:29:48.0830 5924 grmnusb - ok

11:29:48.0864 5924 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

11:29:48.0967 5924 HdAudAddService - ok

11:29:49.0139 5924 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

11:29:49.0196 5924 HDAudBus - ok

11:29:49.0365 5924 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

11:29:49.0458 5924 HidBth - ok

11:29:49.0483 5924 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

11:29:49.0572 5924 HidIr - ok

11:29:49.0668 5924 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

11:29:49.0705 5924 HidUsb - ok

11:29:49.0821 5924 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

11:29:49.0842 5924 HpCISSs - ok

11:29:49.0961 5924 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

11:29:50.0092 5924 HTTP - ok

11:29:50.0208 5924 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

11:29:50.0233 5924 i2omp - ok

11:29:50.0361 5924 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

11:29:50.0435 5924 i8042prt - ok

11:29:50.0475 5924 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

11:29:50.0517 5924 iaStorV - ok

11:29:50.0645 5924 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

11:29:50.0679 5924 iirsp - ok

11:29:50.0837 5924 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys

11:29:51.0243 5924 IntcAzAudAddService - ok

11:29:51.0421 5924 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

11:29:51.0448 5924 intelide - ok

11:29:51.0526 5924 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

11:29:51.0590 5924 intelppm - ok

11:29:51.0645 5924 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:29:51.0715 5924 IpFilterDriver - ok

11:29:51.0863 5924 IpInIp - ok

11:29:51.0908 5924 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

11:29:52.0005 5924 IPMIDRV - ok

11:29:52.0061 5924 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

11:29:52.0124 5924 IPNAT - ok

11:29:52.0275 5924 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

11:29:52.0383 5924 IRENUM - ok

11:29:52.0439 5924 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

11:29:52.0459 5924 isapnp - ok

11:29:52.0504 5924 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

11:29:52.0528 5924 iScsiPrt - ok

11:29:52.0702 5924 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

11:29:52.0727 5924 iteatapi - ok

11:29:52.0751 5924 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

11:29:52.0778 5924 iteraid - ok

11:29:52.0842 5924 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

11:29:52.0865 5924 kbdclass - ok

11:29:52.0897 5924 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys

11:29:52.0959 5924 kbdhid - ok

11:29:53.0004 5924 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys

11:29:53.0085 5924 KMWDFILTER - ok

11:29:53.0240 5924 KR10I (1e0d65f7ffeb4e99b2eec1ccb5754cc8) C:\Windows\system32\drivers\kr10i.sys

11:29:53.0317 5924 KR10I - ok

11:29:53.0381 5924 KR10N (0f9e83709cbb60b1549f3a65d0ab6e4f) C:\Windows\system32\drivers\kr10n.sys

11:29:53.0458 5924 KR10N - ok

11:29:53.0624 5924 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

11:29:53.0662 5924 KSecDD - ok

11:29:53.0860 5924 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

11:29:53.0915 5924 lltdio - ok

11:29:54.0239 5924 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

11:29:54.0260 5924 LSI_FC - ok

11:29:54.0290 5924 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

11:29:54.0323 5924 LSI_SAS - ok

11:29:54.0498 5924 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

11:29:54.0524 5924 LSI_SCSI - ok

11:29:54.0577 5924 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

11:29:54.0659 5924 luafv - ok

11:29:54.0870 5924 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

11:29:54.0902 5924 megasas - ok

11:29:54.0963 5924 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys

11:29:54.0984 5924 mfeapfk - ok

11:29:55.0049 5924 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys

11:29:55.0073 5924 mfeavfk - ok

11:29:55.0230 5924 mfeavfk01 - ok

11:29:55.0538 5924 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys

11:29:55.0568 5924 mfebopk - ok

11:29:55.0637 5924 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys

11:29:55.0714 5924 mfefirek - ok

11:29:55.0899 5924 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys

11:29:55.0955 5924 mfehidk - ok

11:29:56.0071 5924 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys

11:29:56.0091 5924 mfenlfk - ok

11:29:56.0242 5924 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys

11:29:56.0265 5924 mferkdet - ok

11:29:56.0414 5924 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys

11:29:56.0439 5924 mferkdk - ok

11:29:56.0495 5924 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys

11:29:56.0519 5924 mfesmfk - ok

11:29:56.0577 5924 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys

11:29:56.0604 5924 mfewfpk - ok

11:29:56.0766 5924 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

11:29:56.0844 5924 Modem - ok

11:29:56.0933 5924 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

11:29:56.0990 5924 monitor - ok

11:29:57.0037 5924 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

11:29:57.0056 5924 mouclass - ok

11:29:57.0175 5924 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys

11:29:57.0204 5924 moufiltr ( UnsignedFile.Multi.Generic ) - warning

11:29:57.0204 5924 moufiltr - detected UnsignedFile.Multi.Generic (1)

11:29:57.0282 5924 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

11:29:57.0408 5924 mouhid - ok

11:29:57.0464 5924 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

11:29:57.0489 5924 MountMgr - ok

11:29:57.0600 5924 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

11:29:57.0634 5924 mpio - ok

11:29:57.0729 5924 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

11:29:57.0787 5924 mpsdrv - ok

11:29:57.0835 5924 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

11:29:57.0856 5924 Mraid35x - ok

11:29:57.0983 5924 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

11:29:58.0084 5924 MRxDAV - ok

11:29:58.0179 5924 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:29:58.0262 5924 mrxsmb - ok

11:29:58.0381 5924 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:29:58.0439 5924 mrxsmb10 - ok

11:29:58.0511 5924 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:29:58.0563 5924 mrxsmb20 - ok

11:29:58.0613 5924 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

11:29:58.0633 5924 msahci - ok

11:29:58.0736 5924 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

11:29:58.0756 5924 msdsm - ok

11:29:58.0866 5924 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

11:29:58.0930 5924 Msfs - ok

11:29:58.0972 5924 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

11:29:58.0997 5924 msisadrv - ok

11:29:59.0133 5924 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

11:29:59.0183 5924 MSKSSRV - ok

11:29:59.0235 5924 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

11:29:59.0310 5924 MSPCLOCK - ok

11:29:59.0345 5924 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

11:29:59.0386 5924 MSPQM - ok

11:29:59.0444 5924 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

11:29:59.0470 5924 MsRPC - ok

11:29:59.0591 5924 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

11:29:59.0611 5924 mssmbios - ok

11:29:59.0690 5924 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

11:29:59.0749 5924 MSTEE - ok

11:29:59.0788 5924 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

11:29:59.0816 5924 Mup - ok

11:29:59.0937 5924 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

11:29:59.0985 5924 NativeWifiP - ok

11:30:00.0096 5924 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

11:30:00.0193 5924 NDIS - ok

11:30:00.0329 5924 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

11:30:00.0403 5924 NdisTapi - ok

11:30:00.0479 5924 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

11:30:00.0525 5924 Ndisuio - ok

11:30:00.0591 5924 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

11:30:00.0626 5924 NdisWan - ok

11:30:00.0734 5924 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

11:30:00.0796 5924 NDProxy - ok

11:30:00.0860 5924 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

11:30:00.0919 5924 NetBIOS - ok

11:30:00.0967 5924 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

11:30:01.0024 5924 netbt - ok

11:30:01.0228 5924 NETw3v32 (acc6170d80c69e50145b370023b64ed3) C:\Windows\system32\DRIVERS\NETw3v32.sys

11:30:01.0567 5924 NETw3v32 - ok

11:30:01.0830 5924 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys

11:30:02.0308 5924 NETw4v32 - ok

11:30:02.0664 5924 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys

11:30:03.0309 5924 NETw5v32 - ok

11:30:03.0489 5924 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

11:30:03.0522 5924 nfrd960 - ok

11:30:03.0595 5924 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys

11:30:03.0628 5924 NPF - ok

11:30:03.0688 5924 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

11:30:03.0738 5924 Npfs - ok

11:30:03.0896 5924 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

11:30:03.0961 5924 nsiproxy - ok

11:30:04.0046 5924 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

11:30:04.0102 5924 Ntfs - ok

11:30:04.0251 5924 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

11:30:04.0354 5924 ntrigdigi - ok

11:30:04.0404 5924 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

11:30:04.0467 5924 Null - ok

11:30:04.0770 5924 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

11:30:05.0316 5924 nvlddmkm - ok

11:30:05.0486 5924 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

11:30:05.0512 5924 nvraid - ok

11:30:05.0570 5924 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

11:30:05.0604 5924 nvstor - ok

11:30:05.0639 5924 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

11:30:05.0668 5924 nv_agp - ok

11:30:05.0682 5924 NwlnkFlt - ok

11:30:05.0698 5924 NwlnkFwd - ok

11:30:05.0760 5924 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

11:30:05.0814 5924 ohci1394 - ok

11:30:05.0998 5924 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

11:30:06.0062 5924 Parport - ok

11:30:06.0118 5924 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

11:30:06.0145 5924 partmgr - ok

11:30:06.0171 5924 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

11:30:06.0234 5924 Parvdm - ok

11:30:06.0251 5924 pccsmcfd - ok

11:30:06.0341 5924 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

11:30:06.0387 5924 pci - ok

11:30:06.0512 5924 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

11:30:06.0532 5924 pciide - ok

11:30:06.0625 5924 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

11:30:06.0659 5924 pcmcia - ok

11:30:06.0738 5924 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

11:30:07.0017 5924 PEAUTH - ok

11:30:07.0228 5924 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

11:30:07.0298 5924 PptpMiniport - ok

11:30:07.0351 5924 PRISM_A02 (ba3ffbd0abdf45c9160e66cb27f8f8ab) C:\Windows\system32\DRIVERS\PRISMA02.sys

11:30:07.0470 5924 PRISM_A02 - ok

11:30:07.0638 5924 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

11:30:07.0735 5924 Processor - ok

11:30:07.0791 5924 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

11:30:07.0833 5924 PSched - ok

11:30:07.0912 5924 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

11:30:07.0968 5924 ql2300 - ok

11:30:08.0127 5924 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

11:30:08.0152 5924 ql40xx - ok

11:30:08.0216 5924 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

11:30:08.0301 5924 QWAVEdrv - ok

11:30:08.0387 5924 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

11:30:08.0450 5924 RasAcd - ok

11:30:08.0608 5924 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

11:30:08.0650 5924 Rasl2tp - ok

11:30:08.0714 5924 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

11:30:08.0770 5924 RasPppoe - ok

11:30:08.0800 5924 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

11:30:08.0843 5924 RasSstp - ok

11:30:09.0000 5924 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

11:30:09.0064 5924 rdbss - ok

11:30:09.0131 5924 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

11:30:09.0215 5924 RDPCDD - ok

11:30:09.0428 5924 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

11:30:09.0511 5924 rdpdr - ok

11:30:09.0559 5924 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

11:30:09.0598 5924 RDPENCDD - ok

11:30:09.0651 5924 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

11:30:09.0704 5924 RDPWD - ok

11:30:09.0895 5924 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

11:30:09.0945 5924 rspndr - ok

11:30:10.0060 5924 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

11:30:10.0086 5924 SASDIFSV - ok

11:30:10.0104 5924 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

11:30:10.0129 5924 SASKUTIL - ok

11:30:10.0285 5924 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

11:30:10.0312 5924 sbp2port - ok

11:30:10.0378 5924 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

11:30:10.0434 5924 sdbus - ok

11:30:10.0471 5924 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

11:30:10.0562 5924 secdrv - ok

11:30:10.0748 5924 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

11:30:10.0823 5924 Serenum - ok

11:30:10.0861 5924 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

11:30:10.0946 5924 Serial - ok

11:30:10.0988 5924 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

11:30:11.0050 5924 sermouse - ok

11:30:11.0237 5924 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

11:30:11.0299 5924 sffdisk - ok

11:30:11.0352 5924 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

11:30:11.0412 5924 sffp_mmc - ok

11:30:11.0464 5924 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys

11:30:11.0496 5924 sffp_sd - ok

11:30:11.0653 5924 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

11:30:11.0743 5924 sfloppy - ok

11:30:11.0808 5924 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

11:30:11.0834 5924 sisagp - ok

11:30:12.0004 5924 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

11:30:12.0030 5924 SiSRaid2 - ok

11:30:12.0174 5924 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

11:30:12.0196 5924 SiSRaid4 - ok

11:30:12.0328 5924 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

11:30:12.0385 5924 Smb - ok

11:30:12.0551 5924 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys

11:30:12.0580 5924 snapman - ok

11:30:12.0632 5924 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

11:30:12.0652 5924 spldr - ok

11:30:12.0718 5924 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

11:30:12.0801 5924 srv - ok

11:30:12.0965 5924 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

11:30:13.0037 5924 srv2 - ok

11:30:13.0061 5924 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

11:30:13.0103 5924 srvnet - ok

11:30:13.0199 5924 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

11:30:13.0231 5924 swenum - ok

11:30:13.0391 5924 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

11:30:13.0424 5924 Symc8xx - ok

11:30:13.0454 5924 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

11:30:13.0486 5924 Sym_hi - ok

11:30:13.0517 5924 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

11:30:13.0550 5924 Sym_u3 - ok

11:30:13.0614 5924 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys

11:30:13.0653 5924 SynTP - ok

11:30:13.0851 5924 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

11:30:14.0067 5924 Tcpip - ok

11:30:14.0265 5924 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

11:30:14.0401 5924 Tcpip6 - ok

11:30:14.0581 5924 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

11:30:14.0763 5924 tcpipreg - ok

11:30:14.0926 5924 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys

11:30:15.0021 5924 tdcmdpst - ok

11:30:15.0080 5924 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

11:30:15.0143 5924 TDPIPE - ok

11:30:15.0202 5924 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys

11:30:15.0233 5924 tdrpman - ok

11:30:15.0392 5924 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

11:30:15.0452 5924 TDTCP - ok

11:30:15.0504 5924 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

11:30:15.0538 5924 tdx - ok

11:30:15.0586 5924 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

11:30:15.0615 5924 TermDD - ok

11:30:15.0797 5924 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys

11:30:15.0902 5924 tifm21 - ok

11:30:15.0956 5924 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys

11:30:15.0980 5924 tifsfilter - ok

11:30:16.0027 5924 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys

11:30:16.0066 5924 timounter - ok

11:30:16.0227 5924 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\drivers\Tosrfcom.sys

11:30:16.0274 5924 Tosrfcom - ok

11:30:16.0307 5924 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys

11:30:16.0391 5924 tosrfec - ok

11:30:16.0569 5924 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

11:30:16.0582 5924 TrueSight ( UnsignedFile.Multi.Generic ) - warning

11:30:16.0583 5924 TrueSight - detected UnsignedFile.Multi.Generic (1)

11:30:16.0641 5924 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

11:30:16.0687 5924 tssecsrv - ok

11:30:16.0735 5924 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

11:30:16.0815 5924 tunmp - ok

11:30:16.0975 5924 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

11:30:17.0006 5924 tunnel - ok

11:30:17.0069 5924 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS

11:30:17.0093 5924 TVALZ - ok

11:30:17.0152 5924 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

11:30:17.0173 5924 uagp35 - ok

11:30:17.0224 5924 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

11:30:17.0281 5924 udfs - ok

11:30:17.0454 5924 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

11:30:17.0475 5924 uliagpkx - ok

11:30:17.0500 5924 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

11:30:17.0526 5924 uliahci - ok

11:30:17.0552 5924 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

11:30:17.0574 5924 UlSata - ok

11:30:17.0738 5924 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

11:30:17.0762 5924 ulsata2 - ok

11:30:17.0814 5924 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

11:30:17.0875 5924 umbus - ok

11:30:17.0918 5924 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys

11:30:18.0004 5924 usbccgp - ok

11:30:18.0161 5924 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

11:30:18.0238 5924 usbcir - ok

11:30:18.0293 5924 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

11:30:18.0343 5924 usbehci - ok

11:30:18.0377 5924 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

11:30:18.0414 5924 usbhub - ok

11:30:18.0569 5924 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

11:30:18.0663 5924 usbohci - ok

11:30:18.0774 5924 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

11:30:18.0850 5924 usbprint - ok

11:30:19.0029 5924 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:30:19.0079 5924 USBSTOR - ok

11:30:19.0137 5924 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

11:30:19.0170 5924 usbuhci - ok

11:30:19.0228 5924 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys

11:30:19.0292 5924 VClone - ok

11:30:19.0444 5924 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

11:30:19.0516 5924 vga - ok

11:30:19.0574 5924 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

11:30:19.0623 5924 VgaSave - ok

11:30:19.0652 5924 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

11:30:19.0677 5924 viaagp - ok

11:30:19.0698 5924 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

11:30:19.0795 5924 ViaC7 - ok

11:30:19.0928 5924 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

11:30:19.0952 5924 viaide - ok

11:30:20.0120 5924 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

11:30:20.0156 5924 volmgr - ok

11:30:20.0338 5924 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

11:30:20.0480 5924 volmgrx - ok

11:30:20.0603 5924 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

11:30:20.0639 5924 volsnap - ok

11:30:20.0719 5924 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

11:30:20.0746 5924 vsmraid - ok

11:30:20.0844 5924 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

11:30:21.0086 5924 WacomPen - ok

11:30:21.0222 5924 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

11:30:21.0257 5924 Wanarp - ok

11:30:21.0337 5924 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

11:30:21.0375 5924 Wanarpv6 - ok

11:30:21.0616 5924 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

11:30:21.0643 5924 Wd - ok

11:30:21.0721 5924 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

11:30:21.0809 5924 Wdf01000 - ok

11:30:22.0091 5924 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

11:30:22.0200 5924 WmiAcpi - ok

11:30:22.0303 5924 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

11:30:22.0362 5924 WpdUsb - ok

11:30:22.0492 5924 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

11:30:22.0549 5924 ws2ifsl - ok

11:30:22.0652 5924 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

11:30:22.0799 5924 WUDFRd - ok

11:30:22.0899 5924 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

11:30:22.0928 5924 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected

11:30:22.0928 5924 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b (0)

11:30:23.0138 5924 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

11:30:23.0138 5924 \Device\Harddisk0\DR0 - detected TDSS File System (1)

11:30:23.0162 5924 Boot (0x1200) (fc6b5db762ffa41293e29022604d802f) \Device\Harddisk0\DR0\Partition0

11:30:23.0163 5924 \Device\Harddisk0\DR0\Partition0 - ok

11:30:23.0181 5924 Boot (0x1200) (67e32ccee8af990de07decd5caf89274) \Device\Harddisk0\DR0\Partition1

11:30:23.0183 5924 \Device\Harddisk0\DR0\Partition1 - ok

11:30:23.0183 5924 ============================================================

11:30:23.0183 5924 Scan finished

11:30:23.0183 5924 ============================================================

11:30:23.0200 5892 Detected object count: 6

11:30:23.0200 5892 Actual detected object count: 6

11:31:22.0828 5892 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - skipped by user

11:31:22.0828 5892 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:31:22.0831 5892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user

11:31:22.0831 5892 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:31:22.0835 5892 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user

11:31:22.0835 5892 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:31:22.0839 5892 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user

11:31:22.0839 5892 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

11:31:22.0907 5892 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - will be cured on reboot

11:31:22.0908 5892 \Device\Harddisk0\DR0 - ok

11:31:22.0909 5892 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure

11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

11:32:56.0876 3896 Deinitialize success

[MrCharlie]

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

--------------------------------

Delete your copy of TDSSKiller and download a fresh one.

Run and when you get to "TDSS File System", choose "Delete"

Post the log when done.

MrC

[anthonyq]

MrC

when you say

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

are you reffering to the TTDSSKiller Download?

[MrCharlie]

No, when you run it, right click on it and choose run as administrator.

MrC

[anthonyq]

MrC,

I tried to copy/paste the results of the scan with TDSSKiller but was told that the posting was to long to post.

I have now attached it as a file. I hope this is o.k.

TDSSKiller.2.7.5.0_19.01.2012_14.44.07_log 2nd Scan.txt

[MrCharlie]

Why did you delete everything?????

I said......

Run and when you get to "TDSS File System", choose "Delete"

This was all you were supposed to delete:

11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

11:31:22.0909 5892 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

-----------------------------

You deleted all of these:

14:50:05.0271 2928 HKLM\SYSTEM\ControlSet001\services\Apowersoft_AudioDevice - will be deleted on reboot

14:50:05.0309 2928 HKLM\SYSTEM\ControlSet003\services\Apowersoft_AudioDevice - will be deleted on reboot

14:50:05.0354 2928 HKLM\SYSTEM\ControlSet004\services\Apowersoft_AudioDevice - will be deleted on reboot

14:50:05.0424 2928 C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys - will be deleted on reboot

14:50:05.0424 2928 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - User select action: Delete

14:50:05.0427 2928 HKLM\SYSTEM\ControlSet001\services\FsUsbExDisk - will be deleted on reboot

14:50:05.0428 2928 HKLM\SYSTEM\ControlSet003\services\FsUsbExDisk - will be deleted on reboot

14:50:05.0441 2928 HKLM\SYSTEM\ControlSet004\services\FsUsbExDisk - will be deleted on reboot

14:50:05.0443 2928 C:\Windows\system32\FsUsbExDisk.SYS - will be deleted on reboot

14:50:05.0443 2928 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Delete

14:50:05.0446 2928 HKLM\SYSTEM\ControlSet001\services\moufiltr - will be deleted on reboot

14:50:05.0447 2928 HKLM\SYSTEM\ControlSet003\services\moufiltr - will be deleted on reboot

14:50:05.0449 2928 HKLM\SYSTEM\ControlSet004\services\moufiltr - will be deleted on reboot

14:50:05.0450 2928 C:\Windows\system32\DRIVERS\moufiltr.sys - will be deleted on reboot

14:50:05.0450 2928 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Delete

14:50:05.0455 2928 HKLM\SYSTEM\ControlSet003\services\TrueSight - will be deleted on reboot

14:50:05.0470 2928 HKLM\SYSTEM\ControlSet004\services\TrueSight - will be deleted on reboot

14:50:05.0471 2928 c:\windows\system32\drivers\TrueSight.sys - will be deleted on reboot

14:50:05.0471 2928 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Delete

14:50:20.0238 4756 Deinitialize success

-----------------------------------

Do you have a good recent system restore point?

MrC

[anthonyq]

MrC, sorry if I got it wrong, I don't know how I deleted so many. When it had scanned it found 4 the boxes were set to Skip, I thought I had to change the 4 to delete which I did. I cannot remember seeing "TDSS File System"

I will do a system restore to the latest time and post back.

[MrCharlie]

OK, no problem, MrC

[anthonyq]

My latest System Restore point is 2 days ago 17/01/2012 at 19:25:33

Do you want me to restore to this time?

[MrCharlie]

Yes that's GOOD!

MrC

[anthonyq]

I have restored back to 2 days ago 17/01/2012 at 19:25:33.

Looking back through my postings I have not mentioned that at start up Photoshop opens up which it is not configered to. There is a message that photoshop cannot open this kind of file. I am now able to see the file which apears on the desktop I presume it is the same file(see below) Although Photoshop still opens on start up. I don't seem able to paste the word file or the pictures, this is what the error says .

Message Title: FsUsbServiceMsg

Program Path: C:\Windows\system32\FsUsbExService.Exe

[MrCharlie]

OK, we'll take care of that later, lets start over:

Please download Farbar Service Scanner and run it on the computer with the issue.

• Make sure the following options are checked:
  
  • Internet Services
    
  • Windows Firewall
    
  • System Restore
    
  • Security Center
    
  • Windows Update
    

  [*]Press "Scan".

  [*]It will create a log (FSS.txt) in the same directory the tool is run.

  [*]Please copy and paste the log to your reply.

-------------

Next..........

Please download and run RogueKiller.

Choose 1 to scan the system

Post back the report.

MrC

[anthonyq]

Scans as requested.

Farbar Service Scanner Version: 18-01-2012 01

Ran by Tony (administrator) on 19-01-2012 at 17:49:41

Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86)

Boot Mode: Normal

****************************************************************

Internet Services:

============

Connection Status:

==============

Localhost is accessible.

LAN connected.

Google IP is accessible.

Yahoo IP is accessible.

Windows Firewall:

=============

Firewall Disabled Policy:

==================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall"=DWORD:0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall"=DWORD:0

System Restore:

============

SDRSVC Service is not running. Checking service configuration:

The start type of SDRSVC service is OK.

The ImagePath of SDRSVC service is OK.

The ServiceDll of SDRSVC service is OK.

Checking LEGACY_SDRSVC: Attention! Unable to open LEGACY_SDRSVC\0000 registry key. The key does not exist.

VSS Service is not running. Checking service configuration:

The start type of VSS service is OK.

The ImagePath of VSS service is OK.

System Restore Disabled Policy:

========================

Security Center:

============

Windows Update:

===========

File Check:

========

C:\Windows\system32\nsisvc.dll => MD5 is legit

C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit

C:\Windows\system32\dhcpcsvc.dll => MD5 is legit

C:\Windows\system32\Drivers\afd.sys => MD5 is legit

C:\Windows\system32\Drivers\tdx.sys => MD5 is legit

C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit

C:\Windows\system32\dnsrslvr.dll => MD5 is legit

C:\Windows\system32\mpssvc.dll => MD5 is legit

C:\Windows\system32\bfe.dll => MD5 is legit

C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit

C:\Windows\system32\SDRSVC.dll => MD5 is legit

C:\Windows\system32\vssvc.exe => MD5 is legit

C:\Windows\system32\wscsvc.dll => MD5 is legit

C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit

C:\Windows\system32\wuaueng.dll => MD5 is legit

C:\Windows\system32\qmgr.dll

[2009-05-29 18:21] - [2009-04-11 06:28] - 0758784 ____A (Microsoft Corporation) 93952506C6D67330367F7E7934B6A02F

C:\Windows\system32\es.dll => MD5 is legit

C:\Windows\system32\cryptsvc.dll

[2009-05-29 18:20] - [2009-04-11 06:28] - 0129024 ____A (Microsoft Corporation) FB27772BEAF8E1D28CCD825C09DA939B

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

**** End of log ****

RogueKiller V6.2.4 [01/12/2012] by Tigzy

mail: tigzyRK<at>gmail<dot>com

Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/

Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version

Started in : Normal mode

User: Tony [Admin rights]

Mode: Scan -- Date : 01/19/2012 17:54:22

¤¤¤ Bad processes: 0 ¤¤¤

¤¤¤ Registry Entries: 6 ¤¤¤

[HJ] HKLM\[...]\System : EnableLUA (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver: [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] e1105d90bb405f118578d64a17dbfc8f

[bSP] 4afd33af9ebf647cb5b164d7e7a88c91 : Windows Vista MBR Code

Partition table:

0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 1572 Mo

1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 3074048 | Size: 59768 Mo

2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 119810048 | Size: 58689 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt

[MrCharlie]

Looks better, let run TDSSKiller again, don't delete anything

Please download and run TDSSKiller as outlined in the post below:

http://forums.malwar...howtopic=104821

If a suspicious object is detected, the default action will be Skip, click on Continue

If malicious objects are found, they will show in the Scan results and offer three (3) options.

Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead,

Do not choose Delete unless instructed.

Post back the log, MrC

[anthonyq]

TDSSKiller Scan as requested.

18:20:05.0730 3332 TDSS rootkit removing tool 2.7.6.0 Jan 19 2012 13:09:04

18:20:06.0665 3332 ============================================================

18:20:06.0665 3332 Current date / time: 2012/01/19 18:20:06.0664

18:20:06.0665 3332 SystemInfo:

18:20:06.0665 3332

18:20:06.0665 3332 OS Version: 6.0.6002 ServicePack: 2.0

18:20:06.0665 3332 Product type: Workstation

18:20:06.0665 3332 ComputerName: TOSHLAPTOP

18:20:06.0666 3332 UserName: Tony

18:20:06.0666 3332 Windows directory: C:\Windows

18:20:06.0666 3332 System windows directory: C:\Windows

18:20:06.0666 3332 Processor architecture: Intel x86

18:20:06.0666 3332 Number of processors: 2

18:20:06.0666 3332 Page size: 0x1000

18:20:06.0666 3332 Boot type: Normal boot

18:20:06.0666 3332 ============================================================

18:20:09.0491 3332 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

18:20:09.0551 3332 Initialize success

18:20:30.0928 4520 ============================================================

18:20:30.0928 4520 Scan started

18:20:30.0928 4520 Mode: Manual; SigCheck; TDLFS;

18:20:30.0928 4520 ============================================================

18:20:32.0195 4520 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

18:20:32.0526 4520 ACPI - ok

18:20:32.0773 4520 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys

18:20:32.0870 4520 adp94xx - ok

18:20:33.0070 4520 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys

18:20:33.0118 4520 adpahci - ok

18:20:33.0157 4520 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys

18:20:33.0200 4520 adpu160m - ok

18:20:33.0231 4520 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys

18:20:33.0267 4520 adpu320 - ok

18:20:33.0509 4520 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

18:20:33.0679 4520 AFD - ok

18:20:33.0971 4520 AgereSoftModem (4e6294a06be883c9bd685a8dfd9fcd4e) C:\Windows\system32\DRIVERS\AGRSM.sys

18:20:34.0466 4520 AgereSoftModem - ok

18:20:34.0625 4520 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys

18:20:34.0656 4520 agp440 - ok

18:20:34.0706 4520 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

18:20:34.0738 4520 aic78xx - ok

18:20:34.0769 4520 aliide (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys

18:20:34.0808 4520 aliide - ok

18:20:34.0842 4520 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys

18:20:34.0879 4520 amdagp - ok

18:20:35.0042 4520 amdide (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys

18:20:35.0080 4520 amdide - ok

18:20:35.0105 4520 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys

18:20:35.0409 4520 AmdK7 - ok

18:20:35.0573 4520 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys

18:20:35.0704 4520 AmdK8 - ok

18:20:35.0745 4520 Apowersoft_AudioDevice (85ece26f326c2d07ba77a60343468272) C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys

18:20:35.0855 4520 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - warning

18:20:35.0855 4520 Apowersoft_AudioDevice - detected UnsignedFile.Multi.Generic (1)

18:20:36.0022 4520 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys

18:20:36.0063 4520 arc - ok

18:20:36.0089 4520 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys

18:20:36.0128 4520 arcsas - ok

18:20:36.0183 4520 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

18:20:36.0390 4520 AsyncMac - ok

18:20:36.0542 4520 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

18:20:36.0575 4520 atapi - ok

18:20:36.0637 4520 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

18:20:36.0724 4520 Beep - ok

18:20:36.0747 4520 blbdrive - ok

18:20:36.0814 4520 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

18:20:36.0983 4520 bowser - ok

18:20:37.0037 4520 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

18:20:37.0153 4520 BrFiltLo - ok

18:20:37.0333 4520 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

18:20:37.0407 4520 BrFiltUp - ok

18:20:37.0449 4520 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

18:20:37.0557 4520 Brserid - ok

18:20:37.0709 4520 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

18:20:37.0832 4520 BrSerWdm - ok

18:20:37.0869 4520 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

18:20:37.0950 4520 BrUsbMdm - ok

18:20:37.0982 4520 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

18:20:38.0077 4520 BrUsbSer - ok

18:20:38.0230 4520 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

18:20:38.0335 4520 BTHMODEM - ok

18:20:38.0343 4520 catchme - ok

18:20:38.0393 4520 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

18:20:38.0451 4520 cdfs - ok

18:20:38.0602 4520 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

18:20:38.0665 4520 cdrom - ok

18:20:38.0717 4520 cfwids (1dcb5209601a70e36c70fe8d197d62cb) C:\Windows\system32\drivers\cfwids.sys

18:20:38.0911 4520 cfwids - ok

18:20:39.0076 4520 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys

18:20:39.0174 4520 circlass - ok

18:20:39.0217 4520 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

18:20:39.0268 4520 CLFS - ok

18:20:39.0336 4520 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys

18:20:39.0431 4520 CmBatt - ok

18:20:39.0582 4520 cmdide (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys

18:20:39.0619 4520 cmdide - ok

18:20:39.0662 4520 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys

18:20:39.0698 4520 Compbatt - ok

18:20:39.0717 4520 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys

18:20:39.0753 4520 crcdisk - ok

18:20:39.0775 4520 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys

18:20:39.0860 4520 Crusoe - ok

18:20:40.0040 4520 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

18:20:40.0115 4520 DfsC - ok

18:20:40.0150 4520 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

18:20:40.0182 4520 disk - ok

18:20:40.0258 4520 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

18:20:40.0356 4520 drmkaud - ok

18:20:40.0525 4520 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

18:20:40.0766 4520 DXGKrnl - ok

18:20:40.0916 4520 E100B (d00eeae1cacd77a1a8396bbc19140bba) C:\Windows\system32\DRIVERS\e100b325.sys

18:20:41.0002 4520 E100B - ok

18:20:41.0059 4520 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys

18:20:41.0195 4520 E1G60 - ok

18:20:41.0376 4520 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys

18:20:41.0425 4520 Ecache - ok

18:20:41.0496 4520 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys

18:20:41.0547 4520 elxstor - ok

18:20:41.0681 4520 EraserUtilRebootDrv - ok

18:20:41.0874 4520 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

18:20:41.0977 4520 exfat - ok

18:20:42.0025 4520 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

18:20:42.0108 4520 fastfat - ok

18:20:42.0270 4520 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys

18:20:42.0391 4520 fdc - ok

18:20:42.0466 4520 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

18:20:42.0503 4520 FileInfo - ok

18:20:42.0662 4520 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

18:20:42.0746 4520 Filetrace - ok

18:20:42.0781 4520 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys

18:20:42.0901 4520 flpydisk - ok

18:20:42.0951 4520 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

18:20:42.0996 4520 FltMgr - ok

18:20:43.0145 4520 FsUsbExDisk (cbe5f69a5e5b918225f420ba748f3742) C:\Windows\system32\FsUsbExDisk.SYS

18:20:43.0308 4520 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning

18:20:43.0308 4520 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)

18:20:43.0408 4520 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

18:20:43.0492 4520 Fs_Rec - ok

18:20:43.0642 4520 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys

18:20:43.0814 4520 FwLnk - ok

18:20:43.0845 4520 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys

18:20:43.0881 4520 gagp30kx - ok

18:20:43.0934 4520 grmnusb (d956358054e99e6ffac69cd87e893a89) C:\Windows\system32\drivers\grmnusb.sys

18:20:43.0990 4520 grmnusb - ok

18:20:44.0187 4520 HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys

18:20:44.0321 4520 HdAudAddService - ok

18:20:44.0385 4520 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

18:20:44.0489 4520 HDAudBus - ok

18:20:44.0643 4520 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

18:20:44.0767 4520 HidBth - ok

18:20:44.0794 4520 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

18:20:44.0922 4520 HidIr - ok

18:20:45.0090 4520 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

18:20:45.0166 4520 HidUsb - ok

18:20:45.0232 4520 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys

18:20:45.0269 4520 HpCISSs - ok

18:20:45.0361 4520 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

18:20:45.0510 4520 HTTP - ok

18:20:45.0665 4520 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys

18:20:45.0701 4520 i2omp - ok

18:20:45.0751 4520 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

18:20:45.0832 4520 i8042prt - ok

18:20:45.0875 4520 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys

18:20:45.0921 4520 iaStorV - ok

18:20:46.0090 4520 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

18:20:46.0131 4520 iirsp - ok

18:20:46.0249 4520 IntcAzAudAddService (2690be9907b36b7c3ea2859c74926fa1) C:\Windows\system32\drivers\RTKVHDA.sys

18:20:46.0667 4520 IntcAzAudAddService - ok

18:20:46.0832 4520 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

18:20:46.0859 4520 intelide - ok

18:20:46.0905 4520 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

18:20:46.0976 4520 intelppm - ok

18:20:47.0023 4520 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:20:47.0105 4520 IpFilterDriver - ok

18:20:47.0253 4520 IpInIp - ok

18:20:47.0298 4520 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys

18:20:47.0425 4520 IPMIDRV - ok

18:20:47.0474 4520 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

18:20:47.0563 4520 IPNAT - ok

18:20:47.0720 4520 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

18:20:47.0805 4520 IRENUM - ok

18:20:47.0873 4520 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys

18:20:47.0912 4520 isapnp - ok

18:20:48.0083 4520 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

18:20:48.0133 4520 iScsiPrt - ok

18:20:48.0203 4520 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

18:20:48.0243 4520 iteatapi - ok

18:20:48.0263 4520 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

18:20:48.0302 4520 iteraid - ok

18:20:48.0354 4520 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

18:20:48.0390 4520 kbdclass - ok

18:20:48.0542 4520 kbdhid (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys

18:20:48.0645 4520 kbdhid - ok

18:20:48.0694 4520 KMWDFILTER (566c5fd480fdbce3ba5cf9fbcffaea9a) C:\Windows\system32\DRIVERS\KMWDFILTER.sys

18:20:48.0809 4520 KMWDFILTER - ok

18:20:48.0852 4520 KR10I (1e0d65f7ffeb4e99b2eec1ccb5754cc8) C:\Windows\system32\drivers\kr10i.sys

18:20:48.0995 4520 KR10I - ok

18:20:49.0148 4520 KR10N (0f9e83709cbb60b1549f3a65d0ab6e4f) C:\Windows\system32\drivers\kr10n.sys

18:20:49.0285 4520 KR10N - ok

18:20:49.0348 4520 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys

18:20:49.0597 4520 KSecDD - ok

18:20:49.0783 4520 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

18:20:49.0869 4520 lltdio - ok

18:20:49.0929 4520 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys

18:20:49.0968 4520 LSI_FC - ok

18:20:49.0991 4520 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys

18:20:50.0034 4520 LSI_SAS - ok

18:20:50.0199 4520 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys

18:20:50.0239 4520 LSI_SCSI - ok

18:20:50.0300 4520 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

18:20:50.0393 4520 luafv - ok

18:20:50.0471 4520 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys

18:20:50.0508 4520 megasas - ok

18:20:50.0676 4520 mfeapfk (36b47b1e9c537f8f2b4481084b8f7d22) C:\Windows\system32\drivers\mfeapfk.sys

18:20:50.0830 4520 mfeapfk - ok

18:20:50.0907 4520 mfeavfk (cde41293db871a75cd99eb0ce781356b) C:\Windows\system32\drivers\mfeavfk.sys

18:20:51.0081 4520 mfeavfk - ok

18:20:51.0232 4520 mfeavfk01 - ok

18:20:51.0306 4520 mfebopk (e22385f64bdf0ad81157479496e33c4a) C:\Windows\system32\drivers\mfebopk.sys

18:20:51.0451 4520 mfebopk - ok

18:20:51.0504 4520 mfefirek (215666a8a85023ef019b510cbb67f678) C:\Windows\system32\drivers\mfefirek.sys

18:20:51.0636 4520 mfefirek - ok

18:20:51.0812 4520 mfehidk (56d330981866a72f061dd16cc5004513) C:\Windows\system32\drivers\mfehidk.sys

18:20:52.0066 4520 mfehidk - ok

18:20:52.0218 4520 mfenlfk (b41bacc049cdb916a52b1448bf30d6ab) C:\Windows\system32\DRIVERS\mfenlfk.sys

18:20:52.0390 4520 mfenlfk - ok

18:20:52.0466 4520 mferkdet (89b564d63c53fc0c6782ab07eea63acf) C:\Windows\system32\drivers\mferkdet.sys

18:20:52.0603 4520 mferkdet - ok

18:20:52.0760 4520 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\Windows\system32\drivers\mferkdk.sys

18:20:52.0916 4520 mferkdk - ok

18:20:52.0964 4520 mfesmfk (096b52ea918aa909ba5903d79e129005) C:\Windows\system32\drivers\mfesmfk.sys

18:20:53.0097 4520 mfesmfk - ok

18:20:53.0278 4520 mfewfpk (c2ff7473a60c0fb2df145ab686889653) C:\Windows\system32\drivers\mfewfpk.sys

18:20:53.0369 4520 mfewfpk - ok

18:20:53.0424 4520 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

18:20:53.0491 4520 Modem - ok

18:20:53.0546 4520 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

18:20:53.0610 4520 monitor - ok

18:20:53.0761 4520 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

18:20:53.0789 4520 mouclass - ok

18:20:53.0830 4520 moufiltr (baa4ed3c323bee7ebc144c7d232220a8) C:\Windows\system32\DRIVERS\moufiltr.sys

18:20:53.0925 4520 moufiltr ( UnsignedFile.Multi.Generic ) - warning

18:20:53.0925 4520 moufiltr - detected UnsignedFile.Multi.Generic (1)

18:20:53.0973 4520 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

18:20:54.0077 4520 mouhid - ok

18:20:54.0233 4520 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

18:20:54.0269 4520 MountMgr - ok

18:20:54.0313 4520 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys

18:20:54.0351 4520 mpio - ok

18:20:54.0408 4520 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

18:20:54.0477 4520 mpsdrv - ok

18:20:54.0649 4520 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

18:20:54.0689 4520 Mraid35x - ok

18:20:54.0740 4520 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

18:20:54.0834 4520 MRxDAV - ok

18:20:54.0892 4520 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

18:20:55.0206 4520 mrxsmb - ok

18:20:55.0328 4520 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:20:55.0681 4520 mrxsmb10 - ok

18:20:55.0736 4520 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:20:56.0001 4520 mrxsmb20 - ok

18:20:56.0116 4520 msahci (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys

18:20:56.0141 4520 msahci - ok

18:20:56.0183 4520 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys

18:20:56.0211 4520 msdsm - ok

18:20:56.0269 4520 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

18:20:56.0332 4520 Msfs - ok

18:20:56.0453 4520 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

18:20:56.0479 4520 msisadrv - ok

18:20:56.0547 4520 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

18:20:56.0600 4520 MSKSSRV - ok

18:20:56.0622 4520 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

18:20:56.0693 4520 MSPCLOCK - ok

18:20:56.0803 4520 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

18:20:56.0854 4520 MSPQM - ok

18:20:56.0925 4520 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

18:20:56.0961 4520 MsRPC - ok

18:20:57.0027 4520 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

18:20:57.0054 4520 mssmbios - ok

18:20:57.0082 4520 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

18:20:57.0172 4520 MSTEE - ok

18:20:57.0280 4520 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

18:20:57.0321 4520 Mup - ok

18:20:57.0406 4520 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

18:20:57.0477 4520 NativeWifiP - ok

18:20:57.0543 4520 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

18:20:57.0648 4520 NDIS - ok

18:20:57.0777 4520 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

18:20:57.0854 4520 NdisTapi - ok

18:20:57.0926 4520 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

18:20:57.0998 4520 Ndisuio - ok

18:20:58.0050 4520 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

18:20:58.0114 4520 NdisWan - ok

18:20:58.0237 4520 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

18:20:58.0290 4520 NDProxy - ok

18:20:58.0341 4520 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

18:20:58.0396 4520 NetBIOS - ok

18:20:58.0436 4520 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

18:20:58.0491 4520 netbt - ok

18:20:58.0710 4520 NETw3v32 (acc6170d80c69e50145b370023b64ed3) C:\Windows\system32\DRIVERS\NETw3v32.sys

18:20:58.0987 4520 NETw3v32 - ok

18:20:59.0238 4520 NETw4v32 (6522dd40a5f67ced020bd81b856613fb) C:\Windows\system32\DRIVERS\NETw4v32.sys

18:20:59.0748 4520 NETw4v32 - ok

18:21:00.0058 4520 NETw5v32 (8de67bd902095a13329fd82c85a1fa09) C:\Windows\system32\DRIVERS\NETw5v32.sys

18:21:00.0844 4520 NETw5v32 - ok

18:21:01.0015 4520 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

18:21:01.0057 4520 nfrd960 - ok

18:21:01.0144 4520 NPF (b48dc6abcd3aeff8618350ccbdc6b09a) C:\Windows\system32\drivers\npf.sys

18:21:01.0385 4520 NPF - ok

18:21:01.0581 4520 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

18:21:01.0615 4520 Npfs - ok

18:21:01.0667 4520 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

18:21:01.0726 4520 nsiproxy - ok

18:21:01.0806 4520 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

18:21:01.0887 4520 Ntfs - ok

18:21:02.0055 4520 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

18:21:02.0170 4520 ntrigdigi - ok

18:21:02.0253 4520 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

18:21:02.0325 4520 Null - ok

18:21:02.0652 4520 nvlddmkm (05200c3a9b1370aa2d8c99f1a464168b) C:\Windows\system32\DRIVERS\nvlddmkm.sys

18:21:03.0455 4520 nvlddmkm - ok

18:21:03.0624 4520 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys

18:21:03.0685 4520 nvraid - ok

18:21:03.0718 4520 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys

18:21:03.0759 4520 nvstor - ok

18:21:03.0787 4520 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys

18:21:03.0820 4520 nv_agp - ok

18:21:03.0834 4520 NwlnkFlt - ok

18:21:03.0851 4520 NwlnkFwd - ok

18:21:03.0908 4520 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

18:21:03.0974 4520 ohci1394 - ok

18:21:04.0169 4520 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

18:21:04.0270 4520 Parport - ok

18:21:04.0322 4520 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

18:21:04.0348 4520 partmgr - ok

18:21:04.0375 4520 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

18:21:04.0441 4520 Parvdm - ok

18:21:04.0457 4520 pccsmcfd - ok

18:21:04.0626 4520 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

18:21:04.0654 4520 pci - ok

18:21:04.0716 4520 pciide (3b1901e401473e03eb8c874271e50c26) C:\Windows\system32\drivers\pciide.sys

18:21:04.0745 4520 pciide - ok

18:21:04.0795 4520 pcmcia (3bb2244f343b610c29c98035504c9b75) C:\Windows\system32\DRIVERS\pcmcia.sys

18:21:04.0834 4520 pcmcia - ok

18:21:05.0020 4520 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

18:21:05.0223 4520 PEAUTH - ok

18:21:05.0454 4520 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

18:21:05.0546 4520 PptpMiniport - ok

18:21:05.0602 4520 PRISM_A02 (ba3ffbd0abdf45c9160e66cb27f8f8ab) C:\Windows\system32\DRIVERS\PRISMA02.sys

18:21:05.0824 4520 PRISM_A02 - ok

18:21:05.0977 4520 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys

18:21:06.0059 4520 Processor - ok

18:21:06.0108 4520 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

18:21:06.0140 4520 PSched - ok

18:21:06.0208 4520 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys

18:21:06.0355 4520 ql2300 - ok

18:21:06.0522 4520 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

18:21:06.0551 4520 ql40xx - ok

18:21:06.0611 4520 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

18:21:06.0680 4520 QWAVEdrv - ok

18:21:06.0726 4520 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

18:21:06.0809 4520 RasAcd - ok

18:21:06.0970 4520 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

18:21:07.0040 4520 Rasl2tp - ok

18:21:07.0109 4520 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

18:21:07.0160 4520 RasPppoe - ok

18:21:07.0184 4520 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

18:21:07.0225 4520 RasSstp - ok

18:21:07.0428 4520 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

18:21:07.0489 4520 rdbss - ok

18:21:07.0559 4520 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

18:21:07.0628 4520 RDPCDD - ok

18:21:07.0790 4520 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys

18:21:07.0916 4520 rdpdr - ok

18:21:07.0965 4520 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

18:21:08.0034 4520 RDPENCDD - ok

18:21:08.0091 4520 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

18:21:08.0159 4520 RDPWD - ok

18:21:08.0368 4520 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

18:21:08.0438 4520 rspndr - ok

18:21:08.0566 4520 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

18:21:08.0703 4520 SASDIFSV - ok

18:21:08.0743 4520 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

18:21:08.0890 4520 SASKUTIL - ok

18:21:09.0046 4520 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

18:21:09.0089 4520 sbp2port - ok

18:21:09.0162 4520 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys

18:21:09.0249 4520 sdbus - ok

18:21:09.0288 4520 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

18:21:09.0406 4520 secdrv - ok

18:21:09.0598 4520 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

18:21:09.0718 4520 Serenum - ok

18:21:09.0756 4520 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

18:21:09.0841 4520 Serial - ok

18:21:09.0894 4520 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

18:21:09.0948 4520 sermouse - ok

18:21:10.0132 4520 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys

18:21:10.0183 4520 sffdisk - ok

18:21:10.0235 4520 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys

18:21:10.0314 4520 sffp_mmc - ok

18:21:10.0370 4520 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys

18:21:10.0417 4520 sffp_sd - ok

18:21:10.0582 4520 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

18:21:10.0703 4520 sfloppy - ok

18:21:10.0782 4520 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys

18:21:10.0822 4520 sisagp - ok

18:21:10.0988 4520 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys

18:21:11.0029 4520 SiSRaid2 - ok

18:21:11.0058 4520 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys

18:21:11.0099 4520 SiSRaid4 - ok

18:21:11.0202 4520 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

18:21:11.0284 4520 Smb - ok

18:21:11.0447 4520 snapman (c3bf55189aa92b8f919108ef9e4accae) C:\Windows\system32\DRIVERS\snapman.sys

18:21:11.0592 4520 snapman - ok

18:21:11.0639 4520 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

18:21:11.0677 4520 spldr - ok

18:21:11.0748 4520 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

18:21:12.0066 4520 srv - ok

18:21:12.0228 4520 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

18:21:12.0530 4520 srv2 - ok

18:21:12.0690 4520 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

18:21:12.0817 4520 srvnet - ok

18:21:12.0895 4520 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

18:21:12.0917 4520 swenum - ok

18:21:12.0965 4520 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

18:21:12.0990 4520 Symc8xx - ok

18:21:13.0150 4520 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

18:21:13.0175 4520 Sym_hi - ok

18:21:13.0202 4520 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

18:21:13.0231 4520 Sym_u3 - ok

18:21:13.0287 4520 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys

18:21:13.0398 4520 SynTP - ok

18:21:13.0493 4520 Tcpip (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\drivers\tcpip.sys

18:21:13.0709 4520 Tcpip - ok

18:21:13.0906 4520 Tcpip6 (814a1c66fbd4e1b310a517221f1456bf) C:\Windows\system32\DRIVERS\tcpip.sys

18:21:14.0025 4520 Tcpip6 - ok

18:21:14.0199 4520 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

18:21:14.0282 4520 tcpipreg - ok

18:21:14.0323 4520 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys

18:21:14.0501 4520 tdcmdpst - ok

18:21:14.0664 4520 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

18:21:14.0707 4520 TDPIPE - ok

18:21:14.0765 4520 tdrpman (3b7b6779eb231f731bba8f9fe67aadfc) C:\Windows\system32\DRIVERS\tdrpman.sys

18:21:14.0898 4520 tdrpman - ok

18:21:15.0066 4520 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

18:21:15.0132 4520 TDTCP - ok

18:21:15.0178 4520 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

18:21:15.0231 4520 tdx - ok

18:21:15.0282 4520 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

18:21:15.0343 4520 TermDD - ok

18:21:15.0538 4520 tifm21 (f779ba4cd37963ab4600c9871b7752a3) C:\Windows\system32\drivers\tifm21.sys

18:21:15.0788 4520 tifm21 - ok

18:21:15.0953 4520 tifsfilter (b0b3122bff3910e0ba97014045467778) C:\Windows\system32\DRIVERS\tifsfilt.sys

18:21:16.0045 4520 tifsfilter - ok

18:21:16.0090 4520 timounter (13bfe330880ac0ce8672d00aa5aff738) C:\Windows\system32\DRIVERS\timntr.sys

18:21:16.0261 4520 timounter - ok

18:21:16.0424 4520 Tosrfcom (5ba1ca3b3cddb1ddc67df473f05d1ec2) C:\Windows\system32\drivers\Tosrfcom.sys

18:21:16.0500 4520 Tosrfcom - ok

18:21:16.0526 4520 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys

18:21:16.0663 4520 tosrfec - ok

18:21:16.0847 4520 TrueSight (f69641efdb19acb4753b0155f7fdeed5) c:\windows\system32\drivers\TrueSight.sys

18:21:16.0855 4520 TrueSight ( UnsignedFile.Multi.Generic ) - warning

18:21:16.0855 4520 TrueSight - detected UnsignedFile.Multi.Generic (1)

18:21:16.0916 4520 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

18:21:16.0987 4520 tssecsrv - ok

18:21:17.0043 4520 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys

18:21:17.0104 4520 tunmp - ok

18:21:17.0261 4520 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

18:21:17.0310 4520 tunnel - ok

18:21:17.0366 4520 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS

18:21:17.0604 4520 TVALZ - ok

18:21:17.0760 4520 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys

18:21:17.0785 4520 uagp35 - ok

18:21:17.0843 4520 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

18:21:17.0908 4520 udfs - ok

18:21:17.0951 4520 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys

18:21:17.0976 4520 uliagpkx - ok

18:21:18.0008 4520 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys

18:21:18.0045 4520 uliahci - ok

18:21:18.0205 4520 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

18:21:18.0232 4520 UlSata - ok

18:21:18.0257 4520 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

18:21:18.0283 4520 ulsata2 - ok

18:21:18.0333 4520 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

18:21:18.0396 4520 umbus - ok

18:21:18.0438 4520 usbccgp (8bd3ae150d97ba4e633c6c5c51b41ae1) C:\Windows\system32\drivers\usbccgp.sys

18:21:18.0534 4520 usbccgp - ok

18:21:18.0691 4520 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

18:21:18.0797 4520 usbcir - ok

18:21:18.0846 4520 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

18:21:18.0919 4520 usbehci - ok

18:21:18.0964 4520 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

18:21:19.0026 4520 usbhub - ok

18:21:19.0177 4520 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys

18:21:19.0275 4520 usbohci - ok

18:21:19.0338 4520 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

18:21:19.0401 4520 usbprint - ok

18:21:19.0449 4520 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:21:19.0501 4520 USBSTOR - ok

18:21:19.0667 4520 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

18:21:19.0735 4520 usbuhci - ok

18:21:19.0903 4520 VClone (94d73b62e458fb56c9ce60aa96d914f9) C:\Windows\system32\DRIVERS\VClone.sys

18:21:20.0136 4520 VClone - ok

18:21:20.0330 4520 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys

18:21:20.0395 4520 vga - ok

18:21:20.0449 4520 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

18:21:20.0500 4520 VgaSave - ok

18:21:20.0526 4520 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys

18:21:20.0557 4520 viaagp - ok

18:21:20.0585 4520 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys

18:21:20.0714 4520 ViaC7 - ok

18:21:20.0870 4520 viaide (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys

18:21:20.0908 4520 viaide - ok

18:21:20.0961 4520 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

18:21:21.0003 4520 volmgr - ok

18:21:21.0059 4520 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

18:21:21.0109 4520 volmgrx - ok

18:21:21.0146 4520 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

18:21:21.0194 4520 volsnap - ok

18:21:21.0350 4520 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys

18:21:21.0393 4520 vsmraid - ok

18:21:21.0453 4520 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

18:21:21.0574 4520 WacomPen - ok

18:21:21.0620 4520 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:21:21.0682 4520 Wanarp - ok

18:21:21.0689 4520 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

18:21:21.0743 4520 Wanarpv6 - ok

18:21:21.0913 4520 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys

18:21:21.0937 4520 Wd - ok

18:21:21.0996 4520 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys

18:21:22.0077 4520 Wdf01000 - ok

18:21:22.0289 4520 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys

18:21:22.0403 4520 WmiAcpi - ok

18:21:22.0556 4520 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

18:21:22.0602 4520 WpdUsb - ok

18:21:22.0701 4520 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

18:21:22.0766 4520 ws2ifsl - ok

18:21:22.0839 4520 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

18:21:22.0929 4520 WUDFRd - ok

18:21:22.0996 4520 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

18:21:23.0160 4520 \Device\Harddisk0\DR0 - ok

18:21:23.0164 4520 Boot (0x1200) (fc6b5db762ffa41293e29022604d802f) \Device\Harddisk0\DR0\Partition0

18:21:23.0166 4520 \Device\Harddisk0\DR0\Partition0 - ok

18:21:23.0190 4520 Boot (0x1200) (67e32ccee8af990de07decd5caf89274) \Device\Harddisk0\DR0\Partition1

18:21:23.0192 4520 \Device\Harddisk0\DR0\Partition1 - ok

18:21:23.0192 4520 ============================================================

18:21:23.0192 4520 Scan finished

18:21:23.0192 4520 ============================================================

18:21:23.0205 4204 Detected object count: 4

18:21:23.0205 4204 Actual detected object count: 4

18:21:50.0849 4204 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - skipped by user

18:21:50.0850 4204 Apowersoft_AudioDevice ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:21:50.0851 4204 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user

18:21:50.0851 4204 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:21:50.0856 4204 moufiltr ( UnsignedFile.Multi.Generic ) - skipped by user

18:21:50.0856 4204 moufiltr ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:21:50.0856 4204 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user

18:21:50.0857 4204 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:22:17.0323 2084 Deinitialize success

[MrCharlie]

Looks OK, all those files are good.

How's the computer now?? MrC

[anthonyq]

MrC

Seeing as you say it looks O.K.

Shall I run the laptop for a while to see how it goes then report back