Jump to content

Cannot access Computer's System Information (Winmgmt)-winmgmt repository


Recommended Posts

This is my second issue post, and it deals with a very similar issue as my first post (System Restore page is blank), but this issue is with my personal laptop. A little background info:

For three straight weeks, during my weekly scheduled scans (from 12-15-2012 to 12-29-2012), Avast! detected and “moved to chest” a file called iefav2601.txt that it found in C:\Windows\Temp and it identified it as a “Win32 MalwareGen”. On 1-4-2013, I created a System Restore point, as I normally do before any new application downloads/installs, then I downloaded and installed MalwareBytes Pro. Interesting is that MalwareBytes Pro's scan did not detect that virus after I ran it, nor has Avast! detected the iefav2601.txt file on any subsequent scans after 12-29-2012, and both say my computer is clean of any viruses or malware. I also could find nothing about this file using Google, nor anything on AVAST!'s website. On 1-7-2013, prior to my downloading Bandicam, I created a System Restore point. The next day, I was posting something on a forum, and went to access my computer’s System Information for specific info to post in the forum, and that’s when I got “Can't collect information. Failed connection to this computer. Check to see that the Winmgmt service is running” error message, and wasn’t able to obtain my laptop’s system info.

After several failed attempts to access System Information, the first thing that came to mind was to do a System Restore back to before my last download/install, which was Bandicam on 1-7-2013. When I went to do it, that’s when I also noticed ALL of my restore points were gone! I then, once more, ran full scans with both Avast and MalWarebytes Pro, which both found nothing, then I did a “boot-time scan” with Avast, and it still came up clean. After all scans, I still could not access System Information. I also rebooted into Safe Mode and tried Safe Mode with Command Prompt option, and was not successful.

I then googled “Can't collect information. Failed connection to this computer. Check to see that the Winmgmt service is running” and found this suggestion at http://answers.micro...fb-6a79a821665d:

Check to ensure Windows Management Instrumentation (WMI) service is running (I did, and it was).

If you still can't collect the system information log files, kindly run sfc /scannow to scans all protected system files immediately. To do this kindly follow the steps below.

  1. Open an elevated command prompt. To do this, click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow.
  2. Type the following command, and then press ENTER:

sfc /scannow

When you're done, please try to collect again the system information and upload it in the private message I provided you below.

After the system scan was finished, the Command Prompt left a message, “Windows Resource Protection found corrupt files and successfully repaired them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For example C:\Windows\Logs\CBS\CBS.log”

After following the instructions above, I still couldn’t access System Information. I had to save a copy of the CBS.log file as a text file and upload it to this post, as this forum doesn’t allow any .log files to be uploaded, instead of pasting its contents, which were over 100 pages long.

After reading some of the other forum postings, I went ahead and downloaded Bill Bastner’s FixPolicies.exe program and ran the Fix_Policies.cmd file, but it didn’t solve my problem. Of course, prior to doing so, I made a backup of my registry, as I already have Wise Registry Cleaner, and even though some of your Techies suggest downloading and using ERUNT to back up the registry, I am very confident in the backup created by my Wise Registry Cleaner, which has reviews just as good, or even better, in some cases, as ERUNT.

Prior to doing any of the next following steps, I set all files and folders for my Windows Explorer to show hidden files, file extensions, and protected operating system files. I then downloaded the Random's System Information Tool. I did find it interesting the fact that Random's System Information Tool or RSIT is recommended in lieu of HijackThis, but I read here at http://en.kioskea.ne...n-and-first-use where RSIT actually checks to see if a current version of HijackThis is installed on the computer, and if not, it will install HijackThis as part of its installation process. It also stated that, although HijackThis is utilized by RSIT, HijackThis has remained too outdated for use by itself. Anyway, I already have the latest version of HijackThis installed, so I downloaded RSIT and ran it, and attached the log.txt and info.txt files.

I then downloaded SecurityCheck. Okay, when running SecurityCheck.exe, I noticed it opened my GIT+ Command Prompt Window (I am a Drupal Web Designer), and once I pressed any key to start the program as prompted, it displayed “Collecting Information”, then “Preparing”, then I got the following error message window pop up:

securitycheckerrormessage.jpg

I clicked “OK”, and “Preparing Done!” flashed, then two quick lines of “No instances available” flashed on the screen, then “file not found: HKLMRUN” flashed quickly before the screen went to show “Antivirus/Firewall check done!” and “Anti-Malware/Other Utilities check done!”, which seemed to show the program was running and working properly. However, when it started the “Performing System Health Check”, it seemed to stall. After waiting for 6 long minutes, I ended the program, and restarted it, with the same opening of my GIT+ Command Prompt Window, and the same error message window, and once again, after I clicked “OK”, the same messages described before flashed, so it seemed to be working fine, until it got to the “Performing System Health Check”, where, this time, I let it run for 10 minutes (really, it took 10 minutes!) when, finally, it announced it had finished the check and the “checkup.txt” file opened in my notepad++. I then saved the file.

Next, I temporarily disabled both, AVAST! and MalWarebytes Pro programs, then closed all open browsers, then opened IE browser as Administrator and went to the Bitdefender’s website and performed the free quickscan and saved the report file.

Next, I downloaded RogueKiller.exe file and right-clicked on it and ran it as Administrator, then after the pre-scan, I ran the scan and saved the report. When I exited, it prompted me to deleted the red items, which I did not, as I will await any advice from this forum.

I then started up AVAST! and MalWarebytes Pro, and re-hid my protected files. I’ve attached all scans files, which are the following:

  1. CBS.log.txt file from Windows Resource Protection scan
  2. log.txt file from RSIT
  3. info.txt file from RSIT
  4. checkup.txt file from Security Check
  5. Report 2013-01-10 17.07.44.txt file from BitDefender
  6. RKreport[1]_S_01102013_02d1714.txt from RogueKiller

Finally, here’s my laptop’s system information:

  • Toshiba Satellite P775-S7320
  • Windows 7 Home Premium
  • Intel core i7-2670QM @ 2.20 Ghz (4 cores)
  • Intel HD3000 Integrated GPU
  • 6GB RAM
  • 720 GB Hard Drive

I hope what I’ve submitted will give you enough information to start assisting me in solving why I cannot access my laptop's System Information, even though Winmgmt service is running, and what caused the deletion of all my previous System Restore points. I had dedicated 35 GB for the restore points, so hard drive memory isn't a factor (I have over 200 GB free), and I've not lost any restore points since 1-8-2013.

Having been made aware of this forum's policy about having any torrent software on a computer, I have disabled it and will ensure it will not be functioning from this point on until this issue is fully resolved.

CBS.log.txt

log.txt

info.txt

checkup.txt

Report 2013-01-10 17.07.44.txt

RKreport1_S_01102013_02d1714.txt

Link to post
Share on other sites

Hello chopperbob,

Would you kindly paste the logs in-line as we go forward? Thank you in advance.

Running System File Checker is fine.

Going forward, please follow my guidance and not run other tools on your own without first checking with me .

  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes.
  • On the RogueKiller console, click the Registry tab.
    Put a check next to all of these and uncheck the rest: (if found)
    [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND
    [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND
  • Then click on Delete on the right hand column under Options.
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Link to post
Share on other sites

Hello chopperbob,

Would you kindly paste the logs in-line as we go forward? Thank you in advance.

Running System File Checker is fine.

Going forward, please follow my guidance and not run other tools on your own without first checking with me .

Hello Maurice!

I'm glad you have selected my issue. Okay, the CBS.log has over 111 pages of information, so unless you instruct me to copy and paste it here, I'll skip that one, as you probably don't need it. With that said, here are the rest of the reports:

RSIT log.txt

Logfile of random's system information tool 1.09 (written by random/random)

Run by Bob Ingham at 2013-01-09 17:57:47

WIN_7 Service Pack 1

System drive C: has 221 GB (32%) free of 698 GB

Total RAM: 6052 MB (22% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:57:57 PM, on 1/9/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files (x86)\Webroot\Washer\wwDisp.exe

C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe

C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Yammer\Yammer.exe

C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe

C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe

C:\Program Files (x86)\Xpadder.v2012.01.19\Xpadder.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\Bob Ingham\Downloads\RSIT.exe

C:\Program Files (x86)\trend micro\Bob Ingham.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo....intl=us&.src=ym

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [sVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM

O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [YMailAdvisor] "C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet

O4 - HKCU\..\Run: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Window Washer] C:\Program Files (x86)\Webroot\Washer\wwDisp.exe

O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User '?')

O4 - HKUS\S-1-5-21-63780027-3872983175-906021891-1000\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (User '?')

O4 - HKUS\S-1-5-21-63780027-3872983175-906021891-1000\..\Run: [Window Washer] C:\Program Files (x86)\Webroot\Washer\wwDisp.exe (User '?')

O4 - HKUS\S-1-5-21-63780027-3872983175-906021891-1000\..\RunOnce: [FlashPlayerUpdate] C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -update activex (User '?')

O4 - S-1-5-21-63780027-3872983175-906021891-1000 Startup: Dropbox.lnk = Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe (User '?')

O4 - S-1-5-21-63780027-3872983175-906021891-1000 Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (User '?')

O4 - S-1-5-21-63780027-3872983175-906021891-1000 Startup: Yammer.lnk = C:\Program Files (x86)\Yammer\Yammer.exe (User '?')

O4 - .DEFAULT User Startup: Best Buy pc app.lnk = C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (User 'Default user')

O4 - Startup: Dropbox.lnk = Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

O4 - Startup: Yammer.lnk = C:\Program Files (x86)\Yammer\Yammer.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://*.rideau.ubuntu

O15 - Trusted Zone: http://*.ubuntu

O15 - Trusted IP range: http://192.168.1.105

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files (x86)\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://akamaicdn.we...nt/ieatgpc1.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE}: NameServer = 0.0.0.0

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Intel® PROSet/Wireless WiMAX Red Bend Device Management Service (DMAgent) - Red Bend Ltd. - C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)

O23 - Service: Flexlm Service 1 - Acresso Software Inc. - C:\Program Files (x86)\UGS\NX 7.5\UGFLEXLM\lmgrd.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)

O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: PinnacleUpdate Service (PinnacleUpdateSvc) - PowerUp Software, LLC - C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)

O23 - Service: TOSHIBA HDD Protection (Thpsrv) - Unknown owner - C:\windows\system32\ThpSrv.exe (file missing)

O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows\system32\TODDSrv.exe (file missing)

O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe

O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)

O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)

O23 - Service: Intel® PROSet/Wireless WiMAX Service (WiMAXAppSrv) - Intel® Corporation - C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe

O23 - Service: XMail Server (XMail) - Unknown owner - C:\Program Files (x86)\acquia-drupal\xmail\XMail.exe

O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

--

End of file - 21292 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job

C:\windows\tasks\GoogleUpdateTaskMachineCore.job

C:\windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Bob Ingham\AppData\Roaming\Mozilla\Firefox\Profiles\5jxx2mm3.default

prefs.js - "browser.startup.homepage" - "https://www.google.com/"

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

"fmconverter@gmail.com"=C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.5.502.146 Plugin

"Path"=C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0]

"Description"=

"Path"=C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.9.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\windows\SysWOW64\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6]

"Description"=Yahoo Messenger State Plugin

"Path"=C:\Program Files (x86)\Yahoo!\Shared\npYState.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=C:\windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\

amazondotcom.xml

bing.xml

eBay.xml

google.xml

twitter.xml

WebSearchober515661.xml

wikipedia.xml

yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

&Yahoo! Toolbar Helper - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-17 2018104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27 63944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java™ Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-12-06 449512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-09 192144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java™ Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-12-06 155384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}]

TOSHIBA Media Controller Plug-in - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12 534400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]

SingleInstance Class - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2011-11-17 166712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll [2011-11-17 2018104]

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2013-01-09 192144]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"SVPWUTIL"=C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [2010-11-09 532480]

"HWSetup"=C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [2011-03-10 423936]

"KeNotify"=C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [2010-08-16 34160]

"TSleepSrv"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [2010-06-04 252792]

"ToshibaServiceStation"=C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [2011-07-11 1298816]

"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27 919008]

"YMailAdvisor"=C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe [2009-05-08 174424]

"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2011-09-02 39408]

"Messenger (Yahoo!)"=C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [2011-08-22 6276408]

"Xvid"=C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]

"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2012-11-09 17877168]

"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

"Window Washer"=C:\Program Files (x86)\Webroot\Washer\wwDisp.exe [2011-04-20 1633680]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"FlashPlayerUpdate"=C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe [2012-12-12 697272]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Logitech SetPoint.lnk - C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe

C:\Users\Bob Ingham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Dropbox.lnk - C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe

OneNote 2010 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

Yammer.lnk - C:\Program Files (x86)\Yammer\Yammer.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DisableLockWorkstation"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=l3codecp.acm

"vidc.cvid"=iccvid.dll

"msacm.siren"=sirenacm.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"vidc.XVID"=xvidvfw.dll

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"vidc.tscc"=C:\windows\SysWOW64\tsccvid.dll

"vidc.tsc2"=C:\windows\SysWOW64\tsc2_codec32.dll

"vidc.mjpg"=bdmjpeg.dll

"vidc.mpeg"=bdmpegv.dll

"msacm.bdmpeg"=bdmpega.acm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-09 17:57:47 ----D---- C:\rsit

2013-01-08 16:39:55 ----D---- C:\Program Files (x86)\Trend Micro

2013-01-08 14:44:03 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Wise Registry Cleaner

2013-01-08 14:42:44 ----D---- C:\Program Files (x86)\Wise

2013-01-08 10:17:39 ----D---- C:\perflogs

2013-01-07 17:15:02 ----D---- C:\Program Files (x86)\Bandicam

2013-01-07 17:14:56 ----D---- C:\Program Files (x86)\BandiMPEG1

2013-01-05 18:04:32 ----D---- C:\Program Files (x86)\QuickTime

2013-01-05 18:04:16 ----D---- C:\Program Files (x86)\Common Files\TechSmith Shared

2013-01-05 18:04:02 ----D---- C:\Program Files (x86)\TechSmith

2013-01-05 17:44:26 ----D---- C:\Users\Bob Ingham\AppData\Roaming\TechSmith

2013-01-05 17:39:43 ----D---- C:\ProgramData\TechSmith

2013-01-04 15:20:15 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Malwarebytes

2013-01-04 15:19:43 ----D---- C:\ProgramData\Malwarebytes

2013-01-04 15:19:41 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-12-30 14:47:55 ----N---- C:\windows\SysWOW64\lotusgarden_3333241.scr

2012-12-30 14:47:55 ----D---- C:\ProgramData\Screentime

2012-12-27 03:03:53 ----D---- C:\Program Files (x86)\Papyrus

2012-12-26 14:57:31 ----D---- C:\Program Files (x86)\Mozilla Firefox

2012-12-23 13:47:18 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Valusoft

2012-12-23 13:46:16 ----D---- C:\Program Files (x86)\Valusoft

2012-12-21 03:01:30 ----A---- C:\windows\SysWOW64\atmlib.dll

2012-12-21 03:01:19 ----A---- C:\windows\SysWOW64\atmfd.dll

2012-12-18 13:59:09 ----RA---- C:\windows\SysWOW64\MSXML.DLL

2012-12-18 13:55:53 ----D---- C:\Program Files (x86)\Ubisoft

2012-12-16 16:31:14 ----D---- C:\Users\Bob Ingham\AppData\Roaming\fltk.org

2012-12-16 16:31:14 ----D---- C:\ProgramData\fltk.org

2012-12-16 16:29:31 ----D---- C:\Users\Bob Ingham\AppData\Roaming\flightgear.org

2012-12-16 16:29:30 ----D---- C:\ProgramData\flightgear.org

2012-12-16 16:29:25 ----D---- C:\Program Files (x86)\OpenAL

2012-12-16 16:29:24 ----A---- C:\windows\SysWOW64\wrap_oal.dll

2012-12-16 16:29:24 ----A---- C:\windows\SysWOW64\OpenAL32.dll

2012-12-15 14:24:34 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Need for Speed Underground 2

2012-12-15 14:20:37 ----D---- C:\Program Files (x86)\R.G. Mechanics

2012-12-13 14:44:21 ----A---- C:\windows\SysWOW64\drivers\papyjoy.sys

2012-12-13 14:44:20 ----A---- C:\windows\SysWOW64\drivers\papycpu2.sys

2012-12-13 14:37:39 ----A---- C:\windows\Sierra.ini

2012-12-12 14:33:21 ----D---- C:\Program Files (x86)\UEFI WinFlash

2012-12-12 03:03:11 ----A---- C:\windows\SysWOW64\vbscript.dll

2012-12-12 03:03:11 ----A---- C:\windows\SysWOW64\mshtmled.dll

2012-12-12 03:03:11 ----A---- C:\windows\SysWOW64\ieui.dll

2012-12-12 03:03:10 ----A---- C:\windows\SysWOW64\url.dll

2012-12-12 03:03:10 ----A---- C:\windows\SysWOW64\ieUnatt.exe

2012-12-12 03:03:09 ----A---- C:\windows\SysWOW64\urlmon.dll

2012-12-12 03:03:07 ----A---- C:\windows\SysWOW64\wininet.dll

2012-12-12 03:03:07 ----A---- C:\windows\SysWOW64\msfeeds.dll

2012-12-12 03:03:05 ----A---- C:\windows\SysWOW64\jscript9.dll

2012-12-12 03:03:05 ----A---- C:\windows\SysWOW64\jscript.dll

2012-12-12 03:03:04 ----A---- C:\windows\SysWOW64\iertutil.dll

2012-12-12 03:03:03 ----A---- C:\windows\SysWOW64\jsproxy.dll

2012-12-12 03:03:01 ----A---- C:\windows\SysWOW64\mshtml.dll

2012-12-12 03:02:57 ----A---- C:\windows\SysWOW64\ieframe.dll

2012-12-11 14:16:01 ----A---- C:\windows\SysWOW64\tzres.dll

2012-12-11 14:15:22 ----A---- C:\windows\SysWOW64\kernel32.dll

2012-12-11 14:15:21 ----A---- C:\windows\SysWOW64\KernelBase.dll

2012-12-11 14:15:20 ----A---- C:\windows\SysWOW64\setup16.exe

2012-12-11 14:15:19 ----AH---- C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2012-12-11 14:15:19 ----A---- C:\windows\SysWOW64\wow32.dll

2012-12-11 14:15:19 ----A---- C:\windows\SysWOW64\ntvdm64.dll

2012-12-11 14:15:19 ----A---- C:\windows\SysWOW64\instnm.exe

2012-12-11 14:15:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2012-12-11 14:15:18 ----AH---- C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2012-12-11 14:15:16 ----AH---- C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2012-12-11 14:15:15 ----AH---- C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2012-12-11 14:15:15 ----AH---- C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2012-12-11 14:15:14 ----AH---- C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2012-12-11 14:15:14 ----AH---- C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2012-12-11 14:15:13 ----AH---- C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2012-12-11 14:15:12 ----AH---- C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2012-12-11 14:15:11 ----AH---- C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2012-12-11 14:15:11 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2012-12-11 14:15:10 ----AH---- C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2012-12-11 14:15:10 ----AH---- C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2012-12-11 14:15:09 ----AH---- C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2012-12-11 14:15:08 ----AH---- C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2012-12-11 14:15:08 ----AH---- C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2012-12-11 14:15:07 ----AH---- C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2012-12-11 14:15:06 ----AH---- C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2012-12-11 14:15:05 ----AH---- C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2012-12-11 14:15:04 ----AH---- C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2012-12-11 14:15:03 ----AH---- C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2012-12-11 14:15:03 ----AH---- C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2012-12-11 14:15:03 ----AH---- C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2012-12-11 14:15:02 ----AH---- C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2012-12-11 14:15:02 ----AH---- C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2012-12-11 14:15:01 ----AH---- C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2012-12-11 14:14:59 ----AH---- C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2012-12-11 14:14:57 ----A---- C:\windows\SysWOW64\user.exe

2012-12-11 14:14:11 ----A---- C:\windows\SysWOW64\dpnet.dll

2012-12-11 14:01:42 ----D---- C:\Program Files (x86)\Xpadder.v2012.01.19

2012-12-10 16:52:20 ----D---- C:\ProgramData\BDJ

======List of files/folders modified in the last 1 month======

2013-01-09 17:57:53 ----D---- C:\windows\Temp

2013-01-09 17:57:04 ----D---- C:\Users\Bob Ingham\AppData\Roaming\BitTorrent

2013-01-09 17:40:47 ----D---- C:\windows\SysWOW64

2013-01-09 17:40:33 ----A---- C:\windows\SysWOW64\FlashPlayerApp.exe

2013-01-09 14:50:01 ----D---- C:\windows\winsxs

2013-01-09 10:43:04 ----SHD---- C:\windows\Installer

2013-01-09 10:39:31 ----SHD---- C:\System Volume Information

2013-01-09 10:37:21 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Skype

2013-01-08 17:35:38 ----D---- C:\windows\Prefetch

2013-01-08 16:39:55 ----SHD---- C:\Config.Msi

2013-01-08 16:39:55 ----RD---- C:\Program Files (x86)

2013-01-08 15:02:13 ----A---- C:\windows\SysWOW64\log.txt

2013-01-08 15:00:47 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Dropbox

2013-01-08 04:48:40 ----A---- C:\windows\SysWOW64\zlib.dll

2013-01-07 17:15:00 ----D---- C:\windows\System32

2013-01-05 18:04:16 ----D---- C:\Program Files (x86)\Common Files

2013-01-05 17:39:43 ----HD---- C:\ProgramData

2013-01-04 14:02:29 ----D---- C:\Program Files (x86)\Common Files\microsoft shared

2013-01-03 16:49:16 ----D---- C:\Program Files (x86)\BitTorrent

2013-01-02 13:21:31 ----D---- C:\Users\Bob Ingham\AppData\Roaming\dvdcss

2012-12-29 13:46:48 ----D---- C:\windows\inf

2012-12-29 13:39:24 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service

2012-12-27 03:04:26 ----HD---- C:\Program Files (x86)\InstallShield Installation Information

2012-12-27 03:03:05 ----D---- C:\Program Files (x86)\Common Files\InstallShield

2012-12-26 12:31:07 ----D---- C:\Program Files (x86)\Rockstar Games

2012-12-25 02:18:55 ----AD---- C:\Windows

2012-12-25 02:18:15 ----D---- C:\windows\Tasks

2012-12-25 02:18:13 ----D---- C:\Users\Bob Ingham\AppData\Roaming\vlc

2012-12-25 02:17:57 ----D---- C:\windows\registration

2012-12-24 12:09:27 ----RD---- C:\Program Files (x86)\Skype

2012-12-21 10:08:15 ----D---- C:\windows\rescache

2012-12-18 16:32:25 ----D---- C:\windows\Resources

2012-12-16 16:18:21 ----RD---- C:\Program Files

2012-12-13 14:44:22 ----D---- C:\windows\SysWOW64\drivers

2012-12-13 11:45:19 ----D---- C:\Program Files (x86)\SystemRequirementsLab

2012-12-12 03:13:41 ----D---- C:\windows\SysWOW64\en-US

2012-12-12 03:13:33 ----D---- C:\windows\AppPatch

2012-12-12 03:13:31 ----D---- C:\windows\SysWOW64\migration

2012-12-12 03:13:31 ----D---- C:\Program Files (x86)\Internet Explorer

2012-12-12 03:08:40 ----D---- C:\ProgramData\Microsoft Help

2012-12-11 17:01:07 ----D---- C:\Users\Bob Ingham\AppData\Roaming\Mp3tag

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys []

R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys []

R0 pciide;pciide; C:\windows\system32\DRIVERS\pciide.sys []

R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys []

R0 Thpdrv;TOSHIBA HDD Protection Driver; C:\windows\system32\DRIVERS\thpdrv.sys []

R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver; C:\windows\system32\DRIVERS\Thpevm.SYS []

R0 tos_sps64;TOSHIBA tos_sps64 Service; C:\windows\system32\DRIVERS\tos_sps64.sys []

R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\windows\system32\DRIVERS\TVALZ_O.SYS []

R1 aswRdr;aswRdr; C:\windows\System32\Drivers\aswrdr2.sys []

R1 aswSnx;aswSnx; C:\windows\SysWOW64\drivers\aswSnx.sys []

R1 aswSP;aswSP; C:\windows\SysWOW64\drivers\aswSP.sys []

R1 aswTdi;avast! Network Shield Support; C:\windows\SysWOW64\drivers\aswTdi.sys []

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys []

R1 VBoxDrv;VirtualBox Service; C:\windows\system32\DRIVERS\VBoxDrv.sys []

R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\windows\system32\DRIVERS\VBoxUSBMon.sys []

R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys []

R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys []

R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys []

R2 aswFsBlk;aswFsBlk; C:\windows\SysWOW64\drivers\aswFsBlk.sys []

R2 aswMonFlt;aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys []

R2 regi;regi; \??\C:\windows\system32\drivers\regi.sys []

R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver; C:\windows\system32\DRIVERS\TVALZFL.sys []

R3 bpenum;Intel® Centrino® WiMAX Enumerator; C:\windows\system32\DRIVERS\bpenum.sys []

R3 bpmp;Intel® Centrino® WiMAX 6050 Series; C:\windows\system32\DRIVERS\bpmp.sys []

R3 bpusb;Intel® Centrino® WiMAX 6050 Series Function Driver; C:\windows\System32\Drivers\bpusb.sys []

R3 CeKbFilter;CeKbFilter; C:\windows\system32\DRIVERS\CeKbFilter.sys []

R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd64.sys []

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHD64.sys []

R3 IntcDAud;Intel® Display Audio; C:\windows\system32\DRIVERS\IntcDAud.sys []

R3 iwdbus;IWD Bus Enumerator; C:\windows\system32\DRIVERS\iwdbus.sys []

R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys []

R3 MEIx64;Intel® Management Engine Interface; C:\windows\system32\DRIVERS\HECIx64.sys []

R3 NETwNs64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit; C:\windows\system32\DRIVERS\NETwNs64.sys []

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\windows\system32\DRIVERS\nusb3hub.sys []

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\windows\system32\DRIVERS\nusb3xhc.sys []

R3 PGEffect;Pangu effect driver; C:\windows\system32\DRIVERS\pgeffect.sys []

R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys []

R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys []

R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\windows\system32\DRIVERS\tdcmdpst.sys []

R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\windows\system32\DRIVERS\VBoxNetAdp.sys []

R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\windows\system32\DRIVERS\VBoxNetFlt.sys []

R3 vpcbus;Virtual PC Host Bus Service; C:\windows\system32\DRIVERS\vpchbus.sys []

R3 vpcusb;USB Virtualization Connector Service; C:\windows\system32\DRIVERS\vpcusb.sys []

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys []

S0x01000000 papycpu2;papycpu2; C:\windows\System32\DRIVERS\papycpu2.sys [2003-01-17 1984]

S0x01000000 papyjoy;papyjoy; C:\windows\System32\DRIVERS\papyjoy.sys [2003-01-17 1856]

S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\windows\system32\drivers\intelaud.sys []

S3 JMCR;JMCR; C:\windows\system32\DRIVERS\jmcr.sys []

S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\windows\system32\DRIVERS\LHidFilt.Sys []

S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\windows\system32\DRIVERS\LMouFilt.Sys []

S3 sdbus;sdbus; C:\windows\system32\DRIVERS\sdbus.sys []

S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys []

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\windows\system32\drivers\TsUsbGD.sys []

S3 USBAAPL64;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl64.sys []

S3 usbscan;USB Scanner Driver; C:\windows\system32\DRIVERS\usbscan.sys []

S3 WinUsb;WinUsb; C:\windows\system32\DRIVERS\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]

R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-06-14 498688]

R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2011-06-01 1517328]

R2 IviRegMgr;IviRegMgr; C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2010-05-20 110736]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168]

R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]

R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]

R2 PSI_SVC_2;Protexis Licensing V2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2010-03-11 193824]

R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2011-06-01 844560]

R2 Thpsrv;TOSHIBA HDD Protection; C:\windows\system32\ThpSrv.exe []

R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\windows\system32\TODDSrv.exe []

R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [2011-05-17 574896]

R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service; C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-05-24 294848]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]

R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-06-14 986112]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]

R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

R3 TMachInfo;TMachInfo; C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-07-11 57216]

R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2011-06-09 138152]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 136176]

S2 PinnacleUpdateSvc;PinnacleUpdate Service; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [2011-05-09 430080]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-09 251400]

S3 Flexlm Service 1;Flexlm Service 1; C:\Program Files (x86)\UGS\NX 7.5\UGFLEXLM\lmgrd.exe [2009-07-07 1510152]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-09-02 136176]

S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-10-11 194032]

S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 160784]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-12-26 115168]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-06-01 340240]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 TPCHSrv;TPCH Service; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-07-01 828856]

S3 wampapache;wampapache; c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe [2011-09-26 21504]

S3 wampmysqld;wampmysqld; c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe [2011-09-26 9665536]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe []

S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

-----------------EOF-----------------

Maurice, it wouldn't allow me to post any longer than this, so will post each report in separate posts.

Link to post
Share on other sites

RSIT info.txt

info.txt logfile of random's system information tool 1.09 2013-01-09 17:58:02

======Uninstall list======

Leawo Video Converter version 5.1.0.0-->"C:\Program Files (x86)\Leawo\Video Converter\unins000.exe"

Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

-->"C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F}\Best Buy pc app Setup.exe" REMOVE=TRUE MODIFY=FALSE

-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE

Acquia Dev Desktop-->C:\Program Files (x86)\acquia-drupal\uninstall.exe

Adobe AIR-->c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}

Adobe Flash Player 11 ActiveX-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_Plugin.exe -maintain plugin

Adobe Reader X (10.1.4) MUI-->MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}

Angry Birds Rio-->MsiExec.exe /I{E0B3F290-186B-46C8-BA95-F3D6542C2407}

Angry Birds Space-->MsiExec.exe /I{45FFEC16-0615-47E2-8B70-CBAFD31D820C}

Angry Birds-->MsiExec.exe /I{73AD5A08-FCFE-44EA-9436-3F7BEAF60049}

Apple Application Support-->MsiExec.exe /I{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}

Apple Software Update-->MsiExec.exe /I{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

Audacity 2.0-->"C:\Program Files (x86)\Audacity\unins000.exe"

avast! Free Antivirus-->C:\Program Files\AVAST Software\Avast\aswRunDll.exe "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup

Bandicam-->"C:\Program Files (x86)\Bandicam\uninstall.exe"

Bandisoft MPEG-1 Decoder-->"C:\Program Files (x86)\BandiMPEG1\uninstall.exe"

Bejeweled 3-->"C:\windows\Bejeweled 3\uninstall.exe" "/U:C:\Program Files (x86)\Bejeweled 3\Uninstall\uninstall.xml"

Best Buy Connect-->MsiExec.exe /X{B435FD87-CA14-45E3-9D0B-A30F1F9F3866}

Best Buy pc app-->C:\ProgramData\{373A11D3-0B96-4E16-9184-7D0FBE86932F}\Best Buy pc app Setup.exe

BitTorrent-->"C:\Program Files (x86)\BitTorrent\BitTorrent.exe" /UNINSTALL

Camtasia Studio 8-->MsiExec.exe /I{DB93E2C2-851F-44B2-B09C-351D2C624AE1}

Corel WinDVD-->MsiExec.exe /X{5C1F18D2-F6B7-4242-B803-B5A78648185D}

D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF}

DAEMON Tools Lite-->C:\Program Files (x86)\DAEMON Tools Lite\uninst.exe

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{99F50845-55E3-4E06-9A5A-17D37F4D4FB9}" "1033" "0"

Drush-->MsiExec.exe /I{AB5B1162-D4DE-4C59-BAB3-020B2323AF98}

erLT-->MsiExec.exe /I{A498D9EB-927B-459B-85D6-DD6EF8C2C564}

FFmpeg v0.6.2 for Audacity-->"C:\Program Files (x86)\Ffmpeg For Audacity\unins000.exe"

FileZilla Client 3.5.3-->C:\Program Files (x86)\FileZilla FTP Client\uninstall.exe

Freemake Video Converter version 3.1.2-->"C:\Program Files (x86)\Freemake\Freemake Video Converter\Uninstall\unins000.exe"

FreeStar Free AMR MP3 Converter 1.0.5-->C:\Program Files (x86)\freestar\amr2mp3\uninst.exe

GamesBar 2.0.1.55-->C:\Program Files (x86)\GamesBar\uninst.exe

Git version 1.7.7.1-preview20111027-->"C:\Program Files (x86)\Git\unins000.exe"

GnuWin32: Gzip-1.3.12-1-->"C:\Program Files (x86)\GnuWin32\uninstall\unins000.exe"

GnuWin32: LibArchive-2.4.12-1-->"C:\Program Files (x86)\GnuWin32\uninstall\unins001.exe"

GnuWin32: Wget-1.11.4-1-->"C:\Program Files (x86)\GnuWin32\uninstall\unins003.exe"

Google Chrome-->"C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.97\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Earth-->MsiExec.exe /X{28E82311-8616-11E1-BEB0-B8AC6F97B88E}

Google Toolbar for Internet Explorer-->"C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

Grand Theft Auto IV-->"C:\Program Files (x86)\InstallShield Installation Information\{579BA58C-F33D-4970-9953-B94B43768AC3}\setup.exe" -runfromtemp -l0x0009 -removeonly

HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

ImgBurn-->"C:\Program Files (x86)\ImgBurn\uninstall.exe"

Intel PROSet Wireless-->Intel PROSet Wireless

Intel® Management Engine Components-->C:\Program Files (x86)\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall

Intel® Processor Graphics-->C:\Program Files (x86)\Intel\Intel® Processor Graphics\Uninstall\setup.exe -uninstall

Intel® Rapid Storage Technology-->C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\Uninstall\setup.exe -uninstall

Intel® WiDi-->MsiExec.exe /X{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}

Internet TV for Windows Media Center-->MsiExec.exe /X{9D318C86-AF4C-409F-A6AC-7183FF4CF424}

IrfanView (remove only)-->C:\Program Files (x86)\IrfanView\iv_uninstall.exe

Java 7 Update 9-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83217009FF}

Java™ 6 Update 25-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF}

JMicron Flash Media Controller Driver-->"C:\Program Files (x86)\JMicron\JMCR_DIR\setup.exe" delpkg

Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

K-Lite Codec Pack 7.9.0 (Basic)-->"C:\Program Files (x86)\K-Lite Codec Pack\unins000.exe"

Label@Once 1.0-->MsiExec.exe /I{0D795777-9D60-4692-8386-F2B3F2B5E5BF}

LAME v3.99.3 (for Windows)-->"C:\Program Files (x86)\Lame For Audacity\unins000.exe"

Lock On: Modern Air Combat-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E90DCEE9-DC27-401B-A7AC-B0AFF5B34E4D}\setup.exe" -l0x9

Logitech SetPoint-->"C:\Program Files (x86)\InstallShield Installation Information\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}\setup.exe" -runfromtemp -l1033 -removeonly

lotusgarden_3333241 Screen Saver-->C:\windows\system32\lotusgarden_3333241.scr /u

LUXOR 5th Passage-->C:\Program Files (x86)\MumboJumbo\LUXOR 5th Passage\uninstall.exe LUXOR 5th Passage

LUXOR Adventures-->C:\Program Files (x86)\MumboJumbo\LUXOR Adventures\uninstall.exe LUXOR Adventures

LUXOR Mahjong-->C:\Program Files (x86)\MumboJumbo\LUXOR Mahjong\uninstall.exe LUXOR Mahjong

MahJong Suite 2010 Delux v7.1-->"C:\Program Files (x86)\MahJong Suite\unins000.exe"

Malwarebytes Anti-Malware version 1.70.0.1100-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe"

Meka MP3 Album Artwork Tool-->MsiExec.exe /I{566D66BF-BF53-4FA7-91C5-F419A37F7248}

Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E}

Microsoft Conferencing Add-in for Microsoft Office Outlook-->MsiExec.exe /I{13BEAC7C-69C1-4A9E-89A3-D5F311DE2B69}

Microsoft Games for Windows - LIVE Redistributable-->MsiExec.exe /X{59E4543A-D49D-4489-B445-473D763C79AF}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727}

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0015-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0016-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0018-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0019-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001B-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{99ACCA38-6DD3-48A8-96AE-A283C9759279}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002C-0409-0000-0000000FF1CE}" "{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{047B0968-E622-4FAA-9B4B-121FA109EDDE}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0115-0409-0000-0000000FF1CE}" "{4560037C-E356-444A-A015-D21F487D809E}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0116-0409-1000-0000000FF1CE}" "{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" "1033" "0"

Microsoft Office 2010 Service Pack 1 (SP1)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-0117-0409-0000-0000000FF1CE}" "{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" "1033" "0"

Microsoft Office Access MUI (English) 2010-->MsiExec.exe /X{90140000-0015-0409-0000-0000000FF1CE}

Microsoft Office Access Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0117-0409-0000-0000000FF1CE}

Microsoft Office Excel MUI (English) 2010-->MsiExec.exe /X{90140000-0016-0409-0000-0000000FF1CE}

Microsoft Office Home and Business 2010-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\setup.exe" /uninstall SINGLEIMAGE /dll OSETUP.DLL

Microsoft Office Live Meeting 2007-->MsiExec.exe /I{E30E7561-A466-4393-B8BF-FD93E733EF3C}

Microsoft Office OneNote MUI (English) 2010-->MsiExec.exe /X{90140000-00A1-0409-0000-0000000FF1CE}

Microsoft Office Outlook MUI (English) 2010-->MsiExec.exe /X{90140000-001A-0409-0000-0000000FF1CE}

Microsoft Office PowerPoint MUI (English) 2010-->MsiExec.exe /X{90140000-0018-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (English) 2010-->MsiExec.exe /X{90140000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (French) 2010-->MsiExec.exe /X{90140000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2010-->MsiExec.exe /X{90140000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}

Microsoft Office Proofing (English) 2010-->MsiExec.exe /X{90140000-002C-0409-0000-0000000FF1CE}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E}

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}

Microsoft Office Publisher MUI (English) 2010-->MsiExec.exe /X{90140000-0019-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared MUI (English) 2010-->MsiExec.exe /X{90140000-006E-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}

Microsoft Office Shared Setup Metadata MUI (English) 2010-->MsiExec.exe /X{90140000-0115-0409-0000-0000000FF1CE}

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {4B4DF6E2-5E40-422B-82DD-205FD7E79226}

Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0017-0409-0000-0000000FF1CE} /uninstall {C00A9857-850C-4C68-A583-2EF4F24706F5}

Microsoft Office SharePoint Designer 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall SHAREPOINTDESIGNER /dll OSETUP.DLL

Microsoft Office SharePoint Designer 2007-->MsiExec.exe /X{90120000-0017-0000-0000-0000000FF1CE}

Microsoft Office SharePoint Designer MUI (English) 2007-->MsiExec.exe /X{90120000-0017-0409-0000-0000000FF1CE}

Microsoft Office Single Image 2010-->MsiExec.exe /X{90140000-003D-0000-0000-0000000FF1CE}

Microsoft Office Word MUI (English) 2010-->MsiExec.exe /X{90140000-001B-0409-0000-0000000FF1CE}

Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F}

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E}

Midnight Club II-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F3856E7C-AD71-48E1-9A95-6D7E7FCB164A}\Setup.exe" -l0x9

mIRC-->C:\Program Files (x86)\mIRC\uninstall.exe _?=C:\Program Files (x86)\mIRC

Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

Mozilla Maintenance Service-->"C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"

Mp3tag v2.53-->C:\Program Files (x86)\Mp3tag\Mp3tagUninstall.EXE

MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9}

MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

MySQL Workbench 5.2 CE-->MsiExec.exe /I{1D803D4F-CE1E-4282-B4F2-0FCF28E68BCD}

NASCAR® Racing 2003 Season-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{ACC2E059-40E9-4464-B18D-C9BDD9A02CED}\SETUP.exe" -l0x9 -uninst

Need for Speed Underground 2-->"C:\Users\Bob Ingham\AppData\Roaming\Need for Speed Underground 2\Uninstall\unins000.exe"

NetBeans IDE 7.1-->"C:\Program Files (x86)\NetBeans 7.1\uninstall.exe"

Netflix in Windows Media Center-->MsiExec.exe /X{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}

nGlide 1.00-->"C:\windows\SysWOW64\nglide_uninst.exe"

Notepad++-->C:\Program Files (x86)\Notepad++\uninstall.exe

OpenAL-->"C:\Program Files (x86)\OpenAL\oalinst.exe" /U

Pinnacle Game Profiler-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}\Setup.exe" -l0x9

PlayReady PC Runtime x86-->MsiExec.exe /X{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}

Prison Tycoon Alcatraz-->"C:\Program Files (x86)\Valusoft\Prison Tycoon Alcatraz\Uninstall.exe"

Realtek Ethernet Controller Driver-->C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\Setup.exe -runfromtemp -removeonly

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly

Renesas Electronics USB 3.0 Host Controller Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{5442DAB8-7177-49E1-8B22-09A049EA5996}\setup.exe" -runfromtemp -l0x0409 -removeonly

Renesas Electronics USB 3.0 Host Controller Driver-->MsiExec.exe /X{5442DAB8-7177-49E1-8B22-09A049EA5996}

Rockstar Games Social Club-->"C:\Program Files (x86)\InstallShield Installation Information\{08B3869E-D282-424C-9AFC-870E04A4BA14}\setup.exe" -runfromtemp -l0x0009 -removeonly

Safari-->MsiExec.exe /I{C779648B-410E-4BBA-B75B-5815BCEFE71D}

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {6AF6C62E-4E3D-33BF-A591-9E4D53BDF22F} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {DA36C2E5-6B34-3A6A-9C0A-7D1CC1C5A768} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7B82A51A-768B-3A7B-ADFA-F777097A8079} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E40184A4-4A61-3D2E-9035-CB6E1E610E07} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4736E989-32D9-3B91-90D7-C68848E118CA} /parameterfolder Client

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F1696E2F-4803-362F-A756-65B363483FE6} /parameterfolder Client

Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{73CC972E-6ABF-456B-9E1E-BADC0E65B57A}" "1033" "0"

Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{D267D0F7-9770-467D-ACF3-FB2F7E0AC532}" "1033" "0"

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {D33B9EF5-3801-496A-A2D6-B7F4BE972D75}

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {B145DBBB-7778-4A5D-9D2B-DA6569F02391}

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {E34960DB-2A93-45DB-A208-02650F7AB09C}

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition -->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {2623A96B-78E5-42CC-AB55-6A3969B32E36}

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE}

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {EF5B5C7F-20CB-4A3A-AC3D-F5DE2C2BFDC7}

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition -->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}

Security Update for Microsoft Office 2010 (KB2553091)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553096)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{CCC48FE2-175F-4CDE-82DF-F7BC4672C1A3}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{CC39BA1F-7A25-440C-86A7-77E35D8CC88C}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{54A1B66B-F5B2-45AD-8B19-5F51A027A1B9}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{B5489515-6DD4-47A5-AE4E-64751D15F10E}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{9FF4E0C9-11BB-4B32-AC5E-EAB896CB4216}" "1033" "0"

Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A5E549EB-FDD3-4CD1-8163-50D429A36516}" "1033" "0"

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{61461470-8168-4F4B-97B7-617AF354F028}" "1033" "0"

Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{0A682BA4-3C78-42C3-8DDF-EB9A6ABE5535}" "1033" "0"

Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{F8243081-3FB0-4EE8-9B2A-6F7D70AF5269}" "1033" "0"

Skype™ 6.0-->MsiExec.exe /X{EA17F4FC-FDBF-4CF8-A529-2D983132D053}

System Requirements Lab CYRI-->MsiExec.exe /I{E5F05232-96B6-4552-A480-785A60A94B21}

System Requirements Lab Detection-->MsiExec.exe /X{A407FC22-36BF-4C82-A516-59D94BC505A9}

Tar-1.13 Binaries (GnuWin32)-->"C:\Program Files (x86)\GnuWin32\uninstall\unins002.exe"

TOSHIBA Application Installer-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}\setup.exe" -l0x9 -removeonly

TOSHIBA Assist-->C:\Program Files (x86)\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -removeonly

Toshiba Book Place-->MsiExec.exe /X{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}

TOSHIBA Bulletin Board-->"C:\Program Files (x86)\InstallShield Installation Information\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Face Recognition-->"C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Flash Cards Support Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409

TOSHIBA Flash Cards Support Utility-->"C:\Program Files (x86)\InstallShield Installation Information\{620BBA5E-F848-4D56-8BDA-584E44584C5E}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Hardware Setup-->"C:\Program Files (x86)\InstallShield Installation Information\{5279374D-87FE-4879-9385-F17278EBB9D3}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Hardware Setup-->MsiExec.exe /I{5279374D-87FE-4879-9385-F17278EBB9D3}

TOSHIBA Media Controller Plug-in-->MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}

TOSHIBA Media Controller-->C:\Program Files (x86)\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -removeonly

TOSHIBA Quality Application-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E69992ED-A7F6-406C-9280-1C156417BC49}\setup.exe" -l0x9 -removeonly

TOSHIBA Recovery Media Creator-->C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly

TOSHIBA ReelTime-->"C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Resolution+ Plug-in for Windows Media Player-->"C:\Program Files (x86)\InstallShield Installation Information\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Service Station-->C:\Program Files (x86)\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly

TOSHIBA Sleep Utility-->C:\Program Files (x86)\InstallShield Installation Information\{654F7484-88C5-46DC-AB32-C66BCB0E2102}\Setup.exe -runfromtemp -removeonly

TOSHIBA Supervisor Password-->"C:\Program Files (x86)\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409

TOSHIBA Supervisor Password-->"C:\Program Files (x86)\InstallShield Installation Information\{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Value Added Package-->C:\Program Files\TOSHIBA\TVAP\Setup.exe

TOSHIBA VIDEO PLAYER-->C:\Program Files (x86)\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly

TOSHIBA Web Camera Application-->"C:\Program Files (x86)\InstallShield Installation Information\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\setup.exe" -runfromtemp -l0x0409 -removeonly

TOSHIBA Web Camera Application-->MsiExec.exe /I{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}

TOSHIBA Wireless Display Monitor-->MsiExec.exe /X{617773AE-ADBA-4479-BB04-65FE7758B35C}

TOSHIBA Wireless LAN Indicator-->MsiExec.exe /X{5B01BCB7-A5D3-476F-AF11-E515BA206591}

TOSHIBARegistration-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5AF550B4-BB67-4E7E-82F1-2C4300279050}\setup.exe" -l0x9 -removeonly

Total Validator Tool-->C:\Program Files (x86)\TotalValidatorTool\uninstall.exe

UGS NX 7.5-->MsiExec.exe /I{66BE05E7-4FA4-49C7-9BF4-44A522DEE57B}

UGSLicensing-->MsiExec.exe /X{B40EED7A-63D4-4ED2-910D-9A64FF94DF22}

Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client

Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {620E77C0-CDFE-4C14-AAEB-830ABB65864C}

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition-->msiexec /package {90120000-0017-0000-0000-0000000FF1CE} /uninstall {8153EC80-C988-4336-8DAF-6D99C0D26E0C}

Update for Microsoft Office 2010 (KB2494150)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}" "1033" "0"

Update for Microsoft Office 2010 (KB2553065)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{A8686D24-1E89-43A1-973E-05A258D2B3F8}" "1033" "0"

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}" "1033" "0"

Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{18B3CF2A-73F7-4716-B1AE-86D68726D408}" "1033" "0"

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-006E-0409-0000-0000000FF1CE}" "{73E67A3A-8D61-44EF-90C2-1697C3DBE668}" "1033" "0"

Update for Microsoft Office 2010 (KB2566458)-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{EFB525A0-E1C0-4E32-9968-FE401BC87363}" "1033" "0"

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}" "1033" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0409-0000-0000000FF1CE}" "{C4F26A9B-B121-4135-8084-A0D9C780C7C8}" "1033" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-040C-0000-0000000FF1CE}" "{460FF681-BC66-4C38-99DF-7012E03F1EBA}" "1033" "0"

Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001F-0C0A-0000-0000000FF1CE}" "{C633216E-FF30-45B6-B2AB-21922A9353EF}" "1033" "0"

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1033" "0"

Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{1CBEDB37-C438-473F-8BA0-2535B0D237E2}" "1033" "0"

Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}

Update for Microsoft Office Sharepoint Designer 2007 Help (KB963675)-->msiexec /package {90120000-0017-0409-0000-0000000FF1CE} /uninstall {9A9DF47B-DB4B-485D-8211-7430ABEC5259}

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-00A1-0409-0000-0000000FF1CE}" "{9865DC3A-2898-48D9-B96A-46397571C934}" "1033" "0"

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}" "1033" "0"

Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{DFE7321B-F914-4AB5-8C74-1F8CC932B1B0}" "1033" "0"

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{47894754-0FEC-4920-9A65-6C1E732587AC}" "1033" "0"

Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{326F9E80-FE16-4D2A-827A-4EE1A87B1CE8}" "1033" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-001A-0409-0000-0000000FF1CE}" "{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}" "1033" "0"

Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-003D-0000-0000-0000000FF1CE}" "{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}" "1033" "0"

Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Oarpmany.exe" /removereleaseinpatch "{90140000-002A-0000-1000-0000000FF1CE}" "{5DA2D071-A54C-47C0-83E5-43C63DBFD936}" "1033" "0"

Utility Common Driver-->"C:\Program Files (x86)\InstallShield Installation Information\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}\setup.exe" -runfromtemp -l0x0409 -removeonly

Utility Common Driver-->MsiExec.exe /I{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}

VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe

WampServer 2.2-->"c:\wamp\unins000.exe"

WebEx-->C:\PROGRA~3\WebEx\atcliun.exe

Window Washer-->C:\windows\Unwash6.exe

Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066}

Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe

Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}

Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917}

Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30}

Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923}

Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441}

Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649}

Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48}

Windows Live Messenger-->MsiExec.exe /X{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}

Windows Live Messenger-->MsiExec.exe /X{E5B21F11-6933-4E0B-A25C-7963E3C07D11}

Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08}

Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38}

Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002}

Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1}

Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7}

Windows Live PIMT Platform-->MsiExec.exe /I{83C292B7-38A5-440B-A731-07070E81A64F}

Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F}

Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4}

Windows Live UX Platform Language Pack-->MsiExec.exe /I{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}

Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}

Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04}

Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E}

Windows Media Center Add-in for Flash-->MsiExec.exe /X{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}

Wise Registry Cleaner 7.62-->"C:\Program Files (x86)\Wise\Wise Registry Cleaner\unins000.exe"

Xenu's Link Sleuth-->C:\Program Files (x86)\Xenu\uninst.exe

Xvid Video Codec-->C:\Program Files (x86)\Xvid\uninstall.exe

Yahoo! Install Manager-->C:\windows\system32\regsvr32 /u C:\PROGRA~2\Yahoo!\Common\YINSTH~1.DLL

Yahoo! Internet Mail-->C:\windows\system32\regsvr32 /u /s C:\PROGRA~2\Yahoo!\Common\YMMAPI.dll

Yahoo! Mail Advisor-->C:\PROGRA~2\Yahoo!\Common\UNINST~1.EXE

Yahoo! Messenger-->C:\PROGRA~2\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~2\Yahoo!\MESSEN~1\INSTALL.LOG

Yahoo! Software Update-->C:\PROGRA~2\Yahoo!\SOFTWA~1\UNINST~1.EXE

Yahoo! Toolbar-->C:\PROGRA~2\Yahoo!\Common\UNYT_W~1.EXE

Yammer-->msiexec /qb /x {A81EB5BC-F764-308A-B979-0F8F078DAB29}

Yammer-->MsiExec.exe /I{A81EB5BC-F764-308A-B979-0F8F078DAB29}

======Hosts File======

127.0.0.1 new.localhost

127.0.0.1 week_3.localhost

127.0.0.1 views.localhost

127.0.0.1 week_6.localhost

127.0.0.1 week_7_theming.localhost

127.0.0.1 week8_panels.localhost

127.0.0.1 week_8_context_module.localhost

127.0.0.1 philly_station_test.localhost

127.0.0.1 week_9_extras.localhost

127.0.0.1 drupaltest.localhost

======Environment variables======

"asl.log"=Destination=file

"ComSpec"=%SystemRoot%\system32\cmd.exe

"FP_NO_HOST_CHECK"=NO

"NUMBER_OF_PROCESSORS"=8

"OS"=Windows_NT

"Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;C:\ProgramData\Propeople\Drush;C:\Program Files (x86)\GnuWin32\bin;C:\wamp\bin\php\php5.3.8;C:\wamp\bin\mysql\mysql5.5.16\bin;C:\Program Files\SlikSvn\bin;C:\bin

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

"PROCESSOR_ARCHITECTURE"=AMD64

"PROCESSOR_IDENTIFIER"=Intel64 Family 6 Model 42 Stepping 7, GenuineIntel

"PROCESSOR_LEVEL"=6

"PROCESSOR_REVISION"=2a07

"PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"UGII_BASE_DIR"=C:\Program Files (x86)\UGS\NX 7.5

"UGII_CAST_HTML_DIR"=C:\Program Files (x86)\UGS\NX 7.5\nxcast\html

"UGII_CAST_HTML_URL"=C:\Program Files (x86)\UGS\NX 7.5\nxcast\html\index.html

"UGII_LANG"=english

"UGII_ROOT_DIR"=C:\Program Files (x86)\UGS\NX 7.5\UGII\

"UGS_LICENSE_SERVER"=28000@bobingham-pc

"USERNAME"=SYSTEM

"VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\

"windir"=%SystemRoot%

"windows_tracing_flags"=3

"windows_tracing_logfile"=C:\BVTBin\Tests\installpackage\csilogfile.log

"RGSCLauncher"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club

"RGSC"=C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\1_0_0_0

-----------------EOF-----------------

Security Check checkup.txt (had pop-up error msg while running)

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

Wise Registry Cleaner 7.62

Java™ 6 Update 25

Java 7 Update 9

Adobe Flash Player 11.5.502.146

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Firefox (17.0.1)

Google Chrome 19.0.1084.46

Google Chrome 19.0.1084.52

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

Google Chrome 23.0.1271.91

Google Chrome 23.0.1271.95

Google Chrome 23.0.1271.97

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 1%

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Security Check checkup.txt (had pop-up error msg while running)

Results of screen317's Security Check version 0.99.56

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

WMI entry may not exist for antivirus; attempting automatic update.

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.70.0.1100

Wise Registry Cleaner 7.62

Java™ 6 Update 25

Java 7 Update 9

Adobe Flash Player 11.5.502.146

Adobe Reader 10.1.4 Adobe Reader out of Date!

Mozilla Firefox (17.0.1)

Google Chrome 19.0.1084.46

Google Chrome 19.0.1084.52

Google Chrome 22.0.1229.94

Google Chrome 23.0.1271.64

Google Chrome 23.0.1271.91

Google Chrome 23.0.1271.95

Google Chrome 23.0.1271.97

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 1%

````````````````````End of Log``````````````````````

BitDefender Report 2013-01-10 17.07.44

QuickScan 32-bit v0.9.9.118

---------------------------

Scan date: Thu Jan 10 17:07:44 2013

Machine ID: 2A747BE0

No infection found.

-------------------

Processes

---------

Adobe Acrobat Update Service 1760 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

avast! Antivirus 1476 C:\Program Files\AVAST Software\Avast\AvastSvc.exe

avast! Antivirus 5416 C:\Program Files\AVAST Software\Avast\AvastUI.exe

Dropbox 5552 C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe

Intel® Active Management Technology L 4484 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

Intel® Management and Security Applic 6180 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

IviRegMgr Module 4940 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

Java™ Platform SE Auto Updater 2 0 196 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

KeNotify Application 5628 C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe

Microsoft Office 2010 10936 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

Microsoft OneNote 5756 C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

MobileDeviceService 1800 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

PsiService System Service 1496 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

SetPoint32.exe 2468 C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe

Skype 1100 C:\Program Files (x86)\Skype\Phone\Skype.exe

TOSHIBA Wireless Display Monitor 3084 C:\Program Files (x86)\Toshiba\widimon\widimon.exe

Window Washer 2356 C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe

Window Washer 5708 C:\Program Files (x86)\Webroot\Washer\wwDisp.exe

Windows® Internet Explorer 6548 C:\Program Files (x86)\Internet Explorer\iexplore.exe

Windows® Internet Explorer 8516 C:\Program Files (x86)\Internet Explorer\iexplore.exe

Windows® Internet Explorer 11976 C:\Program Files (x86)\Internet Explorer\iexplore.exe

XMail.exe 2416 C:\Program Files (x86)\acquia-drupal\xmail\XMail.exe

Yahoo! Mail 5764 C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe

Yahoo! Messenger 4804 C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe

Yahoo! Toolbar Assistant 6400 C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe

Yammer.exe 2576 C:\Program Files (x86)\Yammer\Yammer.exe

Yammer.exe 5896 C:\Program Files (x86)\Yammer\Yammer.exe

(verified) GoogleToolbarNotifier 4588 C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

(verified) Microsoft® .NET Framework 8756 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(verified) Yahoo! AutoUpdater 2436 C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

Network activity

----------------

Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 67.228.168.216

Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 67.228.168.216

Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 67.228.168.216

Process AvastSvc.exe (1476) connected on port 80 (HTTP) --> 77.234.40.52

Process Yammer.exe (2576) connected on port 443 (HTTP over SSL) --> 204.152.18.206

Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13

Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13

Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13

Process AvastUI.exe (5416) connected on port 80 (HTTP) --> 23.64.158.13

Process Dropbox.exe (5552) connected on port 80 (HTTP) --> 199.47.217.146

Process Yammer.exe (5896) connected on port 443 (HTTP over SSL) --> 204.152.18.206

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 23.64.159.139

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 23.64.159.139

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 68.142.250.142

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 173.194.37.109

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 173.194.37.109

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 72.21.81.253

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.161

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.161

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.205

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.229.205

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.130.104

Process iexplore.exe (6548) connected on port 80 (HTTP) --> 74.125.130.104

Process iexplore.exe (8516) connected on port 80 (HTTP) --> 68.142.250.161

Process iexplore.exe (8516) connected on port 80 (HTTP) --> 216.39.54.32

Process XMail.exe (2416) listens on ports: 25 (SMTP), 6017, 6018

Process BitTorrent.exe (5232) listens on ports: 42203

Process Dropbox.exe (5552) listens on ports: 17500

Autoruns and critical files

---------------------------

HWSetup C:\Program Files\TOSHIBA\Utilities\HWSetup.exe

Adobe Reader and Acrobat Manager C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

Adobe® Flash® Player Update Service C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Apple Push C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastUI.exe

CheckUpdate.exe C:\Program Files (x86)\Xvid\CheckUpdate.exe

DAEMON Tools Lite C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

Dropbox C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe

Java™ Platform SE Auto Updater 2 0 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

KeNotify Application C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe

Logitech SetPoint C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe

Microsoft OneNote C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

Microsoft® Windows® Operating System C:\windows\system32\userinit.exe

Skype C:\Program Files (x86)\Skype\Phone\Skype.exe

SVPWUTIL Application C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe

TOSHIBA Service Station C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

TOSHIBA Sleep C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

Window Washer C:\Program Files (x86)\Webroot\Washer\wwDisp.exe

Yahoo! Mail C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe

Yahoo! Messenger C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

Yammer.exe C:\Program Files (x86)\Yammer\Yammer.exe

(verified) Google Update C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(verified) GoogleToolbarNotifier C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

Browser plugins

---------------

AcroIEHelperShim Library c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll

Adobe Acrobat C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

avast! Antivirus c:\program files\avast software\avast\aswwebrepie.dll

Best Buy pc app Detector C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll

Bitdefender QuickScan C:\Windows\Downloaded Program Files\qsax.dll

Freemake np-plugin for google chrome C:\Users\Bob Ingham\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll

Google Earth Plugin C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

Google Toolbar for Internet Explorer c:\program files (x86)\google\google toolbar\googletoolbar_32.dll

Google Update C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

Java Deployment Toolkit 7.0.90.5 C:\windows\SysWOW64\npDeployJava1.dll

Java™ Platform SE 7 U9 C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

Java™ Platform SE 7 U9 C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

Java™ Platform SE 7 U9 C:\Program Files (x86)\Java\jre7\bin\ssv.dll

Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL

Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL

Microsoft Office 2010 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

Microsoft® CoReXT C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

Microsoft® CoReXT C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

Microsoft® Windows® Operating System C:\windows\system32\mswsock.dll

Microsoft® Windows® Operating System C:\windows\system32\NLAapi.dll

NPSWF32_11_5_502_146.dll C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

Silverlight Plug-In c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

TOSHIBA Media Controller Plug-in c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll

WebEx Download Module C:\windows\Downloaded Program Files\ieatgpc.dll

Windows Activation Technologies C:\windows\system32\Wat\npWatWeb.dll

Windows Live™ Photo Gallery C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

Windows® Internet Explorer C:\Windows\SysWOW64\ieframe.dll

Yahoo Application State Plugin C:\Program Files (x86)\Yahoo!\Shared\npYState.dll

Yahoo! Single Instance for Mail C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

Yahoo! Toolbar C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

(verified) Microsoft® Windows® Operating System C:\windows\system32\napinsp.dll

(verified) Microsoft® Windows® Operating System C:\windows\system32\pnrpnsp.dll

(verified) Microsoft® Windows® Operating System C:\windows\System32\winrnr.dll

Scan

----

MD5: bfc0d872f29652cf21382b25903acf3b C:\Program Files (x86)\acquia-drupal\xmail\LIBEAY32.dll

MD5: 41afac67eb06ddf8f38a2412265617cb C:\Program Files (x86)\acquia-drupal\xmail\SSLEAY32.dll

MD5: 1619a3283d9125d44116a1ee9143e035 C:\Program Files (x86)\acquia-drupal\xmail\XMail.exe

MD5: 84cbd6f6aa7ee399fbdc265b8ea64474 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

MD5: c3125fee4c351ca868ec6640b7752d42 C:\Program Files (x86)\BandiMPEG1\bdfilters.dll

MD5: d0a12ed17be1366cb59845937da3b854 C:\Program Files (x86)\BitTorrent\BitTorrent.exe

MD5: d3cfdde30b24b1266030f75baf337660 c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll

MD5: 9d680c0dfbd26a3f8f1d5ad424439f23 c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll

MD5: ba0ed7aa3c36a8da27ded1d6b3508158 c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll

MD5: b63e5c7807334a3a8f731062f15462cc C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

MD5: d19c4ee2ac7c47b8f5f84fff1a789d8a C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

MD5: 92da9ede07390b4352b29dd82079e398 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll

MD5: 35ac4b63cbb9fb6b4472913e9948b517 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

MD5: ba02f01be7ed88e8974c798acb3075f5 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll

MD5: 5d76c8cc87d0efbe0b4a3bef6b67ebf0 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll

MD5: 67b539d844f804ebac7a1e3828fde709 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll

MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt46.dll

MD5: 3bde52411df2fe4252c9289f51cb0f7e C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll

MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll

MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll

MD5: 5e33c164dc7fa74728d8a83036c438bb C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MD5: 32d78dcabfb942275e01363d5232c77d C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

MD5: 638c7596b493f5f77db9ef6bad8fe46c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll

MD5: 2dedc3afe3c49b5dae717d0a9bebf298 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.DLL

MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MD5: 7ef47644b74ebe721cc32211d3c35e76 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

MD5: f8ecb748b53a010464f7a63154d75f56 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

MD5: 2c478e667ce27b2b7142f756cf569a9a C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll

MD5: f415a88162d23977b5edae4f0410e903 C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

MD5: 12916e0642e92561c98b18a2a2d01b14 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

MD5: 785f487a64950f3cb8e9f16253ba3b7b C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

MD5: 6d113e9c1210dfa7cba6f92a226c0748 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\1033\MSOINTL.DLL

MD5: e9901a7e569c4156fda69f5c9356b8ed C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

MD5: 911f487f7dd6538ac9fb17dedfd5117f C:\Program Files (x86)\Common Files\Microsoft Shared\office14\mso.dll

MD5: a1cfdef143b1b4047e0fd3510f85de97 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSPTLS.DLL

MD5: 4c0da2b69f8de16e97fcec0e19312923 C:\Program Files (x86)\Common Files\Microsoft Shared\office14\riched20.dll

MD5: 6df2076a4ac5e3655529142917b579a4 C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\USP10.DLL

MD5: 1d9c3d7a1f8838e6280fa3f7d1fe4ed8 C:\Program Files (x86)\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPC.DLL

MD5: cf39a105cd553eed31e2255aff4c6742 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

MD5: 45406ffd87f6ba4345b018e303a64ff1 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\wlidcli.DLL

MD5: 12b79422a23814429cda9e734c58f78f C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

MD5: f036cfb275d0c55f4e45fbbf5f98b3c8 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

MD5: aaa298bddc6033909aebae9547441575 C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

MD5: 5d4bc124faae6730ac002cdb67bf1a1c C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

MD5: b78f4c2c592c87df54e8e0c6aaef3874 C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

MD5: b9497c5acaea521663bffbb321dd3afa c:\program files (x86)\google\google toolbar\googletoolbar_32.dll

MD5: 76e7410b3a308f6960d3ce06dc7874ad C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll

MD5: 917a728a12f25fcf4636858fac9979fa C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

MD5: 586fdc4e02623ee228ec35b9604ae5f2 C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll

MD5: 50c7ce53ef461870410355f1f2e7d515 C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

MD5: d480c9220bfe667de65a46cde80ea7e9 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll

MD5: 374ebda379a8f38e0cfc2211611e7167 C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

MD5: 122f89e0905fc656d56f65cd7a2e9b4d C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll

MD5: 62cbf36e3e10baa74224bc7a6dd998b5 C:\Program Files (x86)\Internet Explorer\ieproxy.dll

MD5: 1d4127fe151165c5fb9c0eed8701a3d1 C:\Program Files (x86)\Internet Explorer\IEShims.dll

MD5: 0d286c0fe561d1a7eb30e83a0ff305b2 C:\Program Files (x86)\Internet Explorer\iexplore.exe

MD5: eb47e405a9222ca595e5e763b4156529 C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

MD5: 67ec459e42d3081dd8fd34356f7cafc1 C:\Program Files (x86)\Java\jre7\bin\msvcr100.dll

MD5: c04fcb7eebeb5097b30468828f20fb9e C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

MD5: a7a6954e500715117b64b414ab81cb44 C:\Program Files (x86)\Java\jre7\bin\ssv.dll

MD5: 970e191fa2ba21844d7103792b6885f6 C:\Program Files (x86)\Logitech\SetPoint\SetPoint.exe

MD5: dcdaa5ad16ae0fd9a71ed7347ab2c236 C:\Program Files (x86)\Logitech\SetPoint\x86\AdobeHookDll.dll

MD5: e23d6338e27442a11578dd284ea4d08c C:\Program Files (x86)\Logitech\SetPoint\x86\AOLHookDll.dll

MD5: 858b5dff1516d0deeae8a129b9eeb005 C:\Program Files (x86)\Logitech\SetPoint\x86\GameHook.dll

MD5: 697743e98dfe021850bd28c4aae990cd C:\Program Files (x86)\Logitech\SetPoint\x86\HookDll.dll

MD5: 9c13b38b77b89283238f79b960e72fff C:\Program Files (x86)\Logitech\SetPoint\x86\IMHook.dll

MD5: 29bb5ae1f5535b909ceee43f21a7ee0d C:\Program Files (x86)\Logitech\SetPoint\x86\KEMHook.dll

MD5: 25e06481510846a7b0447fe8c051dc8f C:\Program Files (x86)\Logitech\SetPoint\x86\lgscroll.dll

MD5: 55709a4daf50eaf99c38aa09e758decd C:\Program Files (x86)\Logitech\SetPoint\x86\MessengerHook.dll

MD5: c316afae719b1c1ce1b903673bc6a641 C:\Program Files (x86)\Logitech\SetPoint\x86\SetPoint32.exe

MD5: 1acaa67676e9e7bda5e0c41b6e0decaf C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

MD5: 916b8954ac3e06dc9e898affb41f3fb6 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

MD5: fc19f3d46e21ef65eea990b8af2076f6 C:\Program Files (x86)\Microsoft Office\Office14\1033\ONINTL.DLL

MD5: 572b3225fd8c1d6c741bee61e8edc5de C:\Program Files (x86)\Microsoft Office\Office14\1033\wwintl.dll

MD5: 53eb8ca63cafc4f07424cd76b58903d1 C:\Program Files (x86)\Microsoft Office\Office14\css7Data0009.dll

MD5: 140cce53806f79c2e45bd198e76dc79e C:\Program Files (x86)\Microsoft Office\Office14\gfx.dll

MD5: a729ecf8e670558dfa3bc260c02126c4 C:\Program Files (x86)\Microsoft Office\Office14\mscss7en.dll

MD5: 47fc5a4a45e883a36aff884b3e6073b1 C:\Program Files (x86)\Microsoft Office\Office14\MSOHEV.DLL

MD5: 7a48223093a2b6fecb00e4360c71dcc2 C:\Program Files (x86)\Microsoft Office\Office14\msproof7.dll

MD5: a0ae3739a2b9a256df984244c763577c C:\Program Files (x86)\Microsoft Office\Office14\oart.dll

MD5: 043fe3c9088beadc6a9ffc033c84f20f C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE

MD5: fd41ecec831c4d85e6fd42a6d5ec1b57 C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\1033\MSGR3EN.DLL

MD5: c5dd903eb57afb76368689f85a8b25d3 C:\Program Files (x86)\Microsoft Office\OFFICE14\PROOF\MSSP7EN.DLL

MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

MD5: c866f8c29508363a09fac5c235855d56 C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

MD5: 0cb194c8b6ce384d3876a698519c4009 C:\Program Files (x86)\Microsoft Office\Office14\wwlib.dll

MD5: 9013599b12923a45c029c34e8d2211ac c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

MD5: 8c7336950f1e69cdfd811cbbd9cf00a2 C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

MD5: 0015113a604b94769ab5159e8dcfc6e6 C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe

MD5: 2c6dfc761f1dae61940c7eae97ebdb19 C:\Program Files (x86)\Skype\Phone\Skype.exe

MD5: a4fab5f7818a69da6e740943cb8f7ca9 C:\Program Files (x86)\Skype\Updater\Updater.exe

MD5: df6f7d5b1c7cae71a24585c54c753013 c:\program files (x86)\toshiba\toshiba media controller plug-in\toshibamediacontrollerie.dll

MD5: 71c321649b28638ee80a2eeb164c1dc8 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

MD5: 1705b6e6e1d883965f32c7d3b8e78ce6 C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe

MD5: bb752714d14cb1f13969d721f1a3a60f C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe

MD5: 1faa54e9ffea6fd3e0cead951cddfef6 C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe

MD5: 5698035892d860a883fcea17a154cab5 C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe

MD5: 169c83471930c8c9945684af8b9b26bc C:\Program Files (x86)\Toshiba\widimon\widimon.exe

MD5: a3a5dcf65b4ac8d98c7e2dd9b58b37a3 C:\Program Files (x86)\UGS\NX 7.5\UGFLEXLM\lmgrd.exe

MD5: 9ad7594cc7c3b2d591505d7a696e2d4f C:\Program Files (x86)\Webroot\Washer\Languages\English.dll

MD5: b2232d645fad62fd49d7d3efcb7b5fb4 C:\Program Files (x86)\Webroot\Washer\sqlite3.dll

MD5: d42b153cd9ac1237b7fac8ba24e1a7e4 C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe

MD5: 709fa812be8459d076abf3eaf7678dd6 C:\Program Files (x86)\Webroot\Washer\wwDisp.exe

MD5: 0a1ff0b674e2f268799442a434a63bb3 C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

MD5: 6d9e1356a9c1b5f36698faff9205e34a C:\Program Files (x86)\Xvid\CheckUpdate.exe

MD5: 7d21171da91a625692daa6e0f27d27b2 C:\Program Files (x86)\Yahoo!\Common\YMailAdvisor.exe

MD5: 01ed3846c78888de27e9ebc8fd8549e3 C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll

MD5: c9fd7471ef07ddf219c2a719ca1b960e C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\ytbb.exe

MD5: 9dfe558b6e48b58fbe230ab94652d2a8 C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

MD5: d6eae5cd8b8f78ed11e9e0db1737c3db C:\Program Files (x86)\Yahoo!\Messenger\resources\en-US\res_msgr.dll

MD5: 1ca2943dc17355330ba5b3efc6ca4537 C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

MD5: cf5905e75bda423ff97a0be4d4e1b499 C:\Program Files (x86)\Yahoo!\Messenger\YImage.dll

MD5: 79fc43289b528cfb49a18d209c1e7e6d C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe

MD5: 0e51b156d7d51d97d6bb730b5dbc8b61 C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

MD5: 6e83e7c3a7a2c5ec6409442ef189f71d C:\Program Files (x86)\Yahoo!\Shared\npYState.dll

MD5: e417576715e736048ebd370fcae0c35d C:\Program Files (x86)\Yammer\Yammer.exe

MD5: b316906b4a04dd39985350d29de31068 C:\Program Files\AVAST Software\Avast\1033\Base.dll

MD5: ab6e3df509c6bd59062f685a40395c23 C:\Program Files\AVAST Software\Avast\1033\UILangRes.dll

MD5: 6f367a9b88cfdd46f42c1d11e5cb7964 C:\Program Files\AVAST Software\Avast\Aavm4h.dll

MD5: c2434dea392826c1687d9bd7fa4845bc C:\Program Files\AVAST Software\Avast\AavmRpch.dll

MD5: f7d4a7047bcb7d3cc70b0dc23e928022 C:\Program Files\AVAST Software\Avast\AhAScr.dll

MD5: 9c09af87ac7351985ab5ffba3fc52575 C:\Program Files\AVAST Software\Avast\AhResBhv.dll

MD5: e844c96552989fa1eca95778583a904c C:\Program Files\AVAST Software\Avast\AhResJs.dll

MD5: 17f5861a03516864a5f4cc04c7324278 C:\Program Files\AVAST Software\Avast\AhResMai.dll

MD5: 8bec10c53e927cd5e442fe332804f1ac C:\Program Files\AVAST Software\Avast\AhResMes.dll

MD5: 9b2f20ecf609edf54fec43e792028261 C:\Program Files\AVAST Software\Avast\AhResNS.dll

MD5: 857661f2e5a677cfb6d3b2cf6e428227 C:\Program Files\AVAST Software\Avast\AhResP2P.dll

MD5: 2466ed58b8efb3320bca73acf8179d24 C:\Program Files\AVAST Software\Avast\AhResStd.dll

MD5: 5d9550e02d981b92b133e5f8f7bdf8d2 C:\Program Files\AVAST Software\Avast\AhResWS.dll

MD5: 55afa63f5f2a6ced0c09e2afe57eca8d C:\Program Files\AVAST Software\Avast\ashBase.dll

MD5: 977c54291bfa6fee7ff865630e51757b C:\Program Files\AVAST Software\Avast\ashServ.dll

MD5: 16ce3ed063923253905341c9af850fe7 C:\Program Files\AVAST Software\Avast\ashTask.dll

MD5: 4ff19ac422b7709d786de58b385c9647 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll

MD5: 13790c4fb6311ece6d6763a7ec2313fb C:\Program Files\AVAST Software\Avast\aswAra.dll

MD5: 045ee3dc56b12b404dc07848d8597c66 C:\Program Files\AVAST Software\Avast\aswAux.dll

MD5: eb398ded91cff2f425610eaa2ccf2a23 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll

MD5: babe99a18a382a5e2f99b48e0bc3e0d4 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll

MD5: 178b51198b7b46cd3c5e744474459a63 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll

MD5: f0e7dec6f7a3610949bded0ca8ccb3ea C:\Program Files\AVAST Software\Avast\aswData.dll

MD5: 264b5d8f4c70a26749ff2cedde06ba30 C:\Program Files\AVAST Software\Avast\aswDld.dll

MD5: c515caec6b3c6970007954c0250a124c C:\Program Files\AVAST Software\Avast\aswEngLdr.dll

MD5: 902f670f58193a2bc30aa342b11b2c7b C:\Program Files\AVAST Software\Avast\aswIdle.dll

MD5: 124715cd10c62a78404f1a3b1048d062 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll

MD5: fca9cc8611654b790dd6242bf862b7f5 C:\Program Files\AVAST Software\Avast\aswLog.dll

MD5: 12b9869e74f9e698f550f04f8989c591 C:\Program Files\AVAST Software\Avast\aswProperty.dll

MD5: f186897e0a3b9d0784041221d0265069 C:\Program Files\AVAST Software\Avast\aswSqLt.dll

MD5: 273fd83fc8c4e12f8c55381674f92a44 C:\Program Files\AVAST Software\Avast\aswStrm.dll

MD5: 179eed57fed3c7422a559633641032ba C:\Program Files\AVAST Software\Avast\aswUtil.dll

MD5: dfce15e59b8ac862b8e3ca6e43fe33f8 c:\program files\avast software\avast\aswwebrepie.dll

MD5: 8fa553e9ae69808d99c164733a0f9590 C:\Program Files\AVAST Software\Avast\AvastSvc.exe

MD5: 083649ef692a066880c9326020915afe C:\Program Files\AVAST Software\Avast\AvastUI.exe

MD5: ab04c6ce5df23819b914f822e9aa0edf C:\Program Files\AVAST Software\Avast\CommonRes.dll

MD5: 74ad964aa7df00395aa9df1209f142d3 C:\Program Files\AVAST Software\Avast\defs\13011000\algo.dll

MD5: d94e28dcd7ece4fb522e42b11a355980 C:\Program Files\AVAST Software\Avast\defs\13011000\aswCmnBS.dll

MD5: d4a7d2f81ff187b20abd95f8ad788b6d C:\Program Files\AVAST Software\Avast\defs\13011000\aswCmnIS.dll

MD5: 24a64ba361e24cfca2e68dbe66584957 C:\Program Files\AVAST Software\Avast\defs\13011000\aswCmnOS.dll

MD5: e5b6c6acdbe581af7b9f6d9dcf4d9de8 C:\Program Files\AVAST Software\Avast\defs\13011000\aswEngin.dll

MD5: 605cb6d612f3ac6abf0c944893b5082d C:\Program Files\AVAST Software\Avast\defs\13011000\aswFiDb.dll

MD5: 39e5000f00d779c139e5e11368b36a44 C:\Program Files\AVAST Software\Avast\defs\13011000\aswRep.dll

MD5: 65f140a94ca3524968d341b80651bebd C:\Program Files\AVAST Software\Avast\defs\13011000\aswScan.dll

MD5: 33c8847c17bc00ecc1b06240a6ceafbf C:\Program Files\AVAST Software\Avast\defs\13011000\uiExt.dll

MD5: d79d3eabd4730970770efa530d094e0f C:\Program Files\AVAST Software\Avast\snxhk.dll

MD5: 18505d90fee940ee9eae4c5b421f22b4 C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

MD5: 88e52495b47c67126b510af53fdb0bc7 C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

MD5: afb5b500ad69e24ed1bc15d1161641ef C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

MD5: 2bacd71123f42cea603f4e205e1ae337 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

MD5: 57e61dc4f7980d57c0b162fc5b9f0b38 C:\Program Files\Intel\WiFi\bin\EvtEng.exe

MD5: 50b99d53bc013458381c6476d790c9f3 C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

MD5: 245ea6a2cfae7b183ee9a14a4673b1f1 C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

MD5: e7b489fa5b15d2fec3e52066e015b788 C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

MD5: 1c73689b900428c7d054a41c4687f55c C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

MD5: 63aafcf3ea5dbb17123e0bae9afe4d58 C:\Program Files\TOSHIBA\TECO\TecoService.exe

MD5: 29d0886cf250fcef1bf9e65ab8d2c0c8 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

MD5: 098b8a408c17e125a3d9a8e1166780c8 C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

MD5: d46214e72d863fdc48a887ce21693d49 C:\Program Files\TOSHIBA\Utilities\HWSetup.exe

MD5: 06c8fa1cf39de6a735b54d906ba791c6 C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

MD5: a9f3bfc9345f49614d5859ec95b9e994 C:\Program Files\Windows Media Player\wmpnetwk.exe

MD5: 8a67413465b16698d3ac2e7ac1d5ffd2 C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll

MD5: 8deff623811cbf594d0ab68705fe80c6 C:\Users\Bob Ingham\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\npFreemake.dll

MD5: 2f01b303dc54c4d6a82596f6813ba4f6 C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\Dropbox.exe

MD5: d1f4ef194a129726fbf30e2f514824aa C:\Users\Bob Ingham\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll

MD5: 5cf6e9a685199445fee02fe8c191c9ba c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe

MD5: 3c533761ec447a65f865695e86e7f15c c:\wamp\bin\mysql\mysql5.5.16\bin\mysqld.exe

MD5: 9c17dcd6ddfeb1a012544faf4f2789f6 C:\windows\AppPatch\AcGenral.DLL

MD5: c0cf56a4a837f43cf08aba9985be7ad4 C:\windows\Downloaded Program Files\ieatgpc.dll

MD5: 56940b50ab0e5923822f47b0e4463885 C:\Windows\Downloaded Program Files\qsax.dll

MD5: c4002b6b41975f057d98c439030cea07 C:\windows\ehome\ehRecvr.exe

MD5: 332feab1435662fc6c672e25beb37be3 C:\windows\Explorer.exe

MD5: 5988fc40f8db5b0739cd1e3a5d0d78bd C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

MD5: a8b7f3818ab65695e3a0bb3279f6dce6 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

MD5: 82a98d0eb83505529ad81e4c1fadc37d C:\windows\Microsoft.NET\Framework\v4.0.30319\clr.dll

MD5: f5df6846f30e9f54ea60ccaeb3fb2055 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll

MD5: ab690cd34cf4b4e3ddf78fd4fbcf88c3 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvc.dll

MD5: 773212b2aaa24c1e31f10246b15b276c C:\windows\servicing\TrustedInstaller.exe

MD5: 3c3685c29eef909266f124a184f849e6 C:\windows\system32\api-ms-win-core-console-l1-1-0.dll

MD5: 139590e1c420a439f23f261979a59bc4 C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll

MD5: a2c23b02dc32aa8d3801b84fb54137a6 C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll

MD5: 1697959965bc58308d046048a69e6c1e C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll

MD5: 50a078c76d94014b61238f1118b6e02c C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

MD5: caf11064a276247fe9f30ab06c4f2f2c C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll

MD5: d433e08b64837534afb786e454bab61e C:\windows\system32\api-ms-win-core-file-l1-1-0.dll

MD5: 72d37545bc03b38537c3acc7fa8fca3a C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll

MD5: 7978b487e3fbbc666a494ebecbfb26a9 C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll

MD5: d7573a8d927b68f962bd0b5da6603eef C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

MD5: 1818ccee5cfc3fcc876f42643109f2c0 C:\windows\system32\api-ms-win-core-io-l1-1-0.dll

MD5: b4fcce5ba0990ae78809379cb0c3873c C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

MD5: cbe6c675d3b10e48ef7b25a5ff07b46d C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll

MD5: 4a01572d2030d49ceb0a319de0bff53c C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

MD5: c1fa7d1a6548037873c90d4eee34df2b C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll

MD5: ec0a0e7b3537bb2912221d4933216727 C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll

MD5: 73af314c216f08a1c97bc03ecad3a423 C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

MD5: 3b319cc2334ac0d15be25a5994065f13 C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

MD5: 0e3ceb4fce14af72fbaaae754a7c136a C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

MD5: 6b28d57a511929227ff1c8f412c1a3f9 C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll

MD5: 2a1a2c962bb789ef8ee8cf8cb8f100c0 C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

MD5: bc24199038f4be63a1825cf168408120 C:\windows\system32\api-ms-win-core-string-l1-1-0.dll

MD5: 63416d211d4b15fd841a21e508081f4c C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll

MD5: 6f08cabf92af8fab3509dd9f313b83f9 C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

MD5: 1a208f0ceb6de90a7ee3d4469b3a88ba C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

MD5: 97188f405255248ac8316001411d9cc5 C:\windows\system32\api-ms-win-core-util-l1-1-0.dll

MD5: 2b9b097c293696dbc473cef9f623c980 C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll

MD5: 2330b3912a579f8a3feea001b79f6a11 C:\windows\system32\api-ms-win-security-base-l1-1-0.dll

MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\windows\system32\apphelp.dll

MD5: 088cf5b6380fb9002f2a4246f812225d C:\windows\system32\asycfilt.dll

MD5: c940f2f5c60b3727c5f18840735b229c C:\windows\system32\AUDIOSES.DLL

MD5: 560297f44935b93ef15e8c55f9816878 C:\windows\system32\bdmpega.acm

MD5: ad7b9c14083b52bc532fba5948342b98 C:\windows\system32\cmd.exe

MD5: d1de1eafde97be41cf6585027ff3e732 C:\windows\System32\comdlg32.dll

MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\windows\system32\credssp.dll

MD5: ca79539d3d4c0ba66f0f051a5ee5e923 C:\windows\system32\cryptnet.dll

MD5: 96c0e38905cfd788313be8e11dae3f2f C:\windows\system32\cryptsvc.dll

MD5: 28ca821606669bb9215ce010767720fa C:\windows\system32\cryptui.dll

MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\windows\system32\cscapi.dll

MD5: 35cede6439ff0d8903223a0817ffe46c C:\windows\system32\d2d1.dll

MD5: 2de90400a63818fa38c4c5c9adb166bf C:\windows\system32\d3d10_1.dll

MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\windows\system32\d3d10_1core.dll

MD5: 78b7a3bda25c90daa50d36a56a8d1351 C:\windows\system32\D3D10Warp.dll

MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\windows\system32\d3d9.dll

MD5: 284b59d7b56fc76c80e622ab856b1fab C:\windows\system32\DavClnt.DLL

MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\windows\system32\dbghelp.dll

MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\windows\system32\dhcpcore.dll

MD5: 81f6c1ae23b1c493d9e996c3103915d7 C:\windows\system32\dhcpcsvc6.DLL

MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\windows\system32\DNSAPI.dll

MD5: f5cf06754ae54d9d3353fc9c59bc4e04 C:\windows\System32\DRIVERS\papycpu2.sys

MD5: b09a71e8e1e127455f3a2fe83d38851f C:\windows\System32\DRIVERS\papyjoy.sys

MD5: a29d734f650f958424743be3baa052c8 C:\windows\system32\DWrite.dll

MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\windows\system32\dxgi.dll

MD5: 1060d60cca69a8136a87dbe3c8f4a467 C:\windows\system32\EhStorAPI.dll

MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\windows\system32\explorer.exe

MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\windows\system32\explorerframe.dll

MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\windows\System32\fwpuclnt.dll

MD5: 5466dcaef5a648e04d1b6580f2c901b5 C:\windows\system32\ieframe.dll

MD5: f9d038a8c2bdc3ae2548150a7aed0f8a C:\windows\system32\IEUI.dll

MD5: afcd28b2ae82bd2bed74ab320182282e C:\windows\system32\igd10umd32.dll

MD5: 43cecd58e8e9be59dca4565040619203 C:\windows\system32\igdumd32.dll

MD5: 72f4c9617260eb57e1e8945d23a13984 C:\windows\system32\igdumdx32.dll

MD5: a6f09e5669d9a19035f6d942caa15882 C:\windows\system32\IMM32.DLL

MD5: a90dc9abd65db1a8902f361103029952 C:\windows\system32\Iphlpapi.dll

MD5: f2394835bb47efa3f8c0ee705af87cd8 C:\windows\system32\l3codecp.acm

MD5: 8ea53101ff2b15bdff934b62a8fb326d C:\windows\system32\LOGONCLI.DLL

MD5: 8bc9db92c4b2f3be89185beab2afc1f6 C:\windows\system32\mapi32.dll

MD5: dc6612a9ee015a36ba2a27bc9cc12537 C:\windows\system32\MFC42.DLL

MD5: 243974ec02f7ae49e4179c54624143ab C:\windows\System32\MMDevApi.dll

MD5: 7f8678c59f188528d60104e697c2361e C:\windows\system32\mscms.dll

MD5: d83947a58613e9091b4c9cc0f1546a8d C:\windows\system32\mscoree.dll

MD5: e290e3fdf645df29d00d6368b9127e30 C:\windows\system32\msfeeds.dll

MD5: 07f649cd36f266bbe33b814fa678aa43 C:\windows\system32\MSHTML.dll

MD5: a6c29db53eca94fa8591c5388d604b82 C:\windows\system32\msi.dll

MD5: eee470f2a771fc0b543bdeef74fceca0 C:\windows\system32\msiexec.exe

MD5: 35aae2e841aa1a949775168e119482c9 C:\windows\system32\msls31.dll

MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\windows\system32\mswsock.dll

MD5: 1cdea9188899e76d4ffd54c9d512ccdb C:\windows\System32\msxml3.dll

MD5: d9a9702e43a5859896f34898d5fd3fec C:\windows\System32\msxml6.dll

MD5: 591fe0a6ceb19bf886ceb1331f591940 C:\windows\system32\ncrypt.dll

MD5: 2fca0d2c59a855c54bafa22aa329df0f C:\windows\system32\NetApi32.dll

MD5: 20b3934db73eaba2b49b7177873cb81f C:\windows\system32\netutils.dll

MD5: 3d57ffbad3ed16b63de3879bab0fb56f C:\windows\system32\NetworkExplorer.dll

MD5: 0ba65122ffa7e37564ee86422dbf7ae8 C:\windows\system32\NLAapi.dll

MD5: d7b7159bc8374e87d8c45a30377a3440 C:\windows\System32\ntlanman.dll

MD5: 03f3b770dfbed6131653ceda8ca780f0 C:\windows\system32\ntshrui.dll

MD5: 7d34af98a706230cc2dedfe0cabf87ab C:\windows\system32\ODBC32.dll

MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\windows\system32\oleacc.dll

MD5: 703ffd301ab900b047337c5d40fd6f96 C:\windows\system32\olepro32.dll

MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\windows\system32\pla.dll

MD5: e98278865e8daba21cfe5fe4be34210a C:\windows\system32\PortableDeviceApi.dll

MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\windows\system32\propsys.dll

MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\windows\system32\provsvc.dll

MD5: 102cf6879887bbe846a00c459e6d4abc C:\windows\system32\RICHED20.dll

MD5: b5506b451bfe7148eca7056bda2970bd C:\windows\system32\RICHED32.DLL

MD5: 5997d769cdb108390dcfaebf442bf816 C:\windows\system32\RpcRtRemote.dll

MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\windows\system32\rtutils.dll

MD5: 68ecca523ed760aafc03c5d587569859 C:\windows\system32\samcli.dll

MD5: 6581b52e133cc6d00661c58968c7e212 C:\windows\system32\SearchFolder.dll

MD5: 236f286e103fd44bd85fdd93097fd5dd C:\windows\system32\SearchIndexer.exe

MD5: f93674263f6b07c77956e966953242d9 C:\windows\system32\Secur32.dll

MD5: 4ae380f39a0032eab7dd953030b26d28 C:\windows\system32\sessenv.dll

MD5: be247ae996a9fde007a27b51413a6c79 C:\windows\System32\shdocvw.dll

MD5: 414da952a35bf5d50192e28263b40577 C:\windows\System32\shsvcs.dll

MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\windows\system32\srvcli.dll

MD5: 6a1e8deb746912df47cf651e138401d7 C:\windows\System32\StructuredQuery.dll

MD5: ecdb182f885292145826c58252b53000 C:\windows\System32\svchost.exe

MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\windows\system32\SXS.DLL

MD5: 6b140b1382f1fe04ba57b196aeb19725 C:\windows\system32\T2EMBED.DLL

MD5: 613bf4820361543956909043a265c6ac C:\windows\System32\tapisrv.dll

MD5: 954ea9b34f155c844b11f4047a8f6f89 C:\windows\system32\upnp.dll

MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\windows\system32\USERENV.dll

MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 C:\windows\system32\userinit.exe

MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\windows\system32\wbem\fastprox.dll

MD5: 704314fd398c81d5f342caa5df7b7f21 C:\windows\system32\wbemcomn.dll

MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\windows\System32\wcncsvc.dll

MD5: d205c24a9d069049fe2df2a1b38726a7 C:\windows\system32\wdmaud.drv

MD5: a9d880f97530d5b8fee278923349929d C:\windows\System32\webclnt.dll

MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\windows\system32\webio.dll

MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\windows\system32\WindowsCodecs.dll

MD5: ca9f7888b524d8100b977c81f44c3234 C:\windows\system32\WINHTTP.dll

MD5: d5aefad57c08349a4393d987df7c715d C:\windows\system32\winmm.dll

MD5: 9419abf3163b6f0e3ad3dd2b381c879f C:\windows\system32\WinSCard.dll

MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\windows\system32\winspool.drv

MD5: 418e881201583a3039d81f43e39e6c78 C:\windows\system32\WINSTA.dll

MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\windows\system32\wkscli.dll

MD5: a8cdf3768604ff95b54669e20053d569 C:\windows\system32\WSCAPI.dll

MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\windows\system32\WsmSvc.dll

MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\windows\system32\wtsapi32.dll

MD5: edf2a5e96bec469da3f64e9bdd386111 C:\windows\system32\XmlLite.dll

MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\SysWOW64\actxprxy.dll

MD5: 95e2376b3323f062eb562b8586d0f14a C:\windows\syswow64\ADVAPI32.dll

MD5: f436e847fa799ecd75ad8c313673f450 C:\windows\syswow64\CFGMGR32.dll

MD5: d1de1eafde97be41cf6585027ff3e732 C:\windows\syswow64\comdlg32.dll

MD5: 60d21799a4af4edce65fb98830e4b0c8 C:\windows\syswow64\CRYPT32.dll

MD5: 2eeff4502f5e13b1bed4a04ccad64c08 C:\windows\syswow64\DEVOBJ.dll

MD5: 4312debdacbe338f0b90e7f08e7672be C:\Windows\SysWOW64\Dxtmsft.dll

MD5: ca493a92da9880b6f1a89c3dbd54ba5b C:\Windows\SysWOW64\Dxtrans.dll

MD5: 19bc13711ac403feb830522e4831701b C:\Windows\SysWOW64\gameux.dll

MD5: d6d3ad7bf1d6f6ce9547613ed5e170a2 C:\windows\syswow64\GDI32.dll

MD5: 5466dcaef5a648e04d1b6580f2c901b5 C:\Windows\SysWOW64\ieframe.dll

MD5: 780e80e5502015edaec91dc0a0c96a79 C:\windows\syswow64\iertutil.dll

MD5: 6f1e7ea743f00c0d3a534183ef5a7466 C:\windows\SysWOW64\igfxexps32.DLL

MD5: b2db6aba2e292235749b80a9c3dfa867 C:\windows\syswow64\imagehlp.dll

MD5: a6f09e5669d9a19035f6d942caa15882 C:\windows\syswow64\IMM32.dll

MD5: 0a866897039e42df8080be5dd83bc8e0 C:\Windows\SysWOW64\jscript.dll

MD5: a3fa99a16f10d44edb7a8c340fa2ee1b C:\Windows\SysWOW64\jscript9.dll

MD5: d4f3176082566cefa633b4945802d4c4 C:\windows\syswow64\KERNEL32.dll

MD5: 0978c2b33bdd0a7e6c563aa337dc8ba0 C:\windows\syswow64\KERNELBASE.dll

MD5: 7e57b6d3d74cb9ef3055ba4e89f038d4 C:\windows\SysWOW64\Macromed\Flash\Flash32_11_5_502_146.ocx

MD5: 424877cb9d5517f980ff7baca2eb379d C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

MD5: 9ac863fd5976316c29d4cb5e4c9efd9c C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

MD5: 938f39b50bafe13d6f58c7790682c010 C:\windows\syswow64\MSASN1.dll

MD5: 07f649cd36f266bbe33b814fa678aa43 C:\Windows\SysWOW64\mshtml.dll

MD5: 9dc80a8aaaaac397bdab3c67165a824e C:\windows\syswow64\msvcrt.dll

MD5: 2c82d753ef779945977c82a3908da20a C:\windows\SysWOW64\npDeployJava1.dll

MD5: e73b0f1819602cb6ef176fb78d76a47b C:\windows\SysWOW64\ntdll.dll

MD5: 928cf7268086631f54c3d8e17238c6dd C:\windows\syswow64\ole32.dll

MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\windows\syswow64\OLEAUT32.dll

MD5: c5ad8083cf94201f1f8084ecc696a8b7 C:\windows\syswow64\RPCRT4.dll

MD5: 3d3cbd1847f980fb03343a63671e7886 C:\windows\SysWOW64\schannel.dll

MD5: 10fb16b50affda6d44588f3c445dc273 C:\windows\syswow64\SETUPAPI.dll

MD5: 29e9794708df51db5dc89fb2e903a0f6 C:\windows\syswow64\SHELL32.dll

MD5: 8cc3c111d653e96f3ea1590891491d71 C:\windows\syswow64\SHLWAPI.dll

MD5: eda7ad21df8945528f01f0a86d69e524 C:\windows\syswow64\SspiCli.dll

MD5: 672d7c5080acb003343006405da2e621 C:\Windows\SysWOW64\thumbcache.dll

MD5: 4266a3230981dd4434c55957f6dd497d C:\windows\syswow64\urlmon.dll

MD5: 5e0db2d8b2750543cd2ebb9ea8e6cdd3 C:\windows\syswow64\USER32.dll

MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\windows\syswow64\USP10.dll

MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\SysWOW64\wer.dll

MD5: 7fa3a810f383588d46220967de8b64ff C:\windows\syswow64\WININET.dll

MD5: 17448af0bba9e7ab5ec955af93f271bd C:\windows\syswow64\wintrust.dll

MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\windows\syswow64\WLDAP32.dll

MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\windows\syswow64\WS2_32.dll

MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\SysWOW64\XmlLite.dll

MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll

MD5: c9564cf4976e7e96b4052737aa2492b4 C:\windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll

MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll

MD5: cdbe9690cf2b8409facad94fac9479c9 C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll

MD5: ca6ade4f7761bb15b3325356dc3b82bb C:\windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll

MD5: fbfca1a574d47ee575448b719cbbf2e4 C:\windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL

MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll

MD5: 352b3dc62a0d259a82a052238425c872 C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

MD5: 7717f84f483002815490033bf069dabd C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\gdiplus.dll

No file uploaded.

Scan finished - communication took 3 sec

Total traffic - 0.02 MB sent, 1.20 KB recvd

Scanned 501 files and modules - 116 seconds

==============================================================================

Link to post
Share on other sites

Hello chopperbob,

  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes.
  • On the RogueKiller console, click the Registry tab.
    Put a check next to all of these and uncheck the rest: (if found)
    [DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND
    [DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND
  • Then click on Delete on the right hand column under Options.
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Maurice,

Did you intentionally omit instructing me to run a scan after "Delete" any of the listed registries (if found) before I reboot? BTW, there were absolutely no registries listed. Since there's no listed registries to delete, I'm going to go ahead and scan.

RKreport[2]_S_01122013_02d1718.txt

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Bob Ingham [Admin rights]

Mode : Scan -- Date : 01/12/2013 17:18:35

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Guest : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 new.localhost

127.0.0.1 week_3.localhost

127.0.0.1 views.localhost

127.0.0.1 week_6.localhost

127.0.0.1 week_7_theming.localhost

127.0.0.1 week8_panels.localhost

127.0.0.1 week_8_context_module.localhost

127.0.0.1 philly_station_test.localhost

127.0.0.1 week_9_extras.localhost

127.0.0.1 localhost

127.0.0.1 drupaltest.localhost

127.0.0.1 rideau.localhost

127.0.0.1 upp_edu_sa.localhost

127.0.0.1 mediacurrent.localhost

127.0.0.1 knitrowan.localhost

192.168.1.105 rideau.ubuntu

192.168.1.105 ubuntu

127.0.0.1 drupalville.localhost

127.0.0.1 ostraining_intermediate.localhost

127.0.0.1 65.52.240.48

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] 0b292c56c97b6fbfa1b1d56de2f48584

[bSP] a27490fbeb28f455b23c4767051a7e3d : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 698469 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1433538560 | Size: 15434 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_S_01122013_02d1718.txt >>

RKreport[1]_S_01102013_02d1714.txt ; RKreport[2]_S_01122013_02d1718.txt

Link to post
Share on other sites

Need these 2 entries deleted using Roguekiller & only these 2

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND

2

Be very aware that there's a new Java runtime vulnerability

Java Zero-Day (Again), Time To Disable/Remove Java http://securitygarden.blogspot.com/2013/01/java-zero-day-again-time-to.html

You are urged to disable java running in your browsers.

kb.cert.org Article: http://goo.gl/e2DAI

&

How to disable Java: http://goo.gl/pxIvG

3

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

Double click DeFogger to run the tool.

The application window will appear

Click the Disable button to disable your CD Emulation drivers.

Click Yes to continue

A 'Finished!' message will appear

Click OK

DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

4

Windows services

This will be a batch-run . This is for this system only !

  • Press the Windows-key on keyboard.
  • In the 10-16-2011%204-33-46%20PM.png box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.
    @Echo off
    sc stop wuauserv
    sc stop bits
    sc config dcomlaunch start= auto
    sc config nsi start= auto
    sc config dhcp start= auto
    sc config rpcss start= auto
    sc config winmgmt start= auto
    sc config wscsvc start= delayed-auto
    sc config bits start= delayed-auto
    sc config wuauserv start= delayed-auto
    sc config sdrsvc start= manual
    sc config vss start= auto
    sc config eventlog start= auto
    sc config bfe start= auto
    sc config eventsystem start= auto
    sc start sdrsvc
    sc start vss
    sc start rpcss
    sc start eventsystem
    sc start bfe
    sc start bits
    sc start wuauserv
    shutdown -r -t 1
    del %0


  • Select File -> Save AS.
  • Press the Desktop button on the left side of the save dialog.
  • In the 10-16-2011%204-37-58%20PM.png box, type in Fix.bat.
  • Press 10-16-2011%204-36-39%20PM.png.
  • Close Notepad.
  • Right click Fix.bat on your desktop, and choose 10-16-2011%204-40-48%20PM.png.
  • Press Yes if prompted by User Account Control.

This procedure will do its tasks and then it will Restart Windows.

Link to post
Share on other sites

Maurice,

Okay, diabled Avast!, MalWarebytes Pro, and Windows Firewall, again, and this time ran RogueKiller scan then deleted both registries and rebooted. Here's the report:

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Bob Ingham [Admin rights]

Mode : Remove -- Date : 01/12/2013 17:55:35

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> NOT SELECTED

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> NOT SELECTED

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Guest : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> NOT SELECTED

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> NOT REMOVED, USE DNSFIX

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> NOT REMOVED, USE DNSFIX

[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 new.localhost

127.0.0.1 week_3.localhost

127.0.0.1 views.localhost

127.0.0.1 week_6.localhost

127.0.0.1 week_7_theming.localhost

127.0.0.1 week8_panels.localhost

127.0.0.1 week_8_context_module.localhost

127.0.0.1 philly_station_test.localhost

127.0.0.1 week_9_extras.localhost

127.0.0.1 localhost

127.0.0.1 drupaltest.localhost

127.0.0.1 rideau.localhost

127.0.0.1 upp_edu_sa.localhost

127.0.0.1 mediacurrent.localhost

127.0.0.1 knitrowan.localhost

192.168.1.105 rideau.ubuntu

192.168.1.105 ubuntu

127.0.0.1 drupalville.localhost

127.0.0.1 ostraining_intermediate.localhost

127.0.0.1 65.52.240.48

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] 0b292c56c97b6fbfa1b1d56de2f48584

[bSP] a27490fbeb28f455b23c4767051a7e3d : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 698469 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1433538560 | Size: 15434 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[4]_D_01122013_02d1755.txt >>

RKreport[1]_S_01102013_02d1714.txt ; RKreport[2]_S_01122013_02d1718.txt ; RKreport[3]_S_01122013_02d1754.txt ; RKreport[4]_D_01122013_02d1755.txt

Link to post
Share on other sites

Now, as to disabling Java, I've run into a problem. After following the steps outlined in the links you provided, my version of Java Control Panel does not display the "check box" to uncheck as instructed. Here's what the webllink says to do to disable Java:

disablingjavainstructions.jpg

But, now here are photos of my Java Control Panel tabs, and I hope you can tell me how to disable it:

javasecuritytab.jpg

So, I clicked the "Advanced Tab", instead:

javaadvancedtab.jpg

Then I clicked the "Java" tab which displays a "View" button:

javacontrolpaneljavatab.jpg

And then clicked on its "View" button, which displays the "Runtime Environment Settings" :

javaruntimeenvironmentsettings.jpg

So, how do I disable this version of Java?:

javaversionwindow_1.jpg

Link to post
Share on other sites

3

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

Double click DeFogger to run the tool.

The application window will appear

Click the Disable button to disable your CD Emulation drivers.

Click Yes to continue

A 'Finished!' message will appear

Click OK

DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

Maurice,

Will this step ONLY disable my DAEMON Tools Lite, or will it uninstall it? Just wondering, as I can re-install it later.

Link to post
Share on other sites

Defogger will not "uninstall". It will just only remove some CD emulation from auto-startup.

Please do it.

As to Roguekiller run: You should leave the Windows firewall on. And we need to do 1 more run of Roguekiller.

  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes. i_arrow-l.gif
  • Next, click the DNS tab, and then click on the DNS Fix button
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Link to post
Share on other sites

3

Disable CD-ROM Emulation Software:

Please download the following tool DeFogger to your desktop.

Double click DeFogger to run the tool.

The application window will appear

Click the Disable button to disable your CD Emulation drivers.

Click Yes to continue

A 'Finished!' message will appear

Click OK

DeFogger will now ask to reboot the machine - click OK

IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

Maurice,

Okay, now on to step #3, but you still have not informed me how to do step #2 (disable Java). BTW, after DeFogger finished disabling my CD emulation software, it never asked me to reboot, but I did, anyway.

Link to post
Share on other sites

As to Roguekiller run: You should leave the Windows firewall on. And we need to do 1 more run of Roguekiller.

  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes. i_arrow-l.gif
  • Next, click the DNS tab, and then click on the DNS Fix button
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Okay, even though you didn't say to click Scan, I did, and then clicked the DNS tab and "Fix DNS" button. Here are log reports 5 & 6:

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo...13-roguekiller/

Website : http://tigzy.geeksto...roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Bob Ingham [Admin rights]

Mode : Scan -- Date : 01/13/2013 21:18:28

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[sTARTUP][sUSP PATH] Best Buy pc app.lnk @Guest : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe -> FOUND

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤

--> C:\windows\system32\drivers\etc\hosts

127.0.0.1 new.localhost

127.0.0.1 week_3.localhost

127.0.0.1 views.localhost

127.0.0.1 week_6.localhost

127.0.0.1 week_7_theming.localhost

127.0.0.1 week8_panels.localhost

127.0.0.1 week_8_context_module.localhost

127.0.0.1 philly_station_test.localhost

127.0.0.1 week_9_extras.localhost

127.0.0.1 localhost

127.0.0.1 drupaltest.localhost

127.0.0.1 rideau.localhost

127.0.0.1 upp_edu_sa.localhost

127.0.0.1 mediacurrent.localhost

127.0.0.1 knitrowan.localhost

192.168.1.105 rideau.ubuntu

192.168.1.105 ubuntu

127.0.0.1 drupalville.localhost

127.0.0.1 ostraining_intermediate.localhost

127.0.0.1 65.52.240.48

[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: +++++

--- User ---

[MBR] 0b292c56c97b6fbfa1b1d56de2f48584

[bSP] a27490fbeb28f455b23c4767051a7e3d : Windows Vista MBR Code

Partition table:

0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo

1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 698469 Mo

2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 1433538560 | Size: 15434 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[5]_S_01132013_02d2118.txt >>

RKreport[1]_S_01102013_02d1714.txt ; RKreport[2]_S_01122013_02d1718.txt ; RKreport[3]_S_01122013_02d1754.txt ; RKreport[4]_D_01122013_02d1755.txt ; RKreport[5]_S_01132013_02d2118.txt

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo...13-roguekiller/

Website : http://tigzy.geeksto...roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Bob Ingham [Admin rights]

Mode : DNSFix -- Date : 01/13/2013 21:18:41

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> REPLACED ()

[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{AF9FB755-8FCB-4F7C-BFBA-AAE7D20148DE} : NameServer (0.0.0.0) -> REPLACED ()

¤¤¤ Driver : [NOT LOADED] ¤¤¤

Finished : << RKreport[6]_DN_01132013_02d2118.txt >>

RKreport[1]_S_01102013_02d1714.txt ; RKreport[2]_S_01122013_02d1718.txt ; RKreport[3]_S_01122013_02d1754.txt ; RKreport[4]_D_01122013_02d1755.txt ; RKreport[5]_S_01132013_02d2118.txt ;

RKreport[6]_DN_01132013_02d2118.txt

Link to post
Share on other sites

Do some scans:

Step 1

Save and close any work documents, close any apps that you started.

Start your MBAM MalwareBytes' Anti-Malware.

Click the Settings Tab and then the General Settings sub-tab. Make sure all option lines have a checkmark.

Then click the Scanner settings sub-tab in second row of tabs. Make sure all option lines have a checkmark.

Next, Click the Update tab. Press the "Check for Updates" button.

If prompted for a Restart, do that.

When done, click the Scanner tab.

Do a Quick Scan.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

When the MBAM scan is all done, make sure to Copy & Paste the latest scan log into a new reply.

Step 2

Download and Save McAfee Stinger to your Desktop

http://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Close all browsers before starting. Disable your antivirus program and anti-malware,if any.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

On Windows 7 & Vista systems, Right Click stinger-icon.gif and select Run as Administrator.

On XP, double-click to start it.

The GUI interface will look like this

stinger2.png

The C drive is the default for scanning.

Press the Preferences button. In the top right-block "On virus detection", click Rename

In the bottom block "Heuristic network check for suspicious files" select High

Click the Scan Now button.

When done, use the File menu and select Save report to file

Stinger.txt is the log report and will be saved to your Desktop. I will need a copy of that log.

RE-Enable your anti-virus program.

Stinger is a standalone utility used to detect and remove specific malware. It is not a full scan for all types of malware or viruses.

It is not intended as virus protection.

Step 3

Can you get to Computer System Information?

Press Windows-key and type in

msinfo32.exe

and run it

Step 4

Download and SAVE the attached zip to your Desktop {where it is easy to find}.

Now Extract the contents of the zip-file to your desktop.

Double click on createsrp.vbs to start it.

When prompted, enter a descriptive name for an attempt to create a new system-restore-snapshot.

Tell me whether this results in a new restore-point or not.

Let me know that result.

Be aware that IF at some point in the past, that the System Restore service was turned OFF, then at that time any & all prior restore points would have been deleted.

Link to post
Share on other sites

4

Windows services

This will be a batch-run . This is for this system only !

  • Press the Windows-key on keyboard.
  • In the 10-16-2011%204-33-46%20PM.png box, type notepad and press Enter.
  • Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.

This procedure will do its tasks and then it will Restart Windows.

Good afternoon Maurice. Before I do your latest tasks, I remember I still had step #4 to do from your previsous task list. I assume whatever the batch file did, I still was not able to access System Information.

Link to post
Share on other sites

Maurice,

I updated my Malwarebytes Pro and ran the Quick Scan, and it found nothing:

malwarebytesupdatewindow.jpg

malwarebytesquickscanresultswindow.jpg

Malwarebytes Anti-Malware (PRO) 1.70.0.1100

www.malwarebytes.org

Database version: v2013.01.15.12

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Bob Ingham :: BOBINGHAM-PC [administrator]

Protection: Enabled

1/15/2013 1:49:29 PM

mbam-log-2013-01-15 (13-49-29).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 244337

Time elapsed: 7 minute(s), 1 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

I then downloaded McAfee Singer and ran with the settings as instructed after disabling Avast! & Malwarebytes Pro.

stingerpreferencessettings.jpg

Here’s the report:

McAfee® Labs Stinger™ Version 10.2.0.953 built on Jan 15 2013

Copyright © 2012 McAfee, Inc. All Rights Reserved.

Virus data file v1000.0000 created on Jan 15 2013.

Ready to scan for 6114 viruses, trojans and variants.

Scan initiated on Tue Jan 15 14:13:03 2013

Rootkit scan result : Not Scanned

Master Boot Record(s):....1

Possibly Infected:.............0

Boot Sector(s):.................1

Possibly Infected: ............0

Number of clean files: 21706

Be advised, I placed the above "Not Scanned" text in red, to stand out, as I wanted you to notice it, even though it was suppose to scan it. As Stinger didn’t find any infection, I still could not access System Information. I then unzipped the Createsrp.zip file and ran the Createsrp.vbs file as instructed, but encountered the following error:

createsrperrormessage.jpg

Please be aware that I am having absolutely no difficulty in creating System Restore Points, and I’m able to access any restore points that I’ve created since January 8th, unlike my relative’s computer issue. My main concern was the fact that I can’t access my System Information.

Now, you stated that if System Restore was ever “turned Off”, then all previously created restore points would have been deleted, but, to the best of my knowledge, I never turned System Restore off. However, I just went and checked my System Restore settings, and I may have found the reason why I lost all of my previous restore points! I had set aside only 5% (34.10 GB) of my hard drive for restore points:

systemrestoresettings.jpg

But, as you can see from the image above, just the last restore point automatically created by the last Windows Update on January 10 took up 28.76 GB, and after that restore point was created, all of my previous restore points dated since January 8th have been deleted.

systemrestorepoints.jpg

I’m not sure if this is the reason why my older restore points disappeared, either. As a caution, I’ve increased the “Disk Space Usage” to 20% (136.4 GB), and will closely monitor my restore points.

But, this doesn’t resolve the issue of why I can’t access my System Information, and it seems your .vbs file has something wrong with it by the error message.

Link to post
Share on other sites

Maurice,

Just to make sure I didn't do anything wrong, I once more disabled Avast! and Malwarebytes Pro, then closed all browers and ran Stinger once more with the settings as previously depicted, and got the same results. I guess it just didn't need to scan the rootkit, even though that option was checked.

Link to post
Share on other sites

btw, the MBAM scan log itself is sufficient. No need to get me screenshots of it or of Stinger.

So far, none of the utilities, as well as MBAM & Bitdefender have shown malware onboard.

I do not believe that malware is the root cause of the inability to run or access System Information.

It may be a issue of maybe a service not running or it may be an access/privilege issue at play.

And I also do not suspect a rootkit.

Were you able to run msinfo32.exe ?

FYI, the allocation of space for System Restore -does- place a cap as to the number of system restore points that can be "preserved".

Once the ceiling is reached, it is oldest out & newest restore point gets placed --- overwriting (removing) oldest ones as needed.

This clears up the System Restore "bit" on this system.

Make sure you are logged in with an administrator-rights account.

Confirm for me that this is your system {and not say, one of a corporate or government or other type organization}.

and just as one last check:

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Added note:

Put aside the vbs file. We do not need it. Since obviously the Windows System restore service & utility are ok.

and BTW, the very last screenshot of System Restore showed a restore point automatically created on January 10 during a run of Windows Update.

Edited by Maurice Naggar
Added note
Link to post
Share on other sites

btw, the MBAM scan log itself is sufficient. No need to get me screenshots of it or of Stinger.

So far, none of the utilities, as well as MBAM & Bitdefender have shown malware onboard.

I do not believe that malware is the root cause of the inability to run or access System Information.

It may be a issue of maybe a service not running or it may be an access/privilege issue at play.

And I also do not suspect a rootkit.

Were you able to run msinfo32.exe ?

FYI, the allocation of space for System Restore -does- place a cap as to the number of system restore points that can be "preserved".

Once the ceiling is reached, it is oldest out & newest restore point gets placed --- overwriting (removing) oldest ones as needed.

This clears up the System Restore "bit" on this system.

Make sure you are logged in with an administrator-rights account.

Confirm for me that this is your system {and not say, one of a corporate or government or other type organization}.

Maurice,

Yes, this is my personal laptop and I am the Administrator, and yes I am logged in as Administrator. What caught my attention about losing my system restore points, was the fact that I lost ALL of my restore points, not that a newer restore point had been saved and caused all of them to be deleted, as there were absolutely none there (as I wrote in my first post). So, I don't know if some software or malware had turned off my System Restore, causing all to be deleted, but I know I haven't.

Additionally, the last restore point was created by Windows Update on January 10th, but it didn't use all of the disk space set aside, so I'm wondering why none of the previously created restore points were kept after it was created. Mmmmmmmmmmm.........

Link to post
Share on other sites

Now, you stated that if System Restore was ever “turned Off”, then all previously created restore points would have been deleted, but, to the best of my knowledge, I never turned System Restore off. However, I just went and checked my System Restore settings, and I may have found the reason why I lost all of my previous restore points! I had set aside only 5% (34.10 GB) of my hard drive for restore points:

systemrestoresettings.jpg

But, as you can see from the image above, just the last restore point automatically created by the last Windows Update on January 10 took up 28.76 GB, and after that restore point was created, all of my previous restore points dated since January 8th have been deleted.

systemrestorepoints.jpg

I’m not sure if this is the reason why my older restore points disappeared, either. As a caution, I’ve increased the “Disk Space Usage” to 20% (136.4 GB), and will closely monitor my restore points.

But, this doesn’t resolve the issue of why I can’t access my System Information, and it seems your .vbs file has something wrong with it by the error message.

Added note:

Put aside the vbs file. We do not need it. Since obviously the Windows System restore service & utility are ok.

and BTW, the very last screenshot of System Restore showed a restore point automatically created on January 10 during a run of Windows Update.

Maurice, I'm quoting those above so I can apologize for the wrong statement of "all of my previous restore points dated since January 8th have been deleted", as I meant to say before January 8th. So, again, don't know why those created before the windows update were deleted.

Link to post
Share on other sites

I am satisfied there's no issue with System Restore. And you said you have bumped up the space allocation for System Restore.

Let's please move off that topic. I cannot tell you why exactly any older restore points went away.

Like I stated just before: no malwares have been noticed.

Get & run TDSSKILLER like I asked for.

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Link to post
Share on other sites

The KasperskyTDSSKiller scan found no viruses and report is posted below:

kasperskytdsskillerscan.jpg

16:59:10.0328 5664 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

16:59:10.0759 5664 ============================================================

16:59:10.0759 5664 Current date / time: 2013/01/15 16:59:10.0759

16:59:10.0759 5664 SystemInfo:

16:59:10.0759 5664

16:59:10.0759 5664 OS Version: 6.1.7601 ServicePack: 1.0

16:59:10.0759 5664 Product type: Workstation

16:59:10.0759 5664 ComputerName: BOBINGHAM-PC

16:59:10.0760 5664 UserName: Bob Ingham

16:59:10.0760 5664 Windows directory: C:\windows

16:59:10.0760 5664 System windows directory: C:\windows

16:59:10.0760 5664 Running under WOW64

16:59:10.0760 5664 Processor architecture: Intel x64

16:59:10.0760 5664 Number of processors: 8

16:59:10.0760 5664 Page size: 0x1000

16:59:10.0760 5664 Boot type: Normal boot

16:59:10.0760 5664 ============================================================

16:59:11.0393 5664 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

16:59:11.0399 5664 ============================================================

16:59:11.0399 5664 \Device\Harddisk0\DR0:

16:59:11.0400 5664 MBR partitions:

16:59:11.0400 5664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x55432800

16:59:11.0400 5664 ============================================================

16:59:11.0453 5664 C: <-> \Device\Harddisk0\DR0\Partition1

16:59:11.0453 5664 ============================================================

16:59:11.0454 5664 Initialize success

16:59:11.0454 5664 ============================================================

16:59:37.0002 8236 ============================================================

16:59:37.0002 8236 Scan started

16:59:37.0002 8236 Mode: Manual;

16:59:37.0002 8236 ============================================================

16:59:47.0256 8236 ================ Scan system memory ========================

16:59:47.0257 8236 System memory - ok

16:59:47.0257 8236 ================ Scan services =============================

16:59:47.0746 8236 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys

16:59:47.0750 8236 1394ohci - ok

16:59:47.0788 8236 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys

16:59:47.0793 8236 ACPI - ok

16:59:47.0833 8236 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys

16:59:47.0834 8236 AcpiPmi - ok

16:59:48.0038 8236 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

16:59:48.0040 8236 AdobeARMservice - ok

16:59:48.0456 8236 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

16:59:48.0458 8236 AdobeFlashPlayerUpdateSvc - ok

16:59:48.0559 8236 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys

16:59:48.0566 8236 adp94xx - ok

16:59:48.0641 8236 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys

16:59:48.0645 8236 adpahci - ok

16:59:48.0665 8236 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys

16:59:48.0669 8236 adpu320 - ok

16:59:48.0692 8236 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll

16:59:48.0693 8236 AeLookupSvc - ok

16:59:48.0746 8236 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys

16:59:48.0752 8236 AFD - ok

16:59:48.0778 8236 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys

16:59:48.0780 8236 agp440 - ok

16:59:48.0812 8236 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe

16:59:48.0814 8236 ALG - ok

16:59:48.0838 8236 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys

16:59:48.0840 8236 aliide - ok

16:59:48.0862 8236 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys

16:59:48.0864 8236 amdide - ok

16:59:48.0875 8236 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys

16:59:48.0876 8236 AmdK8 - ok

16:59:48.0889 8236 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys

16:59:48.0892 8236 AmdPPM - ok

16:59:48.0919 8236 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys

16:59:48.0922 8236 amdsata - ok

16:59:48.0957 8236 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys

16:59:48.0960 8236 amdsbs - ok

16:59:48.0970 8236 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys

16:59:48.0972 8236 amdxata - ok

16:59:49.0006 8236 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys

16:59:49.0008 8236 AppID - ok

16:59:49.0039 8236 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll

16:59:49.0041 8236 AppIDSvc - ok

16:59:49.0054 8236 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll

16:59:49.0056 8236 Appinfo - ok

16:59:49.0172 8236 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:59:49.0174 8236 Apple Mobile Device - ok

16:59:49.0196 8236 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys

16:59:49.0198 8236 arc - ok

16:59:49.0226 8236 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys

16:59:49.0228 8236 arcsas - ok

16:59:49.0274 8236 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys

16:59:49.0276 8236 aswFsBlk - ok

16:59:49.0314 8236 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys

16:59:49.0316 8236 aswMonFlt - ok

16:59:49.0382 8236 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\windows\System32\Drivers\aswrdr2.sys

16:59:49.0384 8236 aswRdr - ok

16:59:49.0408 8236 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\windows\system32\drivers\aswSnx.sys

16:59:49.0419 8236 aswSnx - ok

16:59:49.0460 8236 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\windows\system32\drivers\aswSP.sys

16:59:49.0465 8236 aswSP - ok

16:59:49.0478 8236 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\windows\system32\drivers\aswTdi.sys

16:59:49.0479 8236 aswTdi - ok

16:59:49.0505 8236 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys

16:59:49.0506 8236 AsyncMac - ok

16:59:49.0534 8236 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys

16:59:49.0536 8236 atapi - ok

16:59:49.0581 8236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll

16:59:49.0589 8236 AudioEndpointBuilder - ok

16:59:49.0599 8236 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll

16:59:49.0604 8236 AudioSrv - ok

16:59:49.0711 8236 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

16:59:49.0712 8236 avast! Antivirus - ok

16:59:49.0745 8236 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll

16:59:49.0749 8236 AxInstSV - ok

16:59:49.0791 8236 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys

16:59:49.0798 8236 b06bdrv - ok

16:59:49.0830 8236 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys

16:59:49.0834 8236 b57nd60a - ok

16:59:49.0866 8236 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll

16:59:49.0868 8236 BDESVC - ok

16:59:49.0893 8236 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys

16:59:49.0894 8236 Beep - ok

16:59:49.0930 8236 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll

16:59:49.0938 8236 BFE - ok

16:59:49.0974 8236 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\System32\qmgr.dll

16:59:50.0030 8236 BITS - ok

16:59:50.0053 8236 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys

16:59:50.0054 8236 blbdrive - ok

16:59:50.0075 8236 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys

16:59:50.0077 8236 bowser - ok

16:59:50.0115 8236 [ 56E4345F392F17D66683225E214840CB ] bpenum C:\windows\system32\DRIVERS\bpenum.sys

16:59:50.0118 8236 bpenum - ok

16:59:50.0135 8236 [ D50B07C4D7AFEC4CA6AC8FCB72583C5B ] bpmp C:\windows\system32\DRIVERS\bpmp.sys

16:59:50.0138 8236 bpmp - ok

16:59:50.0146 8236 [ A85BA55E4FE9CB2F342F281AAF7DE810 ] bpusb C:\windows\system32\Drivers\bpusb.sys

16:59:50.0149 8236 bpusb - ok

16:59:50.0174 8236 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys

16:59:50.0203 8236 BrFiltLo - ok

16:59:50.0241 8236 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys

16:59:50.0242 8236 BrFiltUp - ok

16:59:50.0312 8236 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll

16:59:50.0316 8236 Browser - ok

16:59:50.0376 8236 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys

16:59:50.0420 8236 Brserid - ok

16:59:50.0439 8236 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys

16:59:50.0441 8236 BrSerWdm - ok

16:59:50.0455 8236 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys

16:59:50.0456 8236 BrUsbMdm - ok

16:59:50.0478 8236 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys

16:59:50.0481 8236 BrUsbSer - ok

16:59:50.0492 8236 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys

16:59:50.0494 8236 BTHMODEM - ok

16:59:50.0532 8236 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll

16:59:50.0535 8236 bthserv - ok

16:59:50.0550 8236 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys

16:59:50.0552 8236 cdfs - ok

16:59:50.0584 8236 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys

16:59:50.0586 8236 cdrom - ok

16:59:50.0632 8236 [ A965B206921C55F2D1481789D609B711 ] CeKbFilter C:\windows\system32\DRIVERS\CeKbFilter.sys

16:59:50.0634 8236 CeKbFilter - ok

16:59:50.0666 8236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll

16:59:50.0668 8236 CertPropSvc - ok

16:59:50.0694 8236 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys

16:59:50.0696 8236 circlass - ok

16:59:50.0713 8236 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys

16:59:50.0718 8236 CLFS - ok

16:59:50.0792 8236 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:59:50.0794 8236 clr_optimization_v2.0.50727_32 - ok

16:59:50.0853 8236 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

16:59:50.0854 8236 clr_optimization_v2.0.50727_64 - ok

16:59:50.0945 8236 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:59:50.0948 8236 clr_optimization_v4.0.30319_32 - ok

16:59:51.0013 8236 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

16:59:51.0017 8236 clr_optimization_v4.0.30319_64 - ok

16:59:51.0037 8236 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys

16:59:51.0038 8236 CmBatt - ok

16:59:51.0056 8236 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys

16:59:51.0058 8236 cmdide - ok

16:59:51.0112 8236 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys

16:59:51.0118 8236 CNG - ok

16:59:51.0152 8236 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys

16:59:51.0154 8236 Compbatt - ok

16:59:51.0193 8236 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys

16:59:51.0194 8236 CompositeBus - ok

16:59:51.0204 8236 COMSysApp - ok

16:59:51.0223 8236 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys

16:59:51.0239 8236 crcdisk - ok

16:59:51.0293 8236 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll

16:59:51.0297 8236 CryptSvc - ok

16:59:51.0340 8236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll

16:59:51.0349 8236 DcomLaunch - ok

16:59:51.0381 8236 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll

16:59:51.0386 8236 defragsvc - ok

16:59:51.0421 8236 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys

16:59:51.0423 8236 DfsC - ok

16:59:51.0471 8236 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll

16:59:51.0475 8236 Dhcp - ok

16:59:51.0498 8236 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys

16:59:51.0500 8236 discache - ok

16:59:51.0531 8236 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys

16:59:51.0533 8236 Disk - ok

16:59:51.0564 8236 [ E7B489FA5B15D2FEC3E52066E015B788 ] DMAgent C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe

16:59:51.0570 8236 DMAgent - ok

16:59:51.0599 8236 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll

16:59:51.0602 8236 Dnscache - ok

16:59:51.0622 8236 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll

16:59:51.0626 8236 dot3svc - ok

16:59:51.0645 8236 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll

16:59:51.0649 8236 DPS - ok

16:59:51.0686 8236 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys

16:59:51.0687 8236 drmkaud - ok

16:59:51.0751 8236 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys

16:59:51.0755 8236 dtsoftbus01 - ok

16:59:51.0794 8236 [ 85DBF6EC7BDFA6187F4A1EC8F3145CD0 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys

16:59:51.0805 8236 DXGKrnl - ok

16:59:51.0835 8236 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll

16:59:51.0838 8236 EapHost - ok

16:59:51.0921 8236 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys

16:59:51.0999 8236 ebdrv - ok

16:59:52.0052 8236 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe

16:59:52.0055 8236 EFS - ok

16:59:52.0102 8236 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe

16:59:52.0110 8236 ehRecvr - ok

16:59:52.0139 8236 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe

16:59:52.0141 8236 ehSched - ok

16:59:52.0182 8236 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys

16:59:52.0193 8236 elxstor - ok

16:59:52.0227 8236 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys

16:59:52.0229 8236 ErrDev - ok

16:59:52.0283 8236 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll

16:59:52.0289 8236 EventSystem - ok

16:59:52.0389 8236 [ 57E61DC4F7980D57C0B162FC5B9F0B38 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

16:59:52.0406 8236 EvtEng - ok

16:59:52.0431 8236 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys

16:59:52.0435 8236 exfat - ok

16:59:52.0464 8236 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys

16:59:52.0468 8236 fastfat - ok

16:59:52.0583 8236 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe

16:59:52.0592 8236 Fax - ok

16:59:52.0647 8236 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys

16:59:52.0649 8236 fdc - ok

16:59:52.0725 8236 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll

16:59:52.0728 8236 fdPHost - ok

16:59:52.0802 8236 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll

16:59:52.0804 8236 FDResPub - ok

16:59:52.0852 8236 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys

16:59:52.0854 8236 FileInfo - ok

16:59:52.0876 8236 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys

16:59:52.0878 8236 Filetrace - ok

16:59:53.0025 8236 [ A3A5DCF65B4AC8D98C7E2DD9B58B37A3 ] Flexlm Service 1 C:\Program Files (x86)\UGS\NX 7.5\UGFLEXLM\lmgrd.exe

16:59:53.0042 8236 Flexlm Service 1 - ok

16:59:53.0055 8236 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys

16:59:53.0057 8236 flpydisk - ok

16:59:53.0100 8236 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys

16:59:53.0104 8236 FltMgr - ok

16:59:53.0149 8236 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll

16:59:53.0164 8236 FontCache - ok

16:59:53.0205 8236 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

16:59:53.0207 8236 FontCache3.0.0.0 - ok

16:59:53.0221 8236 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys

16:59:53.0223 8236 FsDepends - ok

16:59:53.0268 8236 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys

16:59:53.0269 8236 Fs_Rec - ok

16:59:53.0303 8236 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys

16:59:53.0307 8236 fvevol - ok

16:59:53.0327 8236 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys

16:59:53.0329 8236 gagp30kx - ok

16:59:53.0367 8236 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll

16:59:53.0378 8236 gpsvc - ok

16:59:53.0436 8236 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:59:53.0438 8236 gupdate - ok

16:59:53.0457 8236 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

16:59:53.0459 8236 gupdatem - ok

16:59:53.0486 8236 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

16:59:53.0490 8236 gusvc - ok

16:59:53.0513 8236 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys

16:59:53.0514 8236 hcw85cir - ok

16:59:53.0555 8236 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys

16:59:53.0560 8236 HdAudAddService - ok

16:59:53.0588 8236 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys

16:59:53.0591 8236 HDAudBus - ok

16:59:53.0617 8236 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys

16:59:53.0619 8236 HidBatt - ok

16:59:53.0631 8236 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys

16:59:53.0633 8236 HidBth - ok

16:59:53.0659 8236 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys

16:59:53.0661 8236 HidIr - ok

16:59:53.0683 8236 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\system32\hidserv.dll

16:59:53.0685 8236 hidserv - ok

16:59:53.0720 8236 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys

16:59:53.0722 8236 HidUsb - ok

16:59:53.0748 8236 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll

16:59:53.0751 8236 hkmsvc - ok

16:59:53.0768 8236 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll

16:59:53.0773 8236 HomeGroupListener - ok

16:59:53.0804 8236 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll

16:59:53.0810 8236 HomeGroupProvider - ok

16:59:53.0839 8236 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys

16:59:53.0842 8236 HpSAMD - ok

16:59:53.0869 8236 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys

16:59:53.0878 8236 HTTP - ok

16:59:53.0885 8236 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys

16:59:53.0886 8236 hwpolicy - ok

16:59:53.0918 8236 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\drivers\i8042prt.sys

16:59:53.0920 8236 i8042prt - ok

16:59:53.0951 8236 [ D469B77687E12FE43E344806740B624D ] iaStor C:\windows\system32\DRIVERS\iaStor.sys

16:59:53.0954 8236 iaStor - ok

16:59:53.0992 8236 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys

16:59:53.0998 8236 iaStorV - ok

16:59:54.0043 8236 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

16:59:54.0049 8236 idsvc - ok

16:59:54.0510 8236 [ 93C8115D4BAEB1BD047AB0A9B265EE7A ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys

16:59:54.0749 8236 igfx - ok

16:59:54.0783 8236 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys

16:59:54.0785 8236 iirsp - ok

16:59:54.0826 8236 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll

16:59:54.0836 8236 IKEEXT - ok

16:59:54.0895 8236 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys

16:59:54.0896 8236 intaud_WaveExtensible - ok

16:59:54.0969 8236 [ 4B2151F04BB466EC1924AA27315E1118 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys

16:59:55.0059 8236 IntcAzAudAddService - ok

16:59:55.0087 8236 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys

16:59:55.0092 8236 IntcDAud - ok

16:59:55.0113 8236 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys

16:59:55.0114 8236 intelide - ok

16:59:55.0139 8236 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys

16:59:55.0141 8236 intelppm - ok

16:59:55.0165 8236 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll

16:59:55.0168 8236 IPBusEnum - ok

16:59:55.0199 8236 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys

16:59:55.0201 8236 IpFilterDriver - ok

16:59:55.0266 8236 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll

16:59:55.0275 8236 iphlpsvc - ok

16:59:55.0349 8236 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys

16:59:55.0370 8236 IPMIDRV - ok

16:59:55.0398 8236 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys

16:59:55.0400 8236 IPNAT - ok

16:59:55.0426 8236 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys

16:59:55.0428 8236 IRENUM - ok

16:59:55.0440 8236 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys

16:59:55.0442 8236 isapnp - ok

16:59:55.0455 8236 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys

16:59:55.0460 8236 iScsiPrt - ok

16:59:55.0497 8236 [ F415A88162D23977B5EDAE4F0410E903 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

16:59:55.0499 8236 IviRegMgr - ok

16:59:55.0543 8236 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\windows\system32\DRIVERS\iwdbus.sys

16:59:55.0545 8236 iwdbus - ok

16:59:55.0587 8236 [ 25D602AE635A0443458FBED1A8B6E4E9 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys

16:59:55.0592 8236 JMCR - ok

16:59:55.0611 8236 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys

16:59:55.0613 8236 kbdclass - ok

16:59:55.0636 8236 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys

16:59:55.0638 8236 kbdhid - ok

16:59:55.0653 8236 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe

16:59:55.0655 8236 KeyIso - ok

16:59:55.0705 8236 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys

16:59:55.0708 8236 KSecDD - ok

16:59:55.0723 8236 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys

16:59:55.0726 8236 KSecPkg - ok

16:59:55.0765 8236 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys

16:59:55.0767 8236 ksthunk - ok

16:59:55.0790 8236 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll

16:59:55.0797 8236 KtmRm - ok

16:59:55.0826 8236 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\system32\srvsvc.dll

16:59:55.0832 8236 LanmanServer - ok

16:59:55.0879 8236 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll

16:59:55.0896 8236 LanmanWorkstation - ok

16:59:55.0994 8236 [ 88E52495B47C67126B510AF53FDB0BC7 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

16:59:55.0997 8236 LBTServ - ok

16:59:56.0061 8236 [ B6552D382FF070B4ED34CBD6737277C0 ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys

16:59:56.0064 8236 LHidFilt - ok

16:59:56.0094 8236 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys

16:59:56.0096 8236 lltdio - ok

16:59:56.0126 8236 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll

16:59:56.0132 8236 lltdsvc - ok

16:59:56.0150 8236 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll

16:59:56.0153 8236 lmhosts - ok

16:59:56.0220 8236 [ 73C1F563AB73D459DFFE682D66476558 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys

16:59:56.0272 8236 LMouFilt - ok

16:59:56.0385 8236 [ 50C7CE53EF461870410355F1F2E7D515 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

16:59:56.0390 8236 LMS - ok

16:59:56.0409 8236 [ 2825A71E7501CB33B3B9F856610C729D ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys

16:59:56.0411 8236 LPCFilter - ok

16:59:56.0442 8236 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys

16:59:56.0444 8236 LSI_FC - ok

16:59:56.0457 8236 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys

16:59:56.0459 8236 LSI_SAS - ok

16:59:56.0478 8236 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys

16:59:56.0480 8236 LSI_SAS2 - ok

16:59:56.0514 8236 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys

16:59:56.0517 8236 LSI_SCSI - ok

16:59:56.0545 8236 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys

16:59:56.0547 8236 luafv - ok

16:59:56.0603 8236 [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector C:\windows\system32\drivers\mbam.sys

16:59:56.0605 8236 MBAMProtector - ok

16:59:56.0657 8236 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

16:59:56.0662 8236 MBAMScheduler - ok

16:59:56.0696 8236 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

16:59:56.0704 8236 MBAMService - ok

16:59:56.0731 8236 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll

16:59:56.0734 8236 Mcx2Svc - ok

16:59:56.0768 8236 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys

16:59:56.0769 8236 megasas - ok

16:59:56.0787 8236 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys

16:59:56.0793 8236 MegaSR - ok

16:59:56.0819 8236 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys

16:59:56.0821 8236 MEIx64 - ok

16:59:56.0851 8236 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll

16:59:56.0855 8236 MMCSS - ok

16:59:56.0871 8236 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys

16:59:56.0873 8236 Modem - ok

16:59:56.0902 8236 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys

16:59:56.0904 8236 monitor - ok

16:59:56.0941 8236 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys

16:59:56.0943 8236 mouclass - ok

16:59:56.0962 8236 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys

16:59:56.0964 8236 mouhid - ok

16:59:56.0983 8236 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys

16:59:56.0985 8236 mountmgr - ok

16:59:57.0074 8236 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

16:59:57.0077 8236 MozillaMaintenance - ok

16:59:57.0095 8236 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys

16:59:57.0097 8236 mpio - ok

16:59:57.0114 8236 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys

16:59:57.0116 8236 mpsdrv - ok

16:59:57.0151 8236 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll

16:59:57.0163 8236 MpsSvc - ok

16:59:57.0182 8236 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys

16:59:57.0184 8236 MRxDAV - ok

16:59:57.0199 8236 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys

16:59:57.0202 8236 mrxsmb - ok

16:59:57.0218 8236 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys

16:59:57.0223 8236 mrxsmb10 - ok

16:59:57.0251 8236 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys

16:59:57.0253 8236 mrxsmb20 - ok

16:59:57.0265 8236 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\DRIVERS\msahci.sys

16:59:57.0266 8236 msahci - ok

16:59:57.0283 8236 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys

16:59:57.0285 8236 msdsm - ok

16:59:57.0313 8236 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe

16:59:57.0317 8236 MSDTC - ok

16:59:57.0349 8236 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys

16:59:57.0350 8236 Msfs - ok

16:59:57.0379 8236 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys

16:59:57.0380 8236 mshidkmdf - ok

16:59:57.0388 8236 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys

16:59:57.0389 8236 msisadrv - ok

16:59:57.0415 8236 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll

16:59:57.0419 8236 MSiSCSI - ok

16:59:57.0424 8236 msiserver - ok

16:59:57.0446 8236 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys

16:59:57.0448 8236 MSKSSRV - ok

16:59:57.0479 8236 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys

16:59:57.0481 8236 MSPCLOCK - ok

16:59:57.0502 8236 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys

16:59:57.0504 8236 MSPQM - ok

16:59:57.0518 8236 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys

16:59:57.0524 8236 MsRPC - ok

16:59:57.0532 8236 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys

16:59:57.0534 8236 mssmbios - ok

16:59:57.0561 8236 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys

16:59:57.0563 8236 MSTEE - ok

16:59:57.0577 8236 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys

16:59:57.0579 8236 MTConfig - ok

16:59:57.0591 8236 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys

16:59:57.0593 8236 Mup - ok

16:59:57.0627 8236 [ 50B99D53BC013458381C6476D790C9F3 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

16:59:57.0632 8236 MyWiFiDHCPDNS - ok

16:59:57.0659 8236 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll

16:59:57.0666 8236 napagent - ok

16:59:57.0711 8236 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys

16:59:57.0715 8236 NativeWifiP - ok

16:59:57.0776 8236 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys

16:59:57.0787 8236 NDIS - ok

16:59:57.0820 8236 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys

16:59:57.0822 8236 NdisCap - ok

16:59:57.0840 8236 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys

16:59:57.0842 8236 NdisTapi - ok

16:59:57.0862 8236 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys

16:59:57.0864 8236 Ndisuio - ok

16:59:57.0889 8236 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys

16:59:57.0892 8236 NdisWan - ok

16:59:57.0914 8236 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys

16:59:57.0916 8236 NDProxy - ok

16:59:57.0943 8236 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys

16:59:57.0945 8236 NetBIOS - ok

16:59:57.0963 8236 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys

16:59:57.0967 8236 NetBT - ok

16:59:57.0975 8236 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe

16:59:57.0977 8236 Netlogon - ok

16:59:58.0015 8236 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll

16:59:58.0023 8236 Netman - ok

16:59:58.0042 8236 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll

16:59:58.0049 8236 netprofm - ok

16:59:58.0080 8236 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:59:58.0081 8236 NetTcpPortSharing - ok

16:59:58.0435 8236 [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64 C:\windows\system32\DRIVERS\NETwNs64.sys

16:59:58.0695 8236 NETwNs64 - ok

16:59:58.0721 8236 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys

16:59:58.0723 8236 nfrd960 - ok

16:59:58.0773 8236 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll

16:59:58.0779 8236 NlaSvc - ok

16:59:58.0792 8236 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys

16:59:58.0794 8236 Npfs - ok

16:59:58.0821 8236 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll

16:59:58.0824 8236 nsi - ok

16:59:58.0839 8236 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys

16:59:58.0841 8236 nsiproxy - ok

16:59:58.0908 8236 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys

16:59:58.0927 8236 Ntfs - ok

16:59:58.0953 8236 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys

16:59:58.0955 8236 Null - ok

16:59:58.0992 8236 [ 0EBC9D13CD96C15B1B18D8678A609E4B ] nusb3hub C:\windows\system32\DRIVERS\nusb3hub.sys

16:59:58.0994 8236 nusb3hub - ok

16:59:59.0012 8236 [ 7BDEC000D56D485021D9C1E63C2F81CA ] nusb3xhc C:\windows\system32\DRIVERS\nusb3xhc.sys

16:59:59.0016 8236 nusb3xhc - ok

16:59:59.0056 8236 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys

16:59:59.0059 8236 nvraid - ok

16:59:59.0077 8236 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys

16:59:59.0080 8236 nvstor - ok

16:59:59.0109 8236 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys

16:59:59.0111 8236 nv_agp - ok

16:59:59.0209 8236 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

16:59:59.0215 8236 odserv - ok

16:59:59.0242 8236 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys

16:59:59.0244 8236 ohci1394 - ok

16:59:59.0272 8236 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:59:59.0275 8236 ose - ok

16:59:59.0423 8236 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:59:59.0525 8236 osppsvc - ok

16:59:59.0557 8236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll

16:59:59.0563 8236 p2pimsvc - ok

16:59:59.0584 8236 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll

16:59:59.0591 8236 p2psvc - ok

16:59:59.0626 8236 papycpu2 - ok

16:59:59.0630 8236 papyjoy - ok

16:59:59.0650 8236 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys

16:59:59.0652 8236 Parport - ok

16:59:59.0689 8236 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys

16:59:59.0691 8236 partmgr - ok

16:59:59.0733 8236 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll

16:59:59.0738 8236 PcaSvc - ok

16:59:59.0750 8236 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys

16:59:59.0753 8236 pci - ok

16:59:59.0761 8236 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\DRIVERS\pciide.sys

16:59:59.0763 8236 pciide - ok

16:59:59.0787 8236 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys

16:59:59.0791 8236 pcmcia - ok

16:59:59.0806 8236 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys

16:59:59.0807 8236 pcw - ok

16:59:59.0826 8236 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys

16:59:59.0834 8236 PEAUTH - ok

16:59:59.0897 8236 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe

16:59:59.0900 8236 PerfHost - ok

16:59:59.0970 8236 [ 91111CEBBDE8015E822C46120ED9537C ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys

16:59:59.0972 8236 PGEffect - ok

17:00:00.0100 8236 [ 0015113A604B94769AB5159E8DCFC6E6 ] PinnacleUpdateSvc C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe

17:00:00.0117 8236 PinnacleUpdateSvc - ok

17:00:00.0160 8236 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll

17:00:00.0227 8236 pla - ok

17:00:00.0382 8236 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll

17:00:00.0391 8236 PlugPlay - ok

17:00:00.0419 8236 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll

17:00:00.0422 8236 PNRPAutoReg - ok

17:00:00.0445 8236 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll

17:00:00.0450 8236 PNRPsvc - ok

17:00:00.0478 8236 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll

17:00:00.0486 8236 PolicyAgent - ok

17:00:00.0504 8236 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll

17:00:00.0509 8236 Power - ok

17:00:00.0537 8236 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys

17:00:00.0539 8236 PptpMiniport - ok

17:00:00.0551 8236 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys

17:00:00.0553 8236 Processor - ok

17:00:00.0610 8236 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll

17:00:00.0616 8236 ProfSvc - ok

17:00:00.0630 8236 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe

17:00:00.0634 8236 ProtectedStorage - ok

17:00:00.0660 8236 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys

17:00:00.0663 8236 Psched - ok

17:00:00.0694 8236 [ F036CFB275D0C55F4E45FBBF5F98B3C8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

17:00:00.0698 8236 PSI_SVC_2 - ok

17:00:00.0742 8236 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys

17:00:00.0759 8236 ql2300 - ok

17:00:00.0786 8236 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys

17:00:00.0789 8236 ql40xx - ok

17:00:00.0815 8236 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll

17:00:00.0821 8236 QWAVE - ok

17:00:00.0834 8236 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys

17:00:00.0835 8236 QWAVEdrv - ok

17:00:00.0863 8236 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys

17:00:00.0865 8236 RasAcd - ok

17:00:00.0884 8236 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys

17:00:00.0886 8236 RasAgileVpn - ok

17:00:00.0915 8236 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll

17:00:00.0920 8236 RasAuto - ok

17:00:00.0938 8236 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys

17:00:00.0940 8236 Rasl2tp - ok

17:00:00.0961 8236 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll

17:00:00.0969 8236 RasMan - ok

17:00:00.0994 8236 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys

17:00:00.0996 8236 RasPppoe - ok

17:00:01.0004 8236 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys

17:00:01.0006 8236 RasSstp - ok

17:00:01.0027 8236 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys

17:00:01.0033 8236 rdbss - ok

17:00:01.0043 8236 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys

17:00:01.0045 8236 rdpbus - ok

17:00:01.0077 8236 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys

17:00:01.0078 8236 RDPCDD - ok

17:00:01.0093 8236 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys

17:00:01.0095 8236 RDPENCDD - ok

17:00:01.0124 8236 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys

17:00:01.0126 8236 RDPREFMP - ok

17:00:01.0178 8236 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys

17:00:01.0182 8236 RDPWD - ok

17:00:01.0219 8236 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys

17:00:01.0222 8236 rdyboost - ok

17:00:01.0248 8236 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6 ] regi C:\windows\system32\drivers\regi.sys

17:00:01.0250 8236 regi - ok

17:00:01.0308 8236 [ 18505D90FEE940EE9EAE4C5B421F22B4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

17:00:01.0320 8236 RegSrvc - ok

17:00:01.0351 8236 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll

17:00:01.0355 8236 RemoteAccess - ok

17:00:01.0378 8236 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll

17:00:01.0384 8236 RemoteRegistry - ok

17:00:01.0408 8236 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll

17:00:01.0413 8236 RpcEptMapper - ok

17:00:01.0437 8236 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe

17:00:01.0440 8236 RpcLocator - ok

17:00:01.0464 8236 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll

17:00:01.0469 8236 RpcSs - ok

17:00:01.0497 8236 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys

17:00:01.0499 8236 rspndr - ok

17:00:01.0527 8236 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys

17:00:01.0534 8236 RTL8167 - ok

17:00:01.0542 8236 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe

17:00:01.0544 8236 SamSs - ok

17:00:01.0579 8236 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys

17:00:01.0582 8236 sbp2port - ok

17:00:01.0607 8236 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll

17:00:01.0613 8236 SCardSvr - ok

17:00:01.0623 8236 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys

17:00:01.0624 8236 scfilter - ok

17:00:01.0653 8236 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll

17:00:01.0668 8236 Schedule - ok

17:00:01.0689 8236 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll

17:00:01.0690 8236 SCPolicySvc - ok

17:00:01.0732 8236 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\windows\system32\DRIVERS\sdbus.sys

17:00:01.0734 8236 sdbus - ok

17:00:01.0757 8236 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll

17:00:01.0763 8236 SDRSVC - ok

17:00:01.0778 8236 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys

17:00:01.0780 8236 secdrv - ok

17:00:01.0801 8236 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll

17:00:01.0813 8236 seclogon - ok

17:00:01.0956 8236 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\System32\sens.dll

17:00:01.0960 8236 SENS - ok

17:00:02.0013 8236 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll

17:00:02.0018 8236 SensrSvc - ok

17:00:02.0040 8236 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys

17:00:02.0042 8236 Serenum - ok

17:00:02.0083 8236 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys

17:00:02.0086 8236 Serial - ok

17:00:02.0121 8236 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys

17:00:02.0123 8236 sermouse - ok

17:00:02.0186 8236 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll

17:00:02.0190 8236 SessionEnv - ok

17:00:02.0211 8236 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys

17:00:02.0213 8236 sffdisk - ok

17:00:02.0232 8236 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys

17:00:02.0234 8236 sffp_mmc - ok

17:00:02.0251 8236 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys

17:00:02.0253 8236 sffp_sd - ok

17:00:02.0275 8236 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys

17:00:02.0277 8236 sfloppy - ok

17:00:02.0401 8236 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll

17:00:02.0407 8236 SharedAccess - ok

17:00:02.0444 8236 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll

17:00:02.0453 8236 ShellHWDetection - ok

17:00:02.0480 8236 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys

17:00:02.0482 8236 SiSRaid2 - ok

17:00:02.0496 8236 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys

17:00:02.0498 8236 SiSRaid4 - ok

17:00:02.0586 8236 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

17:00:02.0589 8236 SkypeUpdate - ok

17:00:02.0622 8236 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys

17:00:02.0624 8236 Smb - ok

17:00:02.0671 8236 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe

17:00:02.0675 8236 SNMPTRAP - ok

17:00:02.0692 8236 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys

17:00:02.0694 8236 spldr - ok

17:00:02.0739 8236 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe

17:00:02.0749 8236 Spooler - ok

17:00:02.0825 8236 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe

17:00:02.0882 8236 sppsvc - ok

17:00:02.0899 8236 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll

17:00:02.0903 8236 sppuinotify - ok

17:00:02.0931 8236 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys

17:00:02.0937 8236 srv - ok

17:00:02.0955 8236 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys

17:00:02.0962 8236 srv2 - ok

17:00:02.0979 8236 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys

17:00:02.0982 8236 srvnet - ok

17:00:03.0019 8236 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll

17:00:03.0024 8236 SSDPSRV - ok

17:00:03.0039 8236 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll

17:00:03.0044 8236 SstpSvc - ok

17:00:03.0062 8236 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys

17:00:03.0064 8236 stexstor - ok

17:00:03.0098 8236 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll

17:00:03.0107 8236 stisvc - ok

17:00:03.0124 8236 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys

17:00:03.0126 8236 swenum - ok

17:00:03.0157 8236 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll

17:00:03.0167 8236 swprv - ok

17:00:03.0214 8236 [ F5B46DF59FEAA48A442AED7EEB754D4B ] SynTP C:\windows\system32\DRIVERS\SynTP.sys

17:00:03.0230 8236 SynTP - ok

17:00:03.0298 8236 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll

17:00:03.0332 8236 SysMain - ok

17:00:03.0361 8236 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll

17:00:03.0366 8236 TabletInputService - ok

17:00:03.0414 8236 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll

17:00:03.0448 8236 TapiSrv - ok

17:00:03.0466 8236 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll

17:00:03.0470 8236 TBS - ok

17:00:03.0552 8236 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\windows\system32\drivers\tcpip.sys

17:00:03.0574 8236 Tcpip - ok

17:00:03.0629 8236 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys

17:00:03.0640 8236 TCPIP6 - ok

17:00:03.0681 8236 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys

17:00:03.0683 8236 tcpipreg - ok

17:00:03.0712 8236 [ FD542B661BD22FA69CA789AD0AC58C29 ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys

17:00:03.0714 8236 tdcmdpst - ok

17:00:03.0746 8236 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys

17:00:03.0748 8236 TDPIPE - ok

17:00:03.0776 8236 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys

17:00:03.0779 8236 TDTCP - ok

17:00:03.0807 8236 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys

17:00:03.0810 8236 tdx - ok

17:00:03.0822 8236 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys

17:00:03.0824 8236 TermDD - ok

17:00:03.0862 8236 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll

17:00:03.0873 8236 TermService - ok

17:00:03.0892 8236 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll

17:00:03.0897 8236 Themes - ok

17:00:03.0928 8236 [ 7F35CA8296A52C7161088EB1D952E8ED ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys

17:00:03.0932 8236 Thpdrv - ok

17:00:03.0961 8236 [ B4E609047434ED948AF7BDEF2FA66E38 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS

17:00:03.0963 8236 Thpevm - ok

17:00:04.0002 8236 [ 0B4734AE9EC70B843DF02E7B1C056377 ] Thpsrv C:\windows\system32\ThpSrv.exe

17:00:04.0011 8236 Thpsrv - ok

17:00:04.0018 8236 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll

17:00:04.0021 8236 THREADORDER - ok

17:00:04.0075 8236 [ 71C321649B28638EE80A2EEB164C1DC8 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

17:00:04.0077 8236 TMachInfo - ok

17:00:04.0105 8236 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19 ] TODDSrv C:\windows\system32\TODDSrv.exe

17:00:04.0110 8236 TODDSrv - ok

17:00:04.0158 8236 [ 1C73689B900428C7D054A41C4687F55C ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

17:00:04.0208 8236 TosCoSrv - ok

17:00:04.0403 8236 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe

17:00:04.0407 8236 TOSHIBA eco Utility Service - ok

17:00:04.0451 8236 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

17:00:04.0454 8236 TOSHIBA HDD SSD Alert Service - ok

17:00:04.0489 8236 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys

17:00:04.0496 8236 tos_sps64 - ok

17:00:04.0542 8236 [ 098B8A408C17E125A3D9A8E1166780C8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe

17:00:04.0552 8236 TPCHSrv - ok

17:00:04.0580 8236 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll

17:00:04.0585 8236 TrkWks - ok

17:00:04.0636 8236 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe

17:00:04.0639 8236 TrustedInstaller - ok

17:00:04.0664 8236 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys

17:00:04.0666 8236 tssecsrv - ok

17:00:04.0692 8236 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys

17:00:04.0694 8236 TsUsbFlt - ok

17:00:04.0710 8236 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys

17:00:04.0712 8236 TsUsbGD - ok

17:00:04.0761 8236 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys

17:00:04.0764 8236 tunnel - ok

17:00:04.0812 8236 [ 550B567F9364D8F7684C3FB3EA665A72 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS

17:00:04.0814 8236 TVALZ - ok

17:00:04.0856 8236 [ 9C7191F4B2E49BFF47A6C1144B5923FA ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys

17:00:04.0858 8236 TVALZFL - ok

17:00:04.0874 8236 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys

17:00:04.0876 8236 uagp35 - ok

17:00:04.0903 8236 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys

17:00:04.0908 8236 udfs - ok

17:00:04.0936 8236 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe

17:00:04.0940 8236 UI0Detect - ok

17:00:04.0967 8236 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys

17:00:04.0969 8236 uliagpkx - ok

17:00:05.0009 8236 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys

17:00:05.0011 8236 umbus - ok

17:00:05.0041 8236 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys

17:00:05.0043 8236 UmPass - ok

17:00:05.0138 8236 [ 374EBDA379A8F38E0CFC2211611E7167 ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

17:00:05.0167 8236 UNS - ok

17:00:05.0200 8236 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll

17:00:05.0207 8236 upnphost - ok

17:00:05.0247 8236 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys

17:00:05.0249 8236 USBAAPL64 - ok

17:00:05.0279 8236 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys

17:00:05.0281 8236 usbccgp - ok

17:00:05.0296 8236 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys

17:00:05.0299 8236 usbcir - ok

17:00:05.0307 8236 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys

17:00:05.0309 8236 usbehci - ok

17:00:05.0344 8236 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\drivers\usbhub.sys

17:00:05.0349 8236 usbhub - ok

17:00:05.0365 8236 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys

17:00:05.0366 8236 usbohci - ok

17:00:05.0401 8236 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys

17:00:05.0403 8236 usbprint - ok

17:00:05.0444 8236 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys

17:00:05.0446 8236 usbscan - ok

17:00:05.0464 8236 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS

17:00:05.0477 8236 USBSTOR - ok

17:00:05.0489 8236 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys

17:00:05.0491 8236 usbuhci - ok

17:00:05.0518 8236 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys

17:00:05.0521 8236 usbvideo - ok

17:00:05.0552 8236 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll

17:00:05.0556 8236 UxSms - ok

17:00:05.0575 8236 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe

17:00:05.0578 8236 VaultSvc - ok

17:00:05.0644 8236 [ C30F3D43CEB6F79ADE9B805387E5F63C ] VBoxDrv C:\windows\system32\DRIVERS\VBoxDrv.sys

17:00:05.0648 8236 VBoxDrv - ok

17:00:05.0676 8236 [ 8ACF22B86CE4E85C23E3E9513BF45C37 ] VBoxNetAdp C:\windows\system32\DRIVERS\VBoxNetAdp.sys

17:00:05.0679 8236 VBoxNetAdp - ok

17:00:05.0709 8236 [ 7B657669C53A0E6583F07EBAA303D9EA ] VBoxNetFlt C:\windows\system32\DRIVERS\VBoxNetFlt.sys

17:00:05.0712 8236 VBoxNetFlt - ok

17:00:05.0801 8236 [ CF3EE68CD9723E9F21E3198A0F690400 ] VBoxUSBMon C:\windows\system32\DRIVERS\VBoxUSBMon.sys

17:00:05.0804 8236 VBoxUSBMon - ok

17:00:05.0833 8236 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys

17:00:05.0835 8236 vdrvroot - ok

17:00:05.0867 8236 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe

17:00:05.0877 8236 vds - ok

17:00:05.0913 8236 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys

17:00:05.0915 8236 vga - ok

17:00:05.0931 8236 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys

17:00:05.0933 8236 VgaSave - ok

17:00:05.0948 8236 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys

17:00:05.0951 8236 vhdmp - ok

17:00:05.0962 8236 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys

17:00:05.0964 8236 viaide - ok

17:00:05.0989 8236 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys

17:00:05.0991 8236 volmgr - ok

17:00:06.0006 8236 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys

17:00:06.0013 8236 volmgrx - ok

17:00:06.0023 8236 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\windows\system32\drivers\volsnap.sys

17:00:06.0028 8236 volsnap - ok

17:00:06.0062 8236 [ B4A73CA4EF9A02B9738CEA9AD5FE5917 ] vpcbus C:\windows\system32\DRIVERS\vpchbus.sys

17:00:06.0065 8236 vpcbus - ok

17:00:06.0113 8236 [ E675FB2B48C54F09895482E2253B289C ] vpcnfltr C:\windows\system32\DRIVERS\vpcnfltr.sys

17:00:06.0116 8236 vpcnfltr - ok

17:00:06.0151 8236 [ 5FB42082B0D19A0268705F1DD343DF20 ] vpcusb C:\windows\system32\DRIVERS\vpcusb.sys

17:00:06.0153 8236 vpcusb - ok

17:00:06.0301 8236 [ 207B6539799CC1C112661A9B620DD233 ] vpcvmm C:\windows\system32\drivers\vpcvmm.sys

17:00:06.0331 8236 vpcvmm - ok

17:00:06.0379 8236 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys

17:00:06.0382 8236 vsmraid - ok

17:00:06.0436 8236 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe

17:00:06.0457 8236 VSS - ok

17:00:06.0493 8236 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys

17:00:06.0495 8236 vwifibus - ok

17:00:06.0627 8236 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys

17:00:06.0629 8236 vwififlt - ok

17:00:06.0664 8236 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys

17:00:06.0665 8236 vwifimp - ok

17:00:06.0688 8236 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll

17:00:06.0696 8236 W32Time - ok

17:00:06.0712 8236 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys

17:00:06.0713 8236 WacomPen - ok

17:00:06.0839 8236 [ 5CF6E9A685199445FEE02FE8C191C9BA ] wampapache c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe

17:00:06.0841 8236 wampapache - ok

17:00:06.0899 8236 wampmysqld - ok

17:00:06.0926 8236 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys

17:00:06.0928 8236 WANARP - ok

17:00:06.0932 8236 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys

17:00:06.0933 8236 Wanarpv6 - ok

17:00:07.0026 8236 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe

17:00:07.0042 8236 WatAdminSvc - ok

17:00:07.0130 8236 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe

17:00:07.0150 8236 wbengine - ok

17:00:07.0183 8236 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll

17:00:07.0190 8236 WbioSrvc - ok

17:00:07.0275 8236 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll

17:00:07.0283 8236 wcncsvc - ok

17:00:07.0301 8236 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll

17:00:07.0305 8236 WcsPlugInService - ok

17:00:07.0327 8236 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys

17:00:07.0329 8236 Wd - ok

17:00:07.0380 8236 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys

17:00:07.0390 8236 Wdf01000 - ok

17:00:07.0401 8236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll

17:00:07.0406 8236 WdiServiceHost - ok

17:00:07.0411 8236 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll

17:00:07.0415 8236 WdiSystemHost - ok

17:00:07.0445 8236 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll

17:00:07.0451 8236 WebClient - ok

17:00:07.0472 8236 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll

17:00:07.0479 8236 Wecsvc - ok

17:00:07.0499 8236 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll

17:00:07.0503 8236 wercplsupport - ok

17:00:07.0532 8236 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll

17:00:07.0537 8236 WerSvc - ok

17:00:07.0568 8236 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys

17:00:07.0570 8236 WfpLwf - ok

17:00:07.0633 8236 [ 245EA6A2CFAE7B183EE9A14A4673B1F1 ] WiMAXAppSrv C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe

17:00:07.0644 8236 WiMAXAppSrv - ok

17:00:07.0662 8236 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys

17:00:07.0664 8236 WIMMount - ok

17:00:07.0680 8236 WinDefend - ok

17:00:07.0684 8236 WinHttpAutoProxySvc - ok

17:00:07.0726 8236 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll

17:00:07.0730 8236 Winmgmt - ok

17:00:07.0797 8236 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll

17:00:07.0823 8236 WinRM - ok

17:00:07.0879 8236 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys

17:00:07.0880 8236 WinUsb - ok

17:00:07.0924 8236 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll

17:00:07.0937 8236 Wlansvc - ok

17:00:07.0991 8236 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

17:00:07.0993 8236 wlcrasvc - ok

17:00:08.0090 8236 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

17:00:08.0116 8236 wlidsvc - ok

17:00:08.0141 8236 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys

17:00:08.0143 8236 WmiAcpi - ok

17:00:08.0206 8236 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe

17:00:08.0211 8236 wmiApSrv - ok

17:00:08.0264 8236 WMPNetworkSvc - ok

17:00:08.0383 8236 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll

17:00:08.0388 8236 WPCSvc - ok

17:00:08.0402 8236 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll

17:00:08.0408 8236 WPDBusEnum - ok

17:00:08.0427 8236 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys

17:00:08.0428 8236 ws2ifsl - ok

17:00:08.0457 8236 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\System32\wscsvc.dll

17:00:08.0461 8236 wscsvc - ok

17:00:08.0464 8236 WSearch - ok

17:00:08.0549 8236 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll

17:00:08.0605 8236 wuauserv - ok

17:00:08.0647 8236 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys

17:00:08.0649 8236 WudfPf - ok

17:00:08.0711 8236 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys

17:00:08.0715 8236 WUDFRd - ok

17:00:08.0751 8236 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll

17:00:08.0757 8236 wudfsvc - ok

17:00:08.0780 8236 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll

17:00:08.0786 8236 WwanSvc - ok

17:00:08.0917 8236 [ D42B153CD9AC1237B7FAC8BA24E1A7E4 ] wwEngineSvc C:\Program Files (x86)\Webroot\Washer\WasherSvc.exe

17:00:08.0922 8236 wwEngineSvc - ok

17:00:09.0024 8236 [ 1619A3283D9125D44116A1EE9143E035 ] XMail C:\Program Files (x86)\acquia-drupal\xmail\XMail.exe

17:00:09.0030 8236 XMail - ok

17:00:09.0077 8236 [ 38F55D07B1D3391065C40EC065F984E2 ] xusb21 C:\windows\system32\DRIVERS\xusb21.sys

17:00:09.0080 8236 xusb21 - ok

17:00:09.0159 8236 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

17:00:09.0165 8236 YahooAUService - ok

17:00:09.0204 8236 ================ Scan global ===============================

17:00:09.0227 8236 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll

17:00:09.0277 8236 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll

17:00:09.0287 8236 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\windows\system32\winsrv.dll

17:00:09.0319 8236 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll

17:00:09.0343 8236 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe

17:00:09.0350 8236 [Global] - ok

17:00:09.0350 8236 ================ Scan MBR ==================================

17:00:09.0363 8236 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0

17:00:09.0567 8236 \Device\Harddisk0\DR0 - ok

17:00:09.0568 8236 ================ Scan VBR ==================================

17:00:09.0583 8236 [ 01DC71CFDF6F5BA7AFCA83B0124D6033 ] \Device\Harddisk0\DR0\Partition1

17:00:09.0585 8236 \Device\Harddisk0\DR0\Partition1 - ok

17:00:09.0585 8236 ============================================================

17:00:09.0585 8236 Scan finished

17:00:09.0585 8236 ============================================================

17:00:09.0592 7564 Detected object count: 0

17:00:09.0592 7564 Actual detected object count: 0

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.