Please help

mhomer · April 17, 2013

I have a virus on my computer that Malwarebytes does not detect. It will run only in safemode and not in normal mode. Nothing .exe will run in normal mode. I have tried to download the dds.txt and attach.txt but get the error message the same as I do when I try to run anything which is 'the service cannot be started either because it is disabled or because it has no enabled devices associated with it.' I have run a few different antivirus programmes and managed to eradicate a few trojans but once obviously remains hidden.

Any help would be gratefully appreciated.

Thanks

Michelle

Maurice Naggar · April 17, 2013

Hello Michelle and welcome to MalwareBytes forum,

What is your Windows version, please?

IF you cannot download on this system (even after trying Safe mode With Networking) then you need a clean computer to do the downloads, Save to a new USB-flash-thumb drive or burn to CD, and then sneakernet-transport to the problem pc, and then copy the tools to the Desktop

Download OTL by OldTimer to your desktop: http://oldtimer.geekstogo.com/OTL.exe

Close all open windows on the Task Bar. Click the icon (for Vista, or Windows 7 or 8 Right click the icon and Run as Administrator) to start the program.
In the lower right corner, checkmark "LOP Check" and checkmark "Purity Check".
Now click Run Scan at Top left and let the program run uninterrupted. It will take about 4 minutes.
It will produce two logs for you, one will pop up called OTL.txt, the other will be saved on your desktop and called Extras.txt.
Exit Notepad. Remember where you've saved these 2 files as we will need both of them shortly!
Exit OTL by clicking the X at top right.

Download Security Check by screen317 and save it to your Desktop: here

Run Security Check
Follow the onscreen instructions inside of the command window.
A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Then copy/paste the following into your post (in order):

the contents of OTL.txt;
the contents of Extras.txt ; and
the contents of checkup.txt

Be sure to do a Preview prior to pressing Add Reply because all reports may not fit into 1 single reply. You may have to do more than 1 reply.

Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.

mhomer · April 17, 2013

Windows 7 Home Premium 64-bit

I can download to the system but I cannot open as it is an .exe and I get the same error message as quoted before. Can I run in this in safe mode?

mhomer · April 17, 2013

OTL logfile created on: 17/04/2013 19:52:51 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michelle\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.67 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 68.57% Memory free

7.34 Gb Paging File | 6.21 Gb Available in Paging File | 84.61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 284.91 Gb Total Space | 159.54 Gb Free Space | 56.00% Space Free | Partition Type: NTFS

Drive D: | 0.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NEWVAIO | User Name: Michelle | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/17 19:52:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michelle\Downloads\OTL (1).exe

PRC - [2013/04/09 09:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

========== Modules (No Company Name) ==========

MOD - [2013/04/09 09:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll

MOD - [2013/04/09 09:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll

MOD - [2013/04/09 09:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/04/14 17:07:27 | 000,109,352 | ---- | M] (SurfRight B.V.) [Auto | Stopped] -- C:\Program Files\HitmanPro\hmpsched.exe -- (HitmanProScheduler)

SRV:64bit: - [2012/06/24 21:47:38 | 000,216,072 | ---- | M] (Nitro PDF Software) [Disabled | Stopped] -- C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe -- (NitroDriverReadSpool2)

SRV:64bit: - [2012/01/13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)

SRV:64bit: - [2011/05/19 19:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)

SRV:64bit: - [2011/02/18 22:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)

SRV:64bit: - [2011/02/14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)

SRV:64bit: - [2011/01/20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)

SRV:64bit: - [2010/06/21 18:00:52 | 000,575,856 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)

SRV:64bit: - [2010/06/09 15:56:02 | 000,384,880 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)

SRV:64bit: - [2010/06/08 23:55:14 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV:64bit: - [2010/06/08 17:00:04 | 000,836,608 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)

SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2013/03/13 13:48:34 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/02/18 21:29:12 | 000,968,880 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe -- (vToolbarUpdater14.2.0)

SRV - [2013/02/18 11:20:00 | 000,395,640 | ---- | M] (Eastman Kodak Company) [Auto | Stopped] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)

SRV - [2013/01/15 14:07:42 | 000,780,152 | ---- | M] (Eastman Kodak Company) [Disabled | Stopped] -- C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)

SRV - [2012/12/18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/11/16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)

SRV - [2012/11/05 21:06:14 | 001,044,816 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2012/10/22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)

SRV - [2012/06/24 21:47:42 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Disabled | Stopped] -- C:\Windows\SysWOW64\NLSSRV32.EXE -- (nlsX86cc)

SRV - [2012/06/24 18:16:10 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2011/05/06 14:07:18 | 000,460,144 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe -- (FlipShare Service)

SRV - [2011/05/06 13:58:52 | 001,085,440 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe -- (FlipShareServer)

SRV - [2011/01/20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)

SRV - [2010/06/20 21:47:18 | 000,108,400 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)

SRV - [2010/06/20 21:47:16 | 000,067,952 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)

SRV - [2010/06/18 07:07:12 | 000,423,280 | ---- | M] (Sony Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)

SRV - [2010/06/01 03:01:56 | 000,367,456 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)

SRV - [2010/05/31 19:18:32 | 000,217,968 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)

SRV - [2010/05/28 21:02:57 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2010/05/28 21:02:38 | 000,268,824 | ---- | M] (Intel Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)

SRV - [2010/03/04 04:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)

SRV - [2009/10/09 05:45:56 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor8.0)

SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/09/18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/02/18 21:29:12 | 000,039,768 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)

DRV:64bit: - [2012/11/16 00:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)

DRV:64bit: - [2012/10/22 14:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)

DRV:64bit: - [2012/10/15 04:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)

DRV:64bit: - [2012/10/10 12:40:49 | 000,082,944 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\marsqx5.sys -- (marsqx5)

DRV:64bit: - [2012/10/02 03:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)

DRV:64bit: - [2012/09/28 11:32:56 | 000,053,760 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/09/21 03:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)

DRV:64bit: - [2012/09/21 03:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)

DRV:64bit: - [2012/09/14 03:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/04/18 15:05:16 | 000,019,304 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)

DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/08/10 17:40:58 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)

DRV:64bit: - [2011/07/13 14:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011/07/13 14:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011/05/18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

DRV:64bit: - [2011/05/10 08:06:14 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)

DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010/11/19 18:15:24 | 000,008,152 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\activmouse.sys -- (prmvmouse)

DRV:64bit: - [2010/11/19 18:15:22 | 000,097,496 | ---- | M] (Promethean Technologies Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ACTIVhidmini.sys -- (ACTIVhidmini)

DRV:64bit: - [2010/09/15 14:42:08 | 000,299,568 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)

DRV:64bit: - [2010/08/26 10:19:38 | 000,287,232 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [2010/08/26 10:16:50 | 010,603,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2010/06/24 21:06:24 | 006,107,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)

DRV:64bit: - [2010/06/23 21:04:45 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2010/06/23 21:04:43 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)

DRV:64bit: - [2010/06/23 21:04:43 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010/06/23 21:04:43 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2010/06/23 21:04:09 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2010/06/23 21:03:07 | 000,078,848 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)

DRV:64bit: - [2010/06/23 21:02:59 | 000,094,208 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)

DRV:64bit: - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)

DRV:64bit: - [2010/05/31 22:36:48 | 000,402,720 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2010/05/31 22:36:41 | 001,573,888 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010/05/28 21:03:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010/05/28 21:02:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)

DRV:64bit: - [2010/04/26 21:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)

DRV:64bit: - [2010/03/04 03:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)

DRV:64bit: - [2008/06/16 03:00:00 | 000,055,024 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV - [2010/06/14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)

DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2007/04/02 16:02:02 | 000,072,576 | ---- | M] (Mars Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\marsqx5.sys -- (marsqx5)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=DSGI&bmod=DSGI

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co...=DSGI&bmod=DSGI

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}

IE:64bit: - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...ng}&rlz=1I7DSGI

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2790392

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co...=SVEE&bmod=SVEE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\..\URLSearchHook: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No CLSID value found

IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{14DFA84A-4E8C-4E8E-8692-0F4891616116}: "URL" = http://search.avg.co...e}&iy=&ychte=us

IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask...30-B0A1044E693C

IE - HKCU\..\SearchScopes\{1C64810A-99A5-4934-BC17-6179020C66FD}: "URL" = http://uk.search.yah...p={searchTerms}

IE - HKCU\..\SearchScopes\{46758651-D0AB-4841-9B71-07ABCBF6A986}: "URL" = http://services.zini...}&rf=sonyslices

IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.co...&rlz=1I7SVEE_en

IE - HKCU\..\SearchScopes\{69D8CF82-0534-48ED-B725-D920501A22DC}: "URL" = http://uk.shopping.c...nkin_id=8056359

IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7

IE - HKCU\..\SearchScopes\{6FEC3B83-86D3-4021-A20F-3DE57EC2A922}: "URL" = http://rover.ebay.co...e={searchTerms}

IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.c...fr&d=2012-10-01 19:24:19&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}

IE - HKCU\..\SearchScopes\{AC854C16-CA1E-43f1-8513-0D2F36C726ED}: "URL" = http://www.sicto.com...=t&rls=QUHm3Lkv

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2790392

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"

FF - prefs.js..browser.search.selectedEngine: "Ask.com"

FF - prefs.js..extensions.enabledAddons: avg@toolbar:14.2.0.1

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll ()

FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101753.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\14.2.0.1 [2013/02/18 21:29:27 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/04/12 14:09:06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013/04/12 14:09:06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/14 09:32:37 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/21 10:58:17 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/11/14 09:32:37 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/21 10:58:17 | 000,000,000 | ---D | M]

[2012/01/25 14:32:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\Mozilla\Extensions

[2013/03/18 20:48:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\xkhvodhw.default\extensions

[2013/03/18 19:29:09 | 000,002,308 | ---- | M] () -- C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\xkhvodhw.default\searchplugins\askcom.xml

[2012/03/21 09:34:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2013/02/18 21:29:27 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\14.2.0.1

[2012/06/24 18:16:11 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012/10/08 14:47:14 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll

[2013/02/18 21:29:28 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml

[2012/06/24 18:16:07 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012/06/24 18:16:07 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - default_search_provider: Ask (Enabled)

CHR - default_search_provider: search_url = http://websearch.ask...q={searchTerms}

CHR - default_search_provider: suggest_url = http://ss.websearch....q={searchTerms},

CHR - homepage: http://www.google.com/

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll

CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll

CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjigkifooejljidiapmgeaoeglmgonll\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll

CHR - plugin: RealPlayer Download Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpplugin.dll

CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll

CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll

CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll

CHR - plugin: Java™ Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.22 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll

CHR - plugin: Nitro PDF Plug-In (Enabled) = C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll

CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Michelle\AppData\Local\Facebook\Messenger\2.1.4590.0\npFbDesktopPlugin.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll

CHR - Extension: YouTube = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\

CHR - Extension: AVG Security Toolbar = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\14.2.0.1_0\

CHR - Extension: Gmail = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_2\

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll File not found

O2:64bit: - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Interactive Viewer\Win64\NotebookPlugin.dll (SMART Technologies ULC.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll File not found

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (SMART Notebook Download Utility) - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Notebook Interactive Viewer\Win32\NotebookPlugin.dll (SMART Technologies ULC.)

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()

O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll ()

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.

O4:64bit: - HKLM..\Run: [ActivControl] C:\Program Files\Activ Software\ActivDriver\ActivControl2x64.exe (Promethean Technologies Group Ltd)

O4:64bit: - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found

O4 - HKLM..\Run: [EKStatusMonitor] C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)

O4 - HKLM..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)

O4 - HKLM..\Run: [NPSStartup] File not found

O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)

O4 - HKLM..\Run: [sHTtray.exe] C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe (Sony Corporation)

O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)

O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()

O4 - HKCU..\Run: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe" File not found

O4 - HKCU..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe (Sony Corporation)

O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)

O4 - HKCU..\Run: [VRLPHelper] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe (Sony Corporation)

O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O8:64bit: - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found

O8:64bit: - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found

O8:64bit: - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found

O8:64bit: - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found

O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found

O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found

O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found

O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab (Microsoft Office Template and Media Control)

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} http://catalog.updat...b?1346960208502 (MUCatalogWebControl Class)

O16 - DPF: {6F0892F7-0D44-41C3-BF07-7599873FAA04} https://go.girlguidi...tiveXViewer.cab (Crystal ActiveX Report Viewer Control 11.5)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)

O16 - DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} http://webalbum.bonu...geUploader6.cab (Bonusprint Image Uploader Version 6.x Control)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{423D4F55-13A2-4D2E-BBDA-A1774A136043}: DhcpNameServer = 10.0.0.150 10.0.0.151

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AE879523-E971-4EF5-A301-84A0DCE2A149}: DhcpNameServer = 109.249.185.224 109.249.186.32

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B68B29E1-ECF4-4A80-B9C7-C0631DB2A63A}: DhcpNameServer = 82.132.254.2 82.132.254.3

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3593B11-7940-4EF9-BF6F-C86A919D5698}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll File not found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll File not found

O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.2.0\ViProtocol.dll ()

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2010/05/03 21:14:07 | 000,000,113 | ---- | M] () - C:\autorun.inf -- [ NTFS ]

O32 - AutoRun File - [2011/02/11 14:06:17 | 000,000,050 | R--- | M] () - D:\autorun.inf -- [ UDF ]

O33 - MountPoints2\{047926ca-3d0e-11e0-98ac-806e6f6e6963}\Shell - "" = AutoRun

O33 - MountPoints2\{047926ca-3d0e-11e0-98ac-806e6f6e6963}\Shell\AutoRun\command - "" = D:\seniorsectioncd.exe -- [2011/03/01 12:23:37 | 018,386,116 | R--- | M] (Adobe Systems, Inc.)

O33 - MountPoints2\{58eac9dc-5137-11e0-82cd-18f46ae2ded7}\Shell - "" = AutoRun

O33 - MountPoints2\{58eac9dc-5137-11e0-82cd-18f46ae2ded7}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/17 15:23:37 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Roaming\QuickScan

[2013/04/17 14:28:50 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Roaming\PeerNetworking

[2013/04/14 17:07:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

[2013/04/14 17:07:27 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro

[2013/04/14 17:05:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro

[2013/04/14 14:13:58 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2013/04/14 14:13:58 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2013/04/14 14:13:56 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2013/04/14 14:13:55 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2013/04/14 14:13:55 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2013/04/14 14:13:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2013/04/14 14:13:55 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2013/04/14 14:13:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2013/04/14 14:13:54 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2013/04/14 14:13:53 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2013/04/14 14:13:53 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2013/04/14 14:13:52 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2013/04/14 14:13:49 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2013/04/14 14:13:49 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2013/04/14 14:13:49 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2013/04/12 14:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2013/04/12 14:21:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2013/04/12 14:21:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2013/04/12 12:19:30 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup

[2013/04/12 11:02:45 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll

[2013/04/12 11:02:42 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll

[2013/04/12 11:02:36 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll

[2013/04/12 11:02:36 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll

[2013/04/12 11:02:36 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll

[2013/04/12 11:02:36 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll

[2013/04/12 11:01:59 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2013/04/12 11:01:56 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2013/04/12 11:01:56 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2013/04/12 11:01:54 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe

[2013/04/12 11:01:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2013/04/12 11:01:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll

[2013/03/26 14:01:44 | 000,000,000 | ---D | C] -- C:\Users\Michelle\Downloads\Desktop\Website policies

[2013/03/26 09:35:23 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys

[2011/03/05 21:41:16 | 006,533,584 | ---- | C] (Xobni) -- C:\Users\Michelle\XobniSetup.exe

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/04/17 19:57:20 | 000,797,774 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/04/17 19:57:20 | 000,676,816 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/04/17 19:57:20 | 000,130,646 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/04/17 19:50:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/04/17 19:50:07 | 2955,485,184 | -HS- | M] () -- C:\hiberfil.sys

[2013/04/17 19:48:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/04/17 19:32:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/04/17 14:45:28 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/04/17 14:45:28 | 000,013,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/04/17 14:37:59 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/04/17 10:00:32 | 000,348,061 | ---- | M] () -- C:\test.xml

[2013/04/14 17:29:58 | 000,000,930 | ---- | M] () -- C:\Windows\SysNative\.crusader

[2013/04/14 14:26:59 | 000,481,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/04/12 14:21:54 | 000,001,278 | ---- | M] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2013/04/12 11:09:55 | 000,021,504 | ---- | M] () -- C:\Windows\SysNative\umstartup.etl

[2013/04/03 19:27:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\JOPHMyy.exe

[2013/03/25 13:23:50 | 000,036,352 | ---- | M] () -- C:\Users\Michelle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013/03/19 07:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2013/03/19 06:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2013/03/19 06:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2013/03/19 06:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2013/03/19 05:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll

[2013/03/19 04:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/04/14 17:54:57 | 000,000,834 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

[2013/04/14 17:29:58 | 000,000,930 | ---- | C] () -- C:\Windows\SysNative\.crusader

[2013/04/12 14:21:54 | 000,001,278 | ---- | C] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk

[2013/04/03 19:27:11 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\JOPHMyy.exe

[2012/04/26 10:23:14 | 000,000,054 | ---- | C] () -- C:\Windows\SLuserdata.ini

[2011/11/21 22:02:38 | 000,130,109 | ---- | C] () -- C:\Users\Michelle\info.pdf

[2011/10/31 22:28:15 | 000,000,096 | ---- | C] () -- C:\Users\Michelle\AppData\Local\fusioncache.dat

[2011/08/26 17:31:09 | 000,004,096 | -H-- | C] () -- C:\Users\Michelle\AppData\Local\keyfile3.drm

[2011/07/05 10:08:44 | 000,036,352 | ---- | C] () -- C:\Users\Michelle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2011/02/20 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\ACTIV Software

[2011/07/31 22:11:31 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Amazon

[2011/10/17 11:52:36 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\AusLogics

[2011/10/18 19:15:14 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\AVG2012

[2012/10/01 19:25:00 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\AVG2013

[2012/08/31 14:54:00 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\BitTorrent

[2012/06/27 12:59:42 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Downloaded Installations

[2012/07/28 20:19:01 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Garmin

[2011/10/31 22:28:08 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Hodder Education

[2011/03/30 21:19:52 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\MP3 Speed

[2013/01/07 15:45:08 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Nitro PDF

[2011/04/11 21:44:12 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Nokia

[2011/04/11 21:44:53 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\PC Suite

[2012/09/16 15:53:07 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\PCCUStubInstaller

[2013/04/17 14:28:50 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\PeerNetworking

[2013/04/12 14:09:01 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Promethean

[2011/02/20 22:09:18 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Quest3D

[2013/04/17 15:23:40 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\QuickScan

[2011/02/20 20:26:57 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Roaming

[2011/06/14 18:49:54 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Samsung

[2012/11/05 21:10:16 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\SMART Technologies

[2012/11/05 21:10:22 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\SMART Technologies Inc

[2011/02/23 17:13:48 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\SoftGrid Client

[2011/02/20 18:04:21 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Temp

[2011/02/22 14:04:14 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Template

[2011/02/20 17:52:12 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\TP

[2012/10/01 19:24:39 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\TuneUp Software

[2011/02/28 23:07:01 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Windows Live Writer

========== Purity Check ==========

========== Files - Unicode (All) ==========

[2012/04/17 23:37:41 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?N) -- C:\Windows\SysNative\숀N

[2012/04/17 23:37:41 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?N) -- C:\Windows\SysNative\숀N

[2012/04/16 22:35:28 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?Æ) -- C:\Windows\SysNative\숀Æ

[2012/04/16 22:35:27 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?Æ) -- C:\Windows\SysNative\숀Æ

[2012/04/12 21:37:47 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?É) -- C:\Windows\SysNative\숀É

[2012/04/12 21:37:47 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?É) -- C:\Windows\SysNative\숀É

[2012/02/19 23:02:37 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\??) -- C:\Windows\SysNative\숀

[2012/02/19 23:02:37 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\??) -- C:\Windows\SysNative\숀

[2012/02/05 22:48:54 | 000,000,040 | ---- | M] ()(C:\Windows\SysNative\?Ç) -- C:\Windows\SysNative\숀Ç

[2012/02/05 22:48:53 | 000,000,040 | ---- | C] ()(C:\Windows\SysNative\?Ç) -- C:\Windows\SysNative\숀Ç

========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences

< End of report >

mhomer · April 17, 2013

OTL Extras logfile created on: 17/04/2013 19:52:51 - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michelle\Downloads

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.67 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 68.57% Memory free

7.34 Gb Paging File | 6.21 Gb Available in Paging File | 84.61% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 284.91 Gb Total Space | 159.54 Gb Free Space | 56.00% Space Free | Partition Type: NTFS

Drive D: | 0.50 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: NEWVAIO | User Name: Michelle | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Value error.

htmlfile [opennew] -- Reg Error: Value error.

htmlfile [print] -- Reg Error: Value error.

http [open] -- Reg Error: Key error.

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Value error.

htmlfile [opennew] -- Reg Error: Value error.

htmlfile [print] -- Reg Error: Value error.

http [open] -- Reg Error: Key error.

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0DBA449E-949D-48BD-80D4-1D0DE2FEE32A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{0DC95307-92A6-4C0C-AA47-0526E2AF4F1B}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |

"{2221676D-B9D6-4C92-859B-3633E61EEB0E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{25565CAE-E60D-4973-9A6B-B10DD13A8D12}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{2B6F06F3-6726-4F78-98B3-3EAEB5581993}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{44F26E31-7E90-4270-A00A-0B5F8A3DB4A7}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{4649CD80-BF94-42C5-8AA2-95538D7877E4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{4C8EDF21-5B3B-4F6D-B068-922D8A2E8418}" = lport=7000 | protocol=17 | dir=in | name=windows easy transfer udp port |

"{4E14DEA4-C791-41FB-83C4-D045217AD910}" = lport=445 | protocol=6 | dir=in | app=system |

"{501387F2-06B8-4C17-A2C1-2629ECF1A4A9}" = lport=7000 | protocol=6 | dir=in | name=windows easy transfer tcp port |

"{5F5CD615-8FA8-49F0-9F71-0758AA122C22}" = rport=138 | protocol=17 | dir=out | app=system |

"{6D61C229-6A03-44FC-9C58-CB72AE695FF7}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{70FB163F-521D-4234-88AE-380C884F7217}" = lport=2869 | protocol=6 | dir=in | app=system |

"{803BC4E1-D0E5-4402-9AEF-C03606F9BC7F}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{85BF55D6-190A-435B-A7B6-E6F7BE221021}" = rport=139 | protocol=6 | dir=out | app=system |

"{86441D8A-9CB0-45BC-93BC-8C06301CBA4A}" = lport=137 | protocol=17 | dir=in | app=system |

"{94A6B96C-7B85-47A0-B4F7-6B46AEBA8F62}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{973C30BE-9270-4103-872E-1804FE94B25C}" = rport=137 | protocol=17 | dir=out | app=system |

"{A1DAB6C7-4D1B-4630-A8A5-AC50BD0492FC}" = rport=445 | protocol=6 | dir=out | app=system |

"{AABEF3C7-321B-4AE7-8A37-6E9C59287DE5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{AB684A17-24B6-4EA2-B06A-0C499A175455}" = lport=24726 | protocol=6 | dir=in | name=flipshareserver |

"{B7E93933-D108-4520-8C5B-0F93F177B937}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{B8611F7C-4D73-4F90-95D2-C02947F4E61B}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery |

"{BE59C5AA-D1D3-4C98-9386-405C1B0A2497}" = lport=10243 | protocol=6 | dir=in | app=system |

"{BF73DC0C-936A-4C21-9B97-C1A48FDBAC2A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

"{BFA317F2-C8DA-453B-854A-327DBC2A9090}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |

"{C4F926D5-A923-4A32-AEB5-50B904F1451D}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 |

"{D0AED2D2-D0E0-459C-95D4-C405C4428943}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{D4193836-0E83-47BA-9ABD-72AEEC6892EA}" = lport=139 | protocol=6 | dir=in | app=system |

"{D8227641-6D06-4B57-9763-95B5A01FC74A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{DD9ED000-4A29-4BF4-915F-BB43EC903EF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{E70078F9-9778-4F84-8004-DE49B16D2916}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{E7E2D064-6A8B-442F-B91D-E3C22AA5D231}" = lport=2869 | protocol=6 | dir=in | app=system |

"{E8C8AC2A-8133-4C21-8D0D-FE7B1E65D2A5}" = lport=138 | protocol=17 | dir=in | app=system |

"{ED25F420-42D7-4DF2-AEB5-B13AFDACD07F}" = lport=24727 | protocol=6 | dir=in | name=flipshareserver |

"{EF12EA55-C163-4522-B06F-31E10124A9DF}" = rport=10243 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0E861156-B920-4EAF-8E07-12F6B63E8B27}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{0EA39D13-0323-4617-B28E-4E64CDDF1668}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymedia.exe |

"{15440336-D26A-4BD3-8E42-A93DFADAB64D}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{167BA0AC-81CC-45B0-8B76-E025EC7BA952}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |

"{17531022-3C14-4962-A990-5014D466E938}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{1AF6BAE9-0B57-418E-A523-69F03551C0AF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{21E93530-F16B-437F-98F6-8659313F2EEC}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |

"{2747E099-17E5-4CB8-A2B9-AA28163FF793}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |

"{274F572C-6CF2-472E-9478-4F3390134A5D}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |

"{275BAFC4-9298-4733-90CB-B2DF14013D7B}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohdms.exe |

"{2C17D0BA-5482-4D6B-8B9C-AEDBF13C4105}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{2E654FBD-6088-44B4-9654-98F98FA659F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{2EE7352C-A926-4F5E-A48C-8E48A92B25AD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |

"{348F4410-03C9-4745-AC8E-65207D3B4797}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{34E7BD77-D4DE-4CE6-B6A5-3099DF567F38}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |

"{393B2FB7-C2D1-40D4-AAD9-6BFB09A678CB}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |

"{3C8AB3BF-F26A-4792-B29F-BD862F10E7D2}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |

"{42F65304-FF11-4BDF-AB0A-66E12B3CC8F3}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |

"{4785FC6F-C73A-489A-8D55-0661A946E1A7}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |

"{4EC0F817-C0BA-4A7F-929C-8128A51861C7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |

"{4F39196E-7196-44FC-A57B-73814D5E1E97}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |

"{52D526B6-A424-46AF-A7B2-487F0D020E75}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |

"{59A8520F-F33E-4267-8A75-8F6E9E9BC297}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{5AE41620-FDD3-4CF2-860D-EA1C80A57DEF}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |

"{5C1AD99B-64E0-42B5-A655-92CEF6157406}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{610B97FA-BCB2-4F94-B996-C6EAD0BFCED0}" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |

"{6206DFF0-2737-4603-984E-071B45F023A5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{62FC7742-3245-45AE-BC4A-525FBA351B6F}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |

"{691C353B-6A5D-4CF4-9CED-320D6DA8CE1D}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |

"{6B1E1998-E709-4E19-BE12-A8A5A63E9D2A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{72D458C3-D19F-48CD-A177-AC3F4D725F08}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |

"{732C5AA6-4840-405D-BB67-D28231AA7D60}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |

"{79F30BAC-EA78-44D3-9A69-342AFE2DE3BE}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{7C752343-024D-4B1A-9CAF-311C0876A364}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |

"{7CAD62FD-D76D-4DA1-AE90-EA9EBC3E1853}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\aiohomecenter.exe |

"{7D1C1C64-8917-4AA9-AD6C-223BDDDC5185}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |

"{81914977-C382-4F4C-BA22-ABB51F6347F0}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |

"{84674951-BB2B-4099-B957-8AB092C7799B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{85F0ED4E-67C8-45A5-A6C8-94F68514C93F}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{8E7E5788-B75F-4014-9395-C90D30995EDD}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |

"{8F6858CC-575E-44E9-B98D-D4C9D1F4F45A}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |

"{92E34A06-130B-4E04-BCB2-ECB2B4BE8CDE}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |

"{958A45E7-E0A0-43DA-896E-29EECB6B5278}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |

"{9898B6EE-BB62-4A38-97D6-B440AA33B640}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{9DB08B25-155B-4C78-A91D-DE32E7644B74}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{A2F402AE-8F52-4244-9447-470A7E4D6C64}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymedia.exe |

"{A2F6D160-472A-4365-B5BF-CB248AF04644}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A39FAB7D-7CC5-41BD-BFF4-90EA361508E0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{A46AC77E-98D7-45A8-B4D3-0A2096E63F4F}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |

"{A5169B3D-FCAC-4D70-866D-E70A0AA683A1}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |

"{A795A0DE-E0DC-47A2-8630-1EB9FA96D508}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{A9EE64A3-F087-4879-A59B-6D3B0EE143FC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |

"{AB64CA46-ADA6-47E9-B024-A5328570C728}" = protocol=6 | dir=out | app=system |

"{AE2362CE-B69F-4410-94AD-519E985C026E}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohcimp.exe |

"{AF4F31BE-882F-4551-ADF3-22D4000D5EF9}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |

"{B3684086-A30E-4F4B-8ACD-F257A71BCA8F}" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |

"{B7B606A4-F6E9-4933-BB61-788F2C21B091}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |

"{B8F34099-3E81-4047-B82B-4B818EC3056D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |

"{B98C5BC5-84F2-4A66-BD68-BDC90C9143FE}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\networkprinterdiscovery.exe |

"{BD418565-5962-4256-9017-79ED401CFEB0}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |

"{BFB124AF-8E49-4410-B60E-6F08C8999CCC}" = dir=in | app=c:\program files (x86)\common files\sony shared\sohlib\sohds.exe |

"{C21899BB-ED4F-468A-AF5E-ABB449F04E1C}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\firmware\kodakaioupdater.exe |

"{C290143A-16EC-4B36-BBB8-827351A0C464}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe |

"{C2C434A0-7123-4B48-AE63-CE3F1E952B3E}" = protocol=17 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymediaserver.exe |

"{C4826269-7515-4B72-91EE-39DF43BC936C}" = protocol=6 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |

"{CF22A4D8-CA30-44CC-A235-01FE476CE48E}" = protocol=6 | dir=in | app=c:\program files (x86)\nokia\nokia home media server\media server\twonkymediaserver.exe |

"{CF706C52-1B06-44BC-A18A-DA7EDFC0497F}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |

"{CFEE9DA6-C550-403A-8C13-FC068D162133}" = protocol=17 | dir=in | app=c:\program files (x86)\kodak\aio\center\kodak.statistics.exe |

"{D116D077-EEAA-4E2A-ABE3-7328BD236AA1}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe |

"{D7248DFD-3AFC-42C2-A067-2FD3382C9EE6}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |

"{D7AC48ED-20CD-4B2F-A09A-FF47658C339A}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |

"{E29E469D-D920-463C-A5C9-F18730C28B1D}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{E2B11D5A-57B2-4787-8F57-EA5ABDD32D11}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{E404A8AF-E4DA-43EB-8A61-CF87CDE9E3BB}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{E5B6840C-47C2-49B1-964E-9C47177AEE86}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{E63AF4C2-AA8B-43D1-A4F5-2C95751049B1}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"{E8167B93-E1AB-4B86-A515-2FA8CA4FDD1F}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |

"{E86AE54E-9E9E-487A-A3F2-611F6680A0A6}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg10\avgmfapx.exe |

"{F0EA2DBE-EC0F-4EF0-BCDD-C764B86F41A3}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe |

"{F5F855EE-FE8B-40D1-B980-E4962AE61A61}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"TCP Query User{00B3DB4D-520B-454E-9796-78FDBFFD1B9E}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

"TCP Query User{044F196B-6288-478E-BDEE-B2316F0B091A}C:\users\michelle\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\michelle\appdata\roaming\spotify\spotify.exe |

"TCP Query User{0E3355E2-04AC-4632-A341-E8B2FF63E694}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |

"TCP Query User{6FD4E85F-1FED-446D-84ED-F34A6562FA15}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

"TCP Query User{7218779F-F659-410B-8674-5B412867AE30}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"TCP Query User{868CF69C-BD81-433E-AD9B-84D2E1ABBF40}C:\users\michelle\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\michelle\appdata\roaming\spotify\spotify.exe |

"TCP Query User{999A6D50-436A-4B55-88DA-4D3DE3B67B09}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |

"TCP Query User{B0A73D45-E2E2-43EE-B17A-6BA96D33780C}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=6 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"TCP Query User{C156422F-B8D1-4CA8-AA2B-9B92F4085DD8}C:\users\michelle\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=6 | dir=in | app=c:\users\michelle\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |

"TCP Query User{CEB7BF0C-EF23-493B-B682-348338B9EADD}\\newvaio\users\public\eb4-cd-v326-fullinstaller-noxps\e-studio\setup.exe" = protocol=6 | dir=in | app=\\newvaio\users\public\eb4-cd-v326-fullinstaller-noxps\e-studio\setup.exe |

"UDP Query User{0BFCA50E-3CFE-4A28-AD11-66A9A48236D5}C:\users\michelle\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\michelle\appdata\roaming\spotify\spotify.exe |

"UDP Query User{33EEC152-2160-45C9-A2F3-FBD99142BB56}C:\program files (x86)\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files (x86)\real\realplayer\realplay.exe |

"UDP Query User{6D767553-01E8-447F-9FEA-745A8011CF63}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"UDP Query User{74CE9C58-2B32-49A7-B75C-FBD03A28AC2D}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

"UDP Query User{7EDF978A-67BA-4ACF-AA32-5D4A046B84A3}C:\users\michelle\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe" = protocol=17 | dir=in | app=c:\users\michelle\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe |

"UDP Query User{9244BF97-C497-49AD-AAC7-4C5636EC95CC}C:\users\michelle\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\michelle\appdata\roaming\spotify\spotify.exe |

"UDP Query User{BB60F1AC-022C-4EE4-9E4A-98692DF23F82}C:\program files (x86)\bearshare applications\bearshare\bearshare.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bearshare applications\bearshare\bearshare.exe |

"UDP Query User{C0068DC3-F48D-47F3-B5CB-2C95F5307C78}\\newvaio\users\public\eb4-cd-v326-fullinstaller-noxps\e-studio\setup.exe" = protocol=17 | dir=in | app=\\newvaio\users\public\eb4-cd-v326-fullinstaller-noxps\e-studio\setup.exe |

"UDP Query User{F633FE53-46FF-4220-BE21-A59895E93054}C:\program files (x86)\windows live\messenger\msnmsgr.exe" = protocol=17 | dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"UDP Query User{FD5B46D6-B967-45BC-98F5-9BE12838FEF6}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt

"{115B60D5-BBDB-490E-AF2E-064D37A3CE01}" = Media Gallery

"{11D25EF7-85FC-4B58-8278-485939C8637F}" = VAIO Update Merge Module x64

"{133D3F07-D558-46CE-80E8-F4D75DBBAD63}" = PMB VAIO Edition Plug-in

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

"{202B76AB-1B21-434E-A289-788D767D3A7C}" = Media Gallery

"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables

"{26A24AE4-039D-4CA4-87B4-2F86416020FF}" = Java 6 Update 20 (64-bit)

"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer

"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support

"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software

"{46261E1C-5E0D-484E-8CCC-7F770375FBA2}" = VU5x64

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{550331CC-C34B-494F-BCDA-37CE4EF6E924}" = Garmin Communicator Plugin x64

"{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F}" = VAIO Media plus

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7C3AC18F-F19B-4082-8D13-7D603848E06C}" = VAIO Update Merge Module x64

"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO

"{A3D964A6-411A-4817-9D58-5CB8808F494E}" = VAIO Media plus

"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175

"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{CD7B010C-307E-47A6-856C-D059F0D1F72C}" = Nitro Pro 7

"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{E743BA71-5955-420B-AA52-67508054AD66}" = VAIO Update Merge Module x64

"{F15D3F83-06DD-40AE-B7FC-AF720B154589}" = ActivDriver x64 v5.7

"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"647D95B844BB6F3D7774FEB6EA0280E4A88F8747" = Windows Driver Package - Digital Blue (marsqx5) Image (04/04/2007 1.0.0.0)

"AVG" = AVG 2013

"HitmanPro37" = HitmanPro 3.7

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2

"NMMS11" = Nero 11 Mini Repack

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}" = VAIO Care

"{08786A53-D98F-484A-867C-3302BC5AE30D}" = Digital Blue QX5 Microscope

"{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}" = VAIO Smart Network

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{13EC74A6-4707-4D26-B9B9-E173403F3B08}" = Quick Web Access

"{13F054F3-0B07-4D15-9E80-C55B496AB557}" = Garmin Communicator Plugin

"{177AF091-7854-4615-8327-AC7518F62782}" = VAIO Media plus

"{17DFE37C-064E-4834-AD8F-A4B2B4DF68F8}" = Adobe Photoshop Elements 8.0

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.4

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20536917-E2DF-45D9-B41F-9AC0CAFFE48A}" = Media Gallery

"{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = PMB VAIO Edition Plug-in

"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java 6 Update 31

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2F9D63BE-A891-4E39-AFB3-7402D486800C}" = VAIO Hardware Diagnostics

"{32C747FB-2576-4503-B75D-DEE95161C60E}" = ActivInspire Core Resources (ENU) v1

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = PMB VAIO Edition Guide

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}" = VAIO Care

"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr

"{37D8D8A3-700D-446B-A543-143AA4ABF211}" = Connecting Steps V2

"{3AD8FF5D-8483-485B-83EB-F4778BAFB3EC}" = The Nelson Handwriting Template file

"{3DB5EA77-4A14-4EC9-8BFC-73BC848BDE73}" = Media Gallery

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support

"{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0

"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater

"{49AE768B-20DB-403D-AF92-53248BB0060D}" = Intel® Play QX3 Computer Microscope

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4B9DA746-5AE1-4BA0-9087-BDB162242890}" = VAIO Media plus

"{52F9CDDA-26F6-4499-90E0-6DDDE6D2259C}" = VAIO Media plus

"{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}" = VAIO Sample Contents

"{56BA241F-580C-43D2-8403-947241AAE633}" = center

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}" = VAIO Data Restore Tool

"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data

"{5BEE8F1F-BD32-4553-8107-500439E43BD7}" = VAIO Update

"{5C9DDCE0-66CF-11D4-9100-0090274FBE9A}" = Intel® System Information Viewer

"{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}" = VAIO Transfer Support

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data

"{70991E0A-1108-437E-BA7D-085702C670C0}" =

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{71E599D8-0D7C-411F-BC18-5B80F13DF968}" = ActivInspire Help (GBR) v1

"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-i Visual Effects 2

"{7F57E0DE-D0F7-47CC-A4AB-D21EB8E4BE48}" = ActivInspire v1

"{803E4FA5-A940-4420-B89D-A8BC2E160247}" =

"{8211C280-5B02-4E7E-B55F-845A207249BA}" = VAIO Data Restore Tool

"{82F09B1C-F602-4552-9C40-5BD5F8EAF750}" =

"{82F1CA52-4A40-4AB6-9C11-E70B86F3555A}" = The Nelson Handwriting Font

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{855DDD3C-131E-42A8-BCBD-F9581F80CACB}" =

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}" = VAIO Media plus

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{9238E8A4-BEBA-43A3-B926-769BDBF194C5}" = VAIO Media plus Opening Movie

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0137-0409-0000-0000000FF1CE}" = Microsoft Works 6-9 Converter

"{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}" = FlipShare

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9F1E78F1-AA16-4D0D-9ECA-49A7765FCA6E}" = Google Apps

"{A0E583D1-23F7-4C35-9620-B169D7715E4B}" = Adobe Premiere Elements 8.0

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7C30414-2382-4086-B0D6-01A88ABA21C3}" = VAIO Gate

"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" =

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.6)

"{AD53E305-0F31-426E-85D1-35C63D913639}" = SMART English (United Kingdom) Language Pack

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB

"{B7546697-2A80-4256-A24B-1C33163F535B}" = VAIO Gate Default

"{B941F34C-F36A-4A6F-A97C-50B5948E451F}" = VAIO Media plus

"{BDC0E727-AF8C-4360-88FD-439144C833A8}" = SMART Notebook Interactive Viewer

"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials

"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}" = VAIO Manual

"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" =

"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1

"{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}" = WinZip 15.5

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}" = VU5x86

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D8FF4505-5977-4116-8DE4-2AF7174E70AC}" = Media Gallery

"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq

"{DB078F4F-FC74-4A07-9E07-A6623A18A667}" = ActivInspire HWR Resources (ENU) v1

"{DD88F979-FA58-41AC-980C-A6E1A82B61D9}" = VAIO - Media Gallery

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}" = ArcSoft WebCam Companion 3

"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX

"{DF2035BE-5820-4965-BD97-7FAF8D4A7879}" = Microsoft_VC90_CRT_x86

"{E083F623-22A7-D8FF-483F-9B4312B51706}" = BBC iPlayer Desktop

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK AiO Software

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E82A57BC-E9B8-42F9-BDC7-4950BD73EA32}_is1" = Pazera Free FLV to AVI Converter 1.4

"{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}" = SMART Common Files

"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Graphics Media Accelerator Driver

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FB77DB0C-6951-47B6-9D80-A0FDBEE0334C}" =

"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}" = aioscnnr

"1&1 EasyLogin" = 1&1 EasyLogin

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe Photoshop Elements 8.0" = Adobe Photoshop Elements 8.0

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17

"AVG Secure Search" = AVG Security Toolbar

"BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1" = BBC iPlayer Desktop

"BitTorrent" = BitTorrent

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Google Chrome" = Google Chrome

"InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}" = VAIO - PMB VAIO Edition Plug-in

"InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}" = VAIO - PMB VAIO Edition Guide

"InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}" = SmartSound Quicktracks for Premiere Elements 8.0

"InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data

"InterActual Player" = InterActual Player

"iPhoneBackupExtractor" = iPhone Backup Extractor

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100

"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1

"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MP4 To MP3 Converter_is1" = MP4 To MP3 Converter V3.0.4

"PremElem80" = Adobe Premiere Elements 8.0

"PrintProjects" = PrintProjects

"RealPlayer 15.0" = RealPlayer

"splashtop" = Quick Web Access

"staruni5" = Star Science 5

"VAIO Help and Support" =

"VAIO screensaver" = VAIO screensaver

"WinLiveSuite" = Windows Live Essentials

"WinX Free VOB to AVI Converter_is1" = WinX Free VOB to AVI Converter 2.0.6

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"3930801284.go.sky.com" = Sky Go Desktop

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 16/04/2013 15:32:23 | Computer Name = NewVaio | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 84.1.168.192.in-addr.arpa.

PTR NewVaio.local.

Error - 17/04/2013 03:52:48 | Computer Name = NewVaio | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Received from 10.0.0.65:5353 17 65.0.0.10.in-addr.arpa.

PTR NewVaio-2.local.

Error - 17/04/2013 03:52:48 | Computer Name = NewVaio | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 65.0.0.10.in-addr.arpa.

PTR NewVaio.local.

Error - 17/04/2013 09:02:10 | Computer Name = NEWVAIO | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Received from 10.0.0.65:5353 17 65.0.0.10.in-addr.arpa.

PTR NewVaio-2.local.

Error - 17/04/2013 09:02:10 | Computer Name = NEWVAIO | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 65.0.0.10.in-addr.arpa.

PTR NewVaio.local.

Error - 17/04/2013 09:30:49 | Computer Name = NewVaio | Source = VSS | ID = 8193

Description =

Error - 17/04/2013 09:36:49 | Computer Name = NewVaio | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Received from 10.0.0.65:5353 17 65.0.0.10.in-addr.arpa.

PTR NewVaio-2.local.

Error - 17/04/2013 09:36:49 | Computer Name = NewVaio | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Unexpected conflict discarding 15 65.0.0.10.in-addr.arpa.

PTR NewVaio.local.

Error - 17/04/2013 09:44:26 | Computer Name = NewVaio | Source = VSS | ID = 8193

Description =

Error - 17/04/2013 09:55:41 | Computer Name = NewVaio | Source = VSS | ID = 8193

Description =

Error - 17/04/2013 14:44:37 | Computer Name = NewVaio | Source = VSS | ID = 8193

Description =

[ OSession Events ]

Error - 01/07/2012 12:22:50 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2644

seconds with 840 seconds of active time. This session ended with a crash.

Error - 08/07/2012 15:39:31 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26078

seconds with 13860 seconds of active time. This session ended with a crash.

Error - 08/07/2012 15:58:22 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1099

seconds with 840 seconds of active time. This session ended with a crash.

Error - 09/07/2012 16:26:09 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3086

seconds with 2760 seconds of active time. This session ended with a crash.

Error - 30/08/2012 10:29:00 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7872

seconds with 1260 seconds of active time. This session ended with a crash.

Error - 28/11/2012 14:24:15 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 232

seconds with 120 seconds of active time. This session ended with a crash.

Error - 03/12/2012 10:38:38 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6662.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 15556

seconds with 1620 seconds of active time. This session ended with a crash.

Error - 04/01/2013 12:18:28 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6

seconds with 0 seconds of active time. This session ended with a crash.

Error - 20/01/2013 16:30:09 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:

12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 66

seconds with 60 seconds of active time. This session ended with a crash.

Error - 19/03/2013 06:17:08 | Computer Name = NewVaio | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1906

seconds with 1800 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 17/04/2013 14:50:26 | Computer Name = NewVaio | Source = Service Control Manager | ID = 7001

Description = The HomeGroup Provider service depends on the Function Discovery Provider

Host service which failed to start because of the following error: %%1068

Error - 17/04/2013 14:50:26 | Computer Name = NewVaio | Source = Service Control Manager | ID = 7001

Description = The IKE and AuthIP IPsec Keying Modules service depends on the Base

Filtering Engine service which failed to start because of the following error:

%%1058

Error - 17/04/2013 14:50:26 | Computer Name = NewVaio | Source = Service Control Manager | ID = 7001

Description = The VAIO Media plus Content Importer service depends on the VAIO Media

plus Device Searcher service which failed to start because of the following error:

%%1058

Error - 17/04/2013 14:50:35 | Computer Name = NewVaio | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

AVGIDSDriver Avgldx64 discache spldr Wanarpv6

Error - 17/04/2013 14:50:53 | Computer Name = NewVaio | Source = DCOM | ID = 10005

Description =

Error - 17/04/2013 14:50:59 | Computer Name = NewVaio | Source = DCOM | ID = 10005

Description =

Error - 17/04/2013 14:51:02 | Computer Name = NewVaio | Source = DCOM | ID = 10005

Description =

Error - 17/04/2013 14:51:02 | Computer Name = NewVaio | Source = DCOM | ID = 10005

Description =

Error - 17/04/2013 14:51:03 | Computer Name = NewVaio | Source = Service Control Manager | ID = 7001

Description = The HomeGroup Provider service depends on the Function Discovery Provider

Host service which failed to start because of the following error: %%1068

Error - 17/04/2013 14:52:35 | Computer Name = NewVaio | Source = Service Control Manager | ID = 7001

Description = The Intel® Management & Security Application User Notification Service

service depends on the Intel® Management and Security Application Local Management

Service service which failed to start because of the following error: %%1058

< End of report >

mhomer · April 17, 2013

Results of screen317's Security Check version 0.99.62

Windows 7 Service Pack 1 x64 (UAC is enabled)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Security Center service is not running! This report may not be accurate!

AVG AntiVirus Free Edition 2013

Antivirus up to date!

`````````Anti-malware/Other Utilities Check:`````````

Spybot - Search & Destroy

Malwarebytes Anti-Malware version 1.70.0.1100

Java 6 Update 31

Java 7 Update 17

Adobe Flash Player 10 Flash Player out of Date!

Adobe Reader 10.1.6 Adobe Reader out of Date!

Mozilla Firefox 13.0.1 Firefox out of Date!

Google Chrome 26.0.1410.43

Google Chrome 26.0.1410.64

````````Process Check: objlist.exe by Laurent````````

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:

````````````````````End of Log``````````````````````

Maurice Naggar · April 17, 2013

Hello Michelle,

Just a quick note. While I am helping you with these issues, until I give the all clear, be sure no one does any websurfing, casual online stuff, games, or online banking or online shopping.

You have 3 out-dated utilities that have security issues, which may expose the system to more malwares.

I will help you later for Java runtimes, Flash Player & Adobe Reader.

Please wait my next reply. Follow my guidance. Do not run any fixes on your own, nor get & run any tools on your own.

Maurice Naggar · April 17, 2013

Task 1

Download aswMBR.exe ( 511KB ) to your desktop.

On Windows 7 / 8 or Vista, RIGHT click on aswMBR.exe and select Run As Administrator to start.

On Windows XP, double click the exe to start.

IF prompted to update Avast definitions, answer NO.

On the following screen:

uncheck trace disk IO calls at the bottom left :excl:

Now, Click the "Scan" button to start scan.

Have patience as it scans.

On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me)

Now click save log, save it to your desktop and Copy & Paste in your next reply.

Do NOT click any Fix button.

EXIT the tool.

Task 2

Please read carefully and follow these steps.

Download TDSSKiller and save it to your Desktop.
Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
If an infected file is detected, the default action will be Cure, click on Continue.
If a suspicious file is detected, the default action will be Skip, click on Continue.
If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
It may ask you to reboot the computer to complete the process. Click on Reboot Now.
If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

mhomer · April 17, 2013

Thank you for your help. The fix button was not enabled.

Run date: 2013-04-17 21:31:57

-----------------------------

21:31:57.004 OS Version: Windows x64 6.1.7601 Service Pack 1

21:31:57.004 Number of processors: 4 586 0x2505

21:31:57.004 ComputerName: NEWVAIO UserName:

21:31:58.299 Initialize success

21:32:28.702 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

21:32:28.702 Disk 0 Vendor: ST932032 0006 Size: 305245MB BusType: 3

21:32:28.827 Disk 0 MBR read successfully

21:32:28.827 Disk 0 MBR scan

21:32:28.827 Disk 0 Windows 7 default MBR code

21:32:28.842 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13394 MB offset 2048

21:32:28.858 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27432960

21:32:28.889 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291749 MB offset 27637760

21:32:28.936 Disk 0 scanning C:\Windows\system32\drivers

21:32:43.163 Service scanning

21:33:05.627 Modules scanning

21:33:05.627 Scan finished successfully

21:49:33.690 Disk 0 MBR has been saved successfully to "C:\Users\Michelle\Downloads\Desktop\MBR.dat"

21:49:33.691 The log file has been saved successfully to "C:\Users\Michelle\Downloads\Desktop\aswMBR.txt"

mhomer · April 17, 2013

Nothing was found for the second scan.

21:51:36.0537 1952 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42

21:51:36.0646 1952 ============================================================

21:51:36.0646 1952 Current date / time: 2013/04/17 21:51:36.0646

21:51:36.0646 1952 SystemInfo:

21:51:36.0646 1952

21:51:36.0646 1952 OS Version: 6.1.7601 ServicePack: 1.0

21:51:36.0646 1952 Product type: Workstation

21:51:36.0646 1952 ComputerName: NEWVAIO

21:51:36.0646 1952 UserName: Michelle

21:51:36.0646 1952 Windows directory: C:\Windows

21:51:36.0646 1952 System windows directory: C:\Windows

21:51:36.0646 1952 Running under WOW64

21:51:36.0646 1952 Processor architecture: Intel x64

21:51:36.0646 1952 Number of processors: 4

21:51:36.0646 1952 Page size: 0x1000

21:51:36.0646 1952 Boot type: Safe boot with network

21:51:36.0646 1952 ============================================================

21:51:37.0348 1952 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

21:51:37.0348 1952 ============================================================

21:51:37.0348 1952 \Device\Harddisk0\DR0:

21:51:37.0348 1952 MBR partitions:

21:51:37.0348 1952 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A29800, BlocksNum 0x32000

21:51:37.0348 1952 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A5B800, BlocksNum 0x239D2AB0

21:51:37.0348 1952 ============================================================

21:51:37.0380 1952 C: <-> \Device\Harddisk0\DR0\Partition2

21:51:37.0380 1952 ============================================================

21:51:37.0380 1952 Initialize success

21:51:37.0380 1952 ============================================================

21:51:38.0862 1744 ============================================================

21:51:38.0862 1744 Scan started

21:51:38.0862 1744 Mode: Manual;

21:51:38.0862 1744 ============================================================

21:51:39.0404 1744 ================ Scan system memory ========================

21:51:39.0404 1744 System memory - ok

21:51:39.0404 1744 ================ Scan services =============================

21:51:39.0637 1744 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

21:51:39.0641 1744 1394ohci - ok

21:51:39.0716 1744 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

21:51:39.0719 1744 ACDaemon - ok

21:51:39.0746 1744 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

21:51:39.0751 1744 ACPI - ok

21:51:39.0796 1744 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

21:51:39.0796 1744 AcpiPmi - ok

21:51:39.0840 1744 [ B3D08F1CCBCB60CC549F693F1444D208 ] ACTIVhidmini C:\Windows\system32\DRIVERS\ACTIVhidmini.sys

21:51:39.0841 1744 ACTIVhidmini - ok

21:51:39.0910 1744 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe

21:51:39.0917 1744 AdobeActiveFileMonitor8.0 - ok

21:51:40.0009 1744 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

21:51:40.0012 1744 AdobeARMservice - ok

21:51:40.0139 1744 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

21:51:40.0155 1744 AdobeFlashPlayerUpdateSvc - ok

21:51:40.0186 1744 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

21:51:40.0186 1744 adp94xx - ok

21:51:40.0233 1744 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys

21:51:40.0249 1744 adpahci - ok

21:51:40.0264 1744 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

21:51:40.0264 1744 adpu320 - ok

21:51:40.0280 1744 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

21:51:40.0295 1744 AeLookupSvc - ok

21:51:40.0342 1744 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys

21:51:40.0358 1744 AFD - ok

21:51:40.0405 1744 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

21:51:40.0405 1744 agp440 - ok

21:51:40.0420 1744 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe

21:51:40.0420 1744 ALG - ok

21:51:40.0436 1744 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys

21:51:40.0436 1744 aliide - ok

21:51:40.0436 1744 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys

21:51:40.0451 1744 amdide - ok

21:51:40.0467 1744 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

21:51:40.0467 1744 AmdK8 - ok

21:51:40.0498 1744 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

21:51:40.0498 1744 AmdPPM - ok

21:51:40.0514 1744 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

21:51:40.0514 1744 amdsata - ok

21:51:40.0561 1744 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

21:51:40.0561 1744 amdsbs - ok

21:51:40.0576 1744 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

21:51:40.0576 1744 amdxata - ok

21:51:40.0623 1744 [ 2D45F2DFBC3D8F53DF7EBEFFA8C9BC38 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys

21:51:40.0623 1744 ApfiltrService - ok

21:51:40.0670 1744 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys

21:51:40.0670 1744 AppID - ok

21:51:40.0701 1744 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

21:51:40.0717 1744 AppIDSvc - ok

21:51:40.0763 1744 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll

21:51:40.0763 1744 Appinfo - ok

21:51:40.0904 1744 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

21:51:40.0904 1744 Apple Mobile Device - ok

21:51:40.0935 1744 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys

21:51:40.0935 1744 arc - ok

21:51:40.0966 1744 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys

21:51:40.0966 1744 arcsas - ok

21:51:40.0982 1744 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

21:51:40.0982 1744 ArcSoftKsUFilter - ok

21:51:41.0107 1744 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

21:51:41.0169 1744 aspnet_state - ok

21:51:41.0185 1744 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

21:51:41.0185 1744 AsyncMac - ok

21:51:41.0278 1744 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys

21:51:41.0278 1744 atapi - ok

21:51:41.0543 1744 [ CCA705CDF038D5BC243203CE4416B345 ] athr C:\Windows\system32\DRIVERS\athrx.sys

21:51:41.0621 1744 athr - ok

21:51:42.0230 1744 [ EAEA2CE49DE0CCA80BEB9134107E5DD7 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

21:51:42.0448 1744 atikmdag - ok

21:51:42.0745 1744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

21:51:42.0760 1744 AudioEndpointBuilder - ok

21:51:42.0869 1744 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

21:51:42.0869 1744 AudioSrv - ok

21:51:43.0681 1744 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

21:51:43.0852 1744 AVGIDSAgent - ok

21:51:43.0915 1744 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

21:51:43.0915 1744 AVGIDSDriver - ok

21:51:43.0993 1744 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

21:51:43.0993 1744 AVGIDSHA - ok

21:51:44.0008 1744 [ 5989592A91A17587799792A81E1541D4 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

21:51:44.0008 1744 Avgldx64 - ok

21:51:44.0071 1744 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys

21:51:44.0071 1744 Avgloga - ok

21:51:44.0133 1744 [ 841C40C193889730848849AC220D9242 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

21:51:44.0133 1744 Avgmfx64 - ok

21:51:44.0180 1744 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

21:51:44.0180 1744 Avgrkx64 - ok

21:51:44.0242 1744 [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

21:51:44.0242 1744 Avgtdia - ok

21:51:44.0305 1744 [ 4C05242DC361A217223E9B8EC2B3A76B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys

21:51:44.0305 1744 avgtp - ok

21:51:44.0351 1744 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

21:51:44.0367 1744 avgwd - ok

21:51:44.0414 1744 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll

21:51:44.0414 1744 AxInstSV - ok

21:51:44.0445 1744 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

21:51:44.0461 1744 b06bdrv - ok

21:51:44.0476 1744 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

21:51:44.0492 1744 b57nd60a - ok

21:51:44.0523 1744 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll

21:51:44.0523 1744 BDESVC - ok

21:51:44.0539 1744 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

21:51:44.0539 1744 Beep - ok

21:51:44.0601 1744 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll

21:51:44.0601 1744 BFE - ok

21:51:44.0663 1744 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll

21:51:44.0913 1744 BITS - ok

21:51:44.0929 1744 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys

21:51:44.0929 1744 blbdrive - ok

21:51:45.0069 1744 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

21:51:45.0085 1744 Bonjour Service - ok

21:51:45.0131 1744 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

21:51:45.0131 1744 bowser - ok

21:51:45.0147 1744 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

21:51:45.0147 1744 BrFiltLo - ok

21:51:45.0178 1744 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

21:51:45.0178 1744 BrFiltUp - ok

21:51:45.0225 1744 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll

21:51:45.0225 1744 Browser - ok

21:51:45.0256 1744 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys

21:51:45.0272 1744 Brserid - ok

21:51:45.0287 1744 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

21:51:45.0287 1744 BrSerWdm - ok

21:51:45.0303 1744 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

21:51:45.0303 1744 BrUsbMdm - ok

21:51:45.0319 1744 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

21:51:45.0319 1744 BrUsbSer - ok

21:51:45.0365 1744 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

21:51:45.0365 1744 BthEnum - ok

21:51:45.0381 1744 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

21:51:45.0381 1744 BTHMODEM - ok

21:51:45.0412 1744 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

21:51:45.0412 1744 BthPan - ok

21:51:45.0428 1744 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

21:51:45.0443 1744 BTHPORT - ok

21:51:45.0459 1744 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll

21:51:45.0459 1744 bthserv - ok

21:51:45.0475 1744 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

21:51:45.0475 1744 BTHUSB - ok

21:51:45.0506 1744 [ 59E3510784548C6939C1B3B985C232E3 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys

21:51:45.0506 1744 btwampfl - ok

21:51:45.0521 1744 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

21:51:45.0521 1744 btwaudio - ok

21:51:45.0553 1744 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

21:51:45.0553 1744 btwavdt - ok

21:51:45.0599 1744 [ 8BA6E93A182126781952A7895EC1E4B2 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

21:51:45.0631 1744 btwdins - ok

21:51:45.0646 1744 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

21:51:45.0646 1744 btwl2cap - ok

21:51:45.0677 1744 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

21:51:45.0677 1744 btwrchid - ok

21:51:45.0693 1744 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

21:51:45.0693 1744 cdfs - ok

21:51:45.0740 1744 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys

21:51:45.0740 1744 cdrom - ok

21:51:45.0771 1744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll

21:51:45.0771 1744 CertPropSvc - ok

21:51:45.0787 1744 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys

21:51:45.0787 1744 circlass - ok

21:51:45.0818 1744 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys

21:51:45.0833 1744 CLFS - ok

21:51:45.0880 1744 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

21:51:45.0880 1744 clr_optimization_v2.0.50727_32 - ok

21:51:45.0927 1744 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

21:51:45.0927 1744 clr_optimization_v2.0.50727_64 - ok

21:51:46.0005 1744 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

21:51:46.0208 1744 clr_optimization_v4.0.30319_32 - ok

21:51:46.0208 1744 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

21:51:46.0333 1744 clr_optimization_v4.0.30319_64 - ok

21:51:46.0364 1744 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

21:51:46.0364 1744 CmBatt - ok

21:51:46.0395 1744 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys

21:51:46.0395 1744 cmdide - ok

21:51:46.0457 1744 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys

21:51:46.0457 1744 CNG - ok

21:51:46.0504 1744 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

21:51:46.0504 1744 Compbatt - ok

21:51:46.0535 1744 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

21:51:46.0535 1744 CompositeBus - ok

21:51:46.0535 1744 COMSysApp - ok

21:51:46.0551 1744 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

21:51:46.0567 1744 crcdisk - ok

21:51:46.0598 1744 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll

21:51:46.0613 1744 CryptSvc - ok

21:51:46.0645 1744 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys

21:51:46.0645 1744 dc3d - ok

21:51:46.0707 1744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll

21:51:46.0723 1744 DcomLaunch - ok

21:51:46.0738 1744 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll

21:51:46.0754 1744 defragsvc - ok

21:51:46.0801 1744 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

21:51:46.0801 1744 DfsC - ok

21:51:46.0847 1744 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll

21:51:46.0847 1744 Dhcp - ok

21:51:46.0879 1744 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys

21:51:46.0879 1744 discache - ok

21:51:46.0894 1744 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys

21:51:46.0910 1744 Disk - ok

21:51:46.0957 1744 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

21:51:46.0957 1744 Dnscache - ok

21:51:47.0003 1744 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll

21:51:47.0003 1744 dot3svc - ok

21:51:47.0081 1744 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll

21:51:47.0081 1744 DPS - ok

21:51:47.0097 1744 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

21:51:47.0097 1744 drmkaud - ok

21:51:47.0144 1744 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

21:51:47.0175 1744 DXGKrnl - ok

21:51:47.0191 1744 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll

21:51:47.0191 1744 EapHost - ok

21:51:47.0269 1744 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys

21:51:47.0347 1744 ebdrv - ok

21:51:47.0393 1744 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe

21:51:47.0393 1744 EFS - ok

21:51:47.0471 1744 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

21:51:47.0487 1744 ehRecvr - ok

21:51:47.0518 1744 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe

21:51:47.0518 1744 ehSched - ok

21:51:47.0549 1744 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys

21:51:47.0565 1744 elxstor - ok

21:51:47.0596 1744 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys

21:51:47.0596 1744 ErrDev - ok

21:51:47.0643 1744 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll

21:51:47.0643 1744 EventSystem - ok

21:51:47.0674 1744 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys

21:51:47.0674 1744 exfat - ok

21:51:47.0690 1744 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys

21:51:47.0705 1744 fastfat - ok

21:51:47.0752 1744 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe

21:51:47.0768 1744 Fax - ok

21:51:47.0799 1744 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys

21:51:47.0799 1744 fdc - ok

21:51:47.0815 1744 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll

21:51:47.0815 1744 fdPHost - ok

21:51:47.0830 1744 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

21:51:47.0830 1744 FDResPub - ok

21:51:47.0846 1744 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

21:51:47.0846 1744 FileInfo - ok

21:51:47.0861 1744 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

21:51:47.0861 1744 Filetrace - ok

21:51:47.0908 1744 [ ACEFEEA621DCA62EFB7A7EEA59F5E91B ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

21:51:47.0939 1744 FLEXnet Licensing Service - ok

21:51:48.0064 1744 [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe

21:51:48.0080 1744 FlipShare Service - ok

21:51:48.0158 1744 [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files (x86)\Flip Video\FlipShareServer\FlipShareServer.exe

21:51:48.0189 1744 FlipShareServer - ok

21:51:48.0220 1744 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

21:51:48.0220 1744 flpydisk - ok

21:51:48.0283 1744 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

21:51:48.0283 1744 FltMgr - ok

21:51:48.0376 1744 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll

21:51:48.0407 1744 FontCache - ok

21:51:48.0470 1744 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

21:51:48.0470 1744 FontCache3.0.0.0 - ok

21:51:48.0501 1744 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

21:51:48.0501 1744 FsDepends - ok

21:51:48.0548 1744 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

21:51:48.0548 1744 Fs_Rec - ok

21:51:48.0595 1744 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

21:51:48.0595 1744 fvevol - ok

21:51:48.0626 1744 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

21:51:48.0626 1744 gagp30kx - ok

21:51:48.0673 1744 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

21:51:48.0673 1744 GEARAspiWDM - ok

21:51:48.0735 1744 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll

21:51:48.0751 1744 gpsvc - ok

21:51:48.0813 1744 [ B9893A68032A6D9ADDB5B98287C630F7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys

21:51:48.0813 1744 grmnusb - ok

21:51:48.0860 1744 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:51:48.0875 1744 gupdate - ok

21:51:48.0891 1744 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

21:51:48.0891 1744 gupdatem - ok

21:51:48.0922 1744 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

21:51:48.0922 1744 hcw85cir - ok

21:51:48.0969 1744 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

21:51:48.0985 1744 HdAudAddService - ok

21:51:49.0000 1744 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

21:51:49.0000 1744 HDAudBus - ok

21:51:49.0016 1744 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys

21:51:49.0016 1744 HECIx64 - ok

21:51:49.0047 1744 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

21:51:49.0047 1744 HidBatt - ok

21:51:49.0063 1744 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys

21:51:49.0078 1744 HidBth - ok

21:51:49.0109 1744 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys

21:51:49.0109 1744 HidIr - ok

21:51:49.0125 1744 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll

21:51:49.0125 1744 hidserv - ok

21:51:49.0172 1744 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

21:51:49.0172 1744 HidUsb - ok

21:51:49.0265 1744 [ 011ECE6EA1B25042FEDACDA4716AE2A1 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe

21:51:49.0265 1744 HitmanProScheduler - ok

21:51:49.0297 1744 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll

21:51:49.0312 1744 hkmsvc - ok

21:51:49.0343 1744 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

21:51:49.0343 1744 HomeGroupListener - ok

21:51:49.0406 1744 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

21:51:49.0421 1744 HomeGroupProvider - ok

21:51:49.0453 1744 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

21:51:49.0453 1744 HpSAMD - ok

21:51:49.0515 1744 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

21:51:49.0531 1744 HTTP - ok

21:51:49.0577 1744 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

21:51:49.0577 1744 hwpolicy - ok

21:51:49.0624 1744 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

21:51:49.0624 1744 i8042prt - ok

21:51:49.0655 1744 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\drivers\iaStor.sys

21:51:49.0655 1744 iaStor - ok

21:51:49.0702 1744 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

21:51:49.0718 1744 IAStorDataMgrSvc - ok

21:51:49.0733 1744 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

21:51:49.0749 1744 iaStorV - ok

21:51:49.0811 1744 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

21:51:49.0843 1744 idsvc - ok

21:51:50.0092 1744 [ 31569A2E836C12014148BF7342716946 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

21:51:50.0342 1744 igfx - ok

21:51:50.0373 1744 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys

21:51:50.0373 1744 iirsp - ok

21:51:50.0435 1744 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll

21:51:50.0467 1744 IKEEXT - ok

21:51:50.0498 1744 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys

21:51:50.0498 1744 Impcd - ok

21:51:50.0576 1744 [ 526E482AFB586CB1CDD687869DECF686 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

21:51:50.0654 1744 IntcAzAudAddService - ok

21:51:50.0685 1744 [ 03C74719D48056A1078F3A51CEB76BAA ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

21:51:50.0685 1744 IntcDAud - ok

21:51:50.0747 1744 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys

21:51:50.0747 1744 intelide - ok

21:51:50.0763 1744 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys

21:51:50.0763 1744 intelppm - ok

21:51:50.0794 1744 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll

21:51:50.0794 1744 IPBusEnum - ok

21:51:50.0841 1744 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

21:51:50.0841 1744 IpFilterDriver - ok

21:51:50.0888 1744 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

21:51:50.0903 1744 iphlpsvc - ok

21:51:50.0966 1744 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

21:51:50.0966 1744 IPMIDRV - ok

21:51:51.0013 1744 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

21:51:51.0013 1744 IPNAT - ok

21:51:51.0075 1744 [ 4EFFC8FF6D349E971E94B1C670C0C66A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

21:51:51.0075 1744 iPod Service - ok

21:51:51.0091 1744 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

21:51:51.0091 1744 IRENUM - ok

21:51:51.0122 1744 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

21:51:51.0122 1744 isapnp - ok

21:51:51.0169 1744 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

21:51:51.0184 1744 iScsiPrt - ok

21:51:51.0200 1744 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

21:51:51.0200 1744 kbdclass - ok

21:51:51.0215 1744 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

21:51:51.0215 1744 kbdhid - ok

21:51:51.0262 1744 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe

21:51:51.0262 1744 KeyIso - ok

21:51:51.0418 1744 [ 041CC860C3CC1C8073A64C3A3790591C ] Kodak AiO Network Discovery Service C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

21:51:51.0418 1744 Kodak AiO Network Discovery Service - ok

21:51:51.0465 1744 [ E29F999616D7C08B0E91296908C47CAF ] Kodak AiO Status Monitor Service C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe

21:51:51.0496 1744 Kodak AiO Status Monitor Service - ok

21:51:51.0543 1744 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

21:51:51.0543 1744 KSecDD - ok

21:51:51.0590 1744 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

21:51:51.0590 1744 KSecPkg - ok

21:51:51.0621 1744 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

21:51:51.0621 1744 ksthunk - ok

21:51:51.0637 1744 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll

21:51:51.0652 1744 KtmRm - ok

21:51:51.0715 1744 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll

21:51:51.0715 1744 LanmanServer - ok

21:51:51.0777 1744 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

21:51:51.0793 1744 LanmanWorkstation - ok

21:51:51.0824 1744 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

21:51:51.0824 1744 lltdio - ok

21:51:51.0839 1744 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll

21:51:51.0855 1744 lltdsvc - ok

21:51:51.0886 1744 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll

21:51:51.0886 1744 lmhosts - ok

21:51:51.0917 1744 [ 3D23191672D83E90D1CF63927EE98136 ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

21:51:51.0933 1744 LMS - ok

21:51:51.0964 1744 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

21:51:51.0964 1744 LSI_FC - ok

21:51:51.0980 1744 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

21:51:51.0980 1744 LSI_SAS - ok

21:51:52.0011 1744 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

21:51:52.0011 1744 LSI_SAS2 - ok

21:51:52.0027 1744 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

21:51:52.0027 1744 LSI_SCSI - ok

21:51:52.0042 1744 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys

21:51:52.0042 1744 luafv - ok

21:51:52.0136 1744 [ 140A6BBB89B905C10B58456C040A95C3 ] marsqx5 C:\Windows\system32\DRIVERS\marsqx5.sys

21:51:52.0136 1744 marsqx5 - ok

21:51:52.0183 1744 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

21:51:52.0183 1744 Mcx2Svc - ok

21:51:52.0198 1744 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys

21:51:52.0198 1744 megasas - ok

21:51:52.0229 1744 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

21:51:52.0245 1744 MegaSR - ok

21:51:52.0261 1744 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll

21:51:52.0276 1744 MMCSS - ok

21:51:52.0292 1744 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys

21:51:52.0292 1744 Modem - ok

21:51:52.0307 1744 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys

21:51:52.0307 1744 monitor - ok

21:51:52.0323 1744 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

21:51:52.0323 1744 mouclass - ok

21:51:52.0370 1744 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

21:51:52.0370 1744 mouhid - ok

21:51:52.0401 1744 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

21:51:52.0401 1744 mountmgr - ok

21:51:52.0526 1744 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

21:51:52.0526 1744 MozillaMaintenance - ok

21:51:52.0557 1744 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys

21:51:52.0573 1744 mpio - ok

21:51:52.0604 1744 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

21:51:52.0604 1744 mpsdrv - ok

21:51:52.0666 1744 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll

21:51:52.0697 1744 MpsSvc - ok

21:51:52.0729 1744 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

21:51:52.0729 1744 MRxDAV - ok

21:51:52.0775 1744 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

21:51:52.0775 1744 mrxsmb - ok

21:51:52.0822 1744 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

21:51:52.0838 1744 mrxsmb10 - ok

21:51:52.0853 1744 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

21:51:52.0853 1744 mrxsmb20 - ok

21:51:52.0885 1744 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys

21:51:52.0885 1744 msahci - ok

21:51:52.0931 1744 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

21:51:52.0931 1744 msdsm - ok

21:51:52.0947 1744 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe

21:51:52.0947 1744 MSDTC - ok

21:51:52.0978 1744 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

21:51:52.0978 1744 Msfs - ok

21:51:52.0994 1744 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

21:51:52.0994 1744 mshidkmdf - ok

21:51:53.0025 1744 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

21:51:53.0025 1744 msisadrv - ok

21:51:53.0072 1744 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

21:51:53.0072 1744 MSiSCSI - ok

21:51:53.0087 1744 msiserver - ok

21:51:53.0103 1744 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

21:51:53.0103 1744 MSKSSRV - ok

21:51:53.0134 1744 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

21:51:53.0134 1744 MSPCLOCK - ok

21:51:53.0150 1744 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

21:51:53.0150 1744 MSPQM - ok

21:51:53.0197 1744 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

21:51:53.0197 1744 MsRPC - ok

21:51:53.0259 1744 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

21:51:53.0259 1744 mssmbios - ok

21:51:53.0290 1744 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

21:51:53.0290 1744 MSTEE - ok

21:51:53.0306 1744 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

21:51:53.0306 1744 MTConfig - ok

21:51:53.0321 1744 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys

21:51:53.0321 1744 Mup - ok

21:51:53.0368 1744 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll

21:51:53.0384 1744 napagent - ok

21:51:53.0399 1744 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

21:51:53.0415 1744 NativeWifiP - ok

21:51:53.0509 1744 [ 7B2D90BBBBED11C8DFBA441D34AE901E ] NBVol C:\Windows\system32\DRIVERS\NBVol.sys

21:51:53.0509 1744 NBVol - ok

21:51:53.0524 1744 [ 4FE7B5757279D82C4D171E9F7FD52A75 ] NBVolUp C:\Windows\system32\DRIVERS\NBVolUp.sys

21:51:53.0524 1744 NBVolUp - ok

21:51:53.0587 1744 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys

21:51:53.0602 1744 NDIS - ok

21:51:53.0618 1744 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

21:51:53.0618 1744 NdisCap - ok

21:51:53.0665 1744 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

21:51:53.0665 1744 NdisTapi - ok

21:51:53.0711 1744 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

21:51:53.0711 1744 Ndisuio - ok

21:51:53.0758 1744 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

21:51:53.0758 1744 NdisWan - ok

21:51:53.0821 1744 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

21:51:53.0821 1744 NDProxy - ok

21:51:53.0883 1744 [ 6F4607E2333FE21E9E3FF8133A88B35B ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys

21:51:53.0883 1744 Netaapl - ok

21:51:53.0914 1744 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

21:51:53.0914 1744 NetBIOS - ok

21:51:53.0961 1744 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

21:51:53.0977 1744 NetBT - ok

21:51:53.0977 1744 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe

21:51:53.0977 1744 Netlogon - ok

21:51:54.0023 1744 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll

21:51:54.0039 1744 Netman - ok

21:51:54.0086 1744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:51:54.0164 1744 NetMsmqActivator - ok

21:51:54.0164 1744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:51:54.0164 1744 NetPipeActivator - ok

21:51:54.0179 1744 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll

21:51:54.0195 1744 netprofm - ok

21:51:54.0195 1744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:51:54.0195 1744 NetTcpActivator - ok

21:51:54.0195 1744 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

21:51:54.0211 1744 NetTcpPortSharing - ok

21:51:54.0211 1744 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

21:51:54.0211 1744 nfrd960 - ok

21:51:54.0335 1744 [ CFCC35D7BC10522B4BE56EB9869541D1 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe

21:51:54.0335 1744 NitroDriverReadSpool2 - ok

21:51:54.0491 1744 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll

21:51:54.0507 1744 NlaSvc - ok

21:51:54.0585 1744 [ 3BC430CF68BC9ED111042BDE2DDD72FA ] nlsX86cc C:\Windows\SysWOW64\NLSSRV32.EXE

21:51:54.0725 1744 nlsX86cc - ok

21:51:54.0757 1744 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

21:51:54.0757 1744 Npfs - ok

21:51:54.0788 1744 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll

21:51:54.0788 1744 nsi - ok

21:51:54.0803 1744 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

21:51:54.0803 1744 nsiproxy - ok

21:51:54.0881 1744 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

21:51:54.0913 1744 Ntfs - ok

21:51:54.0991 1744 [ 317020D31F1696334679B9D0416EB62E ] NuidFltr C:\Windows\system32\DRIVERS\NuidFltr.sys

21:51:54.0991 1744 NuidFltr - ok

21:51:55.0022 1744 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys

21:51:55.0022 1744 Null - ok

21:51:55.0069 1744 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys

21:51:55.0069 1744 nvraid - ok

21:51:55.0084 1744 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys

21:51:55.0084 1744 nvstor - ok

21:51:55.0147 1744 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

21:51:55.0147 1744 nv_agp - ok

21:51:55.0240 1744 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

21:51:55.0240 1744 odserv - ok

21:51:55.0287 1744 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

21:51:55.0287 1744 ohci1394 - ok

21:51:55.0334 1744 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

21:51:55.0334 1744 ose - ok

21:51:55.0412 1744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

21:51:55.0412 1744 p2pimsvc - ok

21:51:55.0443 1744 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll

21:51:55.0443 1744 p2psvc - ok

21:51:55.0474 1744 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys

21:51:55.0474 1744 Parport - ok

21:51:55.0505 1744 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys

21:51:55.0505 1744 partmgr - ok

21:51:55.0552 1744 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

21:51:55.0568 1744 PcaSvc - ok

21:51:55.0568 1744 pccsmcfd - ok

21:51:55.0615 1744 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys

21:51:55.0615 1744 pci - ok

21:51:55.0646 1744 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys

21:51:55.0646 1744 pciide - ok

21:51:55.0677 1744 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

21:51:55.0677 1744 pcmcia - ok

21:51:55.0708 1744 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys

21:51:55.0708 1744 pcw - ok

21:51:55.0739 1744 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys

21:51:55.0739 1744 PEAUTH - ok

21:51:55.0817 1744 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe

21:51:55.0833 1744 PerfHost - ok

21:51:55.0911 1744 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll

21:51:55.0942 1744 pla - ok

21:51:56.0036 1744 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

21:51:56.0036 1744 PlugPlay - ok

21:51:56.0129 1744 [ 80E85394D8CD7F84340B1C6F4B9D698F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

21:51:56.0161 1744 PMBDeviceInfoProvider - ok

21:51:56.0207 1744 [ F485770EEC8959684CC4C4786B63C06C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

21:51:56.0207 1744 Pml Driver HPZ12 - ok

21:51:56.0223 1744 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

21:51:56.0223 1744 PNRPAutoReg - ok

21:51:56.0239 1744 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

21:51:56.0239 1744 PNRPsvc - ok

21:51:56.0301 1744 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

21:51:56.0301 1744 PolicyAgent - ok

21:51:56.0332 1744 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll

21:51:56.0332 1744 Power - ok

21:51:56.0395 1744 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

21:51:56.0395 1744 PptpMiniport - ok

21:51:56.0441 1744 [ 5320E4C5253B3B5579FB3BB47B7671AC ] prmvmouse C:\Windows\system32\DRIVERS\activmouse.sys

21:51:56.0441 1744 prmvmouse - ok

21:51:56.0473 1744 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys

21:51:56.0473 1744 Processor - ok

21:51:56.0519 1744 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll

21:51:56.0535 1744 ProfSvc - ok

21:51:56.0535 1744 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

21:51:56.0535 1744 ProtectedStorage - ok

21:51:56.0582 1744 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys

21:51:56.0582 1744 Psched - ok

21:51:56.0613 1744 [ FBF4DB6D53585437E41A113300002A2B ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

21:51:56.0613 1744 PxHlpa64 - ok

21:51:56.0675 1744 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

21:51:56.0707 1744 ql2300 - ok

21:51:56.0722 1744 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

21:51:56.0722 1744 ql40xx - ok

21:51:56.0800 1744 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll

21:51:56.0800 1744 QWAVE - ok

21:51:56.0831 1744 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

21:51:56.0831 1744 QWAVEdrv - ok

21:51:56.0847 1744 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

21:51:56.0847 1744 RasAcd - ok

21:51:56.0863 1744 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

21:51:56.0863 1744 RasAgileVpn - ok

21:51:56.0878 1744 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll

21:51:56.0878 1744 RasAuto - ok

21:51:56.0925 1744 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

21:51:56.0925 1744 Rasl2tp - ok

21:51:56.0987 1744 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll

21:51:56.0987 1744 RasMan - ok

21:51:57.0019 1744 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

21:51:57.0019 1744 RasPppoe - ok

21:51:57.0034 1744 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

21:51:57.0034 1744 RasSstp - ok

21:51:57.0081 1744 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

21:51:57.0081 1744 rdbss - ok

21:51:57.0112 1744 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys

21:51:57.0112 1744 rdpbus - ok

21:51:57.0128 1744 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

21:51:57.0128 1744 RDPCDD - ok

21:51:57.0128 1744 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

21:51:57.0143 1744 RDPENCDD - ok

21:51:57.0159 1744 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

21:51:57.0159 1744 RDPREFMP - ok

21:51:57.0190 1744 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

21:51:57.0206 1744 RDPWD - ok

21:51:57.0253 1744 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

21:51:57.0253 1744 rdyboost - ok

21:51:57.0284 1744 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll

21:51:57.0284 1744 RemoteAccess - ok

21:51:57.0331 1744 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

21:51:57.0331 1744 RemoteRegistry - ok

21:51:57.0346 1744 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

21:51:57.0362 1744 RFCOMM - ok

21:51:57.0393 1744 [ FA6ABC06B629DA29634D31F1FE0347BD ] rimspci C:\Windows\system32\drivers\rimssne64.sys

21:51:57.0393 1744 rimspci - ok

21:51:57.0424 1744 [ 8F8539A7F5C117D4407B2985995671F2 ] risdsnpe C:\Windows\system32\drivers\risdsne64.sys

21:51:57.0424 1744 risdsnpe - ok

21:51:57.0455 1744 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

21:51:57.0455 1744 RpcEptMapper - ok

21:51:57.0487 1744 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe

21:51:57.0487 1744 RpcLocator - ok

21:51:57.0565 1744 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll

21:51:57.0565 1744 RpcSs - ok

21:51:57.0580 1744 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

21:51:57.0580 1744 rspndr - ok

21:51:57.0596 1744 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe

21:51:57.0596 1744 SamSs - ok

21:51:57.0658 1744 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

21:51:57.0658 1744 sbp2port - ok

21:51:57.0767 1744 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

21:51:57.0799 1744 SBSDWSCService - ok

21:51:57.0830 1744 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll

21:51:57.0830 1744 SCardSvr - ok

21:51:57.0877 1744 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

21:51:57.0877 1744 scfilter - ok

21:51:57.0939 1744 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll

21:51:57.0970 1744 Schedule - ok

21:51:58.0017 1744 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll

21:51:58.0017 1744 SCPolicySvc - ok

21:51:58.0064 1744 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

21:51:58.0064 1744 sdbus - ok

21:51:58.0111 1744 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

21:51:58.0111 1744 SDRSVC - ok

21:51:58.0126 1744 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

21:51:58.0126 1744 secdrv - ok

21:51:58.0173 1744 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll

21:51:58.0173 1744 seclogon - ok

21:51:58.0189 1744 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll

21:51:58.0204 1744 SENS - ok

21:51:58.0204 1744 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

21:51:58.0204 1744 SensrSvc - ok

21:51:58.0220 1744 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys

21:51:58.0220 1744 Serenum - ok

21:51:58.0235 1744 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys

21:51:58.0235 1744 Serial - ok

21:51:58.0282 1744 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys

21:51:58.0282 1744 sermouse - ok

21:51:58.0345 1744 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll

21:51:58.0345 1744 SessionEnv - ok

21:51:58.0376 1744 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys

21:51:58.0376 1744 SFEP - ok

21:51:58.0423 1744 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

21:51:58.0423 1744 sffdisk - ok

21:51:58.0423 1744 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

21:51:58.0423 1744 sffp_mmc - ok

21:51:58.0438 1744 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

21:51:58.0438 1744 sffp_sd - ok

21:51:58.0469 1744 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

21:51:58.0469 1744 sfloppy - ok

21:51:58.0516 1744 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll

21:51:58.0532 1744 SharedAccess - ok

21:51:58.0579 1744 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:51:58.0579 1744 ShellHWDetection - ok

21:51:58.0610 1744 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

21:51:58.0610 1744 SiSRaid2 - ok

21:51:58.0657 1744 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

21:51:58.0657 1744 SiSRaid4 - ok

21:51:58.0672 1744 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

21:51:58.0672 1744 Smb - ok

21:51:58.0735 1744 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe

21:51:58.0735 1744 SNMPTRAP - ok

21:51:58.0797 1744 [ C3E69DB0A4E59564230E053232F39AC7 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

21:51:58.0813 1744 SOHCImp - ok

21:51:58.0844 1744 [ 65CC4779A29C3E82B987BD4961790DFF ] SOHDms C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

21:51:58.0844 1744 SOHDms - ok

21:51:58.0875 1744 [ F47D75CEE1844EEF4A9EA6EE768828FB ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

21:51:58.0875 1744 SOHDs - ok

21:51:58.0953 1744 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

21:51:58.0969 1744 SpfService - ok

21:51:59.0000 1744 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys

21:51:59.0000 1744 spldr - ok

21:51:59.0062 1744 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe

21:51:59.0078 1744 Spooler - ok

21:51:59.0203 1744 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe

21:51:59.0312 1744 sppsvc - ok

21:51:59.0359 1744 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

21:51:59.0359 1744 sppuinotify - ok

21:51:59.0437 1744 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys

21:51:59.0437 1744 srv - ok

21:51:59.0468 1744 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

21:51:59.0499 1744 srv2 - ok

21:51:59.0515 1744 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

21:51:59.0515 1744 srvnet - ok

21:51:59.0546 1744 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

21:51:59.0546 1744 SSDPSRV - ok

21:51:59.0561 1744 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll

21:51:59.0561 1744 SstpSvc - ok

21:51:59.0593 1744 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys

21:51:59.0593 1744 stexstor - ok

21:51:59.0671 1744 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll

21:51:59.0686 1744 stisvc - ok

21:51:59.0733 1744 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys

21:51:59.0733 1744 swenum - ok

21:51:59.0764 1744 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll

21:51:59.0764 1744 swprv - ok

21:51:59.0873 1744 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll

21:51:59.0936 1744 SysMain - ok

21:51:59.0983 1744 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

21:51:59.0983 1744 TabletInputService - ok

21:52:00.0045 1744 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

21:52:00.0045 1744 TapiSrv - ok

21:52:00.0092 1744 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll

21:52:00.0092 1744 TBS - ok

21:52:00.0170 1744 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

21:52:00.0232 1744 Tcpip - ok

21:52:00.0279 1744 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

21:52:00.0295 1744 TCPIP6 - ok

21:52:00.0341 1744 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

21:52:00.0341 1744 tcpipreg - ok

21:52:00.0388 1744 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

21:52:00.0388 1744 TDPIPE - ok

21:52:00.0451 1744 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

21:52:00.0451 1744 TDTCP - ok

21:52:00.0497 1744 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

21:52:00.0497 1744 tdx - ok

21:52:00.0544 1744 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys

21:52:00.0544 1744 TermDD - ok

21:52:00.0575 1744 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll

21:52:00.0591 1744 TermService - ok

21:52:00.0653 1744 [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys

21:52:00.0653 1744 TFsExDisk - ok

21:52:00.0700 1744 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll

21:52:00.0700 1744 Themes - ok

21:52:00.0731 1744 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll

21:52:00.0731 1744 THREADORDER - ok

21:52:00.0763 1744 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll

21:52:00.0763 1744 TrkWks - ok

21:52:00.0809 1744 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:52:00.0825 1744 TrustedInstaller - ok

21:52:00.0872 1744 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

21:52:00.0872 1744 tssecsrv - ok

21:52:00.0903 1744 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

21:52:00.0919 1744 TsUsbFlt - ok

21:52:00.0965 1744 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

21:52:00.0965 1744 tunnel - ok

21:52:00.0997 1744 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

21:52:00.0997 1744 uagp35 - ok

21:52:01.0028 1744 [ 63F6D08C54D5B3C1B12A6172032055C7 ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

21:52:01.0043 1744 uCamMonitor - ok

21:52:01.0075 1744 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

21:52:01.0090 1744 udfs - ok

21:52:01.0121 1744 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

21:52:01.0121 1744 UI0Detect - ok

21:52:01.0168 1744 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

21:52:01.0168 1744 uliagpkx - ok

21:52:01.0199 1744 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys

21:52:01.0199 1744 umbus - ok

21:52:01.0262 1744 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys

21:52:01.0262 1744 UmPass - ok

21:52:01.0402 1744 [ 11A559E0F10CC5E788984023DF400A6F ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

21:52:01.0480 1744 UNS - ok

21:52:01.0496 1744 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll

21:52:01.0496 1744 upnphost - ok

21:52:01.0511 1744 upperdev - ok

21:52:01.0558 1744 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

21:52:01.0558 1744 USBAAPL64 - ok

21:52:01.0605 1744 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys

21:52:01.0605 1744 usbaudio - ok

21:52:01.0667 1744 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

21:52:01.0667 1744 usbccgp - ok

21:52:01.0699 1744 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

21:52:01.0699 1744 usbcir - ok

21:52:01.0730 1744 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys

21:52:01.0730 1744 usbehci - ok

21:52:01.0745 1744 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

21:52:01.0761 1744 usbhub - ok

21:52:01.0777 1744 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys

21:52:01.0777 1744 usbohci - ok

21:52:01.0777 1744 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

21:52:01.0777 1744 usbprint - ok

21:52:01.0823 1744 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys

21:52:01.0823 1744 usbscan - ok

21:52:01.0839 1744 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:52:01.0839 1744 USBSTOR - ok

21:52:01.0870 1744 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

21:52:01.0870 1744 usbuhci - ok

21:52:01.0917 1744 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

21:52:01.0917 1744 usbvideo - ok

21:52:01.0948 1744 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll

21:52:01.0948 1744 UxSms - ok

21:52:02.0011 1744 [ A60605FC66552B421EE1F3D4EBB9A4E0 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

21:52:02.0011 1744 VAIO Event Service - ok

21:52:02.0057 1744 [ D469BE2723F79CF4B384680B1FDC577D ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe

21:52:02.0073 1744 VAIO Power Management - ok

21:52:02.0089 1744 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe

21:52:02.0089 1744 VaultSvc - ok

21:52:02.0167 1744 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

21:52:02.0198 1744 VCFw - ok

21:52:02.0245 1744 [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

21:52:02.0260 1744 VcmIAlzMgr - ok

21:52:02.0291 1744 [ E005B04DFCA99F5880C5111933194CA9 ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

21:52:02.0307 1744 VcmINSMgr - ok

21:52:02.0354 1744 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

21:52:02.0369 1744 VcmXmlIfHelper - ok

21:52:02.0416 1744 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe

21:52:02.0432 1744 VCService - ok

21:52:02.0463 1744 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

21:52:02.0463 1744 vdrvroot - ok

21:52:02.0510 1744 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe

21:52:02.0525 1744 vds - ok

21:52:02.0557 1744 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

21:52:02.0557 1744 vga - ok

21:52:02.0588 1744 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys

21:52:02.0588 1744 VgaSave - ok

21:52:02.0635 1744 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

21:52:02.0635 1744 vhdmp - ok

21:52:02.0666 1744 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys

21:52:02.0666 1744 viaide - ok

21:52:02.0697 1744 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

21:52:02.0697 1744 volmgr - ok

21:52:02.0744 1744 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

21:52:02.0744 1744 volmgrx - ok

21:52:02.0775 1744 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

21:52:02.0775 1744 volsnap - ok

21:52:02.0806 1744 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

21:52:02.0806 1744 vsmraid - ok

21:52:02.0884 1744 [ A7EB62C664A03901165290A714BD48D0 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

21:52:02.0915 1744 VSNService - ok

21:52:02.0993 1744 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe

21:52:03.0040 1744 VSS - ok

21:52:03.0196 1744 [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe

21:52:03.0227 1744 vToolbarUpdater14.2.0 - ok

21:52:03.0352 1744 [ FB4A1695D2D74F9C92CA5E84795CDBE1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

21:52:03.0383 1744 VUAgent - ok

21:52:03.0415 1744 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

21:52:03.0415 1744 vwifibus - ok

21:52:03.0430 1744 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys

21:52:03.0430 1744 vwififlt - ok

21:52:03.0446 1744 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

21:52:03.0446 1744 vwifimp - ok

21:52:03.0477 1744 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll

21:52:03.0493 1744 W32Time - ok

21:52:03.0524 1744 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys

21:52:03.0524 1744 WacomPen - ok

21:52:03.0586 1744 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

21:52:03.0586 1744 WANARP - ok

21:52:03.0586 1744 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

21:52:03.0586 1744 Wanarpv6 - ok

21:52:03.0664 1744 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

21:52:03.0695 1744 WatAdminSvc - ok

21:52:03.0758 1744 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe

21:52:03.0789 1744 wbengine - ok

21:52:03.0820 1744 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

21:52:03.0820 1744 WbioSrvc - ok

21:52:03.0898 1744 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll

21:52:03.0898 1744 wcncsvc - ok

21:52:03.0945 1744 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:52:03.0945 1744 WcsPlugInService - ok

21:52:03.0976 1744 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys

21:52:03.0976 1744 Wd - ok

21:52:04.0023 1744 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

21:52:04.0039 1744 Wdf01000 - ok

21:52:04.0054 1744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll

21:52:04.0070 1744 WdiServiceHost - ok

21:52:04.0085 1744 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll

21:52:04.0085 1744 WdiSystemHost - ok

21:52:04.0148 1744 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll

21:52:04.0148 1744 WebClient - ok

21:52:04.0163 1744 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll

21:52:04.0179 1744 Wecsvc - ok

21:52:04.0195 1744 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

21:52:04.0195 1744 wercplsupport - ok

21:52:04.0210 1744 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll

21:52:04.0226 1744 WerSvc - ok

21:52:04.0257 1744 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

21:52:04.0257 1744 WfpLwf - ok

21:52:04.0273 1744 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys

21:52:04.0273 1744 WIMMount - ok

21:52:04.0319 1744 WinDefend - ok

21:52:04.0319 1744 WinHttpAutoProxySvc - ok

21:52:04.0382 1744 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

21:52:04.0382 1744 Winmgmt - ok

21:52:04.0475 1744 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll

21:52:04.0538 1744 WinRM - ok

21:52:04.0585 1744 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

21:52:04.0585 1744 WinUsb - ok

21:52:04.0631 1744 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll

21:52:04.0647 1744 Wlansvc - ok

21:52:04.0803 1744 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

21:52:04.0865 1744 wlidsvc - ok

21:52:04.0897 1744 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

21:52:04.0897 1744 WmiAcpi - ok

21:52:04.0943 1744 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

21:52:04.0943 1744 wmiApSrv - ok

21:52:04.0975 1744 WMPNetworkSvc - ok

21:52:05.0006 1744 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll

21:52:05.0006 1744 WPCSvc - ok

21:52:05.0068 1744 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

21:52:05.0068 1744 WPDBusEnum - ok

21:52:05.0084 1744 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

21:52:05.0084 1744 ws2ifsl - ok

21:52:05.0099 1744 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll

21:52:05.0099 1744 wscsvc - ok

21:52:05.0162 1744 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

21:52:05.0162 1744 WSDPrintDevice - ok

21:52:05.0162 1744 WSearch - ok

21:52:05.0255 1744 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll

21:52:05.0396 1744 wuauserv - ok

21:52:05.0474 1744 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

21:52:05.0474 1744 WudfPf - ok

21:52:05.0536 1744 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

21:52:05.0536 1744 WUDFRd - ok

21:52:05.0583 1744 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

21:52:05.0583 1744 wudfsvc - ok

21:52:05.0599 1744 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll

21:52:05.0614 1744 WwanSvc - ok

21:52:05.0645 1744 [ 5250193EF8E173AA7491250F00EB367F ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

21:52:05.0661 1744 yukonw7 - ok

21:52:05.0692 1744 ================ Scan global ===============================

21:52:05.0739 1744 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

21:52:05.0786 1744 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

21:52:05.0801 1744 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll

21:52:05.0833 1744 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

21:52:05.0848 1744 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

21:52:05.0864 1744 [Global] - ok

21:52:05.0864 1744 ================ Scan MBR ==================================

21:52:05.0879 1744 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

21:52:06.0113 1744 \Device\Harddisk0\DR0 - ok

21:52:06.0113 1744 ================ Scan VBR ==================================

21:52:06.0129 1744 [ BAFF445C1FE864143CC855B474A6B15D ] \Device\Harddisk0\DR0\Partition1

21:52:06.0129 1744 \Device\Harddisk0\DR0\Partition1 - ok

21:52:06.0145 1744 [ 4FA5E1B6CEB60621F18D3185B9612E2F ] \Device\Harddisk0\DR0\Partition2

21:52:06.0145 1744 \Device\Harddisk0\DR0\Partition2 - ok

21:52:06.0145 1744 ============================================================

21:52:06.0145 1744 Scan finished

21:52:06.0145 1744 ============================================================

21:52:06.0176 1516 Detected object count: 0

21:52:06.0176 1516 Actual detected object count: 0

Maurice Naggar · April 17, 2013

Yes, those 2 are ok.

You need to make really sure that Spybot's Tea Timer is turned OFF and stays off. Otherwise, it will interfere with our fixes.

Start Spybot-S&D, switch to the Advanced mode via the menu bar item Mode

then select Advanced Mode

On the left hand side, slect Tools

Then click on the Resident icon in the list

Uncheck Resident TeaTimer and OK any prompts.

2

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools

For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Do NOT turn off the firewall

Please download Rkill by Grinler and save it to your desktop.

Link 2
Link 3
Link 4
Double-click on the Rkill desktop icon to run the tool.
If using Vista or Windows 7, right-click on it and Run As Administrator.
A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
If not, delete the file, then download and use the one provided in Link 2.
If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
If the tool does not run from any of the links provided, please let me know.
If your antivirus program gives a prompt message, respond positive to allow RKILL to run.
If a malware-rogue gives a message regarding RKILL, proceed forward to running RKILL

IF you still have a problem running RKILL, you can download iExplore.exe or eXplorer.exe, which are renamed copies of rkill.com, and try them instead.

When all done, rkill.txt log file will be on your desktop. Copy & Paste contents of Rkill.txt into a reply.

More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html

3

Your logs showed some peer-to-peer filesharing apps: BitTorrent Uninstall it and confirm that for me.

Risks of File-Sharing Technology.

P2P file sharing: Know the risks

Forum policy on peer-to-peer-programs:

If you're using Peer 2 Peer software such as uTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

http://forums.malwarebytes.org/index.php?showtopic=97700

4

You will want to print out or copy these instructions to Notepad for offline reference!

These steps are for member mhomer only. If you are a casual viewer, do NOT try this on your system!

If you are not mhomer and have a similar problem, do NOT post here; start your own topic

Temporarily disable your antivirus program and close any programs that you started.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Download the attached file MhOTL.txt and SAVE to your DESKTOP
Start NOTEPAD
Start NOTEPAD. Check and make sure "word wrap" is off.
From Notepad main menu bar, Select F (format) and make sure Word Wrap is NOT checked.
IF it -is- checkmarked, click that one time so that it is un-checked.
Open the MhOTL.txt that you saved
Copy ALL the lines to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Please double-click OTL.exe to run it. (Note: If you are running on Windows 7 or Vista, right-click on the file and choose Run As Administrator).
Right click in the window (under the aqua-blue bar) and choose Paste.
Close any browser(s) windows that may be open.
Using your mouse, click on the red-lettered button .
Once you see a message box "Fix complete! Click OK to open the fix log."
Click the OK button
The log will open in Notepad (your default text editor).
Save the log. Post a copy of that log in your next reply.

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process.

If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTL\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Edited April 17, 2013 by Maurice Naggar

mhomer · April 17, 2013

Rkill 2.4.7 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/17/2013 10:25:36 PM in x64 mode.

Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Base Filtering Engine (BFE) is not Running.

Startup Type set to: Disabled

* COM+ Event System (EventSystem) is not Running.

Startup Type set to: Automatic

* Windows Firewall (MpsSvc) is not Running.

Startup Type set to: Automatic

* Security Center (wscsvc) is not Running.

Startup Type set to: Automatic (Delayed Start)

* Windows Update (wuauserv) is not Running.

Startup Type set to: Automatic (Delayed Start)

* FontCache => %SystemRoot%\system32\svchost.exe -k LocalService [incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* No issues found.

Program finished at: 04/17/2013 10:25:47 PM

Execution time: 0 hours(s), 0 minute(s), and 10 seconds(s)

mhomer · April 17, 2013

When I go to add/remove programs in control panel it tells me that bittorrent has been removed and asks if I want to remove it from the list, when I say ok it does then not remove it from the list.

mhomer · April 17, 2013

All processes killed

========== OTL ==========

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.

Use Chrome's Settings page to remove the default_search_provider items.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527}\ not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\NPSStartup deleted successfully.

File not found.

Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer not found.

File not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{047926ca-3d0e-11e0-98ac-806e6f6e6963}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{047926ca-3d0e-11e0-98ac-806e6f6e6963}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{047926ca-3d0e-11e0-98ac-806e6f6e6963}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{047926ca-3d0e-11e0-98ac-806e6f6e6963}\ not found.

File move failed. D:\seniorsectioncd.exe scheduled to be moved on reboot.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58eac9dc-5137-11e0-82cd-18f46ae2ded7}\ deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58eac9dc-5137-11e0-82cd-18f46ae2ded7}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{58eac9dc-5137-11e0-82cd-18f46ae2ded7}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{58eac9dc-5137-11e0-82cd-18f46ae2ded7}\ not found.

File E:\LaunchU3.exe -a not found.

========== FILES ==========

C:\Users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\xkhvodhw.default\searchplugins\askcom.xml moved successfully.

C:\Windows\SysWow64\JOPHMyy.exe moved successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 236192 bytes

->Flash cache emptied: 41620 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Michelle

->Temp folder emptied: 3813591006 bytes

->Temporary Internet Files folder emptied: 710388519 bytes

->Java cache emptied: 9490875 bytes

->FireFox cache emptied: 84551594 bytes

->Google Chrome cache emptied: 464629156 bytes

->Flash cache emptied: 141550 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 1027333246 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 205061 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 5,828.00 mb

[EMPTYFLASH]

User: All Users

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: Michelle

->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Michelle

->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb

Unable to start System Restore Service. Error code 1084

OTL by OldTimer - Version 3.2.69.0 log created on 04172013_223525

Maurice Naggar · April 17, 2013

You are doing a good job of following my directions. Kudos. Keep it up.

I do need to know if you are able to start in Windows normal mode :excl: Please have inifinite patience as it starts.

Windows services

This will be a batch-fix .

Press the Windows-key on keyboard.
In the box, type notepad and press Enter.

Highlight the contents of the following codebox, and copy and paste that text into NOTEPAD.

@Echo off
sc stop wuauserv
sc stop bits
sc config dcomlaunch start= auto
sc config nsi start= auto
sc config dhcp start= auto
sc config rpcss start= auto
sc config winmgmt start= auto
sc config wscsvc start= delayed-auto
sc config bits start= delayed-auto
sc config wuauserv start= delayed-auto
sc config sdrsvc start= manual
sc config vss start= auto
sc config eventlog start= auto
sc config bfe start= auto
sc config eventsystem start= auto
sc start sdrsvc
sc start vss
sc start rpcss
sc start eventsystem
sc start bfe
sc start bits
sc start wuauserv
shutdown -r -t 1
del %0

Select File -> Save AS.
Press the Desktop button on the left side of the save dialog.
In the box, type in Fix.bat.
Press .
Close Notepad.
Right click Fix.bat on your desktop, and choose .
Press Yes if prompted by User Account Control.

This procedure will do its tasks and then it will Restart Windows.

Step 2

Check for missing or disabled Windows services, by doing the following, and post detailed results when done !!

From Start button, (or Win-key +R) and in the searcht-box type in MSCONFIG and press OK or Enter.

On Vista or Windows 7, press Windows-key on keybooard, and type in MSCONFIG

You should see the General tab. Click the General tab. It should have Normal startup selected (in the radio-box=selection)

IF it does not, then you click on Normal startup.

Click on Services tab. To get it's display of services.

Keep a written list of any changes from my list of services below. That way you and I have a reference document.

Look at the bottom line Hide all Microsoft services

IF and only IF its is checkmarked, then un-check it.

the list of servies may be shown in non-alphabetical order, so ....

Look at the heading titled "Service". Click on it as needed so the list is sorted and top of list starts with the "A" services.

You can toggle as needed to get the desired order.

IF any of below services are NOT shown, don't panic & do not stop, just write down the info for me and proceed with the others !

Then using the scroll-bar scroll down the list

Look for Background Intelligent Transfer Service. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Base Filtering Engine. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ Event System. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for COM+ System Application. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Cryptographic Services. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Ipsec Policy Agent. Is it shown? Is it checked? If not, click on that checkbox to checkmark.

Look for Remote Procedure Call (RPC) Locator. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for RPC Endpoint Mapper. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Firewall. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Installer. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Management Instrumentation. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

Look for Windows Update. Is it shown ? Is it checked? If not, click on that checkbox to checkmark.

When done, press the Apply button, and the OK button.

You're likely to be prompted to Restart Windows, do so.

If not prompted, you do a Logoff and Restart of Windows.

Then report back here with details.

If any of the services are not shown, just let me know which.

mhomer · April 17, 2013

I can start in Windows normal mode but it will not allow me to open Fix.bat. Shall I try in Safe Mode instead?

Maurice Naggar · April 17, 2013

Do a Right-click on Fix.bat and then select Run as administrator and Allow to run

mhomer · April 17, 2013

It brings up the same error message I stated at the beginning in normal mode. It ran in safe mode no problems.

mhomer · April 17, 2013

All the services were listed and checkmarked in safe mode.

Maurice Naggar · April 17, 2013

Please download ExeFix.reg by farbar and save it to a flashdrive or on the root of the system drive (usually C:).

Important: Boot your computer into the account that has trouble running exe files.
Right-click it and select Merge.

Then, if you get a problem running EXE files, I need from you the exact / verbatim of the "error message". Always provide that.

mhomer · April 17, 2013

c:\Users\Michelle\Downloads\Desktop\ExeFix.reg

The service cannot be started, either because it is disabled or because it has not enabled devices associated with it.

Maurice Naggar · April 17, 2013

do a Right click on the reg file & then select Merge and allow to merge into the registry.

Once it has completed ok, then Logoff and restart in Windows normal mode. and let me know

mhomer · April 17, 2013

I get the same message if I right click and choose merge when in normal mode. Do you want me to try in safe mode?

Maurice Naggar · April 17, 2013

Yes, please. Go to Safe mode with Networking.

mhomer · April 17, 2013

completed in safe mode, no problems.

Please help

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information