Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Hope this is simple!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Hope this is simple!

Unread postby ProblemBoy » August 4th, 2013, 12:53 am

Hi! For some unknown reason I decided to run disk-cleanup from the systems toolbox yesterday evening. NEVER SHOULD HAVE DONE IT! I have no idea how long it ran since it was still running when I went to sleep, but had stopped by this morning. At some point it wanted the original installation disk for some files. I didn't even look for it since the thing has been updated a gazillion times and told it to go on. Any way, it totally destroyed the fragmentation of my hard drive. It was 70% fragmented. The other day it was only 2%. Anyway I got that straighten out. Then I ran AVG and got this:

AVG scan report 7/03/13


"";"Service function NtUserGetAsyncKeyState hook -> tsxt_kern_i386.sys DllUnload+0x3FE, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtUserGetKeyboardState hook -> tsxt_kern_i386.sys DllUnload+0x32E, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtNotifyChangeKey hook -> tsxt_kern_i386.sys +0x15D0, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"


"";"Service function NtSuspendProcess hook -> tsxt_kern_i386.sys +0x1300, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtSuspendThread hook -> tsxt_kern_i386.sys +0x13E0, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

And it is asking me if it should heal them or what????????? How am I suppose to know if it doesn't know? Since these are system files I have no idea what to do. By the way, everything was clean and working fine before running this program. Will "system restore" do the trick? Tell AVG to heal it? You are the experts so I am asking you. Below are the DDS files:

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by Anthony at 0:13:54 on 2013-08-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.133 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\snmp.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Windows Live Toolbar: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: Windows Live Toolbar: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WorkForce 435(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatihra.exe /fu "c:\docume~1\anthony\locals~1\temp\E_S74.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [TFncKy] TFncKy.exe
mRun: [TDispVol] TDispVol.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logitech setpoint.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\metama~1.lnk - c:\program files\metamail inc\metamail tray\Metamail Trust Manager.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:\program files\piclensie\cooliris.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Custom ... anager.CAB
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{22692D1F-4F17-4FB2-AF0E-1B69FE9576AD} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\anthony\application data\mozilla\firefox\profiles\yer9dd8q.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.msn.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\anthony\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\anthony\application data\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\documents and settings\anthony\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft research\hdview for firefox\nphdview.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-06-20 17:01; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-06-30 23:41; {9309FA47-1B48-4768-AFA4-9E0556F5DC81}; c:\program files\lyricspal\116.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 31576]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2006-2-15 14336]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-10-14 10384]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-4-16 39056]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-11-22 3290304]
R2 vToolbarUpdater14.0.0;vToolbarUpdater14.0.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.0.0\ToolbarUpdater.exe [2012-12-26 945480]
S1 MpKsle16d8c51;MpKsle16d8c51;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e4c32a8c-6984-483b-b45e-1faccd4b53f2}\mpksle16d8c51.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e4c32a8c-6984-483b-b45e-1faccd4b53f2}\MpKsle16d8c51.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S4 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-11-9 196376]
S4 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-10 05:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-07-10 01:35:25 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-10 01:35:24 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-26 20:45:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-26 20:45:46 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-26 20:45:45 867240 -c--a-w- c:\windows\system32\npdeployJava1.dll
2013-06-26 20:45:45 789416 -c--a-w- c:\windows\system32\deployJava1.dll
2013-06-20 20:57:45 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-06-20 20:57:45 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-06-08 03:55:44 385024 -c----w- c:\windows\system32\html.iec
2013-06-07 21:56:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:56:06 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-07 21:56:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-06-04 07:23:02 562688 -c--a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-09 04:28:02 1543680 -c----w- c:\windows\system32\wmvdecod.dll
2006-11-03 04:34:16 14879120 -c--a-w- c:\program files\GoogleEarthWin.exe
.
============= FINISH: 0:14:55.53 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/6/2006 5:47:49 PM
System Uptime: 8/3/2013 6:25:26 PM (6 hours ago)
.
Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Genuine Intel(R) CPU T2050 @ 1.60GHz | U1 | 1596/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 28.329 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP77: 5/6/2013 11:34:24 AM - System Checkpoint
RP78: 5/7/2013 12:13:51 PM - System Checkpoint
RP79: 5/8/2013 3:29:32 PM - System Checkpoint
RP80: 5/9/2013 6:38:54 PM - System Checkpoint
RP81: 5/10/2013 7:06:08 PM - System Checkpoint
RP82: 5/11/2013 8:10:56 PM - System Checkpoint
RP83: 5/12/2013 9:55:15 PM - System Checkpoint
RP84: 5/14/2013 9:36:23 AM - System Checkpoint
RP85: 5/15/2013 4:01:27 PM - System Checkpoint
RP86: 5/15/2013 5:48:22 PM - Software Distribution Service 3.0
RP87: 5/15/2013 8:46:56 PM - Software Distribution Service 3.0
RP88: 5/16/2013 9:28:00 PM - System Checkpoint
RP89: 5/17/2013 9:43:40 PM - System Checkpoint
RP90: 5/18/2013 10:40:04 PM - System Checkpoint
RP91: 5/19/2013 1:08:00 AM - Installed AVG 2013
RP92: 5/19/2013 1:09:32 AM - Installed AVG 2013
RP93: 5/19/2013 3:41:10 PM - Software Distribution Service 3.0
RP94: 5/20/2013 4:52:37 PM - System Checkpoint
RP95: 5/21/2013 10:50:19 PM - System Checkpoint
RP96: 5/23/2013 4:17:42 PM - System Checkpoint
RP97: 5/24/2013 6:14:04 PM - System Checkpoint
RP98: 5/25/2013 7:29:10 PM - System Checkpoint
RP99: 5/26/2013 7:45:49 PM - System Checkpoint
RP100: 5/27/2013 10:09:06 PM - System Checkpoint
RP101: 5/29/2013 11:04:06 PM - System Checkpoint
RP102: 5/31/2013 9:29:09 AM - System Checkpoint
RP103: 6/1/2013 10:30:59 AM - System Checkpoint
RP104: 6/2/2013 11:39:36 AM - System Checkpoint
RP105: 6/3/2013 1:07:40 PM - System Checkpoint
RP106: 6/4/2013 1:52:31 PM - System Checkpoint
RP107: 6/6/2013 3:15:11 PM - System Checkpoint
RP108: 6/8/2013 10:24:47 AM - System Checkpoint
RP109: 6/9/2013 1:04:23 PM - System Checkpoint
RP110: 6/10/2013 1:37:52 PM - System Checkpoint
RP111: 6/11/2013 3:36:54 PM - System Checkpoint
RP112: 6/12/2013 9:27:40 AM - Software Distribution Service 3.0
RP113: 6/13/2013 12:22:46 PM - System Checkpoint
RP114: 6/14/2013 1:03:36 PM - System Checkpoint
RP115: 6/15/2013 3:49:48 PM - System Checkpoint
RP116: 6/16/2013 4:14:15 PM - System Checkpoint
RP117: 6/17/2013 4:53:08 PM - System Checkpoint
RP118: 6/19/2013 8:24:06 AM - System Checkpoint
RP119: 6/20/2013 9:47:51 AM - System Checkpoint
RP120: 6/21/2013 10:23:46 PM - System Checkpoint
RP121: 6/22/2013 11:14:32 PM - System Checkpoint
RP122: 6/24/2013 11:33:21 AM - System Checkpoint
RP123: 6/25/2013 12:46:37 PM - System Checkpoint
RP124: 6/26/2013 4:44:57 PM - Removed Java 7 Update 21
RP125: 6/27/2013 8:12:58 PM - System Checkpoint
RP126: 6/29/2013 11:04:50 AM - System Checkpoint
RP127: 6/30/2013 12:58:37 PM - System Checkpoint
RP128: 7/1/2013 5:14:52 PM - System Checkpoint
RP129: 7/2/2013 6:35:27 PM - System Checkpoint
RP130: 7/3/2013 7:02:47 PM - System Checkpoint
RP131: 7/4/2013 7:10:27 PM - System Checkpoint
RP132: 7/5/2013 11:53:59 PM - System Checkpoint
RP133: 7/7/2013 12:38:39 PM - System Checkpoint
RP134: 7/8/2013 5:32:24 PM - System Checkpoint
RP135: 7/9/2013 6:37:49 PM - System Checkpoint
RP136: 7/11/2013 12:03:39 AM - System Checkpoint
RP137: 7/11/2013 1:46:57 PM - Software Distribution Service 3.0
RP138: 7/12/2013 2:18:56 PM - System Checkpoint
RP139: 7/13/2013 6:26:58 PM - System Checkpoint
RP140: 7/14/2013 9:54:28 PM - System Checkpoint
RP141: 7/15/2013 9:55:58 PM - System Checkpoint
RP142: 7/16/2013 10:33:37 PM - System Checkpoint
RP143: 7/18/2013 12:13:39 PM - System Checkpoint
RP144: 7/19/2013 6:31:50 PM - System Checkpoint
RP145: 7/20/2013 10:49:52 PM - System Checkpoint
RP146: 7/21/2013 11:24:35 PM - System Checkpoint
RP147: 7/23/2013 9:00:48 AM - System Checkpoint
RP148: 7/24/2013 10:24:26 AM - System Checkpoint
RP149: 7/25/2013 12:19:23 PM - System Checkpoint
RP150: 7/26/2013 12:46:29 PM - System Checkpoint
RP151: 7/27/2013 6:20:26 PM - System Checkpoint
RP152: 7/28/2013 7:33:36 PM - System Checkpoint
RP153: 7/30/2013 11:40:55 AM - System Checkpoint
RP154: 7/31/2013 3:17:09 PM - System Checkpoint
RP155: 8/1/2013 5:11:56 PM - System Checkpoint
RP156: 8/2/2013 6:45:44 PM - System Checkpoint
RP157: 8/3/2013 8:04:14 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
ABBYY FineReader 9.0 Sprint
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Adobe Shockwave Player 11.6
Adobe® Photoshop® Album Starter Edition 3.2
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2013
Bejeweled 2 Deluxe
Bernie Schaeffer's Options 101 CD-ROM 4.0.1
Bing Bar
BlackBerry Desktop Software 5.0
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
Bonjour
BufferChm
Bundled software uninstaller
Call of Duty Game of the Year Edition
CASIO USB Driver V1.2.2474.0623
CCleaner
CD/DVD Drive Acoustic Silencer
CDDRV_Installer
Compatibility Pack for the 2007 Office system
Cooliris for Internet Explorer
CustomerResearchQFolder
DeviceManagementQFolder
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
DVD-RAM Driver
Encore LaunchPad 6.8.25.100
Entriq MediaSphere 3.5.2.2
Epson Connect
Epson Customer Participation
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 435 Series Printer Uninstall
EpsonNet Print
erLT
ESPNMotion
eSupportQFolder
F4200
F4200_Help
Facebook Plug-In
FATE
FilesFrog Update Checker
GameCenter
GemMaster Mystic
GoforFiles
Gold Club Casino
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
GPBaseService2
HDView for Firefox
HighRoller
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hoyle Card Games 2007
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
HP Photosmart C6300 All-In-One Driver Software 12.0 Rel .4
HP Photosmart Essential 3.5
HP Smart Web Printing
HP Solution Center 12.0
HP Update
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HSP 1.0
HyperLoad - Golf Course
ImageMixer VCD/DVD2 for OLYMPUS
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
iTunes
Java 7 Update 25
Java Auto Updater
JavaFX 2.1.1
KhalInstallWrapper
Kobo
Learn-To-Count BlackJack 1.9
LG Android Drivers
LG USB Modem driver
Logitech SetPoint
LTCM Client
Lyrics-Pal
Macromedia Flash Player 8
Malwarebytes Anti-Malware version 1.75.0.1300
mCore
mDrWiFi
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office OneNote 2003
Microsoft Office XP Professional
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
mIWA
mLogView
mMHouse
Motorola Driver Installation 3.9.0
Move Media Player
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
mPfWiz
mProSafe
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
mWlsSafe
mXML
mZConfig
NBC Universal 1.0.0.7
Office 2003 Trial Assistant
Ogg Codecs 0.81.15562
OLYMPUS Master
OLYMPUS Master 2
Otto
Paint.NET v3.36
Pantech Handset Driver
Polar Golfer
PS_AIO_04_C6300_Software_Min
PSSWCORE
Pure Sudoku 1.51
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rhapsody Player Engine
SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
Scan
SCRABBLE
SD Secure Module
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Skype Click to Call
Skype™ 5.10
Sonic DLA
Sonic Encoders
Sonic RecordNow!
swMSM
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Toolbox
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Game Console
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Registration
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA TV Tuner 4.0.12.73
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Ultimate Sudoku
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
VideoToolkit01
WebFldrs XP
WebReg
Win@Baccarat - FREE 2.9
Win@Baccarat Gold with the Predictor System 5.4.20
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live installer
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin
World Series of Poker: TOC
.
==== Event Viewer Messages From Past Week ========
.
8/2/2013 8:55:55 PM, information: Windows File Protection [64005] - The protected system file drmstor.dll was not restored to its original, valid version because the Windows File Protection restoration process was cancelled by user interaction, user name is Anthony. The file version of the bad file is 10.0.0.3802.
8/2/2013 8:55:55 PM, information: Windows File Protection [64005] - The protected system file drmclien.dll was not restored to its original, valid version because the Windows File Protection restoration process was cancelled by user interaction, user name is Anthony. The file version of the bad file is 10.0.0.3802.
8/2/2013 8:47:55 PM, information: Windows File Protection [64001] - File replacement was attempted on the protected system file wupdmgr.exe. This file was restored to the original version to maintain system stability. The file version of the bad file is 5.4.2600.0, the version of the system file is 5.4.2600.0.
7/30/2013 10:53:57 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
7/28/2013 9:27:18 AM, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 0018DE06D36C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
.
==== End Of File ===========================
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am
Advertisement
Register to Remove

Re: Hope this is simple!

Unread postby nunped » August 6th, 2013, 6:27 am

Hello ProblemBoy, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

  1. Please read this topic: ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
  2. The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
  3. You must have Administrator rights permissions for this computer.
  4. DO NOT run any other fix or removal tools unless instructed to do so!
  5. DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
  6. Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
  7. Only reply to this thread. Do not start another thread.
  8. The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".
  9. No Reply Within 3 Days will result in your topic being closed!


Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Hope this is simple!

Unread postby ProblemBoy » August 6th, 2013, 12:32 pm

Hi nunped
Just wanted to update you as to what is going on. The computer seems to be running fine. I have done nothing in the way of trying to solve the problem and actually thought that AVG may have reported a false positive. It automatically scans every morning and has reported no infections until today. It now shows 8. Looks to me like the original 5 plus 3. I am providing you with the scan information and new dds files. Thank you for your help.

AVG scan report 8/03/13


"";"Service function NtUserGetAsyncKeyState hook -> tsxt_kern_i386.sys DllUnload+0x3FE, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtUserGetKeyboardState hook -> tsxt_kern_i386.sys DllUnload+0x32E, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtNotifyChangeKey hook -> tsxt_kern_i386.sys +0x15D0, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtSuspendProcess hook -> tsxt_kern_i386.sys +0x1300, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtSuspendThread hook -> tsxt_kern_i386.sys +0x13E0, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"


AVG scan report 8/6/13

"";"Service function NtUserGetAsyncKeyState hook -> tsxt_kern_i386.sys DllUnload+0x3FE, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtUserGetKeyboardState hook -> tsxt_kern_i386.sys DllUnload+0x32E, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtNotifyChangeKey hook -> tsxt_kern_i386.sys +0x15D0, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtSuspendProcess hook -> tsxt_kern_i386.sys +0x1300, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtSuspendThread hook -> tsxt_kern_i386.sys +0x13E0, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtTerminateProcess hook -> tsxt_kern_i386.sys +0x1120, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtTerminateThread hook -> tsxt_kern_i386.sys +0x1210, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

"";"Service function NtWriteVirtualMemory hook -> tsxt_kern_i386.sys +0x14D0, C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys";"Infected"

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
Run by Anthony at 11:29:39 on 2013-08-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.482 [GMT -4:00]
.
AV: AVG Internet Security 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ================
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\System32\snmp.exe
c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
C:\Program Files\real\realplayer\update\realsched.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\RAMASST.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k hpdevmgmt
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.msn.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: &Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: Windows Live Toolbar: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: Windows Live Toolbar: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - c:\program files\windows live toolbar\msntb.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WorkForce 435(Network)] c:\windows\system32\spool\drivers\w32x86\3\e_fatihra.exe /fu "c:\docume~1\anthony\locals~1\temp\E_S74.tmp" /EF "HKCU"
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
mRun: [TFncKy] TFncKy.exe
mRun: [TDispVol] TDispVol.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [SynTPLpr] c:\program files\synaptics\syntp\SynTPLpr.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [LtMoh] c:\program files\ltmoh\Ltmoh.exe
mRun: [AGRSMMSG] AGRSMMSG.exe
mRun: [NDSTray.exe] NDSTray.exe
mRun: [IntelZeroConfig] "c:\program files\intel\wireless\bin\ZCfgSvc.exe"
mRun: [IntelWireless] "c:\program files\intel\wireless\bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [CFSServ.exe] CFSServ.exe -NoClient
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logitech setpoint.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\metama~1.lnk - c:\program files\metamail inc\metamail tray\Metamail Trust Manager.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\ramasst.lnk - c:\windows\system32\RAMASST.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {3437D640-C91A-458f-89F5-B9095EA4C28B} - {04F93351-81D2-4484-9982-0D55DEFFFAE6} - c:\program files\piclensie\cooliris.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxp://h20364.www2.hp.com/CSMWeb/Custom ... anager.CAB
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{22692D1F-4F17-4FB2-AF0E-1B69FE9576AD} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.95\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\anthony\application data\mozilla\firefox\profiles\yer9dd8q.default\
FF - prefs.js: browser.startup.homepage - hxxp://my.msn.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\documents and settings\anthony\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\anthony\application data\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\documents and settings\anthony\application data\move networks\plugins\npqmp071705000014.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft research\hdview for firefox\nphdview.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: 2013-06-20 17:01; {FCE04E1F-9378-4f39-96F6-5689A9159E45}; c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\firefox\Ext
FF - ExtSQL: 2013-06-30 23:41; {9309FA47-1B48-4768-AFA4-9E0556F5DC81}; c:\program files\lyricspal\116.xpi
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-2-8 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-8-8 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-9-13 39224]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-7-11 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-7-11 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-4 31576]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\common files\abbyy\finereadersprint\9.00\licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
R2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\epson\epsoncustomerparticipation\EPCP.exe [2011-6-9 521600]
R2 Iprip;RIP Listener;c:\windows\system32\svchost.exe -k netsvcs [2006-2-15 14336]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [2009-10-14 10384]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-4-16 39056]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-11-22 3290304]
R2 vToolbarUpdater14.0.0;vToolbarUpdater14.0.0;c:\program files\common files\avg secure search\vtoolbarupdater\14.0.0\ToolbarUpdater.exe [2012-12-26 945480]
S1 MpKsle16d8c51;MpKsle16d8c51;\??\c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e4c32a8c-6984-483b-b45e-1faccd4b53f2}\mpksle16d8c51.sys --> c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e4c32a8c-6984-483b-b45e-1faccd4b53f2}\MpKsle16d8c51.sys [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S4 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-11-9 196376]
S4 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2013-07-10 05:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2013-07-10 01:35:25 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-07-10 01:35:24 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-26 20:45:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-06-26 20:45:46 144896 ----a-w- c:\windows\system32\javacpl.cpl
2013-06-26 20:45:45 867240 -c--a-w- c:\windows\system32\npdeployJava1.dll
2013-06-26 20:45:45 789416 -c--a-w- c:\windows\system32\deployJava1.dll
2013-06-20 20:57:45 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-06-20 20:57:45 348160 ----a-w- c:\windows\system32\msvcr71.dll
2013-06-08 03:55:44 385024 -c----w- c:\windows\system32\html.iec
2013-06-07 21:56:06 920064 ----a-w- c:\windows\system32\wininet.dll
2013-06-07 21:56:06 43520 ------w- c:\windows\system32\licmgr10.dll
2013-06-07 21:56:05 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-06-04 07:23:02 562688 -c--a-w- c:\windows\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows\system32\win32k.sys
2013-05-09 04:28:02 1543680 -c----w- c:\windows\system32\wmvdecod.dll
2006-11-03 04:34:16 14879120 -c--a-w- c:\program files\GoogleEarthWin.exe
.
============= FINISH: 11:35:22.04 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 10/6/2006 5:47:49 PM
System Uptime: 8/6/2013 9:37:50 AM (2 hours ago)
.
Motherboard: Intel Corporation | | MPAD-MSAE Customer Reference Boards
Processor: Genuine Intel(R) CPU T2050 @ 1.60GHz | U1 | 1595/mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 93 GiB total, 28.115 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP79: 5/8/2013 3:29:32 PM - System Checkpoint
RP80: 5/9/2013 6:38:54 PM - System Checkpoint
RP81: 5/10/2013 7:06:08 PM - System Checkpoint
RP82: 5/11/2013 8:10:56 PM - System Checkpoint
RP83: 5/12/2013 9:55:15 PM - System Checkpoint
RP84: 5/14/2013 9:36:23 AM - System Checkpoint
RP85: 5/15/2013 4:01:27 PM - System Checkpoint
RP86: 5/15/2013 5:48:22 PM - Software Distribution Service 3.0
RP87: 5/15/2013 8:46:56 PM - Software Distribution Service 3.0
RP88: 5/16/2013 9:28:00 PM - System Checkpoint
RP89: 5/17/2013 9:43:40 PM - System Checkpoint
RP90: 5/18/2013 10:40:04 PM - System Checkpoint
RP91: 5/19/2013 1:08:00 AM - Installed AVG 2013
RP92: 5/19/2013 1:09:32 AM - Installed AVG 2013
RP93: 5/19/2013 3:41:10 PM - Software Distribution Service 3.0
RP94: 5/20/2013 4:52:37 PM - System Checkpoint
RP95: 5/21/2013 10:50:19 PM - System Checkpoint
RP96: 5/23/2013 4:17:42 PM - System Checkpoint
RP97: 5/24/2013 6:14:04 PM - System Checkpoint
RP98: 5/25/2013 7:29:10 PM - System Checkpoint
RP99: 5/26/2013 7:45:49 PM - System Checkpoint
RP100: 5/27/2013 10:09:06 PM - System Checkpoint
RP101: 5/29/2013 11:04:06 PM - System Checkpoint
RP102: 5/31/2013 9:29:09 AM - System Checkpoint
RP103: 6/1/2013 10:30:59 AM - System Checkpoint
RP104: 6/2/2013 11:39:36 AM - System Checkpoint
RP105: 6/3/2013 1:07:40 PM - System Checkpoint
RP106: 6/4/2013 1:52:31 PM - System Checkpoint
RP107: 6/6/2013 3:15:11 PM - System Checkpoint
RP108: 6/8/2013 10:24:47 AM - System Checkpoint
RP109: 6/9/2013 1:04:23 PM - System Checkpoint
RP110: 6/10/2013 1:37:52 PM - System Checkpoint
RP111: 6/11/2013 3:36:54 PM - System Checkpoint
RP112: 6/12/2013 9:27:40 AM - Software Distribution Service 3.0
RP113: 6/13/2013 12:22:46 PM - System Checkpoint
RP114: 6/14/2013 1:03:36 PM - System Checkpoint
RP115: 6/15/2013 3:49:48 PM - System Checkpoint
RP116: 6/16/2013 4:14:15 PM - System Checkpoint
RP117: 6/17/2013 4:53:08 PM - System Checkpoint
RP118: 6/19/2013 8:24:06 AM - System Checkpoint
RP119: 6/20/2013 9:47:51 AM - System Checkpoint
RP120: 6/21/2013 10:23:46 PM - System Checkpoint
RP121: 6/22/2013 11:14:32 PM - System Checkpoint
RP122: 6/24/2013 11:33:21 AM - System Checkpoint
RP123: 6/25/2013 12:46:37 PM - System Checkpoint
RP124: 6/26/2013 4:44:57 PM - Removed Java 7 Update 21
RP125: 6/27/2013 8:12:58 PM - System Checkpoint
RP126: 6/29/2013 11:04:50 AM - System Checkpoint
RP127: 6/30/2013 12:58:37 PM - System Checkpoint
RP128: 7/1/2013 5:14:52 PM - System Checkpoint
RP129: 7/2/2013 6:35:27 PM - System Checkpoint
RP130: 7/3/2013 7:02:47 PM - System Checkpoint
RP131: 7/4/2013 7:10:27 PM - System Checkpoint
RP132: 7/5/2013 11:53:59 PM - System Checkpoint
RP133: 7/7/2013 12:38:39 PM - System Checkpoint
RP134: 7/8/2013 5:32:24 PM - System Checkpoint
RP135: 7/9/2013 6:37:49 PM - System Checkpoint
RP136: 7/11/2013 12:03:39 AM - System Checkpoint
RP137: 7/11/2013 1:46:57 PM - Software Distribution Service 3.0
RP138: 7/12/2013 2:18:56 PM - System Checkpoint
RP139: 7/13/2013 6:26:58 PM - System Checkpoint
RP140: 7/14/2013 9:54:28 PM - System Checkpoint
RP141: 7/15/2013 9:55:58 PM - System Checkpoint
RP142: 7/16/2013 10:33:37 PM - System Checkpoint
RP143: 7/18/2013 12:13:39 PM - System Checkpoint
RP144: 7/19/2013 6:31:50 PM - System Checkpoint
RP145: 7/20/2013 10:49:52 PM - System Checkpoint
RP146: 7/21/2013 11:24:35 PM - System Checkpoint
RP147: 7/23/2013 9:00:48 AM - System Checkpoint
RP148: 7/24/2013 10:24:26 AM - System Checkpoint
RP149: 7/25/2013 12:19:23 PM - System Checkpoint
RP150: 7/26/2013 12:46:29 PM - System Checkpoint
RP151: 7/27/2013 6:20:26 PM - System Checkpoint
RP152: 7/28/2013 7:33:36 PM - System Checkpoint
RP153: 7/30/2013 11:40:55 AM - System Checkpoint
RP154: 7/31/2013 3:17:09 PM - System Checkpoint
RP155: 8/1/2013 5:11:56 PM - System Checkpoint
RP156: 8/2/2013 6:45:44 PM - System Checkpoint
RP157: 8/3/2013 8:04:14 PM - System Checkpoint
RP158: 8/5/2013 12:01:50 AM - System Checkpoint
RP159: 8/6/2013 12:39:28 AM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
ABBYY FineReader 9.0 Sprint
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
Adobe Shockwave Player 11.6
Adobe® Photoshop® Album Starter Edition 3.2
Amazon Kindle
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2013
Bejeweled 2 Deluxe
Bernie Schaeffer's Options 101 CD-ROM 4.0.1
Bing Bar
BlackBerry Desktop Software 5.0
Blasterball 2 Revolution
Bluetooth Stack for Windows by Toshiba
Bonjour
BufferChm
Bundled software uninstaller
Call of Duty Game of the Year Edition
CASIO USB Driver V1.2.2474.0623
CCleaner
CD/DVD Drive Acoustic Silencer
CDDRV_Installer
Compatibility Pack for the 2007 Office system
Cooliris for Internet Explorer
CustomerResearchQFolder
DeviceManagementQFolder
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
DVD-RAM Driver
Encore LaunchPad 6.8.25.100
Entriq MediaSphere 3.5.2.2
Epson Connect
Epson Customer Participation
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 435 Series Printer Uninstall
EpsonNet Print
erLT
ESPNMotion
eSupportQFolder
F4200
F4200_Help
Facebook Plug-In
FATE
FilesFrog Update Checker
GameCenter
GemMaster Mystic
GoforFiles
Gold Club Casino
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
GPBaseService2
HDView for Firefox
HighRoller
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hoyle Card Games 2007
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
HP Photosmart C6300 All-In-One Driver Software 12.0 Rel .4
HP Photosmart Essential 3.5
HP Smart Web Printing
HP Solution Center 12.0
HP Update
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HSP 1.0
HyperLoad - Golf Course
ImageMixer VCD/DVD2 for OLYMPUS
Intel(R) Graphics Media Accelerator Driver
Intel(R) PRO Network Connections Drivers
Intel(R) PROSet/Wireless Software
InterVideo WinDVD Creator 2
InterVideo WinDVD for TOSHIBA
iTunes
Java 7 Update 25
Java Auto Updater
JavaFX 2.1.1
KhalInstallWrapper
Kobo
Learn-To-Count BlackJack 1.9
LG Android Drivers
LG USB Modem driver
Logitech SetPoint
LTCM Client
Lyrics-Pal
Macromedia Flash Player 8
Malwarebytes Anti-Malware version 1.75.0.1300
mCore
mDrWiFi
mHelp
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office OneNote 2003
Microsoft Office XP Professional
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
mIWA
mLogView
mMHouse
Motorola Driver Installation 3.9.0
Move Media Player
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
mPfMgr
mPfWiz
mProSafe
MSN
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
mWlsSafe
mXML
mZConfig
NBC Universal 1.0.0.7
Office 2003 Trial Assistant
Ogg Codecs 0.81.15562
OLYMPUS Master
OLYMPUS Master 2
Otto
Paint.NET v3.36
Pantech Handset Driver
Polar Golfer
PS_AIO_04_C6300_Software_Min
PSSWCORE
Pure Sudoku 1.51
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rhapsody Player Engine
SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
Scan
SCRABBLE
SD Secure Module
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Skype Click to Call
Skype™ 5.10
Sonic DLA
Sonic Encoders
Sonic RecordNow!
swMSM
Synaptics Pointing Device Driver
Texas Instruments PCIxx21/x515/xx12 drivers.
TIPCI
Toolbox
TOSHIBA Assist
TOSHIBA ConfigFree
TOSHIBA Controls
TOSHIBA Game Console
TOSHIBA Hotkey Utility
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver
Toshiba Registration
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem
TOSHIBA Software Upgrades
TOSHIBA Speech System Applications
TOSHIBA Speech System SR Engine(U.S.) Version1.0
TOSHIBA Speech System TTS Engine(U.S.) Version1.0
TOSHIBA TouchPad ON/Off Utility
TOSHIBA TV Tuner 4.0.12.73
TOSHIBA Utilities
TOSHIBA Virtual Sound
TOSHIBA Zooming Utility
Ultimate Sudoku
UnloadSupport
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
VideoToolkit01
WebFldrs XP
WebReg
Win@Baccarat - FREE 2.9
Win@Baccarat Gold with the Predictor System 5.4.20
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live installer
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Toolbar
Windows Live Writer
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin
World Series of Poker: TOC
.
==== Event Viewer Messages From Past Week ========
.
8/4/2013 9:53:00 AM, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 0018DE06D36C has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
8/4/2013 10:55:40 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
8/4/2013 10:55:38 AM, error: Service Control Manager [7031] - The AVG WatchDog service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
7/30/2013 10:53:57 AM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.
.
==== End Of File ===========================
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am

Re: Hope this is simple!

Unread postby nunped » August 6th, 2013, 2:06 pm

Hi ProblemBoy,

Please run these following scans:

Step 1 - OTL
Please download OTL by Old Timer. Save it to your Desktop.
If you can't download the exe file, try these links:
http://oldtimer.geekstogo.com/OTL.com
http://oldtimer.geekstogo.com/OTL.scr
  • Double click OTL.exe (or OTL.com or OTL.scr) to launch the program.
  • Click the Scan All Users checkbox.
    Leave the remaining selections to the default settings.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.
  • Please post the contents of both OTL.txt and Extras.txt files in your next reply.

Step 2 - TDSSKiller - Rootkit Removal Tool
Please download the TDSSKiller.exe by Kaspersky... save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    If TDSSKiller does not run... rename it. Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. ektfhtw.com). If you don't see file extensions, please see: How to change the file extension.
  • Click the Start Scan button. Do not use the computer during the scan!
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the "Scan results - Select action for found objects" and offer 3 options.
    • Ensure SKIP is selected... DO NOT attempt to FIX anything yet!
    • Now click on Report to open the log file created by TDSSKiller in your root directory C:\
  • A log file named TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt will be created and saved to the root directory. (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Hope this is simple!

Unread postby ProblemBoy » August 8th, 2013, 10:25 am

Hi nunped,

Below are copies of the two OTL files. TDSSKiller ran for 21sec and scanned 371 objects and found no infections.

OTL logfile created on: 8/8/2013 9:21:58 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Anthony\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.98 Mb Total Physical Memory | 559.75 Mb Available Physical Memory | 55.20% Memory free
2.39 Gb Paging File | 1.80 Gb Available in Paging File | 75.33% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.91 Gb Total Space | 28.07 Gb Free Space | 30.21% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: TOSHIBA-ANTHONY | User Name: Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/08 09:05:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anthony\Desktop\OTL.exe
PRC - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/07/10 01:33:22 | 000,452,144 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgcsrvx.exe
PRC - [2013/07/04 15:53:28 | 000,763,952 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgrsx.exe
PRC - [2013/07/04 15:53:26 | 001,117,744 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgnsx.exe
PRC - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgidsagent.exe
PRC - [2013/07/01 01:46:26 | 004,411,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgui.exe
PRC - [2013/06/26 16:45:47 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/06/20 16:59:43 | 000,295,512 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2013/03/18 02:38:48 | 000,799,280 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2013\avgemcx.exe
PRC - [2012/12/26 09:16:13 | 000,945,480 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
PRC - [2012/11/22 11:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/09/20 00:02:24 | 000,363,752 | ---- | M] (BillP Studios) -- C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
PRC - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
PRC - [2008/04/13 20:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
PRC - [2005/12/20 15:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2005/12/16 04:21:00 | 000,151,552 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\Toshiba.exe
PRC - [2005/12/05 15:37:40 | 000,667,718 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2005/11/28 14:41:50 | 000,602,182 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2005/11/28 14:37:52 | 000,397,381 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2005/11/17 19:44:38 | 000,798,720 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSServ.exe
PRC - [2005/11/02 20:41:04 | 000,978,944 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2005/08/16 15:23:12 | 000,188,416 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
PRC - [2005/07/12 21:14:42 | 000,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
PRC - [2005/03/11 19:03:16 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TDispVol.exe
PRC - [2005/01/17 20:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2004/08/28 04:37:00 | 000,155,648 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\RAMASST.exe
PRC - [2004/08/28 04:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2004/08/18 07:37:44 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe


========== Modules (No Company Name) ==========

MOD - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
MOD - [2013/01/02 02:49:10 | 001,292,288 | ---- | M] () -- C:\WINDOWS\system32\quartz.dll
MOD - [2012/12/26 09:16:13 | 000,945,480 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
MOD - [2012/06/20 17:23:00 | 000,599,419 | ---- | M] () -- C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll
MOD - [2008/04/13 20:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 20:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2005/11/28 14:59:16 | 000,876,544 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
MOD - [2005/11/28 14:59:16 | 000,208,965 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2005/11/28 14:59:16 | 000,053,322 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
MOD - [2005/11/23 18:55:38 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\TCtrlIO.dll
MOD - [2005/11/03 14:37:58 | 000,970,862 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2005/07/12 21:14:42 | 000,040,960 | ---- | M] () -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
MOD - [2004/07/20 21:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
MOD - [2002/03/03 08:40:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\system32\TDispVol.dll


========== Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/07/23 19:09:28 | 000,283,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/07/09 21:35:25 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/04 15:53:10 | 004,939,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/07/02 16:12:08 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/06/26 16:45:47 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/04/16 03:07:08 | 000,039,056 | ---- | M] () [Auto | Running] -- C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012/12/26 09:16:13 | 000,945,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe -- (vToolbarUpdater14.0.0)
SRV - [2012/11/22 11:29:16 | 003,290,304 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/11/09 14:16:12 | 000,196,376 | ---- | M] (Microsoft Corporation.) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/10/13 17:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC)
SRV - [2008/04/13 20:12:22 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/13 20:12:02 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/13 20:11:55 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2006/12/19 18:23:20 | 000,094,208 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe -- (EpsonBidirectionalService)
SRV - [2005/12/20 15:22:14 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/07/12 21:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\TOSHIBA\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 20:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/08/28 04:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E4C32A8C-6984-483B-B45E-1FACCD4B53F2}\MpKsle16d8c51.sys -- (MpKsle16d8c51)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2013/07/20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2013/07/20 01:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2013/07/20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2013/07/20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2013/07/10 01:32:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2013/07/01 01:45:28 | 000,096,568 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2013/03/21 03:08:24 | 000,182,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2013/03/01 10:32:20 | 000,022,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/12/26 09:16:13 | 000,031,576 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2010/02/11 08:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 12:55:34 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2005/12/09 20:48:40 | 004,123,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService)
DRV - [2005/12/04 13:55:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
DRV - [2005/11/30 15:01:02 | 000,043,392 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/11/30 14:12:00 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/11/28 15:09:26 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/11/15 13:00:22 | 001,122,656 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/10/20 18:03:42 | 000,006,144 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/10/06 09:20:00 | 000,094,332 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2005/10/06 09:20:00 | 000,087,036 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2005/10/06 09:20:00 | 000,086,524 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2005/10/06 09:20:00 | 000,025,628 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2005/10/06 09:20:00 | 000,014,684 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2005/10/06 09:20:00 | 000,006,364 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2005/10/06 09:20:00 | 000,002,496 | ---- | M] (Sonic Solutions) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResN.SYS -- (DLADResN)
DRV - [2005/09/09 18:47:10 | 000,009,344 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/08/25 16:16:52 | 000,005,628 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2005/08/25 16:16:16 | 000,022,684 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_N.SYS -- (DLARTL_N)
DRV - [2005/08/24 19:20:28 | 000,009,472 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (tbiosdrv)
DRV - [2005/06/02 07:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/01/12 04:05:46 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2003/09/19 05:47:00 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/01/29 18:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 16:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{8799D62D-9924-4079-90F4-5F491D78EEAD}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&FORM=MSNIE7&src={referrer:source?}


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.toshiba.com/search
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.toshibadirect.com/dpdstart
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\SearchScopes,DefaultScope = {86E7B7B1-BA25-4A3D-B00C-9F6BEDF685E1}
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\SearchScopes\{026FF327-398E-49DC-BBC9-39A566D8D2A8}: "URL" = http://www.google.com/search?q={searchTerms}&rls=p,com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGIT_en
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\SearchScopes\{2D87485E-962F-4245-835F-E8E7C341DAD4}: "URL" = http://search.avg.com/route/?d=4cc63764 ... =chrome&q={searchTerms}&lng={language}&iy=&ychte=us
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\SearchScopes\{86E7B7B1-BA25-4A3D-B00C-9F6BEDF685E1}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&rlz=1I7GGIT_en
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://my.msn.com/"
FF - prefs.js..extensions.enabledAddons: %7B6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65%7D:0.9.6
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: %7BFCE04E1F-9378-4f39-96F6-5689A9159E45%7D:1.3.2
FF - prefs.js..extensions.enabledAddons: %7B9309FA47-1B48-4768-AFA4-9E0556F5DC81%7D:1.116
FF - prefs.js..extensions.enabledAddons: smarterwiki%40wikiatic.com:5.1.9
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.7rc3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Anthony\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@real.com/RhapsodyPlayerEngine,version=1.1: C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files\Microsoft Research\HDView for Firefox [2010/01/05 17:13:00 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Anthony\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Documents and Settings\Anthony\Application Data\Move Networks\plugins\npqmp071705000014.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009/10/05 09:11:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/06/20 17:01:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/07/02 16:11:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/07/02 16:11:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Documents and Settings\Anthony\Application Data\Move Networks [2012/02/12 13:09:07 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9309FA47-1B48-4768-AFA4-9E0556F5DC81}: C:\Program Files\LyricsPal\116.xpi [2013/06/30 23:41:12 | 000,005,397 | ---- | M] ()

[2011/06/03 11:04:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Extensions
[2013/08/08 00:46:18 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions
[2012/06/21 17:07:45 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}(2)
[2010/10/09 09:53:09 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2008/09/18 21:05:20 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}(2)
[2012/06/21 16:56:47 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\avg@toolbar(2)
[2010/08/19 21:27:33 | 000,000,000 | ---D | M] (vShare Plugin) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\vshareus@toolbar
[2013/07/23 15:08:44 | 000,353,425 | ---- | M] () (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\smarterwiki@wikiatic.com.xpi
[2012/02/25 01:08:31 | 000,081,156 | ---- | M] () (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi
[2013/08/08 00:46:18 | 000,534,000 | ---- | M] () (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/04/05 21:51:45 | 000,714,654 | ---- | M] () (No name found) -- C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\yer9dd8q.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/07/02 16:11:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/07/02 16:11:36 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2013/07/02 16:11:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/07/02 16:11:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/07/02 16:12:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/20 17:01:54 | 000,000,000 | ---D | M] (RealDownloader) -- C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT
[2013/06/30 23:41:12 | 000,005,397 | ---- | M] () (No name found) -- C:\PROGRAM FILES\LYRICSPAL\116.XPI
[2013/06/20 17:00:00 | 000,124,504 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = http://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Documents and Settings\Anthony\Application Data\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Documents and Settings\Anthony\Application Data\Move Networks\plugins\npqmp071705000014.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Updater (Enabled) = C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
CHR - plugin: RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
CHR - plugin: RealDownloader Plugin (Enabled) = C:\Program Files\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
CHR - plugin: RealNetworks Rhapsody Player Engine (Enabled) = C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: RealDownloader = C:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.1.0_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Skype Click to Call = C:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: AVG Do Not Track = C:\Documents and Settings\Anthony\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\

O1 HOSTS File: ([2011/09/29 20:37:37 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\Toolbar\WebBrowser: (&Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll ()
O3 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AVG_UI] C:\Program Files\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CFSServ.exe] CFSServ.exe -NoClient File not found
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TDispVol] C:\WINDOWS\System32\TDispVol.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TFncKy] TFncKy.exe File not found
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005..\Run: [WorkForce 435(Network)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHRA.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Metamail Trust Manager.lnk = C:\Program Files\Metamail Inc\Metamail Tray\Metamail Trust Manager.exe (Metamail Corp.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe (Matsushita Electric Industrial Co., Ltd.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 0
O7 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} http://h20364.www2.hp.com/CSMWeb/Custom ... anager.CAB (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/fl ... rashim.cab (Reg Error: Value error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 75.75.75.75 75.75.76.76
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{22692D1F-4F17-4FB2-AF0E-1B69FE9576AD}: DhcpNameServer = 75.75.75.75 75.75.76.76
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop WallPaper: C:\WINDOWS\Toshiba.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Toshiba.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/02/15 11:38:58 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/08/08 09:12:24 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Anthony\Desktop\tdsskiller.exe
[2013/08/08 09:05:46 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Anthony\Desktop\OTL.exe
[2013/08/08 08:50:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anthony\My Documents\Malware Removal
[2013/08/04 00:09:19 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\Anthony\Desktop\dds.scr
[2013/07/30 23:01:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth
[2013/07/30 09:53:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
[2013/07/22 21:09:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anthony\My Documents\YMCA
[2013/07/21 21:55:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anthony\My Documents\Chris D'Cruz
[2013/07/17 20:02:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Anthony\My Documents\TaiChi
[2006/11/03 00:33:55 | 014,879,120 | ---- | C] (Macrovision Corporation) -- C:\Program Files\GoogleEarthWin.exe

========== Files - Modified Within 30 Days ==========

[2013/08/08 09:21:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/08/08 09:12:32 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\Anthony\Desktop\tdsskiller.exe
[2013/08/08 09:05:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Anthony\Desktop\OTL.exe
[2013/08/08 08:58:06 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/08 08:55:01 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[2013/08/08 08:14:56 | 000,000,426 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{20953B89-5D8C-4449-9DC7-AF3C558FBAEC}.job
[2013/08/08 08:12:01 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/08 08:11:47 | 000,000,304 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3304055149-1954678347-4170687932-1005.job
[2013/08/08 08:11:46 | 000,000,312 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3304055149-1954678347-4170687932-1005.job
[2013/08/08 08:11:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/08/08 08:11:01 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-3304055149-1954678347-4170687932-1005.job
[2013/08/08 08:11:01 | 000,000,282 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3304055149-1954678347-4170687932-1005.job
[2013/08/08 08:10:31 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/08 08:10:30 | 1063,309,312 | -HS- | M] () -- C:\hiberfil.sys
[2013/08/08 00:34:25 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3304055149-1954678347-4170687932-1005.job
[2013/08/06 11:14:00 | 000,000,330 | ---- | M] () -- C:\WINDOWS\tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3304055149-1954678347-4170687932-1005.job
[2013/08/06 01:44:23 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/08/04 00:09:49 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\Anthony\Desktop\dds.scr
[2013/08/03 09:44:14 | 000,001,489 | ---- | M] () -- C:\Documents and Settings\Anthony\Application Data\Microsoft\Internet Explorer\Quick Launch\Media Center.lnk
[2013/08/03 09:44:08 | 000,001,471 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\Media Center.lnk
[2013/08/02 23:11:14 | 000,000,290 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-3304055149-1954678347-4170687932-1005.job
[2013/08/02 22:40:08 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/08/02 22:11:46 | 000,001,521 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\Freecell.lnk
[2013/07/30 23:01:55 | 000,001,926 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/07/30 09:53:38 | 000,000,713 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2013.lnk
[2013/07/22 23:39:42 | 000,000,869 | ---- | M] () -- C:\Documents and Settings\Anthony\Desktop\60 VEGAS SHOES 5_8_13.lnk
[2013/07/20 01:51:00 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avglogx.sys
[2013/07/20 01:50:56 | 000,208,184 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidsdriverx.sys
[2013/07/20 01:50:56 | 000,060,216 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2013/07/20 01:50:50 | 000,171,320 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2013/07/11 14:26:09 | 000,193,776 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/11 14:17:52 | 000,530,092 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/11 14:17:52 | 000,108,190 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/10 01:32:40 | 000,039,224 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgrkx86.sys
[2013/07/09 21:35:25 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/07/09 21:35:24 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2013/07/30 23:01:55 | 000,001,926 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2013/07/22 23:38:55 | 000,000,869 | ---- | C] () -- C:\Documents and Settings\Anthony\Desktop\60 VEGAS SHOES 5_8_13.lnk
[2012/08/19 23:28:54 | 000,027,520 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\dt.dat
[2012/04/03 19:10:07 | 000,000,089 | ---- | C] () -- C:\WINDOWS\EWF435.ini
[2012/02/15 19:51:19 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 00:42:59 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/10/16 23:32:41 | 002,128,896 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\cooliris-win-ie-release-1.11.7.31969.en-US.msi
[2011/10/02 15:05:30 | 000,003,720 | ---- | C] () -- C:\WINDOWS\checkip.dat
[2011/09/17 17:47:38 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2009/12/14 00:45:21 | 006,959,104 | ---- | C] () -- C:\Documents and Settings\Anthony\s-1-5-21-3304055149-1954678347-4170687932-1005.rrr
[2009/11/04 09:12:16 | 002,124,288 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\cooliris-win-ie-release-1.11.5.29501.en-US.msi
[2009/09/15 14:15:09 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/05/30 14:19:52 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Anthony\PUTTY.RND
[2009/03/06 11:47:49 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Anthony\Ÿ9Ÿ9
[2008/10/23 23:54:00 | 002,869,760 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\cooliris-win-iemin-release-1.8.5.14750.msi
[2008/10/19 08:56:00 | 002,869,760 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\cooliris-win-iemin-release-1.8.4.14391.msi
[2008/10/06 23:52:52 | 002,849,792 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\cooliris-win-iemin-release-1.8.3.14080.msi
[2008/09/16 09:02:54 | 002,326,016 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\cooliris-win-iemin-release-1.8.2.4689.msi
[2008/08/22 09:07:51 | 002,149,376 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\cooliris-win-iemin-release-1.8.0.4272.msi
[2008/07/24 20:54:13 | 001,854,464 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\piclens-win-iemin-release-1.7.1.3938.msi
[2006/10/12 23:19:51 | 000,001,708 | ---- | C] () -- C:\Documents and Settings\Anthony\Application Data\wklnhst.dat
[2006/10/06 17:48:47 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\Anthony\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2006/02/15 11:35:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 20:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 08:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 20:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Anthony\My Documents\WABLTE.EXE: SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Anthony\My Documents\Treasury Of Health Secrets.mht: SummaryInformation
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

< End of report >

OTL Extras logfile created on: 8/8/2013 9:21:58 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Anthony\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1013.98 Mb Total Physical Memory | 559.75 Mb Available Physical Memory | 55.20% Memory free
2.39 Gb Paging File | 1.80 Gb Available in Paging File | 75.33% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.91 Gb Total Space | 28.07 Gb Free Space | 30.21% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: TOSHIBA-ANTHONY | User Name: Anthony | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_USERS\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Application Loader -- (America Online, Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Activision Value\World Series of Poker TOC\WSOPTOC.exe" = C:\Program Files\Activision Value\World Series of Poker TOC\WSOPTOC.exe:*:Enabled:WSOPTOC -- ()
"C:\Program Files\Phantom EFX\OnlineCasino\Bin\Prelauncher.exe" = C:\Program Files\Phantom EFX\OnlineCasino\Bin\Prelauncher.exe:*:Enabled:Prelauncher -- ()
"C:\Program Files\Phantom EFX\OnlineCasino\Launcher\OLCLauncher.exe" = C:\Program Files\Phantom EFX\OnlineCasino\Launcher\OLCLauncher.exe:*:Enabled:OLCLauncher -- ()
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hposid01.exe" = C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe" = C:\Program Files\HP\Digital Imaging\bin\hpfcCopy.exe:*:Enabled:hpfccopy.exe -- (Hewlett-Packard)
"C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe:*:Enabled:hpiscnapp.exe -- (Hewlett-Packard)
"C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe" = C:\Program Files\Common Files\HP\Digital Imaging\bin\hpqPhotoCrm.exe:*:Enabled:hpqphotocrm.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe:*:Enabled:hpqpsapp.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe:*:Enabled:hpqcopy2.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe:*:Enabled:hpqpse.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe:*:Enabled:hpqsudi.exe -- (Hewlett-Packard Development Co. L.P.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe:*:Enabled:hpqgplgtupl.exe -- (Hewlett-Packard Co.)
"C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe" = C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe:*:Enabled:hpqgpc01.exe -- (Hewlett-Packard)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour Service -- (Apple Inc.)
"D:\Common\EpsonNet Setup\ENEasyApp.exe" = D:\Common\EpsonNet Setup\ENEasyApp.exe:*:Enabled:EpsonNet Setup
"C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"C:\Program Files\GoforFiles\goforfilesdl.exe" = C:\Program Files\GoforFiles\goforfilesdl.exe:*:Enabled:Go for Files -- (http://goforfiles.com/)
"C:\Program Files\GoforFiles\GoforFiles.exe" = C:\Program Files\GoforFiles\GoforFiles.exe:*:Enabled:Go for Files -- (http://goforfiles.com/)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostics 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Personal Email Scanner -- (AVG Technologies CZ, s.r.o.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{08DEC21F-F7E5-46F9-81D1-3ED30BD3AEC9}" = CASIO USB Driver V1.2.2474.0623
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F51A0CA-2BDD-474E-BB90-C7FA8EA78F52}" = ImageMixer VCD/DVD2 for OLYMPUS
"{22DE1881-9D24-4981-B5CC-EC7E9F2F4D52}" = Rhapsody Player Engine
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{28114F32-A828-3B57-802B-1F300B0948C7}" = Cooliris for Internet Explorer
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2D4F6BE3-6FEF-4FE9-9D01-1406B220D08C}" = Windows Live Photo Gallery
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}" = OLYMPUS Master 2
"{3CDF4815-1334-4AF3-B780-1F6526011C5A}" = HyperLoad - Golf Course
"{3DC873BB-FFE3-46BF-9701-26B9AE371F9F}" = RealDownloader
"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{43602F34-1AA3-44FB-AEB2-D08C2C73743F}" = Paint.NET v3.36
"{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = TIPCI
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{49A143E9-4A6A-43E7-86B1-388194C79248}" = HP Smart Web Printing
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{5B96BF29-1CC0-42FB-AB2C-1E12E3226E7A}" = Bing Bar
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5D51C5DC-3604-4C3B-981B-309340755447}" = Pantech Handset Driver
"{5FF27D65-35E5-4855-B7ED-59BCFBC85776}" = AVG 2013
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D52C408-B09A-4520-9B18-475B81D393F1}" = Microsoft Works
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{834C8000-2458-4983-9A20-02262C7ECD7E}" = HighRoller
"{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88D18C5E-5113-4A1E-8EC9-2B7E24688A14}" = PS_AIO_04_C6300_Software_Min
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90110409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{9176251A-4CC1-4DDB-B343-B487195EB397}" = Windows Live Writer
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{91A10409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office OneNote 2003
"{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}" = iTunes
"{9422C8EA-B0C6-4197-B8FC-DC797658CA00}" = Windows Live Sign-in Assistant
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{9D1B99B7-DAD8-440d-B4FB-1915332FBCC2}" = HPProductAssistant
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A654A805-41D9-40C7-AA46-4AF04F044D61}" = Adobe® Photoshop® Album Starter Edition 3.2
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}" = Windows Live installer
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.7)
"{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"{BA8DF709-6BAB-4092-91E0-4D67EFC12A98}" = HP Photosmart C6300 All-In-One Driver Software 12.0 Rel .4
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3ABE126-2BB2-4246-BFE1-6797679B3579}" = LG USB Modem driver
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D361C406-ED11-4A88-AD42-4A749BBAE6F9}" = Hoyle Card Games 2007
"{D5A145FC-D00C-4F1A-9119-EB4D9D659750}" = Windows Live Toolbar
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DB8F7090-0594-4C31-B33F-4740E2A3F4C9}" = Ultimate Sudoku
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{E639C9C3-93E1-4445-BD14-75AE8F513FF0}" = AVG 2013
"{E6445FCC-EAF6-4E35-9E72-6EF105A4C177}" = HDView for Firefox
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F648FD09-7CEA-4257-BC68-A8389189FD51}" = GPBaseService2
"{F6C405D2-C50D-4D10-B89E-73A233A14D74}" = Toshiba Registration
"{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help
"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint
"{FB068BA4-C6EA-4D47-A491-C40E23E77F89}" = Motorola Driver Installation 3.9.0
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FDF64A37-4842-48CD-A424-2C38444D36FD}" = LG Android Drivers
"10 Days to Successful Options Trading_is1" = HSP 1.0
"12133444-BF36-4d4e-B7FB-A3424C645DE4" = GemMaster Mystic
"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe® Photoshop® Album Starter Edition 3.2" = Adobe® Photoshop® Album Starter Edition 3.2
"Amazon Kindle" = Amazon Kindle
"AVG" = AVG 2013
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"Bernie Schaeffer's Options 101 CD-ROM_is1" = Bernie Schaeffer's Options 101 CD-ROM 4.0.1
"bi_uninstaller" = Bundled software uninstaller
"BlackBerry_{86B32074-0F48-4CF9-BA4B-529B470FB47F}" = BlackBerry Desktop Software 5.0
"Call of Duty Game of the Year Edition" = Call of Duty Game of the Year Edition
"CCleaner" = CCleaner
"Encore LaunchPad_is1" = Encore LaunchPad 6.8.25.100
"Entriq MediaSphere_is1" = Entriq MediaSphere 3.5.2.2
"EPSON PC-FAX Driver 2" = Epson PC-FAX Driver
"EPSON Scanner" = EPSON Scan
"EPSON WorkForce 435 Series" = EPSON WorkForce 435 Series Printer Uninstall
"ESPNMotion" = ESPNMotion
"FilesFrog Update Checker" = FilesFrog Update Checker
"Gold Club Casino" = Gold Club Casino
"Google Chrome" = Google Chrome
"Google Updater" = Google Updater
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 12.0
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"InstallShield_{BA820A24-704B-428D-9904-71A10DAC1372}" = OLYMPUS Master
"InstallShield_{E9ED0801-253D-4FE9-AB20-F63DEFE72547}" = SAMSUNG Mobile USB DRIVER(4.40.7.0) v1.6
"Kobo" = Kobo
"Learn-To-Count BlackJack_is1" = Learn-To-Count BlackJack 1.9
"lrcspal@lyricspal.co" = Lyrics-Pal
"LTCM Client" = LTCM Client
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 22.0 (x86 en-US)" = Mozilla Firefox 22.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSNINST" = MSN
"NBC Universal_is1" = NBC Universal 1.0.0.7
"Ogg Codecs" = Ogg Codecs 0.81.15562
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"Power Saver" = TOSHIBA Power Saver
"ProInst" = Intel(R) PROSet/Wireless Software
"PROSet" = Intel(R) PRO Network Connections Drivers
"Pure Sudoku_is1" = Pure Sudoku 1.51
"RealPlayer 16.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Game Console" = TOSHIBA Game Console
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TOSHIBA TV Tuner" = TOSHIBA TV Tuner 4.0.12.73
"Win@Baccarat - FREE_is1" = Win@Baccarat - FREE 2.9
"Win@Baccarat Gold with the Predictor System_is1" = Win@Baccarat Gold with the Predictor System 5.4.20
"Windows Live Toolbar" = Windows Live Toolbar
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"World Series of Poker TOC" = World Series of Poker: TOC
"WT004722" = Bejeweled 2 Deluxe
"WT004723" = Blasterball 2 Revolution
"WT004725" = SCRABBLE
"WT004829" = Polar Golfer
"WT006066" = FATE

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3304055149-1954678347-4170687932-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"GameCenter" = GameCenter
"GoforFiles" = GoforFiles
"Move Media Player" = Move Media Player

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 7/16/2013 4:48:58 PM | Computer Name = TOSHIBA-ANTHONY | Source = Userenv | ID = 1508
Description = Windows was unable to load the registry. This is often caused by insufficient
memory or insufficient security rights. DETAIL - The process cannot access the
file because it is being used by another process. for C:\Documents and Settings\Anthony\ntuser.dat

Error - 7/16/2013 4:49:24 PM | Computer Name = TOSHIBA-ANTHONY | Source = Userenv | ID = 1502
Description = Windows cannot load the locally stored profile. Possible causes of
this error include insufficient security rights or a corrupt local profile. If
this problem persists, contact your network administrator. DETAIL - The process
cannot access the file because it is being used by another process.

Error - 7/16/2013 4:49:26 PM | Computer Name = TOSHIBA-ANTHONY | Source = Userenv | ID = 1515
Description = Windows has backed up this user's profile. Windows will automatically
try to use the backed up profile the next time this user logs on.

Error - 7/16/2013 4:49:43 PM | Computer Name = TOSHIBA-ANTHONY | Source = Userenv | ID = 1511
Description = Windows cannot find the local profile and is logging you on with a
temporary profile. Changes you make to this profile will be lost when you log off.

Error - 7/25/2013 5:01:22 PM | Computer Name = TOSHIBA-ANTHONY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/25/2013 5:01:22 PM | Computer Name = TOSHIBA-ANTHONY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 1984

Error - 7/25/2013 5:01:22 PM | Computer Name = TOSHIBA-ANTHONY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 1984

Error - 7/25/2013 5:01:24 PM | Computer Name = TOSHIBA-ANTHONY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 7/25/2013 5:01:24 PM | Computer Name = TOSHIBA-ANTHONY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4094

Error - 7/25/2013 5:01:24 PM | Computer Name = TOSHIBA-ANTHONY | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4094

[ System Events ]
Error - 8/3/2013 2:50:41 PM | Computer Name = TOSHIBA-ANTHONY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/3/2013 2:50:48 PM | Computer Name = TOSHIBA-ANTHONY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/3/2013 2:50:55 PM | Computer Name = TOSHIBA-ANTHONY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/3/2013 2:51:02 PM | Computer Name = TOSHIBA-ANTHONY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/3/2013 2:59:27 PM | Computer Name = TOSHIBA-ANTHONY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/3/2013 2:59:34 PM | Computer Name = TOSHIBA-ANTHONY | Source = Cdrom | ID = 262151
Description = The device, \Device\CdRom0, has a bad block.

Error - 8/4/2013 9:53:00 AM | Computer Name = TOSHIBA-ANTHONY | Source = Dhcp | ID = 1002
Description = The IP address lease 192.168.1.102 for the Network Card with network
address 0018DE06D36C has been denied by the DHCP server 192.168.1.1 (The DHCP Server
sent a DHCPNACK message).

Error - 8/4/2013 10:55:38 AM | Computer Name = TOSHIBA-ANTHONY | Source = Service Control Manager | ID = 7031
Description = The AVG WatchDog service terminated unexpectedly. It has done this
1 time(s). The following corrective action will be taken in 0 milliseconds: Restart
the service.

Error - 8/4/2013 10:55:40 AM | Computer Name = TOSHIBA-ANTHONY | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5

Error - 8/4/2013 10:55:42 AM | Computer Name = TOSHIBA-ANTHONY | Source = Service Control Manager | ID = 7006
Description = The ScRegSetValueExW call failed for FailureActions with the following
error: %%5


< End of report >
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am

Re: Hope this is simple!

Unread postby nunped » August 9th, 2013, 7:46 am

Hi ProblemBoy,

Step 1
Can you post me the log from TDSSKiller? It can be found at c:\TDSSKiller_version_dd.mm.yyyy_hh.mm.ss_log.txt


Step 2 - Remove Program Using Control Panel
From Start, Settings, Control Panel click Add/Remove Programs, and uninstall the program:
Lyrics-Pal


Step 3 - OTL fix
  • Double click OTL.exe to launch the program.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:commands
[createrestorepoint]

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Reg Error: Value error.
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
FF - prefs.js..extensions.enabledAddons: %7B9309FA47-1B48-4768-AFA4-9E0556F5DC81%7D:1.116
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9309FA47-1B48-4768-AFA4-9E0556F5DC81}: C:\Program Files\LyricsPal\116.xpi [2013/06/30 23:41:12 | 000,005,397 | ---- | M] ()
[2013/06/30 23:41:12 | 000,005,397 | ---- | M] () (No name found) -- C:\PROGRAM FILES\LYRICSPAL\116.XPI
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Anthony\My Documents\WABLTE.EXE: SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Anthony\My Documents\Treasury Of Health Secrets.mht: SummaryInformation
@Alternate Data Stream - 124 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 114 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1

:commands
[emptytemp]

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.


Step 4 - Online Multi Antivirus file scan
Please go to Virus Total and upload -only one file per scan- the following file(s) for scanning:
C:\WINDOWS\system32\DRIVERS\tsxt_kern_i386.sys

  • Press the Browse button and navigate to -one- of the files in the list.
  • Double click the located file name. The file name should now appear in the online scanner's text entry box.
  • Click on Send File button.
  • The file will be queued, uploaded and scanned by various antivirus scanners. This may take a few minutes.
      If you receive the message: File has already been analysed:
      Please press the Reanalyse file now button, so your file will be scanned.
  • When all scans have completed the results page is displayed
  • Please highlight and copy the page web address link from your browser window.
    Example of web address :
    Image
  • Please repeat this procedure for each file listed above.
  • Paste the Web address link(s) for the scan results in your next reply.

For your next reply:
  • TDSSKiller log
  • OTL log
  • link from VirusTotal
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Hope this is simple!

Unread postby ProblemBoy » August 9th, 2013, 2:40 pm

Hi nunped,

Sorry that I didn’t include the TDSS report in the last reply. Guess I misinterpreted the instructions. Finding the it was a bear. Tried to go to it with no result, tried to search with no results. Reran it and clicked on reports but couldn’t copy or print it. Finally I just searched for TDSS and both reports showed up. Below is the one for the 8th. The scan today also said no infections.

10:04:56.0640 4600 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:04:57.0140 4600 ============================================================
10:04:57.0140 4600 Current date / time: 2013/08/08 10:04:57.0140
10:04:57.0140 4600 SystemInfo:
10:04:57.0140 4600
10:04:57.0140 4600 OS Version: 5.1.2600 ServicePack: 3.0
10:04:57.0140 4600 Product type: Workstation
10:04:57.0140 4600 ComputerName: TOSHIBA-ANTHONY
10:04:57.0140 4600 UserName: Anthony
10:04:57.0140 4600 Windows directory: C:\WINDOWS
10:04:57.0140 4600 System windows directory: C:\WINDOWS
10:04:57.0140 4600 Processor architecture: Intel x86
10:04:57.0140 4600 Number of processors: 2
10:04:57.0140 4600 Page size: 0x1000
10:04:57.0140 4600 Boot type: Normal boot
10:04:57.0140 4600 ============================================================
10:04:59.0171 4600 Drive \Device\Harddisk0\DR0 - Size: 0x174A446000 (93.16 Gb), SectorSize: 0x200, Cylinders: 0x2F81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:04:59.0171 4600 ============================================================
10:04:59.0171 4600 \Device\Harddisk0\DR0:
10:04:59.0171 4600 MBR partitions:
10:04:59.0171 4600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xB9D35E2
10:04:59.0171 4600 ============================================================
10:04:59.0203 4600 C: <-> \Device\Harddisk0\DR0\Partition1
10:04:59.0203 4600 ============================================================
10:04:59.0203 4600 Initialize success
10:04:59.0203 4600 ============================================================
10:06:14.0984 2012 ============================================================
10:06:14.0984 2012 Scan started
10:06:14.0984 2012 Mode: Manual;
10:06:14.0984 2012 ============================================================
10:06:16.0125 2012 ================ Scan system memory ========================
10:06:18.0531 2012 System memory - ok
10:06:18.0531 2012 ================ Scan services =============================
10:06:18.0718 2012 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
10:06:18.0718 2012 6to4 - ok
10:06:18.0890 2012 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
10:06:18.0906 2012 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
10:06:18.0953 2012 Abiosdsk - ok
10:06:18.0968 2012 abp480n5 - ok
10:06:19.0031 2012 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:06:19.0031 2012 ACPI - ok
10:06:19.0062 2012 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
10:06:19.0062 2012 ACPIEC - ok
10:06:19.0156 2012 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:06:19.0171 2012 AdobeFlashPlayerUpdateSvc - ok
10:06:19.0171 2012 adpu160m - ok
10:06:19.0203 2012 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:06:19.0218 2012 aec - ok
10:06:19.0296 2012 [ 12DAFD934641DCF61E446313BC261EC2 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
10:06:19.0296 2012 AegisP - ok
10:06:19.0375 2012 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:06:19.0375 2012 AFD - ok
10:06:19.0437 2012 [ B3192376C7A3814B5341EFC2202022F8 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
10:06:19.0468 2012 AgereSoftModem - ok
10:06:19.0468 2012 Aha154x - ok
10:06:19.0484 2012 aic78u2 - ok
10:06:19.0484 2012 aic78xx - ok
10:06:19.0531 2012 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:06:19.0531 2012 Alerter - ok
10:06:19.0562 2012 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
10:06:19.0562 2012 ALG - ok
10:06:19.0562 2012 AliIde - ok
10:06:19.0578 2012 amsint - ok
10:06:19.0656 2012 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:06:19.0656 2012 Apple Mobile Device - ok
10:06:19.0703 2012 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:06:19.0703 2012 AppMgmt - ok
10:06:19.0718 2012 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:06:19.0718 2012 Arp1394 - ok
10:06:19.0718 2012 asc - ok
10:06:19.0734 2012 asc3350p - ok
10:06:19.0734 2012 asc3550 - ok
10:06:19.0859 2012 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:06:19.0859 2012 aspnet_state - ok
10:06:19.0890 2012 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:06:19.0890 2012 AsyncMac - ok
10:06:19.0921 2012 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:06:19.0921 2012 atapi - ok
10:06:19.0921 2012 Atdisk - ok
10:06:19.0953 2012 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:06:19.0953 2012 Atmarpc - ok
10:06:19.0984 2012 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:06:19.0984 2012 AudioSrv - ok
10:06:20.0046 2012 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:06:20.0046 2012 audstub - ok
10:06:20.0812 2012 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
10:06:20.0921 2012 AVGIDSAgent - ok
10:06:20.0953 2012 [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
10:06:20.0953 2012 AVGIDSDriver - ok
10:06:20.0968 2012 [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
10:06:20.0968 2012 AVGIDSHX - ok
10:06:21.0015 2012 [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
10:06:21.0015 2012 AVGIDSShim - ok
10:06:21.0046 2012 [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
10:06:21.0046 2012 Avgldx86 - ok
10:06:21.0062 2012 [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
10:06:21.0078 2012 Avglogx - ok
10:06:21.0078 2012 [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
10:06:21.0078 2012 Avgmfx86 - ok
10:06:21.0093 2012 [ EDDE28E993496EE1DC3F0937DFF7BF28 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
10:06:21.0093 2012 Avgrkx86 - ok
10:06:21.0156 2012 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
10:06:21.0156 2012 Avgtdix - ok
10:06:21.0218 2012 [ 016A9C10A25383F841D56C0CF9FAE61A ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
10:06:21.0218 2012 avgtp - ok
10:06:21.0265 2012 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
10:06:21.0265 2012 avgwd - ok
10:06:21.0343 2012 [ 6F8638EA0A55D65B03E24F6D1153D8F7 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
10:06:21.0343 2012 BBSvc - ok
10:06:21.0390 2012 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
10:06:21.0390 2012 BBUpdate - ok
10:06:21.0421 2012 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:06:21.0421 2012 Beep - ok
10:06:21.0484 2012 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
10:06:21.0484 2012 BITS - ok
10:06:21.0593 2012 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:06:21.0609 2012 Bonjour Service - ok
10:06:21.0656 2012 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
10:06:21.0656 2012 Browser - ok
10:06:21.0703 2012 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:06:21.0703 2012 cbidf2k - ok
10:06:21.0718 2012 cd20xrnt - ok
10:06:21.0750 2012 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:06:21.0750 2012 Cdaudio - ok
10:06:21.0765 2012 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:06:21.0765 2012 Cdfs - ok
10:06:21.0796 2012 [ 351735695E9EAD93DE6AF85D8BEB1CA8 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
10:06:21.0796 2012 cdrbsdrv - ok
10:06:21.0828 2012 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:06:21.0828 2012 Cdrom - ok
10:06:21.0937 2012 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:06:21.0937 2012 CFSvcs - ok
10:06:21.0937 2012 Changer - ok
10:06:21.0984 2012 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
10:06:21.0984 2012 cisvc - ok
10:06:22.0000 2012 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:06:22.0000 2012 ClipSrv - ok
10:06:22.0031 2012 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:06:22.0046 2012 clr_optimization_v2.0.50727_32 - ok
10:06:22.0078 2012 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:06:22.0078 2012 CmBatt - ok
10:06:22.0078 2012 CmdIde - ok
10:06:22.0093 2012 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:06:22.0093 2012 Compbatt - ok
10:06:22.0093 2012 COMSysApp - ok
10:06:22.0109 2012 Cpqarray - ok
10:06:22.0171 2012 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:06:22.0171 2012 CryptSvc - ok
10:06:22.0171 2012 dac2w2k - ok
10:06:22.0187 2012 dac960nt - ok
10:06:22.0250 2012 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:06:22.0265 2012 DcomLaunch - ok
10:06:22.0281 2012 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:06:22.0281 2012 Dhcp - ok
10:06:22.0312 2012 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:06:22.0312 2012 Disk - ok
10:06:22.0359 2012 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
10:06:22.0359 2012 DLABOIOM - ok
10:06:22.0375 2012 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
10:06:22.0375 2012 DLACDBHM - ok
10:06:22.0406 2012 [ 1E6C6597833A04C2157BE7B39EA92CE1 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
10:06:22.0406 2012 DLADResN - ok
10:06:22.0437 2012 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
10:06:22.0437 2012 DLAIFS_M - ok
10:06:22.0468 2012 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
10:06:22.0468 2012 DLAOPIOM - ok
10:06:22.0468 2012 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
10:06:22.0468 2012 DLAPoolM - ok
10:06:22.0484 2012 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
10:06:22.0484 2012 DLARTL_N - ok
10:06:22.0500 2012 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
10:06:22.0500 2012 DLAUDFAM - ok
10:06:22.0500 2012 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
10:06:22.0515 2012 DLAUDF_M - ok
10:06:22.0515 2012 dmadmin - ok
10:06:22.0562 2012 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:06:22.0578 2012 dmboot - ok
10:06:22.0625 2012 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:06:22.0625 2012 dmio - ok
10:06:22.0656 2012 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:06:22.0656 2012 dmload - ok
10:06:22.0687 2012 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:06:22.0687 2012 dmserver - ok
10:06:22.0734 2012 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:06:22.0734 2012 DMusic - ok
10:06:22.0781 2012 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:06:22.0781 2012 Dnscache - ok
10:06:22.0828 2012 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:06:22.0828 2012 Dot3svc - ok
10:06:22.0843 2012 dpti2o - ok
10:06:22.0859 2012 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:06:22.0859 2012 drmkaud - ok
10:06:22.0906 2012 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
10:06:22.0906 2012 DRVMCDB - ok
10:06:22.0906 2012 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
10:06:22.0906 2012 DRVNDDM - ok
10:06:22.0968 2012 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
10:06:22.0968 2012 DVD-RAM_Service - ok
10:06:23.0031 2012 [ 2646883E6DD867CD872D5B51B6036710 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:06:23.0046 2012 E100B - ok
10:06:23.0078 2012 [ E1FA10ED8F9F700C1BE1EAE05A80EF57 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:06:23.0078 2012 e1express - ok
10:06:23.0109 2012 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:06:23.0109 2012 EapHost - ok
10:06:23.0218 2012 [ 8301243BDE5B6CD316D79C0191D50D9A ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
10:06:23.0218 2012 ehRecvr - ok
10:06:23.0250 2012 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
10:06:23.0250 2012 ehSched - ok
10:06:23.0312 2012 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
10:06:23.0312 2012 EpsonBidirectionalService - ok
10:06:23.0406 2012 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
10:06:23.0421 2012 EpsonCustomerParticipation - ok
10:06:23.0453 2012 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:06:23.0453 2012 ERSvc - ok
10:06:23.0500 2012 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
10:06:23.0500 2012 Eventlog - ok
10:06:23.0562 2012 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
10:06:23.0578 2012 EventSystem - ok
10:06:23.0640 2012 [ 56DED3ADE453272E6A0AD582D945D1A4 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
10:06:23.0656 2012 EvtEng - ok
10:06:23.0703 2012 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:06:23.0703 2012 Fastfat - ok
10:06:23.0750 2012 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:06:23.0765 2012 FastUserSwitchingCompatibility - ok
10:06:23.0843 2012 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:06:23.0859 2012 Fax - ok
10:06:23.0875 2012 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
10:06:23.0875 2012 Fdc - ok
10:06:23.0890 2012 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:06:23.0890 2012 Fips - ok
10:06:23.0906 2012 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
10:06:23.0906 2012 Flpydisk - ok
10:06:23.0953 2012 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:06:23.0953 2012 FltMgr - ok
10:06:24.0015 2012 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:06:24.0015 2012 FontCache3.0.0.0 - ok
10:06:24.0046 2012 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:06:24.0046 2012 Fs_Rec - ok
10:06:24.0062 2012 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:06:24.0078 2012 Ftdisk - ok
10:06:24.0125 2012 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:06:24.0125 2012 GEARAspiWDM - ok
10:06:24.0125 2012 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:06:24.0125 2012 Gpc - ok
10:06:24.0234 2012 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:06:24.0250 2012 gupdate - ok
10:06:24.0250 2012 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:06:24.0250 2012 gupdatem - ok
10:06:24.0281 2012 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:06:24.0281 2012 HDAudBus - ok
10:06:24.0390 2012 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:06:24.0390 2012 helpsvc - ok
10:06:24.0406 2012 HidServ - ok
10:06:24.0421 2012 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:06:24.0421 2012 HidUsb - ok
10:06:24.0468 2012 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:06:24.0468 2012 hkmsvc - ok
10:06:24.0468 2012 hpn - ok
10:06:24.0578 2012 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:06:24.0578 2012 hpqcxs08 - ok
10:06:24.0625 2012 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:06:24.0625 2012 hpqddsvc - ok
10:06:24.0671 2012 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:06:24.0671 2012 HPZid412 - ok
10:06:24.0703 2012 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:06:24.0703 2012 HPZipr12 - ok
10:06:24.0718 2012 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:06:24.0718 2012 HPZius12 - ok
10:06:24.0781 2012 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:06:24.0796 2012 HTTP - ok
10:06:24.0843 2012 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:06:24.0843 2012 HTTPFilter - ok
10:06:24.0859 2012 i2omgmt - ok
10:06:24.0859 2012 i2omp - ok
10:06:24.0906 2012 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:06:24.0906 2012 i8042prt - ok
10:06:25.0000 2012 [ BC1F1FF8D5800398937966CDB0A97FDC ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:06:25.0046 2012 ialm - ok
10:06:25.0140 2012 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:06:25.0156 2012 idsvc - ok
10:06:25.0250 2012 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe
10:06:25.0250 2012 IISADMIN - ok
10:06:25.0281 2012 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:06:25.0281 2012 Imapi - ok
10:06:25.0328 2012 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:06:25.0343 2012 ImapiService - ok
10:06:25.0343 2012 ini910u - ok
10:06:25.0562 2012 [ B12A9FC49CD2765A43829D834F518AED ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:06:25.0671 2012 IntcAzAudAddService - ok
10:06:25.0687 2012 IntelIde - ok
10:06:25.0734 2012 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:06:25.0750 2012 intelppm - ok
10:06:25.0765 2012 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:06:25.0765 2012 Ip6Fw - ok
10:06:25.0796 2012 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:06:25.0812 2012 IpFilterDriver - ok
10:06:26.0265 2012 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:06:26.0265 2012 IpInIp - ok
10:06:26.0312 2012 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:06:26.0312 2012 IpNat - ok
10:06:26.0406 2012 [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:06:26.0421 2012 iPod Service - ok
10:06:26.0437 2012 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll
10:06:26.0437 2012 Iprip - ok
10:06:26.0484 2012 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:06:26.0484 2012 IPSec - ok
10:06:26.0515 2012 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:06:26.0531 2012 IRENUM - ok
10:06:26.0562 2012 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:06:26.0562 2012 isapnp - ok
10:06:26.0593 2012 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
10:06:26.0593 2012 Iviaspi - ok
10:06:26.0703 2012 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:06:26.0703 2012 JavaQuickStarterService - ok
10:06:26.0734 2012 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:06:26.0734 2012 Kbdclass - ok
10:06:26.0750 2012 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:06:26.0765 2012 kmixer - ok
10:06:26.0812 2012 [ 00C1EA8DECF810B8ECCB5C5A8186A96E ] KR10N C:\WINDOWS\system32\drivers\KR10N.sys
10:06:26.0828 2012 KR10N - ok
10:06:26.0875 2012 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:06:26.0875 2012 KSecDD - ok
10:06:26.0937 2012 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:06:26.0937 2012 lanmanserver - ok
10:06:27.0000 2012 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:06:27.0000 2012 lanmanworkstation - ok
10:06:27.0062 2012 [ 9FFD1CF2A782F2560E78EEC4B8B8689E ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
10:06:27.0062 2012 LBeepKE - ok
10:06:27.0062 2012 lbrtfdc - ok
10:06:27.0156 2012 [ 3AF6B73A3AD1FC37C5933441F66CEB91 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
10:06:27.0171 2012 LBTServ - ok
10:06:27.0187 2012 [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
10:06:27.0187 2012 LHidFilt - ok
10:06:27.0250 2012 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:06:27.0250 2012 LmHosts - ok
10:06:27.0250 2012 [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
10:06:27.0265 2012 LMouFilt - ok
10:06:27.0312 2012 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
10:06:27.0312 2012 McrdSvc - ok
10:06:27.0390 2012 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
10:06:27.0406 2012 MDM - ok
10:06:27.0421 2012 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
10:06:27.0421 2012 meiudf - ok
10:06:27.0453 2012 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:06:27.0453 2012 Messenger - ok
10:06:27.0484 2012 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
10:06:27.0484 2012 MHN - ok
10:06:27.0500 2012 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
10:06:27.0500 2012 MHNDRV - ok
10:06:27.0531 2012 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:06:27.0546 2012 mnmdd - ok
10:06:27.0593 2012 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:06:27.0593 2012 mnmsrvc - ok
10:06:27.0640 2012 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:06:27.0640 2012 Modem - ok
10:06:27.0671 2012 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:06:27.0671 2012 Mouclass - ok
10:06:27.0687 2012 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:06:27.0687 2012 mouhid - ok
10:06:27.0703 2012 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:06:27.0703 2012 MountMgr - ok
10:06:27.0750 2012 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:06:27.0750 2012 MozillaMaintenance - ok
10:06:27.0843 2012 MpKsle16d8c51 - ok
10:06:27.0859 2012 mraid35x - ok
10:06:27.0875 2012 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:06:27.0875 2012 MRxDAV - ok
10:06:27.0953 2012 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:06:27.0968 2012 MRxSmb - ok
10:06:28.0000 2012 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:06:28.0000 2012 MSDTC - ok
10:06:28.0031 2012 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:06:28.0031 2012 Msfs - ok
10:06:28.0046 2012 MSIServer - ok
10:06:28.0078 2012 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:06:28.0078 2012 MSKSSRV - ok
10:06:28.0093 2012 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:06:28.0093 2012 MSPCLOCK - ok
10:06:28.0109 2012 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:06:28.0109 2012 MSPQM - ok
10:06:28.0156 2012 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:06:28.0156 2012 mssmbios - ok
10:06:28.0203 2012 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:06:28.0203 2012 Mup - ok
10:06:28.0250 2012 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:06:28.0250 2012 napagent - ok
10:06:28.0296 2012 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:06:28.0296 2012 NDIS - ok
10:06:28.0359 2012 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:06:28.0359 2012 NdisTapi - ok
10:06:28.0390 2012 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:06:28.0390 2012 Ndisuio - ok
10:06:28.0390 2012 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:06:28.0390 2012 NdisWan - ok
10:06:28.0453 2012 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:06:28.0453 2012 NDProxy - ok
10:06:28.0515 2012 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:06:28.0515 2012 Net Driver HPZ12 - ok
10:06:28.0578 2012 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:06:28.0578 2012 NetBIOS - ok
10:06:28.0593 2012 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:06:28.0609 2012 NetBT - ok
10:06:28.0656 2012 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
10:06:28.0671 2012 NetDDE - ok
10:06:28.0671 2012 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:06:28.0671 2012 NetDDEdsdm - ok
10:06:28.0687 2012 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
10:06:28.0703 2012 Netdevio - ok
10:06:28.0718 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:06:28.0734 2012 Netlogon - ok
10:06:28.0781 2012 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
10:06:28.0781 2012 Netman - ok
10:06:28.0828 2012 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:06:28.0828 2012 NetTcpPortSharing - ok
10:06:28.0921 2012 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:06:28.0921 2012 NIC1394 - ok
10:06:28.0984 2012 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
10:06:28.0984 2012 Nla - ok
10:06:29.0000 2012 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:06:29.0000 2012 Npfs - ok
10:06:29.0046 2012 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:06:29.0062 2012 Ntfs - ok
10:06:29.0078 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:06:29.0078 2012 NtLmSsp - ok
10:06:29.0140 2012 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:06:29.0156 2012 NtmsSvc - ok
10:06:29.0187 2012 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:06:29.0187 2012 Null - ok
10:06:29.0218 2012 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:06:29.0218 2012 NwlnkFlt - ok
10:06:29.0218 2012 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:06:29.0218 2012 NwlnkFwd - ok
10:06:29.0234 2012 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:06:29.0234 2012 ohci1394 - ok
10:06:29.0265 2012 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:06:29.0281 2012 ose - ok
10:06:29.0328 2012 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll
10:06:29.0328 2012 p2pgasvc - ok
10:06:29.0375 2012 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll
10:06:29.0390 2012 p2pimsvc - ok
10:06:29.0421 2012 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:06:29.0421 2012 p2psvc - ok
10:06:29.0437 2012 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
10:06:29.0453 2012 Parport - ok
10:06:29.0484 2012 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:06:29.0484 2012 PartMgr - ok
10:06:29.0515 2012 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:06:29.0515 2012 ParVdm - ok
10:06:29.0515 2012 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:06:29.0515 2012 PCI - ok
10:06:29.0531 2012 PCIDump - ok
10:06:29.0562 2012 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:06:29.0562 2012 PCIIde - ok
10:06:29.0609 2012 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
10:06:29.0625 2012 Pcmcia - ok
10:06:29.0625 2012 PDCOMP - ok
10:06:29.0625 2012 PDFRAME - ok
10:06:29.0640 2012 PDRELI - ok
10:06:29.0640 2012 PDRFRAME - ok
10:06:29.0656 2012 perc2 - ok
10:06:29.0656 2012 perc2hib - ok
10:06:29.0687 2012 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
10:06:29.0687 2012 Pfc - ok
10:06:29.0734 2012 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
10:06:29.0734 2012 PlugPlay - ok
10:06:29.0796 2012 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:06:29.0796 2012 Pml Driver HPZ12 - ok
10:06:29.0828 2012 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll
10:06:29.0828 2012 PNRPSvc - ok
10:06:29.0843 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:06:29.0843 2012 PolicyAgent - ok
10:06:29.0859 2012 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:06:29.0859 2012 PptpMiniport - ok
10:06:29.0875 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:06:29.0875 2012 ProtectedStorage - ok
10:06:29.0875 2012 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:06:29.0890 2012 PSched - ok
10:06:29.0937 2012 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:06:29.0937 2012 Ptilink - ok
10:06:29.0953 2012 ql1080 - ok
10:06:29.0953 2012 Ql10wnt - ok
10:06:29.0968 2012 ql12160 - ok
10:06:29.0968 2012 ql1240 - ok
10:06:29.0968 2012 ql1280 - ok
10:06:29.0984 2012 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:06:29.0984 2012 RasAcd - ok
10:06:30.0015 2012 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:06:30.0031 2012 RasAuto - ok
10:06:30.0062 2012 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:06:30.0062 2012 Rasl2tp - ok
10:06:30.0109 2012 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:06:30.0125 2012 RasMan - ok
10:06:30.0156 2012 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:06:30.0156 2012 RasPppoe - ok
10:06:30.0156 2012 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:06:30.0156 2012 Raspti - ok
10:06:30.0171 2012 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:06:30.0187 2012 Rdbss - ok
10:06:30.0187 2012 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:06:30.0187 2012 RDPCDD - ok
10:06:30.0218 2012 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:06:30.0234 2012 rdpdr - ok
10:06:30.0281 2012 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:06:30.0296 2012 RDPWD - ok
10:06:30.0312 2012 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:06:30.0328 2012 RDSessMgr - ok
10:06:30.0390 2012 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
10:06:30.0390 2012 RealNetworks Downloader Resolver Service - ok
10:06:30.0421 2012 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:06:30.0421 2012 redbook - ok
10:06:30.0453 2012 [ 1B2857EF12D79A9F9ADBA14B0637CBF8 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
10:06:30.0453 2012 RegSrvc - ok
10:06:30.0500 2012 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:06:30.0500 2012 RemoteAccess - ok
10:06:30.0515 2012 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:06:30.0531 2012 RemoteRegistry - ok
10:06:30.0546 2012 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
10:06:30.0546 2012 RimVSerPort - ok
10:06:30.0578 2012 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
10:06:30.0578 2012 ROOTMODEM - ok
10:06:30.0625 2012 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
10:06:30.0625 2012 RpcLocator - ok
10:06:30.0671 2012 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:06:30.0671 2012 RpcSs - ok
10:06:30.0734 2012 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:06:30.0734 2012 RSVP - ok
10:06:30.0812 2012 [ 6C5155CC0E805C7BE6028BFF7AC14524 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
10:06:30.0828 2012 S24EventMonitor - ok
10:06:30.0859 2012 [ 1CC074E0D48383D4E9BFFC6A26C2A58A ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
10:06:30.0859 2012 s24trans - ok
10:06:30.0875 2012 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
10:06:30.0875 2012 SamSs - ok
10:06:30.0906 2012 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:06:30.0921 2012 SCardSvr - ok
10:06:30.0968 2012 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:06:30.0984 2012 Schedule - ok
10:06:31.0031 2012 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:06:31.0031 2012 sdbus - ok
10:06:31.0093 2012 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:06:31.0093 2012 Secdrv - ok
10:06:31.0109 2012 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:06:31.0109 2012 seclogon - ok
10:06:31.0125 2012 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
10:06:31.0125 2012 SENS - ok
10:06:31.0187 2012 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:06:31.0187 2012 Serial - ok
10:06:31.0234 2012 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
10:06:31.0234 2012 sffdisk - ok
10:06:31.0265 2012 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
10:06:31.0265 2012 sffp_sd - ok
10:06:31.0296 2012 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:06:31.0312 2012 Sfloppy - ok
10:06:31.0375 2012 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:06:31.0718 2012 SharedAccess - ok
10:06:31.0765 2012 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:06:31.0765 2012 ShellHWDetection - ok
10:06:31.0765 2012 Simbad - ok
10:06:31.0812 2012 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe
10:06:31.0812 2012 SimpTcp - ok
10:06:32.0109 2012 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:06:32.0406 2012 Skype C2C Service - ok
10:06:32.0484 2012 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:06:32.0500 2012 SkypeUpdate - ok
10:06:32.0515 2012 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
10:06:32.0515 2012 SMTPSVC - ok
10:06:32.0578 2012 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
10:06:32.0578 2012 SNMP - ok
10:06:32.0609 2012 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
10:06:32.0625 2012 SNMPTRAP - ok
10:06:32.0625 2012 Sparrow - ok
10:06:32.0656 2012 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:06:32.0656 2012 splitter - ok
10:06:32.0703 2012 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:06:32.0703 2012 Spooler - ok
10:06:32.0750 2012 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:06:32.0750 2012 sr - ok
10:06:32.0828 2012 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
10:06:32.0843 2012 srservice - ok
10:06:32.0906 2012 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:06:32.0921 2012 Srv - ok
10:06:32.0937 2012 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:06:32.0937 2012 SSDPSRV - ok
10:06:33.0015 2012 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:06:33.0015 2012 stisvc - ok
10:06:33.0031 2012 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:06:33.0031 2012 swenum - ok
10:06:33.0062 2012 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:06:33.0078 2012 swmidi - ok
10:06:33.0078 2012 SwPrv - ok
10:06:33.0140 2012 [ 486A64AABD88E4E174681E89E9736BC9 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
10:06:33.0140 2012 Swupdtmr - ok
10:06:33.0140 2012 symc810 - ok
10:06:33.0156 2012 symc8xx - ok
10:06:33.0156 2012 sym_hi - ok
10:06:33.0171 2012 sym_u3 - ok
10:06:33.0234 2012 [ E295FFFFF3AAF9A6A40B29497901908F ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:06:33.0234 2012 SynTP - ok
10:06:33.0265 2012 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:06:33.0265 2012 sysaudio - ok
10:06:33.0312 2012 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:06:33.0312 2012 SysmonLog - ok
10:06:33.0359 2012 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:06:33.0375 2012 TapiSrv - ok
10:06:33.0390 2012 [ 90861642FD6D8FAFB1408EE26FA93CB4 ] TAPPSRV C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
10:06:33.0390 2012 TAPPSRV - ok
10:06:33.0421 2012 [ 7147B0575BCC93A6AB7D5C90F47C0B9F ] tbiosdrv C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
10:06:33.0421 2012 tbiosdrv - ok
10:06:33.0484 2012 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:06:33.0500 2012 Tcpip - ok
10:06:33.0562 2012 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
10:06:33.0578 2012 Tcpip6 - ok
10:06:33.0609 2012 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:06:33.0609 2012 TDPIPE - ok
10:06:33.0625 2012 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:06:33.0640 2012 TDTCP - ok
10:06:33.0640 2012 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:06:33.0640 2012 TermDD - ok
10:06:33.0671 2012 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
10:06:33.0671 2012 TermService - ok
10:06:33.0703 2012 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
10:06:33.0703 2012 Themes - ok
10:06:33.0765 2012 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
10:06:33.0765 2012 tifm21 - ok
10:06:33.0812 2012 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:06:33.0828 2012 TlntSvr - ok
10:06:33.0828 2012 TosIde - ok
10:06:33.0843 2012 [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys
10:06:33.0843 2012 tosrfec - ok
10:06:33.0890 2012 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:06:33.0890 2012 TrkWks - ok
10:06:33.0953 2012 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
10:06:33.0953 2012 tunmp - ok
10:06:33.0984 2012 [ 676DB15DDF2E0FF6EC03068DEA428B8B ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys
10:06:33.0984 2012 TVALD - ok
10:06:34.0015 2012 [ CC6763889198EF975B143D49789BCFA9 ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys
10:06:34.0015 2012 Tvs - ok
10:06:34.0031 2012 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:06:34.0031 2012 Udfs - ok
10:06:34.0031 2012 ultra - ok
10:06:34.0109 2012 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:06:34.0109 2012 Update - ok
10:06:34.0156 2012 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:06:34.0171 2012 upnphost - ok
10:06:34.0187 2012 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
10:06:34.0187 2012 UPS - ok
10:06:34.0250 2012 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:06:34.0250 2012 usbccgp - ok
10:06:34.0265 2012 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:06:34.0265 2012 usbehci - ok
10:06:34.0281 2012 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:06:34.0296 2012 usbhub - ok
10:06:34.0312 2012 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:06:34.0312 2012 usbprint - ok
10:06:34.0343 2012 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:06:34.0343 2012 usbscan - ok
10:06:34.0359 2012 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:06:34.0359 2012 USBSTOR - ok
10:06:34.0390 2012 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:06:34.0406 2012 usbuhci - ok
10:06:34.0406 2012 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:06:34.0421 2012 VgaSave - ok
10:06:34.0421 2012 ViaIde - ok
10:06:34.0421 2012 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:06:34.0437 2012 VolSnap - ok
10:06:34.0484 2012 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
10:06:34.0500 2012 VSS - ok
10:06:34.0656 2012 [ 5119AE59AE2EB55BE28B8B7372B8AA90 ] vToolbarUpdater14.0.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
10:06:34.0687 2012 vToolbarUpdater14.0.0 - ok
10:06:34.0703 2012 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
10:06:34.0718 2012 W32Time - ok
10:06:34.0828 2012 [ B1F126E7E28877106D60E6FF3998D033 ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
10:06:34.0859 2012 w39n51 - ok
10:06:34.0890 2012 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
10:06:34.0890 2012 W3SVC - ok
10:06:34.0906 2012 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:06:34.0906 2012 Wanarp - ok
10:06:34.0953 2012 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
10:06:34.0953 2012 wanatw - ok
10:06:35.0015 2012 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:06:35.0031 2012 Wdf01000 - ok
10:06:35.0031 2012 WDICA - ok
10:06:35.0062 2012 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:06:35.0078 2012 wdmaud - ok
10:06:35.0109 2012 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:06:35.0109 2012 WebClient - ok
10:06:35.0218 2012 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:06:35.0218 2012 winmgmt - ok
10:06:35.0296 2012 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
10:06:35.0296 2012 WLSetupSvc - ok
10:06:35.0328 2012 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:06:35.0328 2012 WmdmPmSN - ok
10:06:35.0390 2012 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:06:35.0406 2012 Wmi - ok
10:06:35.0437 2012 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:06:35.0437 2012 WmiApSrv - ok
10:06:35.0484 2012 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:06:35.0500 2012 wscsvc - ok
10:06:35.0515 2012 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:06:35.0515 2012 wuauserv - ok
10:06:35.0562 2012 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:06:35.0562 2012 WudfPf - ok
10:06:35.0578 2012 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:06:35.0593 2012 WudfRd - ok
10:06:35.0609 2012 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:06:35.0609 2012 WudfSvc - ok
10:06:35.0687 2012 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:06:35.0703 2012 WZCSVC - ok
10:06:35.0734 2012 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:06:35.0734 2012 xmlprov - ok
10:06:35.0750 2012 ================ Scan global ===============================
10:06:35.0796 2012 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:06:35.0859 2012 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:06:35.0875 2012 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:06:35.0890 2012 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:06:35.0890 2012 [Global] - ok
10:06:35.0890 2012 ================ Scan MBR ==================================
10:06:35.0921 2012 [ 09CE7397AF23D4C0B331B89D0297CC7E ] \Device\Harddisk0\DR0
10:06:36.0671 2012 \Device\Harddisk0\DR0 - ok
10:06:36.0671 2012 ================ Scan VBR ==================================
10:06:36.0687 2012 [ 3625FF83EEF41D66DC0966F3B983A4B5 ] \Device\Harddisk0\DR0\Partition1
10:06:36.0687 2012 \Device\Harddisk0\DR0\Partition1 - ok
10:06:36.0687 2012 ============================================================
10:06:36.0687 2012 Scan finished
10:06:36.0687 2012 ============================================================
10:06:36.0703 2288 Detected object count: 0
10:06:36.0703 2288 Actual detected object count: 0
10:08:45.0250 5384 ============================================================

This was too long. See continuation on part 2.
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am

Re: Hope this is simple!

Unread postby ProblemBoy » August 9th, 2013, 2:42 pm

Continuation part 2
10:08:45.0250 5384 Scan started
10:08:45.0250 5384 Mode: Manual;
10:08:45.0250 5384 ============================================================
10:08:45.0546 5384 ================ Scan system memory ========================
10:08:47.0312 5384 System memory - ok
10:08:47.0312 5384 ================ Scan services =============================
10:08:47.0484 5384 [ C07D5197410AAB28D0D93F943F59656D ] 6to4 C:\WINDOWS\System32\6to4svc.dll
10:08:47.0484 5384 6to4 - ok
10:08:47.0640 5384 [ B33CF4DE909A5B30F526D82053A63C8E ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
10:08:47.0656 5384 ABBYY.Licensing.FineReader.Sprint.9.0 - ok
10:08:47.0703 5384 Abiosdsk - ok
10:08:47.0718 5384 abp480n5 - ok
10:08:47.0781 5384 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:08:47.0781 5384 ACPI - ok
10:08:47.0796 5384 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
10:08:47.0796 5384 ACPIEC - ok
10:08:47.0906 5384 [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:08:47.0906 5384 AdobeFlashPlayerUpdateSvc - ok
10:08:47.0906 5384 adpu160m - ok
10:08:47.0937 5384 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
10:08:47.0937 5384 aec - ok
10:08:47.0984 5384 [ 12DAFD934641DCF61E446313BC261EC2 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
10:08:47.0984 5384 AegisP - ok
10:08:48.0046 5384 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
10:08:48.0046 5384 AFD - ok
10:08:48.0109 5384 [ B3192376C7A3814B5341EFC2202022F8 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
10:08:48.0125 5384 AgereSoftModem - ok
10:08:48.0125 5384 Aha154x - ok
10:08:48.0140 5384 aic78u2 - ok
10:08:48.0140 5384 aic78xx - ok
10:08:48.0187 5384 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
10:08:48.0187 5384 Alerter - ok
10:08:48.0218 5384 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
10:08:48.0218 5384 ALG - ok
10:08:48.0218 5384 AliIde - ok
10:08:48.0218 5384 amsint - ok
10:08:48.0328 5384 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:08:48.0328 5384 Apple Mobile Device - ok
10:08:48.0375 5384 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
10:08:48.0375 5384 AppMgmt - ok
10:08:48.0390 5384 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:08:48.0390 5384 Arp1394 - ok
10:08:48.0390 5384 asc - ok
10:08:48.0390 5384 asc3350p - ok
10:08:48.0406 5384 asc3550 - ok
10:08:48.0531 5384 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:08:48.0531 5384 aspnet_state - ok
10:08:48.0546 5384 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:08:48.0546 5384 AsyncMac - ok
10:08:48.0578 5384 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
10:08:48.0578 5384 atapi - ok
10:08:48.0593 5384 Atdisk - ok
10:08:48.0625 5384 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:08:48.0625 5384 Atmarpc - ok
10:08:48.0656 5384 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
10:08:48.0656 5384 AudioSrv - ok
10:08:48.0703 5384 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
10:08:48.0703 5384 audstub - ok
10:08:49.0265 5384 [ 4DB93F4DB7077801D2D82013506AC1D0 ] AVGIDSAgent C:\Program Files\AVG\AVG2013\avgidsagent.exe
10:08:49.0312 5384 AVGIDSAgent - ok
10:08:49.0328 5384 [ 4D7E34E36E586EA26F171A258341BD80 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
10:08:49.0328 5384 AVGIDSDriver - ok
10:08:49.0343 5384 [ 7C8E88549BCDAAC965B1B724C175F7A9 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
10:08:49.0343 5384 AVGIDSHX - ok
10:08:49.0390 5384 [ A426B2DC795531D99E2EE1952AEC051A ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
10:08:49.0390 5384 AVGIDSShim - ok
10:08:49.0406 5384 [ 2018C4E9A40B122408763A5635CF14D9 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
10:08:49.0406 5384 Avgldx86 - ok
10:08:49.0421 5384 [ E2B9CF2CF787C6978E7CC898E9684E48 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
10:08:49.0437 5384 Avglogx - ok
10:08:49.0437 5384 [ 3F59750A3AA55C46663801E7C2FD1E2B ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
10:08:49.0437 5384 Avgmfx86 - ok
10:08:49.0453 5384 [ EDDE28E993496EE1DC3F0937DFF7BF28 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
10:08:49.0453 5384 Avgrkx86 - ok
10:08:49.0468 5384 [ 14370FB29526F593C04FA48B5D69F7F0 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
10:08:49.0468 5384 Avgtdix - ok
10:08:49.0531 5384 [ 016A9C10A25383F841D56C0CF9FAE61A ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
10:08:49.0531 5384 avgtp - ok
10:08:49.0562 5384 [ 48939D9F350AEF9370F03A1E49A49BE2 ] avgwd C:\Program Files\AVG\AVG2013\avgwdsvc.exe
10:08:49.0562 5384 avgwd - ok
10:08:49.0625 5384 [ 6F8638EA0A55D65B03E24F6D1153D8F7 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
10:08:49.0625 5384 BBSvc - ok
10:08:49.0656 5384 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
10:08:49.0671 5384 BBUpdate - ok
10:08:49.0703 5384 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
10:08:49.0703 5384 Beep - ok
10:08:49.0750 5384 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
10:08:49.0765 5384 BITS - ok
10:08:49.0859 5384 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:08:49.0875 5384 Bonjour Service - ok
10:08:49.0937 5384 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
10:08:49.0937 5384 Browser - ok
10:08:49.0968 5384 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
10:08:49.0968 5384 cbidf2k - ok
10:08:49.0984 5384 cd20xrnt - ok
10:08:50.0015 5384 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
10:08:50.0015 5384 Cdaudio - ok
10:08:50.0015 5384 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
10:08:50.0015 5384 Cdfs - ok
10:08:50.0046 5384 [ 351735695E9EAD93DE6AF85D8BEB1CA8 ] cdrbsdrv C:\WINDOWS\system32\drivers\cdrbsdrv.sys
10:08:50.0046 5384 cdrbsdrv - ok
10:08:50.0078 5384 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:08:50.0078 5384 Cdrom - ok
10:08:50.0187 5384 [ 3CB0CC8879956C187E87E18634EE5164 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
10:08:50.0187 5384 CFSvcs - ok
10:08:50.0187 5384 Changer - ok
10:08:50.0234 5384 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
10:08:50.0234 5384 cisvc - ok
10:08:50.0250 5384 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
10:08:50.0250 5384 ClipSrv - ok
10:08:50.0296 5384 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:08:50.0296 5384 clr_optimization_v2.0.50727_32 - ok
10:08:50.0328 5384 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:08:50.0328 5384 CmBatt - ok
10:08:50.0328 5384 CmdIde - ok
10:08:50.0343 5384 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:08:50.0343 5384 Compbatt - ok
10:08:50.0343 5384 COMSysApp - ok
10:08:50.0359 5384 Cpqarray - ok
10:08:50.0421 5384 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
10:08:50.0421 5384 CryptSvc - ok
10:08:50.0421 5384 dac2w2k - ok
10:08:50.0437 5384 dac960nt - ok
10:08:50.0500 5384 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
10:08:50.0515 5384 DcomLaunch - ok
10:08:50.0531 5384 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
10:08:50.0531 5384 Dhcp - ok
10:08:50.0562 5384 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
10:08:50.0562 5384 Disk - ok
10:08:50.0609 5384 [ EE4325BECEF51B8C32B4329097E4F301 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
10:08:50.0609 5384 DLABOIOM - ok
10:08:50.0625 5384 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
10:08:50.0640 5384 DLACDBHM - ok
10:08:50.0640 5384 [ 1E6C6597833A04C2157BE7B39EA92CE1 ] DLADResN C:\WINDOWS\system32\DLA\DLADResN.SYS
10:08:50.0640 5384 DLADResN - ok
10:08:50.0687 5384 [ 752376E109A090970BFA9722F0F40B03 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
10:08:50.0687 5384 DLAIFS_M - ok
10:08:50.0703 5384 [ 62EE7902E74B90BF1CCC4643FC6C07A7 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
10:08:50.0703 5384 DLAOPIOM - ok
10:08:50.0718 5384 [ 5C220124C5AFEAEE84A9BB89D685C17B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
10:08:50.0718 5384 DLAPoolM - ok
10:08:50.0718 5384 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
10:08:50.0718 5384 DLARTL_N - ok
10:08:50.0734 5384 [ 4EBB78D9BBF072119363B35B9B3E518F ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
10:08:50.0734 5384 DLAUDFAM - ok
10:08:50.0765 5384 [ 333B770E52D2CEA7BD86391120466E43 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
10:08:50.0765 5384 DLAUDF_M - ok
10:08:50.0781 5384 dmadmin - ok
10:08:50.0812 5384 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
10:08:50.0828 5384 dmboot - ok
10:08:50.0859 5384 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
10:08:50.0859 5384 dmio - ok
10:08:50.0890 5384 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
10:08:50.0890 5384 dmload - ok
10:08:50.0906 5384 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
10:08:50.0921 5384 dmserver - ok
10:08:50.0953 5384 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
10:08:50.0953 5384 DMusic - ok
10:08:50.0984 5384 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
10:08:50.0984 5384 Dnscache - ok
10:08:51.0031 5384 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
10:08:51.0031 5384 Dot3svc - ok
10:08:51.0031 5384 dpti2o - ok
10:08:51.0046 5384 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
10:08:51.0046 5384 drmkaud - ok
10:08:51.0093 5384 [ FD0F95981FEF9073659D8EC58E40AA3C ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
10:08:51.0093 5384 DRVMCDB - ok
10:08:51.0093 5384 [ B4869D320428CDC5EC4D7F5E808E99B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
10:08:51.0093 5384 DRVNDDM - ok
10:08:51.0156 5384 [ C9FFBD6B8EDC46CD3D13E3C6DB914FB7 ] DVD-RAM_Service C:\WINDOWS\system32\DVDRAMSV.exe
10:08:51.0156 5384 DVD-RAM_Service - ok
10:08:51.0218 5384 [ 2646883E6DD867CD872D5B51B6036710 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:08:51.0234 5384 E100B - ok
10:08:51.0265 5384 [ E1FA10ED8F9F700C1BE1EAE05A80EF57 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:08:51.0265 5384 e1express - ok
10:08:51.0296 5384 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
10:08:51.0296 5384 EapHost - ok
10:08:51.0406 5384 [ 8301243BDE5B6CD316D79C0191D50D9A ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
10:08:51.0406 5384 ehRecvr - ok
10:08:51.0453 5384 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
10:08:51.0453 5384 ehSched - ok
10:08:51.0515 5384 [ ABDD5AD016AFFD34AD40E944CE94BF59 ] EpsonBidirectionalService C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
10:08:51.0515 5384 EpsonBidirectionalService - ok
10:08:51.0593 5384 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
10:08:51.0593 5384 EpsonCustomerParticipation - ok
10:08:51.0640 5384 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
10:08:51.0640 5384 ERSvc - ok
10:08:51.0687 5384 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
10:08:51.0687 5384 Eventlog - ok
10:08:51.0750 5384 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
10:08:51.0765 5384 EventSystem - ok
10:08:51.0828 5384 [ 56DED3ADE453272E6A0AD582D945D1A4 ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
10:08:51.0828 5384 EvtEng - ok
10:08:51.0890 5384 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
10:08:51.0890 5384 Fastfat - ok
10:08:51.0921 5384 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:08:51.0937 5384 FastUserSwitchingCompatibility - ok
10:08:52.0000 5384 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
10:08:52.0000 5384 Fax - ok
10:08:52.0015 5384 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
10:08:52.0015 5384 Fdc - ok
10:08:52.0031 5384 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
10:08:52.0031 5384 Fips - ok
10:08:52.0046 5384 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
10:08:52.0046 5384 Flpydisk - ok
10:08:52.0093 5384 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
10:08:52.0093 5384 FltMgr - ok
10:08:52.0156 5384 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:08:52.0156 5384 FontCache3.0.0.0 - ok
10:08:52.0187 5384 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:08:52.0187 5384 Fs_Rec - ok
10:08:52.0203 5384 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:08:52.0203 5384 Ftdisk - ok
10:08:52.0250 5384 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:08:52.0250 5384 GEARAspiWDM - ok
10:08:52.0265 5384 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:08:52.0265 5384 Gpc - ok
10:08:52.0375 5384 [ 626A24ED1228580B9518C01930936DF9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
10:08:52.0375 5384 gupdate - ok
10:08:52.0375 5384 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
10:08:52.0375 5384 gupdatem - ok
10:08:52.0406 5384 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:08:52.0406 5384 HDAudBus - ok
10:08:52.0500 5384 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:08:52.0500 5384 helpsvc - ok
10:08:52.0500 5384 HidServ - ok
10:08:52.0531 5384 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:08:52.0531 5384 HidUsb - ok
10:08:52.0578 5384 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
10:08:52.0578 5384 hkmsvc - ok
10:08:52.0578 5384 hpn - ok
10:08:52.0640 5384 [ CE0FCEC4D4D860F36D972759B11EAF0F ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
10:08:52.0656 5384 hpqcxs08 - ok
10:08:52.0687 5384 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
10:08:52.0687 5384 hpqddsvc - ok
10:08:52.0734 5384 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
10:08:52.0734 5384 HPZid412 - ok
10:08:52.0781 5384 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
10:08:52.0781 5384 HPZipr12 - ok
10:08:52.0828 5384 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
10:08:52.0828 5384 HPZius12 - ok
10:08:52.0890 5384 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
10:08:52.0890 5384 HTTP - ok
10:08:52.0906 5384 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
10:08:52.0906 5384 HTTPFilter - ok
10:08:52.0921 5384 i2omgmt - ok
10:08:52.0921 5384 i2omp - ok
10:08:52.0968 5384 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:08:52.0968 5384 i8042prt - ok
10:08:53.0078 5384 [ BC1F1FF8D5800398937966CDB0A97FDC ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
10:08:53.0078 5384 ialm - ok
10:08:53.0171 5384 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:08:53.0187 5384 idsvc - ok
10:08:53.0281 5384 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] IISADMIN C:\WINDOWS\system32\inetsrv\inetinfo.exe
10:08:53.0281 5384 IISADMIN - ok
10:08:53.0296 5384 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
10:08:53.0296 5384 Imapi - ok
10:08:53.0359 5384 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
10:08:53.0359 5384 ImapiService - ok
10:08:53.0375 5384 ini910u - ok
10:08:53.0593 5384 [ B12A9FC49CD2765A43829D834F518AED ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:08:53.0625 5384 IntcAzAudAddService - ok
10:08:53.0625 5384 IntelIde - ok
10:08:53.0671 5384 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:08:53.0671 5384 intelppm - ok
10:08:53.0687 5384 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
10:08:53.0687 5384 Ip6Fw - ok
10:08:53.0718 5384 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:08:53.0718 5384 IpFilterDriver - ok
10:08:53.0750 5384 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:08:53.0750 5384 IpInIp - ok
10:08:53.0796 5384 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:08:53.0796 5384 IpNat - ok
10:08:53.0890 5384 [ FE56897B27ED266F9C4E7D90A0B5DA47 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:08:53.0890 5384 iPod Service - ok
10:08:53.0921 5384 [ F08D74EC300B8BA60CA953C58A24D19E ] Iprip C:\WINDOWS\System32\iprip.dll
10:08:53.0921 5384 Iprip - ok
10:08:53.0968 5384 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:08:53.0968 5384 IPSec - ok
10:08:54.0015 5384 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
10:08:54.0015 5384 IRENUM - ok
10:08:54.0046 5384 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:08:54.0046 5384 isapnp - ok
10:08:54.0093 5384 [ F59C3569A2F2C464BB78CB1BDCDCA55E ] Iviaspi C:\WINDOWS\system32\drivers\iviaspi.sys
10:08:54.0093 5384 Iviaspi - ok
10:08:54.0203 5384 [ 9ECF00E19736054E019C532AED8228FC ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:08:54.0203 5384 JavaQuickStarterService - ok
10:08:54.0218 5384 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:08:54.0218 5384 Kbdclass - ok
10:08:54.0250 5384 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
10:08:54.0250 5384 kmixer - ok
10:08:54.0406 5384 [ 00C1EA8DECF810B8ECCB5C5A8186A96E ] KR10N C:\WINDOWS\system32\drivers\KR10N.sys
10:08:54.0406 5384 KR10N - ok
10:08:54.0437 5384 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
10:08:54.0437 5384 KSecDD - ok
10:08:54.0500 5384 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
10:08:54.0500 5384 lanmanserver - ok
10:08:54.0562 5384 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:08:54.0562 5384 lanmanworkstation - ok
10:08:54.0625 5384 [ 9FFD1CF2A782F2560E78EEC4B8B8689E ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
10:08:54.0625 5384 LBeepKE - ok
10:08:54.0625 5384 lbrtfdc - ok
10:08:54.0703 5384 [ 3AF6B73A3AD1FC37C5933441F66CEB91 ] LBTServ C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
10:08:54.0703 5384 LBTServ - ok
10:08:54.0750 5384 [ 7F9C7B28CF1C859E1C42619EEA946DC8 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
10:08:54.0750 5384 LHidFilt - ok
10:08:54.0812 5384 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
10:08:54.0812 5384 LmHosts - ok
10:08:54.0828 5384 [ AB33792A87285344F43B5CE23421BAB0 ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
10:08:54.0828 5384 LMouFilt - ok
10:08:54.0875 5384 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
10:08:54.0875 5384 McrdSvc - ok
10:08:54.0968 5384 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
10:08:54.0968 5384 MDM - ok
10:08:55.0015 5384 [ 7EFAC183A25B30FB5D64CC9D484B1EB6 ] meiudf C:\WINDOWS\system32\Drivers\meiudf.sys
10:08:55.0015 5384 meiudf - ok
10:08:55.0031 5384 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
10:08:55.0031 5384 Messenger - ok
10:08:55.0062 5384 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
10:08:55.0062 5384 MHN - ok
10:08:55.0078 5384 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
10:08:55.0078 5384 MHNDRV - ok
10:08:55.0109 5384 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
10:08:55.0125 5384 mnmdd - ok
10:08:55.0171 5384 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
10:08:55.0171 5384 mnmsrvc - ok
10:08:55.0218 5384 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
10:08:55.0218 5384 Modem - ok
10:08:55.0234 5384 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:08:55.0234 5384 Mouclass - ok
10:08:55.0234 5384 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:08:55.0234 5384 mouhid - ok
10:08:55.0250 5384 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
10:08:55.0250 5384 MountMgr - ok
10:08:55.0296 5384 [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:08:55.0312 5384 MozillaMaintenance - ok
10:08:55.0406 5384 MpKsle16d8c51 - ok
10:08:55.0406 5384 mraid35x - ok
10:08:55.0453 5384 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:08:55.0453 5384 MRxDAV - ok
10:08:55.0531 5384 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:08:55.0531 5384 MRxSmb - ok
10:08:55.0562 5384 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
10:08:55.0562 5384 MSDTC - ok
10:08:55.0609 5384 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
10:08:55.0609 5384 Msfs - ok
10:08:55.0609 5384 MSIServer - ok
10:08:55.0640 5384 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:08:55.0640 5384 MSKSSRV - ok
10:08:55.0656 5384 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:08:55.0656 5384 MSPCLOCK - ok
10:08:55.0687 5384 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
10:08:55.0687 5384 MSPQM - ok
10:08:55.0734 5384 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:08:55.0734 5384 mssmbios - ok
10:08:55.0750 5384 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
10:08:55.0750 5384 Mup - ok
10:08:55.0796 5384 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
10:08:55.0796 5384 napagent - ok
10:08:55.0843 5384 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
10:08:55.0843 5384 NDIS - ok
10:08:55.0875 5384 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:08:55.0875 5384 NdisTapi - ok
10:08:55.0890 5384 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:08:55.0890 5384 Ndisuio - ok
10:08:55.0906 5384 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:08:55.0921 5384 NdisWan - ok
10:08:55.0968 5384 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
10:08:55.0968 5384 NDProxy - ok
10:08:56.0015 5384 [ A081CB6FB9A12668F233EB5414BE3A0E ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
10:08:56.0015 5384 Net Driver HPZ12 - ok
10:08:56.0078 5384 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
10:08:56.0078 5384 NetBIOS - ok
10:08:56.0109 5384 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
10:08:56.0109 5384 NetBT - ok
10:08:56.0156 5384 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
10:08:56.0156 5384 NetDDE - ok
10:08:56.0156 5384 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
10:08:56.0171 5384 NetDDEdsdm - ok
10:08:56.0187 5384 [ 1265EB253ED4EBE4ACB3BD5F548FF796 ] Netdevio C:\WINDOWS\system32\DRIVERS\netdevio.sys
10:08:56.0187 5384 Netdevio - ok
10:08:56.0218 5384 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
10:08:56.0218 5384 Netlogon - ok
10:08:56.0250 5384 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
10:08:56.0250 5384 Netman - ok
10:08:56.0296 5384 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:08:56.0296 5384 NetTcpPortSharing - ok
10:08:56.0312 5384 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:08:56.0312 5384 NIC1394 - ok
10:08:56.0375 5384 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
10:08:56.0375 5384 Nla - ok
10:08:56.0390 5384 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
10:08:56.0390 5384 Npfs - ok
10:08:56.0437 5384 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
10:08:56.0453 5384 Ntfs - ok
10:08:56.0453 5384 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
10:08:56.0468 5384 NtLmSsp - ok
10:08:56.0531 5384 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
10:08:56.0531 5384 NtmsSvc - ok
10:08:56.0562 5384 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
10:08:56.0562 5384 Null - ok
10:08:56.0593 5384 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:08:56.0593 5384 NwlnkFlt - ok
10:08:56.0593 5384 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:08:56.0593 5384 NwlnkFwd - ok
10:08:56.0609 5384 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:08:56.0609 5384 ohci1394 - ok
10:08:56.0656 5384 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:08:56.0656 5384 ose - ok
10:08:56.0703 5384 [ 937A02981F11B2CE96B1D493C95AED2B ] p2pgasvc C:\WINDOWS\system32\p2pgasvc.dll
10:08:56.0703 5384 p2pgasvc - ok
10:08:56.0765 5384 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2pimsvc C:\WINDOWS\system32\p2psvc.dll
10:08:56.0765 5384 p2pimsvc - ok
10:08:56.0796 5384 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
10:08:56.0796 5384 p2psvc - ok
10:08:56.0828 5384 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
10:08:56.0828 5384 Parport - ok
10:08:56.0843 5384 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
10:08:56.0843 5384 PartMgr - ok
10:08:56.0875 5384 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
10:08:56.0875 5384 ParVdm - ok
10:08:56.0890 5384 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
10:08:56.0890 5384 PCI - ok
10:08:56.0890 5384 PCIDump - ok
10:08:56.0921 5384 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
10:08:56.0921 5384 PCIIde - ok
10:08:56.0984 5384 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\DRIVERS\pcmcia.sys
10:08:56.0984 5384 Pcmcia - ok
10:08:56.0984 5384 PDCOMP - ok
10:08:57.0000 5384 PDFRAME - ok
10:08:57.0000 5384 PDRELI - ok
10:08:57.0000 5384 PDRFRAME - ok
10:08:57.0015 5384 perc2 - ok
10:08:57.0015 5384 perc2hib - ok
10:08:57.0062 5384 [ 444F122E68DB44C0589227781F3C8B3F ] Pfc C:\WINDOWS\system32\drivers\pfc.sys
10:08:57.0062 5384 Pfc - ok
10:08:57.0093 5384 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
10:08:57.0093 5384 PlugPlay - ok
10:08:57.0156 5384 [ 65BC271F337637731D3C71455AE1F476 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
10:08:57.0156 5384 Pml Driver HPZ12 - ok
10:08:57.0187 5384 [ 4A1035CB8F0D57BE41873B5183D96CF4 ] PNRPSvc C:\WINDOWS\system32\p2psvc.dll
10:08:57.0187 5384 PNRPSvc - ok
10:08:57.0203 5384 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
10:08:57.0203 5384 PolicyAgent - ok
10:08:57.0218 5384 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:08:57.0218 5384 PptpMiniport - ok
10:08:57.0234 5384 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:08:57.0234 5384 ProtectedStorage - ok
10:08:57.0234 5384 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
10:08:57.0234 5384 PSched - ok
10:08:57.0281 5384 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:08:57.0281 5384 Ptilink - ok
10:08:57.0296 5384 ql1080 - ok
10:08:57.0296 5384 Ql10wnt - ok
10:08:57.0312 5384 ql12160 - ok
10:08:57.0312 5384 ql1240 - ok
10:08:57.0312 5384 ql1280 - ok
10:08:57.0328 5384 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:08:57.0328 5384 RasAcd - ok
10:08:57.0375 5384 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
10:08:57.0375 5384 RasAuto - ok
10:08:57.0406 5384 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:08:57.0406 5384 Rasl2tp - ok
10:08:57.0453 5384 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
10:08:57.0453 5384 RasMan - ok
10:08:57.0468 5384 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:08:57.0468 5384 RasPppoe - ok
10:08:57.0484 5384 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
10:08:57.0484 5384 Raspti - ok
10:08:57.0515 5384 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:08:57.0515 5384 Rdbss - ok
10:08:57.0515 5384 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:08:57.0515 5384 RDPCDD - ok
10:08:57.0546 5384 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:08:57.0546 5384 rdpdr - ok
10:08:57.0593 5384 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
10:08:57.0593 5384 RDPWD - ok
10:08:57.0625 5384 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
10:08:57.0625 5384 RDSessMgr - ok
10:08:57.0703 5384 [ B2D01290C0E0465ACA54C2088E947823 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
10:08:57.0703 5384 RealNetworks Downloader Resolver Service - ok
10:08:57.0734 5384 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
10:08:57.0734 5384 redbook - ok
10:08:57.0765 5384 [ 1B2857EF12D79A9F9ADBA14B0637CBF8 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
10:08:57.0765 5384 RegSrvc - ok
10:08:57.0812 5384 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
10:08:57.0812 5384 RemoteAccess - ok
10:08:57.0859 5384 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
10:08:57.0859 5384 RemoteRegistry - ok
10:08:57.0890 5384 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
10:08:57.0890 5384 RimVSerPort - ok
10:08:57.0921 5384 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
10:08:57.0921 5384 ROOTMODEM - ok
10:08:57.0968 5384 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
10:08:57.0968 5384 RpcLocator - ok
10:08:58.0015 5384 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
10:08:58.0015 5384 RpcSs - ok
10:08:58.0062 5384 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
10:08:58.0078 5384 RSVP - ok
10:08:58.0156 5384 [ 6C5155CC0E805C7BE6028BFF7AC14524 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
10:08:58.0156 5384 S24EventMonitor - ok
10:08:58.0171 5384 [ 1CC074E0D48383D4E9BFFC6A26C2A58A ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
10:08:58.0171 5384 s24trans - ok
10:08:58.0187 5384 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
10:08:58.0187 5384 SamSs - ok
10:08:58.0218 5384 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
10:08:58.0218 5384 SCardSvr - ok
10:08:58.0265 5384 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
10:08:58.0265 5384 Schedule - ok
10:08:58.0281 5384 [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
10:08:58.0296 5384 sdbus - ok
10:08:58.0343 5384 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:08:58.0343 5384 Secdrv - ok
10:08:58.0359 5384 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
10:08:58.0375 5384 seclogon - ok
10:08:58.0375 5384 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
10:08:58.0390 5384 SENS - ok
10:08:58.0437 5384 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
10:08:58.0437 5384 Serial - ok
10:08:58.0484 5384 [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk C:\WINDOWS\system32\DRIVERS\sffdisk.sys
10:08:58.0484 5384 sffdisk - ok
10:08:58.0500 5384 [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
10:08:58.0500 5384 sffp_sd - ok
10:08:58.0515 5384 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
10:08:58.0531 5384 Sfloppy - ok
10:08:58.0578 5384 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
10:08:58.0578 5384 SharedAccess - ok
10:08:58.0609 5384 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:08:58.0609 5384 ShellHWDetection - ok
10:08:58.0609 5384 Simbad - ok
10:08:58.0640 5384 [ 32933B07FC16D9F778BEE12545FA1B1A ] SimpTcp C:\WINDOWS\system32\tcpsvcs.exe
10:08:58.0640 5384 SimpTcp - ok
10:08:58.0875 5384 [ 3740B83AEC21D981065D7E819BD7E878 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
10:08:58.0906 5384 Skype C2C Service - ok
10:08:58.0984 5384 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
10:08:58.0984 5384 SkypeUpdate - ok
10:08:59.0000 5384 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] SMTPSVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
10:08:59.0000 5384 SMTPSVC - ok
10:08:59.0062 5384 [ 60C377BE6B3CC83F6A8584934B181D2E ] SNMP C:\WINDOWS\System32\snmp.exe
10:08:59.0062 5384 SNMP - ok
10:08:59.0109 5384 [ 80A050795A107A76C2B1CD4CFBE010E6 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
10:08:59.0109 5384 SNMPTRAP - ok
10:08:59.0109 5384 Sparrow - ok
10:08:59.0140 5384 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
10:08:59.0140 5384 splitter - ok
10:08:59.0187 5384 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
10:08:59.0187 5384 Spooler - ok
10:08:59.0234 5384 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
10:08:59.0234 5384 sr - ok
10:08:59.0296 5384 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
10:08:59.0296 5384 srservice - ok
10:08:59.0359 5384 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
10:08:59.0359 5384 Srv - ok
10:08:59.0390 5384 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
10:08:59.0390 5384 SSDPSRV - ok
10:08:59.0468 5384 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
10:08:59.0468 5384 stisvc - ok
10:08:59.0640 5384 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
10:08:59.0640 5384 swenum - ok
10:08:59.0671 5384 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
10:08:59.0671 5384 swmidi - ok
10:08:59.0671 5384 SwPrv - ok
10:08:59.0734 5384 [ 486A64AABD88E4E174681E89E9736BC9 ] Swupdtmr c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
10:08:59.0734 5384 Swupdtmr - ok
10:08:59.0750 5384 symc810 - ok
10:08:59.0750 5384 symc8xx - ok
10:08:59.0750 5384 sym_hi - ok
10:08:59.0765 5384 sym_u3 - ok
10:08:59.0812 5384 [ E295FFFFF3AAF9A6A40B29497901908F ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
10:08:59.0812 5384 SynTP - ok
10:08:59.0843 5384 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
10:08:59.0843 5384 sysaudio - ok
10:08:59.0875 5384 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
10:08:59.0890 5384 SysmonLog - ok
10:08:59.0937 5384 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
10:08:59.0937 5384 TapiSrv - ok
10:08:59.0968 5384 [ 90861642FD6D8FAFB1408EE26FA93CB4 ] TAPPSRV C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
10:08:59.0968 5384 TAPPSRV - ok
10:09:00.0000 5384 [ 7147B0575BCC93A6AB7D5C90F47C0B9F ] tbiosdrv C:\WINDOWS\system32\DRIVERS\tbiosdrv.sys
10:09:00.0000 5384 tbiosdrv - ok
10:09:00.0062 5384 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:09:00.0062 5384 Tcpip - ok
10:09:00.0125 5384 [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7 ] Tcpip6 C:\WINDOWS\system32\DRIVERS\tcpip6.sys
10:09:00.0140 5384 Tcpip6 - ok
10:09:00.0156 5384 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
10:09:00.0156 5384 TDPIPE - ok
10:09:00.0187 5384 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
10:09:00.0187 5384 TDTCP - ok
10:09:00.0203 5384 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
10:09:00.0218 5384 TermDD - ok
10:09:00.0250 5384 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
10:09:00.0250 5384 TermService - ok
10:09:00.0296 5384 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
10:09:00.0296 5384 Themes - ok
10:09:00.0312 5384 [ 244CFBFFDEFB77F3DF571A8CD108FC06 ] tifm21 C:\WINDOWS\system32\drivers\tifm21.sys
10:09:00.0312 5384 tifm21 - ok
10:09:00.0375 5384 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
10:09:00.0375 5384 TlntSvr - ok
10:09:00.0375 5384 TosIde - ok
10:09:00.0406 5384 [ CC069342EE0EAE55B32A0AE99CF6185C ] tosrfec C:\WINDOWS\system32\DRIVERS\tosrfec.sys
10:09:00.0406 5384 tosrfec - ok
10:09:00.0437 5384 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
10:09:00.0437 5384 TrkWks - ok
10:09:00.0500 5384 [ 8F861EDA21C05857EB8197300A92501C ] tunmp C:\WINDOWS\system32\DRIVERS\tunmp.sys
10:09:00.0500 5384 tunmp - ok
10:09:00.0531 5384 [ 676DB15DDF2E0FF6EC03068DEA428B8B ] TVALD C:\WINDOWS\system32\DRIVERS\NBSMI.sys
10:09:00.0531 5384 TVALD - ok
10:09:00.0562 5384 [ CC6763889198EF975B143D49789BCFA9 ] Tvs C:\WINDOWS\system32\DRIVERS\Tvs.sys
10:09:00.0562 5384 Tvs - ok
10:09:00.0578 5384 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
10:09:00.0578 5384 Udfs - ok
10:09:00.0593 5384 ultra - ok
10:09:00.0656 5384 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
10:09:00.0656 5384 Update - ok
10:09:00.0703 5384 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
10:09:00.0703 5384 upnphost - ok
10:09:00.0718 5384 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
10:09:00.0718 5384 UPS - ok
10:09:00.0781 5384 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:09:00.0781 5384 usbccgp - ok
10:09:00.0812 5384 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:09:00.0812 5384 usbehci - ok
10:09:00.0843 5384 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:09:00.0859 5384 usbhub - ok
10:09:00.0875 5384 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:09:00.0875 5384 usbprint - ok
10:09:00.0906 5384 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:09:00.0906 5384 usbscan - ok
10:09:00.0921 5384 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:09:00.0921 5384 USBSTOR - ok
10:09:00.0953 5384 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:09:00.0953 5384 usbuhci - ok
10:09:00.0968 5384 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
10:09:00.0968 5384 VgaSave - ok
10:09:00.0984 5384 ViaIde - ok
10:09:00.0984 5384 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
10:09:00.0984 5384 VolSnap - ok
10:09:01.0046 5384 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
10:09:01.0062 5384 VSS - ok
10:09:01.0218 5384 [ 5119AE59AE2EB55BE28B8B7372B8AA90 ] vToolbarUpdater14.0.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.0.0\ToolbarUpdater.exe
10:09:01.0234 5384 vToolbarUpdater14.0.0 - ok
10:09:01.0250 5384 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
10:09:01.0265 5384 W32Time - ok
10:09:01.0359 5384 [ B1F126E7E28877106D60E6FF3998D033 ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
10:09:01.0375 5384 w39n51 - ok
10:09:01.0406 5384 [ DB3C22745C0DA4666F3BE31F1AF36B2F ] W3SVC C:\WINDOWS\system32\inetsrv\inetinfo.exe
10:09:01.0406 5384 W3SVC - ok
10:09:01.0421 5384 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:09:01.0421 5384 Wanarp - ok
10:09:01.0468 5384 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
10:09:01.0468 5384 wanatw - ok
10:09:01.0546 5384 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:09:01.0546 5384 Wdf01000 - ok
10:09:01.0562 5384 WDICA - ok
10:09:01.0593 5384 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
10:09:01.0593 5384 wdmaud - ok
10:09:01.0625 5384 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
10:09:01.0625 5384 WebClient - ok
10:09:01.0734 5384 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
10:09:01.0734 5384 winmgmt - ok
10:09:01.0812 5384 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
10:09:01.0812 5384 WLSetupSvc - ok
10:09:01.0843 5384 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
10:09:01.0843 5384 WmdmPmSN - ok
10:09:01.0906 5384 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
10:09:01.0921 5384 Wmi - ok
10:09:01.0953 5384 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:09:01.0953 5384 WmiApSrv - ok
10:09:02.0000 5384 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
10:09:02.0000 5384 wscsvc - ok
10:09:02.0015 5384 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
10:09:02.0015 5384 wuauserv - ok
10:09:02.0078 5384 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:09:02.0078 5384 WudfPf - ok
10:09:02.0093 5384 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:09:02.0093 5384 WudfRd - ok
10:09:02.0109 5384 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
10:09:02.0125 5384 WudfSvc - ok
10:09:02.0187 5384 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
10:09:02.0187 5384 WZCSVC - ok
10:09:02.0218 5384 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
10:09:02.0218 5384 xmlprov - ok
10:09:02.0234 5384 ================ Scan global ===============================
10:09:02.0281 5384 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:09:02.0328 5384 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:09:02.0343 5384 [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
10:09:02.0359 5384 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:09:02.0375 5384 [Global] - ok
10:09:02.0375 5384 ================ Scan MBR ==================================
10:09:02.0390 5384 [ 09CE7397AF23D4C0B331B89D0297CC7E ] \Device\Harddisk0\DR0
10:09:03.0156 5384 \Device\Harddisk0\DR0 - ok
10:09:03.0156 5384 ================ Scan VBR ==================================
10:09:03.0203 5384 [ 3625FF83EEF41D66DC0966F3B983A4B5 ] \Device\Harddisk0\DR0\Partition1
10:09:03.0203 5384 \Device\Harddisk0\DR0\Partition1 - ok
10:09:03.0203 5384 ============================================================
10:09:03.0203 5384 Scan finished
10:09:03.0203 5384 ============================================================
10:09:03.0218 3352 Detected object count: 0
10:09:03.0218 3352 Actual detected object count: 0
10:09:20.0515 4812 Deinitialize success

All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Prefs.js: %7B9309FA47-1B48-4768-AFA4-9E0556F5DC81%7D:1.116 removed from extensions.enabledAddons
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{9309FA47-1B48-4768-AFA4-9E0556F5DC81} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9309FA47-1B48-4768-AFA4-9E0556F5DC81}\ not found.
File C:\Program Files\LyricsPal\116.xpi [2013/06/30 23:41:12 | 000,005,397 | ---- | M] not found.
File C:\PROGRAM FILES\LYRICSPAL\116.XPI not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Unable to delete ADS C:\Documents and Settings\Anthony\My Documents\WABLTE.EXE: SummaryInformation .
Unable to delete ADS C:\Documents and Settings\Anthony\My Documents\Treasury Of Health Secrets.mht: SummaryInformation .
ADS C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4 deleted successfully.
ADS C:\Documents and Settings\All Users\Application Data\TEMP:D1B5B4F1 deleted successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: All Users

User: Anthony
->Temp folder emptied: 3528566 bytes
->Temporary Internet Files folder emptied: 5669306 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 86160325 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 13732 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 0 bytes

User: Guest
->Temp folder emptied: 1987 bytes
->Temporary Internet Files folder emptied: 3070320 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 22248166 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 3942160 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 254899477 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 67057334 bytes

Total Files Cleaned = 426.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 08092013_133921

Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DF10BB.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DF2605.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DF4376.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DF53F2.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DF7952.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DF79AB.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DFB886.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~DFD0B3.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~WRD0003.doc not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~WRF0002.tmp not found!
File\Folder C:\Documents and Settings\Anthony\Local Settings\Temp\~WRS0001.tmp not found!
C:\WINDOWS\temp\Perflib_Perfdata_d14.dat moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

https://www.virustotal.com/en/file/23c6 ... 376071515/

Didn’t know there were so many antivirus programs. Looking good!
Thanks, let me know if there is anything else we need to do.
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am

Re: Hope this is simple!

Unread postby nunped » August 10th, 2013, 7:31 am

Hi ProblemBoy,

Sorry that I didn’t include the TDSS report in the last reply. Guess I misinterpreted the instructions

No problem :)

Run this one more scan, please:
ESET NOD32 Online Scan
Note: If using Mozilla Firefox you will need to download "esetsmartinstaller_enu.exe" when prompted... then right click on it and select "run as administrator" to install.
Please temporarily disable your Anti-virus real-time protection. If active, it could impact the online scan.
Do NOT use the computer while the scan is running... make sure all other programs and windows are closed!


Please go to ESET Online Scanner - © ESET All Rights Reserved... to run an online scan.
  • Click the [Run ESET Online Scanner] button.
  • Read the End User License Agreement and check the box: [Yes, I accept the terms of use].
  • Click the green [Start] button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
    If your browser blocks or halts a download, please allow it to download any required files.
  • Under scan settings:
    • Check "Scan archives"
    • Remove found threats is UNCHECKED
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the [Start] button.
    ESET will install itself, download virus signature database updates and begin scanning your computer.
    The scan will take a while so please be patient. Do NOT use the computer while the scan is running.
  • When the scan completes, press the text: Image
  • Press the text: Image ... then save the file to your desktop as ESETScan.txt.
  • Press the [Back] button, then press the [Finish] button.
  • Copy and paste the contents of ESETScan.txt in your next reply.
    Note: If no threats are found, there is no option to create a log. Just report back to me there was nothing found.

Remember to enable your Anti-virus protection before continuing!
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Hope this is simple!

Unread postby ProblemBoy » August 11th, 2013, 12:02 am

nunped,

"this will take a while"---3hrs 37min! Anyway, just when I thought that it was safe to go into the water, Huston we have a problem.

C:\Documents and Settings\Anthony\Application Data\GameCenter\uninstall.exe probably a variant of Win32/YourFileDownloader.A application
C:\Documents and Settings\Anthony\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab Win32/OpenCandy application
C:\Documents and Settings\Anthony\Local Settings\Application Data\Bundled software uninstaller\biclient.exe Win32/Somoto.A application
C:\Documents and Settings\Anthony\Local Settings\Application Data\GetBooks\GetBooks.exe a variant of Win32/GetBooks.A application
C:\Documents and Settings\Anthony\My Documents\Downloads\epson14063.exe a variant of Win32/Bundled.Toolbar.Ask.D application
C:\Documents and Settings\Anthony\My Documents\Downloads\The_Healing_Codes_pdf_downloader_2.exe probably a variant of Win32/YourFileDownloader.A application
C:\Documents and Settings\Anthony\My Documents\Downloads\VLCMediaPlayerSetup-aSpMjSp.exe Win32/Somoto.A application
C:\Program Files\GoforFiles\GFFUpdater.exe a variant of Win32/YourFileDownloader.B application
C:\Program Files\GoforFiles\GoforFiles.exe a variant of Win32/YourFileDownloader.B application
C:\Program Files\GoforFiles\uninstall.exe probably a variant of Win32/YourFileDownloader.A application
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP162\A0034697.exe a variant of Win32/Adware.AddLyrics.I application
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am

Re: Hope this is simple!

Unread postby nunped » August 11th, 2013, 11:34 am

Hi ProblemBoy :)

Good job. Some of them may be false positives.

Let's upload them to VirusTotal:
Online Multi Antivirus file scan
Please go to Virus Total and upload -only one file per scan- the following file(s) for scanning:
C:\Documents and Settings\Anthony\Application Data\GameCenter\uninstall.exe

C:\Documents and Settings\Anthony\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-us.cab

C:\Documents and Settings\Anthony\My Documents\Downloads\epson14063.exe

C:\Documents and Settings\Anthony\My Documents\Downloads\The_Healing_Codes_pdf_downloader_2.exe


  • Press the Browse button and navigate to -one- of the files in the list.
  • Double click the located file name. The file name should now appear in the online scanner's text entry box.
  • Click on Send File button.
  • The file will be queued, uploaded and scanned by various antivirus scanners. This may take a few minutes.
      If you receive the message: File has already been analysed:
      Please press the Reanalyse file now button, so your file will be scanned.
  • When all scans have completed the results page is displayed
  • Please highlight and copy the page web address link from your browser window.
    Example of web address :
    Image
  • Please repeat this procedure for each file listed above.
  • Paste the Web address link(s) for the scan results in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Hope this is simple!

Unread postby ProblemBoy » August 11th, 2013, 2:58 pm

Hi nunped,

Well in baseball batting 3 of 4 for a .750 average is darn good, but in your business 100% is probably what is expected. I never opened the Epson file. I downloaded it to update my printer but never got around to it. Want me to just delete it?



https://www.virustotal.com/en/file/385c ... 376244027/

https://www.virustotal.com/en/file/1a92 ... 376244418/

https://www.virustotal.com/en/file/385c ... 376244822/

C:\Documents and Settings\Anthony\My Documents\Downloads\epson14063.exe
could not be analyzed, the file is too large at 97.6MB.
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am

Re: Hope this is simple!

Unread postby nunped » August 11th, 2013, 3:20 pm

Hi Problemboy,

Well in baseball batting 3 of 4 for a .750 average is darn good, but in your business 100% is probably what is expected. I never opened the Epson file. I downloaded it to update my printer but never got around to it. Want me to just delete it?

That file and the other three are probably false positives. Let's delete the other ones.

OTL fix
  • Double click OTL.exe to launch the program.
  • Copy/Paste the contents of the code box below into the Custom Scans/Fixes box.
Code: Select all
:files
C:\Documents and Settings\Anthony\Local Settings\Application Data\Bundled software uninstaller\biclient.exe
C:\Documents and Settings\Anthony\Local Settings\Application Data\GetBooks\GetBooks.exe
C:\Program Files\GoforFiles\GFFUpdater.exe
C:\Program Files\GoforFiles\GoforFiles.exe
C:\Program Files\GoforFiles\uninstall.exe
C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP162\A0034697.exe

  • Click the Run Fix button.
  • OTL will now process the instructions.
  • When finished a box will open asking you to open the fix log, click OK.
  • The fix log will open.
  • Copy/Paste the log in your next reply please.

Note: If necessary, OTL may re-boot your computer, or request that you do so, if it does, re-boot your computer. A log will be produced upon re-boot.

Can you give an update on how your computer is behaving?
Still getting the detection by AVG?
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal

Re: Hope this is simple!

Unread postby ProblemBoy » August 11th, 2013, 7:32 pm

The computer is running better than ever!

AVG reported 5 infections on 8/3, and 8 on the 6,7 and 11. No infections on the other dates. Today’s report showed the following:

"";"Service function NtUserGetAsyncKeyState hook -> wowhd_kern_i386.sys DllUnload+0xBDE, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

"";"Service function NtUserGetKeyboardState hook -> wowhd_kern_i386.sys DllUnload+0xB0E, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

"";"Service function NtNotifyChangeKey hook -> wowhd_kern_i386.sys +0x15D0, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

"";"Service function NtSuspendProcess hook -> wowhd_kern_i386.sys +0x1300, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

"";"Service function NtSuspendThread hook -> wowhd_kern_i386.sys +0x13E0, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

"";"Service function NtTerminateProcess hook -> wowhd_kern_i386.sys +0x1120, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

"";"Service function NtTerminateThread hook -> wowhd_kern_i386.sys +0x1210, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

"";"Service function NtWriteVirtualMemory hook -> wowhd_kern_i386.sys +0x14D0, C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys";"Infected"

Where did they go? Does this mean that OTL couldn’t find them?

========== FILES ==========
File\Folder C:\Documents and Settings\Anthony\Local Settings\Application Data\Bundled software uninstaller\biclient.exe not found.
File\Folder C:\Documents and Settings\Anthony\Local Settings\Application Data\GetBooks\GetBooks.exe not found.
File\Folder C:\Program Files\GoforFiles\GFFUpdater.exe not found.
File\Folder C:\Program Files\GoforFiles\GoforFiles.exe not found.
File\Folder C:\Program Files\GoforFiles\uninstall.exe not found.
File\Folder C:\System Volume Information\_restore{4B1AEA69-B95E-4955-A6A6-502CD89CDA69}\RP162\A0034697.exe not found.

OTL by OldTimer - Version 3.2.69.0 log created on 08112013_192322
ProblemBoy
Regular Member
 
Posts: 76
Joined: October 1st, 2010, 11:22 am

Re: Hope this is simple!

Unread postby nunped » August 12th, 2013, 6:29 am

Hi Problemboy,

Let's test that file with VirusTotal also.
Please proceed with the same steps as you did above for:
C:\WINDOWS\system32\DRIVERS\wowhd_kern_i386.sys

Then....
One more scan:
  • Please download RogueKiller by Tigzy and save it to your desktop.
  • Allow the download if prompted by your security software and please close all your programs.
  • Double click on RogueKiller.exe to run it.
  • If it does not run, please try a few times.
  • Wait for PreScan to finish, then click on Scan.
  • Once completed, a log called RKreport[1].txt will be created on the desktop. It can also be accessed via the Report button.
  • Please copy and paste the contents of that log in your next reply.
User avatar
nunped
MRU Honors Grad Emeritus
 
Posts: 1210
Joined: August 17th, 2011, 5:03 pm
Location: Portugal
Advertisement
Register to Remove

Next

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 282 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware