rock2death

Members
  • Content count

    23
  • Joined

  • Last visited

About rock2death

  • Rank
    New Member
  1. Thank you very much for helping me solving this problem and for being patience with me , also for all the useful information that u cited, i learned a lot. Thanks, you may now close this thread. God bless.
  2. ESETSmartInstaller@High as CAB hook log: OnlineScanner64.ocx - registred OK OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330) # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial= # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2012-05-01 07:16:43 # local_time=2012-04-30 11:16:43 (-0800, Pacific Standard Time) # country="United States" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=512 16777215 100 0 633343 633343 0 0 # compatibility_mode=770 16774141 100 97 0 111639647 0 0 # compatibility_mode=5893 16776574 100 94 192180 87394825 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=196360 # found=6 # cleaned=5 # scan_time=5248 C:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll.vir Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll.vir Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe.vir Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll.vir Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll.vir Win32/Toolbar.SearchSuite application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C a variant of Win32/Packed.VMProtect.AAA trojan 00000000000000000000000000000000 I looks like there's still searchqu malware after all that we did. how come my AVAST AV never detect this, i ran full scan of my AVAST before i use ESET and AVAST didnt detect this but ESET did. i have a question why you recommended me to use only IE when scanning this online scanner?
  3. Oh really, so do u think my computer is clean now? my computer now works fine no more having issue of freezing.
  4. I apologize for installing prevx and pctools without your guidance, i already un-installed them. Yes im always disabling my AV before using OTL Below is the log of OTL All processes killed ========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}\ not found. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully! ========== FILES ========== C:\Users\Janiero\AppData\Roaming\uTorrent\ie folder moved successfully. C:\Users\Janiero\AppData\Roaming\uTorrent\dlimagecache folder moved successfully. C:\Users\Janiero\AppData\Roaming\uTorrent\Cache folder moved successfully. C:\Users\Janiero\AppData\Roaming\uTorrent\apps folder moved successfully. C:\Users\Janiero\AppData\Roaming\uTorrent folder moved successfully. c:\Users\Guest\AppData\LocalLow\searchquband folder moved successfully. c:\Users\Guest\AppData\LocalLow\searchqutoolbar folder moved successfully. c:\Users\Janiero\AppData\LocalLow\searchquband folder moved successfully. c:\Users\Janiero\AppData\LocalLow\searchqutoolbar\weather folder moved successfully. c:\Users\Janiero\AppData\LocalLow\searchqutoolbar folder moved successfully. File\Folder c:\Users\Janiero\AppData\LocalLow\searchqutoolbar\weather not found. c:\Users\Guest\AppData\LocalLow\DataMngr folder moved successfully. c:\Users\Janiero\AppData\LocalLow\DataMngr folder moved successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: a ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: a.JANEIRO-VAIO ->Temp folder emptied: 32878 bytes ->Temporary Internet Files folder emptied: 57830 bytes ->Flash cache emptied: 0 bytes User: Administrator ->Temp folder emptied: 79 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: All Users User: boinc_master ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Janiero ->Temp folder emptied: 604953 bytes ->Temporary Internet Files folder emptied: 6700093 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 3406 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4855488 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 32953850 bytes Total Files Cleaned = 43.00 mb Restore point Set: OTL Restore Point [EMPTYFLASH] User: a ->Flash cache emptied: 0 bytes User: a.JANEIRO-VAIO ->Flash cache emptied: 0 bytes User: Administrator User: All Users User: boinc_master User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest ->Flash cache emptied: 0 bytes User: Janiero ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.42.0 log created on 04292012_150843 Files\Folders moved on Reboot... C:\Users\Janiero\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. Registry entries deleted on Reboot... ________ I did all what you said. After re-installing MBAM i restart my computer and i noticed that it does not appear on system tray anymore, i went to System Configuration and i found that Malwarebytes is uncheck, i ticked it then reboot, after restart it still doesnt appear on system tray and after a few seconds i have prompted again by Error 2. I went to System Configuration to uncheck it then restart. Status: No more freezing/hanging happens. Im saying that because the problem only occur when 3 tabs were open.
  5. No Bandoo or iLivid toolbar found both GC and IE. No Extras.txt appear after running OTL. jjOTL logfile created on: 4/27/2012 9:07:23 AM - Run 3 OTL by OldTimer - Version 3.2.42.0 Folder = C:\Users\Janiero\Desktop\desktop\New folder (2) 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 3.75 Gb Total Physical Memory | 2.54 Gb Available Physical Memory | 67.70% Memory free 9.60 Gb Paging File | 8.26 Gb Available in Paging File | 86.05% Paging File free Paging file location(s): c:\pagefile.sys 6000 6000 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 249.66 Gb Total Space | 160.36 Gb Free Space | 64.23% Space Free | Partition Type: NTFS Drive D: | 206.44 Gb Total Space | 162.02 Gb Free Space | 78.48% Space Free | Partition Type: NTFS Computer Name: JANEIRO-VAIO | User Name: Janiero | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012/04/25 12:01:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Janiero\Desktop\desktop\New folder (2)\OTL.exe PRC - [2011/11/29 22:14:32 | 000,653,128 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Stardock\CursorFX\CursorFx.exe PRC - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe PRC - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe PRC - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe PRC - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe PRC - [2010/05/14 14:29:50 | 000,217,968 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe PRC - [2010/05/06 12:59:42 | 002,815,192 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe PRC - [2010/05/06 12:59:38 | 000,040,384 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe PRC - [2010/03/02 16:22:44 | 000,120,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe PRC - [2010/02/19 19:19:26 | 000,386,416 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe PRC - [2010/02/19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe ========== Modules (No Company Name) ========== MOD - [2008/02/01 10:46:20 | 000,059,904 | ---- | M] () -- C:\Program Files (x86)\Stardock\CursorFX\zlib1.dll MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll ========== Win32 Services (SafeList) ========== SRV:64bit: - [2012/04/18 00:25:57 | 006,746,280 | ---- | M] (Prevx) [Disabled | Stopped] -- C:\Program Files\Prevx\prevx.exe -- (CSIScanner) SRV:64bit: - [2012/01/13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent) SRV:64bit: - [2011/08/11 15:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE) SRV:64bit: - [2011/02/14 13:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService) SRV:64bit: - [2011/01/29 05:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector) SRV:64bit: - [2011/01/20 12:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService) SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2010/09/15 17:05:13 | 000,202,752 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2010/05/06 12:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner) SRV:64bit: - [2010/05/06 12:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [On_Demand | Stopped] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner) SRV:64bit: - [2010/05/06 12:59:38 | 000,040,384 | ---- | M] (ALWIL Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus) SRV:64bit: - [2010/03/25 14:10:10 | 000,574,320 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management) SRV:64bit: - [2010/02/19 19:19:28 | 000,115,568 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper) SRV:64bit: - [2010/02/19 19:19:26 | 000,386,416 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr) SRV:64bit: - [2010/02/19 19:19:24 | 000,529,776 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr) SRV:64bit: - [2009/09/04 13:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins) SRV:64bit: - [2009/07/13 17:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/03/20 13:49:22 | 001,118,648 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService) SRV - [2012/03/20 12:20:52 | 000,571,320 | ---- | M] (Threat Expert Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service) SRV - [2012/03/20 11:11:50 | 000,402,336 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService) SRV - [2012/02/09 19:40:16 | 000,053,248 | ---- | M] (Digital Delivery Networks, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe -- (Oasis2Service) SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011/10/01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa) SRV - [2011/10/01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist) SRV - [2011/08/10 12:52:54 | 000,138,760 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe -- (NSL) SRV - [2011/01/20 12:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw) SRV - [2010/10/12 15:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms) SRV - [2010/09/27 15:13:26 | 000,074,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service) SRV - [2010/09/10 08:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp) SRV - [2010/09/10 08:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs) SRV - [2010/05/14 14:29:50 | 000,217,968 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0) SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/04 16:13:28 | 000,337,144 | ---- | M] (Stardock Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Stardock\Object Desktop\WindowBlinds\VistaSrv.exe -- (WindowBlinds) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012/04/18 00:25:57 | 000,065,736 | ---- | M] (Prevx) [File_System | System | Running] -- C:\Windows\SysNative\drivers\pxrts.sys -- (pxrts) DRV:64bit: - [2012/04/18 00:25:57 | 000,036,384 | ---- | M] (Prevx) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pxscan.sys -- (pxscan) DRV:64bit: - [2012/04/18 00:25:57 | 000,024,024 | ---- | M] (Prevx) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pxkbf.sys -- (pxkbf) DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:64bit: - [2012/03/20 13:50:18 | 000,251,528 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD) DRV:64bit: - [2012/03/20 12:21:14 | 000,085,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD) DRV:64bit: - [2012/03/16 12:15:42 | 000,426,104 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore) DRV:64bit: - [2012/03/14 18:23:00 | 000,147,248 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp) DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012/02/28 11:43:18 | 001,096,176 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA) DRV:64bit: - [2012/02/28 11:43:12 | 000,453,896 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS) DRV:64bit: - [2011/10/01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol) DRV:64bit: - [2011/10/01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay) DRV:64bit: - [2011/10/01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir) DRV:64bit: - [2011/10/01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs) DRV:64bit: - [2011/09/21 10:25:54 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135) DRV:64bit: - [2011/08/17 09:58:26 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2011/08/17 09:58:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2011/08/17 09:58:20 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2011/08/17 09:58:16 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2011/08/08 15:38:05 | 000,167,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys -- (ccSet_NST) DRV:64bit: - [2011/07/22 08:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV:64bit: - [2011/07/12 13:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) DRV:64bit: - [2011/04/25 02:08:42 | 000,345,968 | ---- | M] (Yi Ruan Technology Corp.Ltd.,Beijing) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthbus.sys -- (BTHBUS) DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011/02/18 15:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2010/11/20 05:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010/11/20 03:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010/11/20 02:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV:64bit: - [2010/09/15 17:05:23 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO) DRV:64bit: - [2010/09/15 17:05:15 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2010/09/15 17:05:14 | 006,403,072 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag) DRV:64bit: - [2010/08/25 20:11:04 | 000,306,296 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService) DRV:64bit: - [2010/07/22 17:13:28 | 000,054,848 | ---- | M] (FSPro Labs) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\FSPFltd.sys -- (FSProFilter) DRV:64bit: - [2010/06/30 19:10:30 | 000,073,856 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata) DRV:64bit: - [2010/06/30 19:10:30 | 000,028,800 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata) DRV:64bit: - [2010/05/06 12:41:23 | 000,424,016 | ---- | M] (ALWIL Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx) DRV:64bit: - [2010/05/06 12:39:27 | 000,051,280 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi) DRV:64bit: - [2010/05/06 12:39:06 | 000,121,936 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP) DRV:64bit: - [2010/05/06 12:34:30 | 000,028,752 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr) DRV:64bit: - [2010/05/06 12:34:14 | 000,063,568 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt) DRV:64bit: - [2010/05/06 12:33:50 | 000,022,096 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk) DRV:64bit: - [2010/04/06 20:08:44 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2010/03/22 03:21:21 | 000,242,720 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010/03/09 00:59:23 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP) DRV:64bit: - [2010/03/08 23:56:08 | 000,231,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService) DRV:64bit: - [2010/03/08 22:09:24 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt) DRV:64bit: - [2010/03/08 22:09:24 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio) DRV:64bit: - [2010/03/08 22:09:24 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid) DRV:64bit: - [2010/03/08 22:09:11 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap) DRV:64bit: - [2010/03/08 19:23:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009/12/22 02:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009/07/09 02:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64) DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009/05/18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2008/07/10 18:20:40 | 000,040,448 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthav.sys -- (bthav) DRV - [2012/04/01 18:54:17 | 000,021,712 | ---- | M] (Phoenix Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS -- (DrvAgent64) DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=431&sr=0&q={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=431&sr=0&q={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.ph/ IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) IE - HKCU\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2431} IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com.ph/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7RNRN_en IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2431}: "URL" = http://dts.search-results.com/sr?src=ieb&appid=0&systemid=431&sr=0&q={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Janiero\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Janiero\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Janiero\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/04/13 10:54:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{203FB6B2-2E1E-4474-863B-4C483ECCE78E}: C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2.0.0.16\coFFNST\ [2012/04/27 08:59:01 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2012/04/19 16:18:25 | 000,000,000 | ---D | M] O1 HOSTS File: ([2012/04/26 13:19:52 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (QuickNet BHO) - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - C:\Program Files (x86)\RegTweaker\key.dll (QuickNet) O2 - BHO: (Norton Safe Web Lite BHO) - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (Norton Safe Web Lite) - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\CoIEPlg.dll (Symantec Corporation) O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [uSB Antivirus] C:\Program Files (x86)\USB Disk Security\USBGuard.exe (Zbshareware Lab) O4 - HKCU..\Run: [CursorFX] C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe (Stardock Corporation) O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe () O4 - HKCU..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm () O8:64bit: - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm () O8:64bit: - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm () O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm () O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm () O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm () O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93C772D7-6128-42F0-85A8-C827220291B6}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\WB: DllName - (C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.) MsConfig:64bit - StartUpFolder: C:^Users^Janiero^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE - (Microsoft Corporation) MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Apoint - hkey= - key= - C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.) MsConfig:64bit - StartUpReg: DATAMNGR - hkey= - key= - File not found MsConfig:64bit - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Janiero\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\Janiero\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) MsConfig:64bit - StartUpReg: ISTray - hkey= - key= - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe (PC Tools) MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) MsConfig:64bit - StartUpReg: mylbx - hkey= - key= - C:\Program Files\My Lockbox\mylbx.exe (FSPro Labs) MsConfig:64bit - StartUpReg: PMBVolumeWatcher - hkey= - key= - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.) MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) MsConfig:64bit - StartUpReg: SmartWiHelper - hkey= - key= - C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation) MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.) MsConfig:64bit - State: "startup" - Reg Error: Key error. MsConfig:64bit - State: "services" - Reg Error: Key error. SafeBootMin:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com) SafeBootMin:64bit: Base - Driver Group SafeBootMin:64bit: Boot Bus Extender - Driver Group SafeBootMin:64bit: Boot file system - Driver Group SafeBootMin:64bit: File system - Driver Group SafeBootMin:64bit: Filter - Driver Group SafeBootMin:64bit: HelpSvc - Service SafeBootMin:64bit: PCI Configuration - Driver Group SafeBootMin:64bit: PNP Filter - Driver Group SafeBootMin:64bit: Primary disk - Driver Group SafeBootMin:64bit: sacsvr - Service SafeBootMin:64bit: SCSI Class - Driver Group SafeBootMin:64bit: System Bus Extender - Driver Group SafeBootMin:64bit: vmms - Service SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet:64bit: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com) SafeBootNet:64bit: Base - Driver Group SafeBootNet:64bit: Boot Bus Extender - Driver Group SafeBootNet:64bit: Boot file system - Driver Group SafeBootNet:64bit: File system - Driver Group SafeBootNet:64bit: Filter - Driver Group SafeBootNet:64bit: HelpSvc - Service SafeBootNet:64bit: Messenger - Service SafeBootNet:64bit: NDIS Wrapper - Driver Group SafeBootNet:64bit: NetBIOSGroup - Driver Group SafeBootNet:64bit: NetDDEGroup - Driver Group SafeBootNet:64bit: Network - Driver Group SafeBootNet:64bit: NetworkProvider - Driver Group SafeBootNet:64bit: PCI Configuration - Driver Group SafeBootNet:64bit: PNP Filter - Driver Group SafeBootNet:64bit: PNP_TDI - Driver Group SafeBootNet:64bit: Primary disk - Driver Group SafeBootNet:64bit: rdsessmgr - Service SafeBootNet:64bit: sacsvr - Service SafeBootNet:64bit: SCSI Class - Driver Group SafeBootNet:64bit: Streams Drivers - Driver Group SafeBootNet:64bit: System Bus Extender - Driver Group SafeBootNet:64bit: TDI - Driver Group SafeBootNet:64bit: vmms - Service SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SafeBootNet:64bit: WudfUsbccidDriver - Driver SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootNet: Base - Driver Group SafeBootNet: Boot Bus Extender - Driver Group SafeBootNet: Boot file system - Driver Group SafeBootNet: File system - Driver Group SafeBootNet: Filter - Driver Group SafeBootNet: HelpSvc - Service SafeBootNet: Messenger - Service SafeBootNet: NDIS Wrapper - Driver Group SafeBootNet: NetBIOSGroup - Driver Group SafeBootNet: NetDDEGroup - Driver Group SafeBootNet: Network - Driver Group SafeBootNet: NetworkProvider - Driver Group SafeBootNet: PCI Configuration - Driver Group SafeBootNet: PNP Filter - Driver Group SafeBootNet: PNP_TDI - Driver Group SafeBootNet: Primary disk - Driver Group SafeBootNet: rdsessmgr - Service SafeBootNet: sacsvr - Service SafeBootNet: SCSI Class - Driver Group SafeBootNet: Streams Drivers - Driver Group SafeBootNet: System Bus Extender - Driver Group SafeBootNet: TDI - Driver Group SafeBootNet: vmms - Service SafeBootNet: WudfUsbccidDriver - Driver SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.) CLEARALLRESTOREPOINTS Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012/04/26 13:23:44 | 000,000,000 | ---D | C] -- C:\Windows\temp [2012/04/26 13:06:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012/04/26 13:06:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012/04/26 13:06:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012/04/26 13:06:15 | 000,000,000 | ---D | C] -- C:\Qoobox [2012/04/26 12:39:33 | 004,476,419 | R--- | C] (Swearware) -- C:\Users\Janiero\Desktop\ComboFix.exe [2012/04/26 10:51:35 | 004,586,776 | ---- | C] (Check Point Software Technologies LTD) -- C:\Users\Janiero\Desktop\zaSetupWeb_101_101_000_en.exe [2012/04/26 10:37:46 | 000,201,728 | ---- | C] (OldTimer Tools) -- C:\Users\Janiero\Desktop\OTC.exe [2012/04/25 12:27:02 | 000,000,000 | ---D | C] -- C:\_OTL [2012/04/22 19:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Pro Antivirus [2012/04/22 19:45:11 | 000,022,096 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012/04/22 19:45:08 | 000,121,936 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012/04/22 19:45:04 | 000,424,016 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012/04/22 19:45:02 | 000,028,752 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswRdr.sys [2012/04/22 19:44:59 | 000,051,280 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012/04/22 19:44:55 | 000,063,568 | ---- | C] (ALWIL Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012/04/22 18:29:49 | 000,000,000 | ---D | C] -- C:\Users\Janiero\Desktop\desktop [2012/04/22 13:53:34 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro [2012/04/22 13:53:34 | 000,000,000 | ---D | C] -- C:\rsit [2012/04/22 13:50:49 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT [2012/04/22 13:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT [2012/04/22 13:48:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT [2012/04/21 12:38:28 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\Malwarebytes [2012/04/21 12:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/04/21 12:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012/04/21 12:38:21 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/04/21 12:38:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/04/19 17:04:55 | 000,165,032 | ---- | C] (ALWIL Software) -- C:\Windows\SysWow64\aswBoot.exe [2012/04/19 16:18:22 | 000,085,192 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTBD64.sys [2012/04/19 16:18:21 | 002,271,160 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll [2012/04/19 16:18:21 | 000,149,432 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll [2012/04/19 16:18:20 | 001,681,336 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll [2012/04/19 16:17:36 | 000,339,608 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys [2012/04/19 16:17:36 | 000,145,432 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys [2012/04/19 16:17:29 | 000,014,776 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctBTFix64.sys [2012/04/19 16:17:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security [2012/04/19 16:17:24 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys [2012/04/19 16:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools [2012/04/19 15:26:36 | 001,096,176 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys [2012/04/19 15:26:36 | 000,453,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys [2012/04/19 15:26:35 | 000,426,104 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys [2012/04/19 15:26:33 | 000,251,528 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys [2012/04/19 15:26:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2012/04/19 15:24:19 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2012/04/19 15:24:18 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\TestApp [2012/04/19 13:07:07 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\SUPERAntiSpyware.com [2012/04/19 13:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2012/04/19 13:06:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2012/04/19 13:06:41 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware [2012/04/18 16:10:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegTweaker [2012/04/18 16:10:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegTweaker [2012/04/18 13:06:25 | 015,353,039 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Janiero\Documents\superantispyware.exe [2012/04/18 00:25:58 | 000,062,976 | ---- | C] (Prevx) -- C:\Windows\SysWow64\PxSecure.dll [2012/04/18 00:25:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prevx 3.0 [2012/04/18 00:25:57 | 000,065,736 | ---- | C] (Prevx) -- C:\Windows\SysNative\drivers\pxrts.sys [2012/04/18 00:25:57 | 000,036,384 | ---- | C] (Prevx) -- C:\Windows\SysNative\drivers\pxscan.sys [2012/04/18 00:25:57 | 000,024,024 | ---- | C] (Prevx) -- C:\Windows\SysNative\drivers\pxkbf.sys [2012/04/18 00:25:57 | 000,000,000 | ---D | C] -- C:\Program Files\Prevx [2012/04/18 00:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PrevxCSI [2012/04/17 14:32:15 | 000,167,048 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.sys [2012/04/17 14:32:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64 [2012/04/17 14:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Safe Web Lite [2012/04/17 14:32:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSTx64\0200000.010 [2012/04/17 14:32:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller [2012/04/15 12:01:00 | 000,000,000 | ---D | C] -- C:\Rbackup [2012/04/15 06:25:54 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012/04/15 06:25:54 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012/04/15 06:25:50 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012/04/15 06:25:50 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012/04/15 06:25:50 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012/04/15 06:25:50 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012/04/15 06:25:49 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012/04/15 06:25:49 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012/04/15 06:25:48 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012/04/15 06:25:47 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012/04/15 06:25:47 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012/04/14 21:49:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Installer Clean Up [2012/04/14 21:48:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECACHE [2012/04/13 22:40:34 | 000,000,000 | ---D | C] -- C:\Users\Janiero\Documents\New folder [2012/04/13 20:49:45 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2012/04/13 15:11:24 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\Rainmeter [2012/04/13 15:11:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter [2012/04/13 15:11:17 | 000,000,000 | ---D | C] -- C:\Program Files\Rainmeter [2012/04/13 12:23:42 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Lockbox [2012/04/13 12:23:41 | 000,000,000 | ---D | C] -- C:\Program Files\My Lockbox [2012/04/13 12:03:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller [2012/04/13 11:29:44 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\Mozilla [2012/04/13 02:34:29 | 000,000,000 | ---D | C] -- C:\Program Files\Perfect Uninstaller [2012/04/13 00:08:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock [2012/04/13 00:07:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118} [2012/04/12 23:49:53 | 000,142,648 | ---- | C] (FSPro Labs) -- C:\Windows\SysWow64\fsproflt.exe [2012/04/12 23:49:53 | 000,054,848 | ---- | C] (FSPro Labs) -- C:\Windows\SysNative\drivers\FSPFltd.sys [2012/04/12 21:04:23 | 000,000,000 | ---D | C] -- C:\Users\Janiero\Documents\eeca [2012/04/12 17:07:03 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Local\PackageAware [2012/04/12 15:37:20 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Local\Stardock [2012/04/12 14:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock [2012/04/12 14:43:23 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Stardock [2012/04/12 14:43:18 | 000,042,672 | ---- | C] (Stardock.Net, Inc) -- C:\Windows\SysWow64\wbsys.dll [2012/04/12 14:43:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Stardock [2012/04/12 03:26:42 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/04/12 03:26:40 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/04/12 03:26:39 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2012/04/12 03:00:53 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll [2012/04/12 03:00:53 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys [2012/04/12 03:00:49 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll [2012/04/10 07:43:58 | 000,000,000 | ---D | C] -- C:\Users\Janiero\Documents\UniversalThemePatcher_20090409 [2012/04/10 07:27:59 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer_edit_w7sbc.exe [2012/04/10 07:27:59 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer_backup_w7sbc.exe [2012/04/10 07:27:59 | 002,388,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2012/04/10 07:27:59 | 000,000,000 | ---D | C] -- C:\Windows\W7SBC [2012/04/10 04:38:00 | 002,871,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.backup.exe [2012/04/10 04:38:00 | 000,000,000 | ---D | C] -- C:\Windows\W7SOC [2012/04/10 04:24:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock [2012/04/10 03:23:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock [2012/04/10 03:08:32 | 000,000,000 | ---D | C] -- C:\Users\Janiero\Documents\Rainmeter [2012/04/09 16:47:52 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Roaming\Nero [2012/04/09 15:31:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [2012/04/09 15:29:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nero [2012/04/09 15:29:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero [2012/04/09 15:29:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Nero [2012/04/03 18:21:44 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Local\Apps [2012/04/01 19:11:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIW [2012/04/01 19:11:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIW [2012/04/01 18:54:17 | 000,021,712 | ---- | C] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS [2012/04/01 18:54:17 | 000,000,000 | ---D | C] -- C:\Users\Janiero\AppData\Local\eSupport.com [2012/03/29 18:41:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2012/03/28 17:58:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant [2012/03/28 17:58:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR [1 C:\Users\Janiero\AppData\Local\*.tmp files -> C:\Users\Janiero\AppData\Local\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012/04/27 09:06:22 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/04/27 09:06:22 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/04/27 08:59:06 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012/04/27 08:58:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/04/27 08:58:40 | 3015,884,800 | -HS- | M] () -- C:\hiberfil.sys [2012/04/27 00:23:01 | 000,000,900 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012/04/27 00:19:01 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job [2012/04/26 23:20:01 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job [2012/04/26 23:20:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job [2012/04/26 20:18:00 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job [2012/04/26 14:19:57 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk [2012/04/26 14:17:13 | 004,084,576 | ---- | M] ( ) -- C:\Users\Janiero\Desktop\hwmonitor_1.19-setup.exe [2012/04/26 13:19:52 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2012/04/26 12:52:42 | 004,476,419 | R--- | M] (Swearware) -- C:\Users\Janiero\Desktop\ComboFix.exe [2012/04/26 10:53:25 | 004,586,776 | ---- | M] (Check Point Software Technologies LTD) -- C:\Users\Janiero\Desktop\zaSetupWeb_101_101_000_en.exe [2012/04/26 10:37:43 | 000,201,728 | ---- | M] (OldTimer Tools) -- C:\Users\Janiero\Desktop\OTC.exe [2012/04/25 23:55:59 | 000,011,613 | ---- | M] () -- C:\Users\Janiero\Documents\bookmarks_4_25_12.html [2012/04/24 12:58:52 | 000,744,730 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/04/24 12:58:52 | 000,637,496 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/04/24 12:58:52 | 000,111,354 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/04/22 19:44:55 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012/04/19 15:27:10 | 001,985,773 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB [2012/04/18 17:42:55 | 000,002,048 | ---- | M] () -- C:\Uninstall.dat [2012/04/18 00:25:58 | 000,062,976 | ---- | M] (Prevx) -- C:\Windows\SysWow64\PxSecure.dll [2012/04/18 00:25:57 | 000,065,736 | ---- | M] (Prevx) -- C:\Windows\SysNative\drivers\pxrts.sys [2012/04/18 00:25:57 | 000,036,384 | ---- | M] (Prevx) -- C:\Windows\SysNative\drivers\pxscan.sys [2012/04/18 00:25:57 | 000,024,024 | ---- | M] (Prevx) -- C:\Windows\SysNative\drivers\pxkbf.sys [2012/04/14 21:03:25 | 004,998,712 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/04/14 13:38:15 | 015,353,039 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Janiero\Documents\superantispyware.exe [2012/04/13 19:05:48 | 000,001,267 | ---- | M] () -- C:\Users\Janiero\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [2012/04/13 18:54:54 | 000,039,090 | ---- | M] () -- C:\Users\Janiero\Documents\bookmarks_4_13_12.html [2012/04/13 15:11:19 | 000,001,725 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012/04/13 12:03:09 | 000,000,042 | ---- | M] () -- C:\Windows\SysWow64\AK083E209605E394C.lie [2012/04/12 01:33:03 | 012,747,622 | ---- | M] () -- C:\Users\Janiero\Documents\Backup-2012.04.12-01.32.rmskin [2012/04/09 17:22:36 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml [2012/04/09 17:22:36 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml [2012/04/09 15:31:14 | 000,002,696 | ---- | M] () -- C:\Users\Janiero\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk [2012/04/07 14:31:35 | 000,519,262 | ---- | M] () -- C:\test.xml [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/04/01 18:54:17 | 000,021,712 | ---- | M] (Phoenix Technologies) -- C:\Windows\SysWow64\drivers\DrvAgent64.SYS [1 C:\Users\Janiero\AppData\Local\*.tmp files -> C:\Users\Janiero\AppData\Local\*.tmp -> ] ========== Files Created - No Company Name ========== [2012/04/26 14:19:57 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\CPUID HWMonitor.lnk [2012/04/26 14:14:29 | 004,084,576 | ---- | C] ( ) -- C:\Users\Janiero\Desktop\hwmonitor_1.19-setup.exe [2012/04/26 13:06:28 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012/04/26 13:06:28 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012/04/26 13:06:28 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012/04/26 13:06:28 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012/04/26 13:06:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012/04/25 23:55:54 | 000,011,613 | ---- | C] () -- C:\Users\Janiero\Documents\bookmarks_4_25_12.html [2012/04/22 18:57:33 | 000,001,725 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2012/04/19 16:18:21 | 000,767,928 | ---- | C] () -- C:\Windows\BDTSupport.dll [2012/04/19 16:18:21 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip [2012/04/19 16:18:21 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml [2012/04/19 16:18:21 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml [2012/04/19 16:18:21 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip [2012/04/19 15:26:38 | 001,985,773 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB [2012/04/17 14:32:13 | 000,007,510 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.cat [2012/04/17 14:32:13 | 000,000,854 | R--- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\ccSetx64.inf [2012/04/17 14:32:13 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSTx64\0200000.010\isolate.ini [2012/04/15 16:47:19 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012/04/14 21:49:44 | 000,002,863 | ---- | C] () -- C:\Users\Janiero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk [2012/04/14 21:01:40 | 004,998,712 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/04/14 17:39:40 | 000,002,048 | ---- | C] () -- C:\Uninstall.dat [2012/04/13 20:14:00 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job [2012/04/13 20:13:59 | 000,001,038 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job [2012/04/13 19:05:48 | 000,001,430 | ---- | C] () -- C:\Users\Janiero\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012/04/13 18:54:48 | 000,039,090 | ---- | C] () -- C:\Users\Janiero\Documents\bookmarks_4_13_12.html [2012/04/13 12:03:09 | 000,000,042 | ---- | C] () -- C:\Windows\SysWow64\AK083E209605E394C.lie [2012/04/12 14:43:24 | 000,053,904 | ---- | C] () -- C:\Windows\SysNative\wbload.dll [2012/04/12 14:43:20 | 000,057,904 | ---- | C] () -- C:\Windows\SysWow64\wbload.dll [2012/04/12 01:32:51 | 012,747,622 | ---- | C] () -- C:\Users\Janiero\Documents\Backup-2012.04.12-01.32.rmskin [2012/04/11 14:50:55 | 000,001,172 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk [2012/04/09 15:31:14 | 000,002,696 | ---- | C] () -- C:\Users\Janiero\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart Essentials.lnk [2012/04/09 15:12:49 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml [2012/04/09 15:12:49 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml [2012/03/29 20:08:14 | 000,001,204 | ---- | C] () -- C:\Windows\SysNative\drivers\hosts [2012/03/29 18:46:23 | 000,001,093 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1 (64 Bit).lnk [2012/03/29 18:45:06 | 000,001,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.1.lnk [2012/03/29 18:41:24 | 000,001,149 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.1.lnk [2012/03/29 18:40:41 | 000,001,242 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.5.lnk [2012/03/29 18:38:28 | 000,001,343 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.5.lnk [2012/03/29 18:38:11 | 000,001,515 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.5.lnk [2012/03/29 18:37:18 | 000,000,957 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk [2012/03/28 17:58:36 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk [2012/03/24 15:45:27 | 000,109,216 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll [2012/03/24 15:45:27 | 000,084,480 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll [2012/02/21 11:21:54 | 000,013,312 | ---- | C] () -- C:\Users\Janiero\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011/12/03 19:41:40 | 000,000,000 | ---- | C] () -- C:\Users\Janiero\AppData\Local\{35BE5A7A-4030-4EB4-BEE4-EB47322E6B8F} [2011/10/26 10:15:33 | 000,000,000 | ---- | C] () -- C:\Users\Janiero\AppData\Local\{7CCBCA4C-6C82-4872-8D48-1EED76E5B9E7} [2011/07/28 05:13:44 | 000,000,000 | ---- | C] () -- C:\Users\Janiero\AppData\Local\{4BC76792-657F-4CEA-9292-2AA932F2F9B4} [2011/05/26 20:22:35 | 000,051,270 | ---- | C] () -- C:\Users\Janiero\AppData\Roaming\room_v3.dat [2011/04/20 23:36:32 | 000,000,600 | ---- | C] () -- C:\Users\Janiero\AppData\Roaming\winscp.rnd [2011/04/17 12:19:29 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011/04/05 18:23:33 | 000,046,742 | ---- | C] () -- C:\Users\Janiero\AppData\Roaming\room.dat [2011/04/04 16:11:54 | 000,007,667 | ---- | C] () -- C:\Users\Janiero\AppData\Local\resmon.resmoncfg [2011/03/05 20:13:35 | 000,744,030 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2010/12/02 18:26:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010/09/15 16:43:17 | 000,001,105 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat ========== Custom Scans ========== < %ALLUSERSPROFILE%\Application Data\*. > < %ALLUSERSPROFILE%\Application Data\*.exe /s > < %APPDATA%\*. > [2012/04/11 00:22:12 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Adobe [2012/03/25 09:30:05 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Any Video Converter [2011/03/16 16:41:12 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Apple Computer [2011/03/03 22:50:03 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\ArcSoft [2011/04/08 17:27:47 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\ATI [2011/05/04 19:57:06 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Auslogics [2011/04/24 15:33:58 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Auto-Joiner [2011/11/21 16:39:12 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Canneverbe Limited [2012/04/13 11:46:51 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Chikka Messenger [2012/03/27 04:10:05 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant [2011/04/17 12:23:34 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\DiskAid [2011/03/05 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\dvdcss [2012/03/06 20:01:29 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\GarenaPlus [2011/04/08 20:15:58 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\GetRightToGo [2011/03/15 02:25:20 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Google [2011/03/03 21:56:47 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Identities [2011/04/19 17:49:11 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\iPodtoComputer [2011/03/03 22:17:58 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Macromedia [2012/04/21 12:38:28 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Malwarebytes [2012/03/27 04:57:35 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\MAXON [2009/07/13 23:44:38 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Media Center Programs [2012/04/14 21:49:44 | 000,000,000 | --SD | M] -- C:\Users\Janiero\AppData\Roaming\Microsoft [2012/04/13 11:29:44 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Mozilla [2012/04/09 16:53:24 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Nero [2012/04/13 15:11:24 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Rainmeter [2012/01/31 19:43:34 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Real [2012/03/04 01:16:30 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Skype [2012/03/04 00:28:06 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\skypePM [2012/04/13 10:53:53 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\SoftGrid Client [2011/04/30 12:08:57 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\Sony Corporation [2012/04/19 13:07:07 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\SUPERAntiSpyware.com [2012/04/19 15:24:18 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\TestApp [2011/03/05 20:15:29 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\TP [2012/04/13 11:17:21 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\uTorrent [2012/04/10 04:10:56 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\vlc [2011/03/17 18:13:43 | 000,000,000 | ---D | M] -- C:\Users\Janiero\AppData\Roaming\WinRAR < %APPDATA%\*.exe /s > [2012/04/14 21:49:44 | 000,003,584 | R--- | M] () -- C:\Users\Janiero\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe [2011/11/23 17:48:43 | 000,315,512 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janiero\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\rnupgagent.exe [2011/11/23 21:02:58 | 026,925,504 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janiero\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_data\RealPlayer.exe [2011/11/23 20:49:23 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Janiero\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.01\stub_exe\RealPlayer.exe < %SYSTEMDRIVE%\*.exe > < c:|Fun4IM;true;true;true; /FP > < c:|Bandoo;true;true;true; /FP > < c:|Searchq;true;true;true; /FP > [2012/04/26 13:19:03 | 000,000,000 | ---D | M] -- c:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar [2012/04/26 13:19:01 | 000,000,000 | ---D | M] -- c:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr [2012/04/10 18:33:53 | 000,000,000 | ---D | M] -- c:\Users\Guest\AppData\LocalLow\searchquband [2012/04/10 18:33:53 | 000,000,000 | ---D | M] -- c:\Users\Guest\AppData\LocalLow\searchqutoolbar [2012/01/18 13:14:15 | 000,000,000 | ---D | M] -- c:\Users\Janiero\AppData\LocalLow\searchquband [2012/01/18 13:14:29 | 000,000,000 | ---D | M] -- c:\Users\Janiero\AppData\LocalLow\searchqutoolbar [2012/04/11 21:17:40 | 000,000,000 | ---D | M] -- c:\Users\Janiero\AppData\LocalLow\searchqutoolbar\weather < c:|datamngr;true;true;true; /FP > [2012/04/26 13:19:01 | 000,000,000 | ---D | M] -- c:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr [2012/04/26 13:19:01 | 000,000,000 | ---D | M] -- c:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar [2012/04/26 13:19:02 | 000,000,000 | ---D | M] -- c:\Qoobox\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\x64 [2012/04/10 18:33:53 | 000,000,000 | ---D | M] -- c:\Users\Guest\AppData\LocalLow\DataMngr [2012/04/22 23:54:25 | 000,000,000 | ---D | M] -- c:\Users\Janiero\AppData\LocalLow\DataMngr < c:|iLivid;true;true;true; /FP > < c:|whitesmoke;true;true;true; /FP > < %systemroot%\*. /mp /s > ========== Alternate Data Streams ========== @Alternate Data Stream - 161 bytes -> C:\ProgramData\TEMP:DFC5A2B2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84 @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:553CA6CA < End of report > I went to msconfig to enabled MBAMService and Malwarebytes then reboot to see if the problem will still occur. After restart, i opened GC with 3 tabs then i closed GC then re-open but problem still occur, GC cant open and computer freezed. I force shutdown my computer and went to safe mode to disable MBAMService then reboot, after restart problem does not occur and mbam gives me error code 2.
  6. Here ComboFix 12-04-25.02 - Janiero 04/26/2012 13:08:35.1.2 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3835.2468 [GMT -8:00] Running from: c:\users\Janiero\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308} SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5} SP: PC Tools Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Windows Searchqu Toolbar c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\datamngr.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\IEBHO.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngr.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\datamngrUI.exe c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\DnsBHO.dll c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\x64\IEBHO.dll c:\program files (x86)\Windows Searchqu Toolbar\sysid.ini c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe . . ((((((((((((((((((((((((( Files Created from 2012-03-26 to 2012-04-26 ))))))))))))))))))))))))))))))) . . 2012-04-26 21:19 . 2012-04-26 21:19 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-04-26 21:19 . 2012-04-26 21:19 -------- d-----w- c:\users\boinc_master\AppData\Local\temp 2012-04-26 21:19 . 2012-04-26 21:19 -------- d-----w- c:\users\Administrator\AppData\Local\temp 2012-04-22 21:48 . 2012-04-25 20:23 -------- d-----w- c:\program files (x86)\ERUNT 2012-04-21 20:38 . 2012-04-21 20:38 -------- d-----w- c:\users\Janiero\AppData\Roaming\Malwarebytes 2012-04-21 20:38 . 2012-04-21 20:38 -------- d-----w- c:\programdata\Malwarebytes 2012-04-21 20:38 . 2012-04-21 20:38 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-04-21 20:38 . 2012-04-04 23:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-04-20 01:04 . 2010-05-06 20:59 165032 ----a-w- c:\windows\SysWow64\aswBoot.exe 2012-04-20 00:18 . 2012-03-20 20:21 85192 ----a-w- c:\windows\system32\drivers\PCTBD64.sys 2012-04-19 23:26 . 2012-03-20 21:50 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys 2012-04-19 23:24 . 2012-04-20 00:17 -------- d-----w- c:\programdata\PC Tools 2012-04-19 23:24 . 2012-04-19 23:24 -------- d-----w- c:\users\Janiero\AppData\Roaming\TestApp 2012-04-19 21:07 . 2012-04-19 21:07 -------- d-----w- c:\users\Janiero\AppData\Roaming\SUPERAntiSpyware.com 2012-04-19 21:06 . 2012-04-24 19:50 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-04-19 21:06 . 2012-04-19 21:06 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-04-19 00:10 . 2012-04-19 00:10 -------- d-----w- c:\program files (x86)\RegTweaker 2012-04-18 08:25 . 2012-04-18 08:25 62976 ----a-w- c:\windows\SysWow64\PxSecure.dll 2012-04-18 08:25 . 2012-04-18 08:25 65736 ----a-w- c:\windows\system32\drivers\pxrts.sys 2012-04-18 08:25 . 2012-04-18 08:25 36384 ----a-w- c:\windows\system32\drivers\pxscan.sys 2012-04-18 08:25 . 2012-04-18 08:25 24024 ----a-w- c:\windows\system32\drivers\pxkbf.sys 2012-04-18 08:25 . 2012-04-18 08:25 -------- d-----w- c:\program files\Prevx 2012-04-18 08:16 . 2012-04-18 08:46 -------- d-----w- c:\programdata\PrevxCSI 2012-04-17 22:32 . 2012-04-17 22:32 -------- d-----w- c:\windows\system32\drivers\NSTx64 2012-04-17 22:32 . 2012-04-17 22:32 -------- d-----w- c:\program files (x86)\Norton Safe Web Lite 2012-04-17 22:32 . 2012-04-17 22:32 -------- d-----w- c:\program files (x86)\NortonInstaller 2012-04-17 21:57 . 2012-04-18 08:26 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CAA2B9A0-F4F6-4B17-93C3-FF135B96199A}\offreg.dll 2012-04-15 20:01 . 2012-04-15 20:01 -------- d-----w- C:\Rbackup 2012-04-15 05:49 . 2012-04-15 05:49 3584 ----a-r- c:\users\Janiero\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe 2012-04-15 05:49 . 2012-04-15 05:49 -------- d-----w- c:\program files (x86)\Windows Installer Clean Up 2012-04-15 05:48 . 2012-04-15 05:48 -------- d-----w- c:\program files (x86)\MSECACHE 2012-04-14 20:58 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{CAA2B9A0-F4F6-4B17-93C3-FF135B96199A}\mpengine.dll 2012-04-13 23:11 . 2012-04-13 23:11 -------- d-----w- c:\users\Janiero\AppData\Roaming\Rainmeter 2012-04-13 23:11 . 2012-04-13 23:11 -------- d-----w- c:\program files\Rainmeter 2012-04-13 20:23 . 2012-04-13 20:36 -------- d-----w- c:\program files\My Lockbox 2012-04-13 10:34 . 2012-04-15 20:01 -------- d-----w- c:\program files\Perfect Uninstaller 2012-04-13 08:08 . 2012-04-13 08:08 -------- d-----w- c:\programdata\Stardock 2012-04-13 08:07 . 2012-04-14 07:50 -------- d--h--w- c:\programdata\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118} 2012-04-13 07:49 . 2010-07-23 01:13 54848 ----a-w- c:\windows\system32\drivers\FSPFltd.sys 2012-04-13 07:49 . 2010-01-07 02:23 142648 ----a-w- c:\windows\SysWow64\fsproflt.exe 2012-04-13 01:07 . 2012-04-13 01:07 -------- d-----w- c:\users\Janiero\AppData\Local\PackageAware 2012-04-12 23:37 . 2012-04-12 23:37 -------- d-----w- c:\users\Janiero\AppData\Local\Stardock 2012-04-12 22:43 . 2010-06-07 23:59 53904 ----a-w- c:\windows\system32\wbload.dll 2012-04-12 22:43 . 2010-06-07 23:59 57904 ----a-w- c:\windows\SysWow64\wbload.dll 2012-04-12 22:43 . 2011-06-11 23:37 42672 ----a-w- c:\windows\SysWow64\wbsys.dll 2012-04-12 22:43 . 2012-04-13 18:53 -------- d-----w- c:\program files (x86)\Stardock 2012-04-12 11:26 . 2012-03-06 06:53 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-04-12 11:26 . 2012-03-06 05:59 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-04-12 11:26 . 2012-03-06 05:59 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-04-12 11:00 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-04-12 11:00 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll 2012-04-12 11:00 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll 2012-04-12 11:00 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll 2012-04-12 11:00 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll 2012-04-12 11:00 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll 2012-04-12 11:00 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll 2012-04-11 09:41 . 2012-04-11 09:41 -------- d-----w- c:\users\Administrator\AppData\Roaming\Rainmeter 2012-04-11 09:41 . 2012-04-11 09:41 -------- d-----w- c:\users\Administrator\AppData\Local\Adobe 2012-04-10 23:56 . 2012-04-13 18:54 -------- d-----w- c:\users\a 2012-04-10 15:27 . 2012-04-10 15:28 -------- d-----w- c:\windows\W7SBC 2012-04-10 15:27 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer_edit_w7sbc.exe 2012-04-10 15:27 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer_backup_w7sbc.exe 2012-04-10 15:27 . 2011-02-25 06:19 2388992 ----a-w- c:\windows\explorer.exe 2012-04-10 12:38 . 2012-04-10 12:38 -------- d-----w- c:\windows\W7SOC 2012-04-10 12:38 . 2011-02-25 06:19 2871808 ----a-w- c:\windows\explorer.backup.exe 2012-04-10 11:23 . 2012-04-10 12:24 -------- d-----w- c:\program files (x86)\RocketDock 2012-04-10 00:47 . 2012-04-10 00:53 -------- d-----w- c:\users\Janiero\AppData\Roaming\Nero 2012-04-09 23:29 . 2012-04-09 23:39 -------- d-----w- c:\program files (x86)\Nero 2012-04-09 23:29 . 2012-04-09 23:32 -------- d-----w- c:\programdata\Nero 2012-04-09 23:29 . 2012-04-09 23:45 -------- d-----w- c:\program files (x86)\Common Files\Nero 2012-04-09 03:06 . 2012-04-13 18:54 -------- d-----w- c:\users\Guest 2012-04-04 05:53 . 2012-04-04 05:53 182160 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll 2012-04-04 02:21 . 2012-04-04 02:21 -------- d-----w- c:\users\Janiero\AppData\Local\Apps 2012-04-02 03:11 . 2012-04-02 23:42 -------- d-----w- c:\program files (x86)\SIW 2012-04-02 02:54 . 2012-04-02 02:54 -------- d-----w- c:\users\Janiero\AppData\Local\eSupport.com 2012-04-02 02:54 . 2012-04-02 02:54 21712 ----a-w- c:\windows\SysWow64\drivers\DrvAgent64.SYS 2012-03-30 02:41 . 2012-03-30 02:46 -------- d-----w- c:\program files\Common Files\Adobe 2012-03-29 01:58 . 2012-03-29 01:58 -------- d-----w- c:\program files (x86)\Adobe Download Assistant 2012-03-29 01:58 . 2012-03-29 01:58 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR 2012-03-28 09:12 . 2012-03-28 09:12 -------- d-----w- c:\programdata\regid.1986-12.com.adobe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-24 23:44 . 2012-03-24 23:45 84480 ----a-w- c:\windows\SysWow64\EasyHook32.dll 2012-03-24 23:44 . 2012-03-24 23:45 109216 ----a-w- c:\windows\SysWow64\EasyHook64.dll 2012-03-24 23:44 . 2012-03-24 23:44 172032 ----a-w- c:\windows\SysWow64\AniGIF.ocx 2012-03-20 19:39 . 2012-04-20 00:18 3488 ----a-w- c:\windows\UDB.zip 2012-03-20 19:39 . 2012-04-20 00:18 131 ----a-w- c:\windows\IDB.zip 2012-03-17 07:58 . 2011-05-20 16:32 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-15 02:23 . 2012-03-15 02:23 147248 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2012-03-15 02:22 . 2012-03-15 02:22 166192 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2012-03-15 02:22 . 2012-03-24 02:23 130864 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2012-03-15 02:22 . 2012-03-15 02:22 117040 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys 2012-03-15 02:22 . 2012-03-24 02:23 224048 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2012-03-15 02:22 . 2012-03-15 02:22 320816 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll 2012-02-23 17:18 . 2011-04-05 15:41 279656 ------w- c:\windows\system32\MpSigStub.exe 2012-02-17 06:38 . 2012-03-15 00:22 1031680 ----a-w- c:\windows\system32\rdpcore.dll 2012-02-17 05:34 . 2012-03-15 00:22 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll 2012-02-17 04:58 . 2012-03-15 00:22 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys 2012-02-17 04:57 . 2012-03-15 00:22 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-02-10 06:36 . 2012-03-15 00:24 1544192 ----a-w- c:\windows\system32\DWrite.dll 2012-02-10 05:38 . 2012-03-15 00:24 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-02-07 19:02 . 2012-02-07 19:02 1070352 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX 2012-02-03 04:34 . 2012-03-15 00:24 3145728 ----a-w- c:\windows\system32\win32k.sys . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [7] 2011-02-26 . E38899074D4951D31B4040E994DD7C8D . 2870784 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [7] 2011-02-26 . 0862495E0C825893DB75EF44FAEA8E93 . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [-] 2011-02-25 . 413911407829045001FAE70BD8A6CE2B . 2388992 . . [6.1.7600.16385] .. c:\windows\explorer.exe [7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\W7SOC\explorer.exe [7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [7] 2010-11-20 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [7] 2009-10-31 . B8EC4BD49CE8F6FC457721BFC210B67F . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [7] 2009-10-31 . 9AAAEC8DAC27AA17B053E6352AD233AE . 2870272 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [7] 2009-08-03 . 700073016DAC1C3D2E7E2CE4223334B6 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [7] 2009-08-03 . F170B4A061C9E026437B193B4D571799 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe [7] 2009-07-14 . C235A51CB740E45FFA0EBFB9BAFCDA64 . 2868224 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}] 2011-05-20 15:36 243200 ----a-w- c:\program files (x86)\RegTweaker\key.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell] @="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}" [HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}] 2010-05-06 21:02 151648 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-04-24 4785536] "RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616] "CursorFX"="c:\program files (x86)\Stardock\CursorFX\CursorFX.exe" [2011-11-30 653128] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040] "Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408] "USB Antivirus"="c:\program files (x86)\USB Disk Security\USBGuard.exe" [2008-09-24 798720] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Rainmeter.lnk - c:\program files\Rainmeter\Rainmeter.exe [2012-1-8 107720] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 bthav;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [x] R3 BTHBUS;YRT Bluetooth Bus Driver;c:\windows\system32\DRIVERS\bthbus.sys [x] R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x] R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-02 21712] R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x] R3 GPU-Z;GPU-Z;c:\users\Janiero\AppData\Local\Temp\GPU-Z.sys [x] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [x] R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400] R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280] R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952] R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2010-03-25 574320] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x] R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [x] R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000] R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-20 115568] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] R4 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-03-20 571320] R4 CSIScanner;CSIScanner;c:\program files\Prevx\prevx.exe [2012-04-18 6746280] R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-06 136176] R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-06 136176] R4 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] R4 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-10 53248] R4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] R4 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] R4 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-03-20 402336] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] S0 amd_sata;amd_sata;c:\windows\system32\drivers\amd_sata.sys [x] S0 amd_xata;amd_xata;c:\windows\system32\drivers\amd_xata.sys [x] S0 FSProFilter;FSPro File Filter;c:\windows\System32\Drivers\FSPFltd.sys [x] S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x] S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x] S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 pxscan;pxscan;c:\windows\System32\drivers\pxscan.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 ccSet_NST;Norton Safe Web Lite Settings Manager;c:\windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [x] S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [x] S1 pxrts;pxrts;c:\windows\system32\drivers\pxrts.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [x] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [x] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 NSL;Norton Safe Web Lite;c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2011-08-10 138760] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-20 529776] S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-20 386416] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 pxkbf;pxkbf;c:\windows\system32\drivers\pxkbf.sys [x] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [x] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x] S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] . . Contents of the 'Scheduled Tasks' folder . 2012-04-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job - c:\users\Janiero\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-19 07:15] . 2012-04-26 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job - c:\users\Janiero\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-19 07:15] . 2012-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-06 04:42] . 2012-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-03-06 04:42] . 2012-04-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job - c:\users\Janiero\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-14 04:13] . 2012-04-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job - c:\users\Janiero\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-14 04:13] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\snxPluginsShell] @="{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}" [HKEY_CLASSES_ROOT\CLSID\{F4B3B0AA-13D1-4a36-BDA2-2055B0F3D5DE}] 2010-05-06 20:59 174832 ----a-w- c:\program files\Alwil Software\Avast5\snxPlugins64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com.ph/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: &Clean Traces - c:\program files (x86)\DAP\Privacy Package\dapcleanerie.htm IE: &Download with &DAP - c:\program files (x86)\DAP\dapextie.htm IE: Download &all with DAP - c:\program files (x86)\DAP\dapextie2.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll TCP: DhcpNameServer = 192.168.2.1 . - - - - ORPHANS REMOVED - - - - . Toolbar-10 - (no file) Wow6432Node-HKLM-Run-TaskTray - (no file) BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL Toolbar-10 - (no file) AddRemove-Windows Searchqu Toolbar - c:\program files (x86)\Windows Searchqu Toolbar\uninstall.exe AddRemove-{0131D7EF-65FF-478F-8ABD-5ABEE24EC8EF} - c:\programdata\{F974CC36-BF25-4374-A035-B0A9DA79E735}\VAIO Messenger Setup 2.0.424.0.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\NSL] "ImagePath"="\"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe\" /s \"NSL\" /m \"c:\program files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector] "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\"" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil11g_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11g.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2012-04-26 13:23:42 ComboFix-quarantined-files.txt 2012-04-26 21:23 . Pre-Run: 172,520,472,576 bytes free Post-Run: 172,004,806,656 bytes free . - - End Of File - - 31D038DFEF3BF2886E774A20ED094396
  7. When i exit GC then re-open it, GC wont appear and my computer will freeze (Keyboard and windows will become unresponsive, cursor is loading and able to move). Yes it does.
  8. Hi why im banned on the link that you post? it says You have been permanently banned from this board. Please contact the (email address removed) for more information. A ban has been issued on your IP address Below is the log of OTL ... All processes killed ========== PROCESSES ========== ========== FILES ========== recycler not found in C:\ recycler not found in D:\ ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: a ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: All Users User: boinc_master ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Guest ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Janiero ->Temp folder emptied: 524976 bytes ->Temporary Internet Files folder emptied: 8628243 bytes ->Java cache emptied: 0 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 2824 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 61762 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66784 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 9.00 mb Restore point Set: OTL Restore Point [EMPTYFLASH] User: a ->Flash cache emptied: 0 bytes User: Administrator User: All Users User: boinc_master User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Guest ->Flash cache emptied: 0 bytes User: Janiero ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.42.0 log created on 04252012_122702 Files\Folders moved on Reboot... C:\Users\Janiero\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot... Files\Folders moved on Reboot... C:\Users\Janiero\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot. Registry entries deleted on Reboot...
  9. Thanks for the info, de-installation done.
  10. Hi, can you post the link. Ohh that searchqu.com? i also saw that on my cousins PC, i thought it just a normal website, do you know how am i became infected with that malware? RegTweaker i just downloaded that and tried if it can clean my registry. That Norton Safe Web Lite, just tried it too. I apologize for not mentioning this Norton.
  11. Sorry i will repost previous reply Step 4 seems didnt work. When i used SecurityCheck.exe theres a windows appear sed.exe has stopped working[/size][/font][/color] [color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]A problem caused the progam to stop working corectly. Windows will close the program and notify you if a solution is available.[/size][/font][/color] [color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]Then a notepad appear with no text.[/size][/font][/color] [color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3] then checkup.txt appear with No Text. Just a blank notepad. Step 5. TDSSKiller [/size][/font][/color] [color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]14:15:43.0271 0148 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47 14:15:44.0491 0148 ============================================================ 14:15:44.0491 0148 Current date / time: 2012/04/22 14:15:44.0491 14:15:44.0491 0148 SystemInfo: 14:15:44.0491 0148 14:15:44.0491 0148 OS Version: 6.1.7601 ServicePack: 1.0 14:15:44.0491 0148 Product type: Workstation 14:15:44.0491 0148 ComputerName: JANEIRO-VAIO 14:15:44.0491 0148 UserName: Janiero 14:15:44.0491 0148 Windows directory: C:\Windows 14:15:44.0491 0148 System windows directory: C:\Windows 14:15:44.0491 0148 Running under WOW64 14:15:44.0491 0148 Processor architecture: Intel x64 14:15:44.0491 0148 Number of processors: 2 14:15:44.0491 0148 Page size: 0x1000 14:15:44.0491 0148 Boot type: Normal boot 14:15:44.0491 0148 ============================================================ 14:15:46.0021 0148 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:15:46.0041 0148 \Device\Harddisk0\DR0: 14:15:46.0041 0148 MBR partitions: 14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1320800, BlocksNum 0x32000 14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1352800, BlocksNum 0x1F351830 14:15:46.0061 0148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x206A5000, BlocksNum 0x19CE0800 14:15:46.0101 0148 C: <-> \Device\Harddisk0\DR0\Partition1 14:15:46.0131 0148 D: <-> \Device\Harddisk0\DR0\Partition2 14:15:46.0131 0148 Initialize success 14:15:46.0131 0148 ============================================================ 14:16:12.0263 3588 ============================================================ 14:16:12.0263 3588 Scan started 14:16:12.0263 3588 Mode: Manual; SigCheck; TDLFS; 14:16:12.0263 3588 ============================================================ 14:16:12.0943 3588 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 14:16:13.0113 3588 !SASCORE - ok 14:16:13.0233 3588 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 14:16:13.0373 3588 1394ohci - ok 14:16:13.0443 3588 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 14:16:13.0583 3588 ACDaemon - ok 14:16:13.0673 3588 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 14:16:13.0733 3588 ACPI - ok 14:16:13.0773 3588 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 14:16:13.0913 3588 AcpiPmi - ok 14:16:14.0063 3588 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:16:14.0093 3588 AdobeARMservice - ok 14:16:14.0193 3588 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 14:16:14.0263 3588 adp94xx - ok 14:16:14.0315 3588 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 14:16:14.0365 3588 adpahci - ok 14:16:14.0405 3588 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 14:16:14.0455 3588 adpu320 - ok 14:16:14.0485 3588 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 14:16:14.0785 3588 AeLookupSvc - ok 14:16:14.0885 3588 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 14:16:15.0005 3588 AFD - ok 14:16:15.0067 3588 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 14:16:15.0085 3588 agp440 - ok 14:16:15.0122 3588 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 14:16:15.0180 3588 ALG - ok 14:16:15.0232 3588 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 14:16:15.0274 3588 aliide - ok 14:16:15.0311 3588 AMD External Events Utility (8318a3b3ce74b851082af2c0745e979e) C:\Windows\system32\atiesrxx.exe 14:16:15.0441 3588 AMD External Events Utility - ok 14:16:15.0545 3588 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 14:16:15.0573 3588 amdide - ok 14:16:15.0623 3588 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 14:16:15.0702 3588 AmdK8 - ok 14:16:16.0009 3588 amdkmdag (2d597c853db5ea1b1f6d98610039bb50) C:\Windows\system32\DRIVERS\atipmdag.sys 14:16:16.0208 3588 amdkmdag - ok 14:16:16.0308 3588 amdkmdap (04d770537e5ac5c4676b9a83cb21ec0a) C:\Windows\system32\DRIVERS\atikmpag.sys 14:16:16.0352 3588 amdkmdap - ok 14:16:16.0397 3588 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 14:16:16.0437 3588 AmdPPM - ok 14:16:16.0483 3588 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 14:16:16.0501 3588 amdsata - ok 14:16:16.0545 3588 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 14:16:16.0567 3588 amdsbs - ok 14:16:16.0601 3588 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 14:16:16.0619 3588 amdxata - ok 14:16:16.0654 3588 amd_sata (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\drivers\amd_sata.sys 14:16:16.0668 3588 amd_sata - ok 14:16:16.0708 3588 amd_xata (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\drivers\amd_xata.sys 14:16:16.0721 3588 amd_xata - ok 14:16:16.0769 3588 ApfiltrService (29d63d80f23da504baa2db5d260dd4bd) C:\Windows\system32\DRIVERS\Apfiltr.sys 14:16:16.0788 3588 ApfiltrService - ok 14:16:16.0830 3588 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 14:16:17.0039 3588 AppID - ok 14:16:17.0113 3588 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 14:16:17.0179 3588 AppIDSvc - ok 14:16:17.0226 3588 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 14:16:17.0292 3588 Appinfo - ok 14:16:17.0347 3588 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:16:17.0362 3588 Apple Mobile Device - ok 14:16:17.0460 3588 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 14:16:17.0478 3588 arc - ok 14:16:17.0601 3588 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 14:16:17.0620 3588 arcsas - ok 14:16:17.0770 3588 aswFsBlk (4a57b2c375d82cbeb28454e0460d65ad) C:\Windows\system32\drivers\aswFsBlk.sys 14:16:17.0785 3588 aswFsBlk - ok 14:16:17.0927 3588 aswMonFlt (0dfa8428e92fa0398a4557077e03d0be) C:\Windows\system32\drivers\aswMonFlt.sys 14:16:17.0949 3588 aswMonFlt - ok 14:16:18.0138 3588 aswRdr (061bf40c947848b6f4a478c600b0298c) C:\Windows\system32\drivers\aswRdr.sys 14:16:18.0162 3588 aswRdr - ok 14:16:18.0315 3588 aswSnx (9597c6e9091369ef4b94956478d545bf) C:\Windows\system32\drivers\aswSnx.sys 14:16:18.0335 3588 aswSnx - ok 14:16:18.0486 3588 aswSP (6b31b59c48a5f45e9f26de37acae7db4) C:\Windows\system32\drivers\aswSP.sys 14:16:18.0507 3588 aswSP - ok 14:16:18.0707 3588 aswTdi (5c06c8ed0627a970dc7a4b6624f3bd08) C:\Windows\system32\drivers\aswTdi.sys 14:16:18.0721 3588 aswTdi - ok 14:16:18.0828 3588 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 14:16:18.0924 3588 AsyncMac - ok 14:16:19.0035 3588 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 14:16:19.0060 3588 atapi - ok 14:16:19.0133 3588 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys 14:16:19.0247 3588 athr - ok 14:16:19.0364 3588 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys 14:16:19.0391 3588 AtiPcie - ok 14:16:19.0477 3588 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:16:19.0653 3588 AudioEndpointBuilder - ok 14:16:19.0675 3588 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:16:19.0755 3588 AudioSrv - ok 14:16:19.0876 3588 avast! Antivirus (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 14:16:19.0893 3588 avast! Antivirus - ok 14:16:19.0926 3588 avast! Mail Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 14:16:19.0943 3588 avast! Mail Scanner - ok 14:16:19.0963 3588 avast! Web Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 14:16:19.0983 3588 avast! Web Scanner - ok 14:16:20.0124 3588 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 14:16:20.0245 3588 AxInstSV - ok 14:16:20.0352 3588 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 14:16:20.0429 3588 b06bdrv - ok 14:16:20.0484 3588 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 14:16:20.0562 3588 b57nd60a - ok 14:16:20.0640 3588 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 14:16:20.0730 3588 BDESVC - ok 14:16:20.0828 3588 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 14:16:20.0938 3588 Beep - ok 14:16:20.0997 3588 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 14:16:21.0108 3588 BFE - ok 14:16:21.0179 3588 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 14:16:21.0368 3588 BITS - ok 14:16:21.0478 3588 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 14:16:21.0541 3588 blbdrive - ok 14:16:21.0648 3588 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 14:16:21.0692 3588 Bonjour Service - ok 14:16:21.0781 3588 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 14:16:21.0815 3588 bowser - ok 14:16:21.0852 3588 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 14:16:21.0906 3588 BrFiltLo - ok 14:16:21.0950 3588 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 14:16:22.0003 3588 BrFiltUp - ok 14:16:22.0048 3588 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 14:16:22.0171 3588 Browser - ok 14:16:22.0387 3588 Browser Defender Update Service (9d5fd177db76a7f5d6b8678870820d3c) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe 14:16:22.0443 3588 Browser Defender Update Service - ok 14:16:22.0539 3588 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 14:16:22.0633 3588 Brserid - ok 14:16:22.0692 3588 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 14:16:22.0760 3588 BrSerWdm - ok 14:16:22.0797 3588 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:16:22.0853 3588 BrUsbMdm - ok 14:16:22.0902 3588 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 14:16:22.0965 3588 BrUsbSer - ok 14:16:23.0015 3588 bthav (0b2ee8b36081c1039ea3d20b952a8ddc) C:\Windows\system32\drivers\bthav.sys 14:16:23.0080 3588 bthav - ok 14:16:23.0142 3588 BTHBUS (f3371daab1c4ec83ab8841b9abdf8261) C:\Windows\system32\DRIVERS\bthbus.sys 14:16:23.0240 3588 BTHBUS - ok 14:16:23.0289 3588 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 14:16:23.0379 3588 BthEnum - ok 14:16:23.0465 3588 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 14:16:23.0547 3588 BTHMODEM - ok 14:16:23.0600 3588 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 14:16:23.0666 3588 BthPan - ok 14:16:23.0721 3588 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 14:16:23.0797 3588 BTHPORT - ok 14:16:23.0826 3588 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 14:16:23.0898 3588 bthserv - ok 14:16:23.0955 3588 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 14:16:23.0999 3588 BTHUSB - ok 14:16:24.0041 3588 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 14:16:24.0057 3588 btwaudio - ok 14:16:24.0094 3588 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys 14:16:24.0110 3588 btwavdt - ok 14:16:24.0180 3588 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 14:16:24.0247 3588 btwdins - ok 14:16:24.0347 3588 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 14:16:24.0381 3588 btwl2cap - ok 14:16:24.0420 3588 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys 14:16:24.0454 3588 btwrchid - ok 14:16:24.0595 3588 ccSet_NST (a8ad33c9dd88c810cac00acc7f4329fb) C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys 14:16:24.0636 3588 ccSet_NST - ok 14:16:24.0686 3588 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 14:16:24.0820 3588 cdfs - ok 14:16:24.0871 3588 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 14:16:24.0939 3588 cdrom - ok 14:16:24.0996 3588 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:16:25.0121 3588 CertPropSvc - ok 14:16:25.0174 3588 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 14:16:25.0255 3588 circlass - ok 14:16:25.0309 3588 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 14:16:25.0411 3588 CLFS - ok 14:16:25.0492 3588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:16:25.0535 3588 clr_optimization_v2.0.50727_32 - ok 14:16:25.0584 3588 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:16:25.0627 3588 clr_optimization_v2.0.50727_64 - ok 14:16:25.0688 3588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:16:25.0771 3588 clr_optimization_v4.0.30319_32 - ok 14:16:25.0879 3588 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:16:25.0916 3588 clr_optimization_v4.0.30319_64 - ok 14:16:25.0976 3588 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 14:16:26.0046 3588 CmBatt - ok 14:16:26.0111 3588 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 14:16:26.0151 3588 cmdide - ok 14:16:26.0216 3588 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 14:16:26.0291 3588 CNG - ok 14:16:26.0365 3588 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 14:16:26.0386 3588 Compbatt - ok 14:16:26.0433 3588 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 14:16:26.0475 3588 CompositeBus - ok 14:16:26.0488 3588 COMSysApp - ok 14:16:26.0533 3588 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 14:16:26.0548 3588 crcdisk - ok 14:16:26.0603 3588 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 14:16:26.0765 3588 CryptSvc - ok 14:16:27.0024 3588 CSIScanner (5131d2469b6b19dc20b446ebe43ebb79) C:\Program Files\Prevx\prevx.exe 14:16:27.0160 3588 CSIScanner - ok 14:16:27.0280 3588 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 14:16:27.0360 3588 cvhsvc - ok 14:16:27.0472 3588 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:16:27.0657 3588 DcomLaunch - ok 14:16:27.0713 3588 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 14:16:27.0872 3588 defragsvc - ok 14:16:27.0934 3588 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 14:16:28.0046 3588 DfsC - ok 14:16:28.0099 3588 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 14:16:28.0257 3588 Dhcp - ok 14:16:28.0302 3588 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 14:16:28.0400 3588 discache - ok 14:16:28.0445 3588 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 14:16:28.0488 3588 Disk - ok 14:16:28.0542 3588 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 14:16:28.0606 3588 Dnscache - ok 14:16:28.0661 3588 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 14:16:28.0726 3588 dot3svc - ok 14:16:28.0777 3588 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 14:16:28.0852 3588 DPS - ok 14:16:28.0901 3588 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 14:16:28.0973 3588 drmkaud - ok 14:16:29.0120 3588 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS 14:16:29.0164 3588 DrvAgent64 - ok 14:16:29.0274 3588 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 14:16:29.0337 3588 DXGKrnl - ok 14:16:29.0374 3588 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 14:16:29.0473 3588 EapHost - ok 14:16:29.0599 3588 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 14:16:29.0829 3588 ebdrv - ok 14:16:29.0941 3588 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 14:16:30.0041 3588 EFS - ok 14:16:30.0131 3588 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 14:16:30.0251 3588 ehRecvr - ok 14:16:30.0311 3588 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 14:16:30.0371 3588 ehSched - ok 14:16:30.0453 3588 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 14:16:30.0513 3588 elxstor - ok 14:16:30.0563 3588 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 14:16:30.0633 3588 ErrDev - ok 14:16:30.0795 3588 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 14:16:30.0975 3588 EventSystem - ok 14:16:31.0025 3588 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 14:16:31.0169 3588 exfat - ok 14:16:31.0207 3588 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 14:16:31.0277 3588 fastfat - ok 14:16:31.0417 3588 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 14:16:31.0535 3588 Fax - ok 14:16:31.0579 3588 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 14:16:31.0619 3588 fdc - ok 14:16:31.0679 3588 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 14:16:31.0739 3588 fdPHost - ok 14:16:31.0759 3588 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 14:16:31.0839 3588 FDResPub - ok 14:16:31.0889 3588 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 14:16:31.0899 3588 FileInfo - ok 14:16:31.0929 3588 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 14:16:31.0999 3588 Filetrace - ok 14:16:32.0039 3588 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 14:16:32.0089 3588 flpydisk - ok 14:16:32.0139 3588 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 14:16:32.0169 3588 FltMgr - ok 14:16:32.0219 3588 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 14:16:32.0339 3588 FontCache - ok 14:16:32.0479 3588 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:16:32.0509 3588 FontCache3.0.0.0 - ok 14:16:32.0599 3588 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 14:16:32.0639 3588 FsDepends - ok 14:16:32.0799 3588 FSProFilter (8197c85348a33bccfe80dd6e2db53903) C:\Windows\system32\Drivers\FSPFltd.sys 14:16:32.0839 3588 FSProFilter - ok 14:16:32.0959 3588 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 14:16:32.0989 3588 fssfltr - ok 14:16:33.0139 3588 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 14:16:33.0199 3588 fsssvc - ok 14:16:33.0309 3588 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 14:16:33.0359 3588 Fs_Rec - ok 14:16:33.0469 3588 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 14:16:33.0529 3588 fvevol - ok 14:16:33.0671 3588 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 14:16:33.0718 3588 gagp30kx - ok 14:16:33.0863 3588 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:16:33.0883 3588 GEARAspiWDM - ok 14:16:34.0015 3588 GGSAFERDriver - ok 14:16:34.0125 3588 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 14:16:34.0225 3588 gpsvc - ok 14:16:34.0355 3588 GPU-Z - ok 14:16:34.0425 3588 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:16:34.0445 3588 gupdate - ok 14:16:34.0465 3588 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:16:34.0495 3588 gupdatem - ok 14:16:34.0585 3588 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 14:16:34.0645 3588 hcw85cir - ok 14:16:34.0825 3588 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 14:16:34.0875 3588 HdAudAddService - ok 14:16:34.0995 3588 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 14:16:35.0045 3588 HDAudBus - ok 14:16:35.0095 3588 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 14:16:35.0165 3588 HidBatt - ok 14:16:35.0217 3588 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 14:16:35.0277 3588 HidBth - ok 14:16:35.0327 3588 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 14:16:35.0387 3588 HidIr - ok 14:16:35.0437 3588 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 14:16:35.0587 3588 hidserv - ok 14:16:35.0667 3588 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 14:16:35.0717 3588 HidUsb - ok 14:16:35.0767 3588 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 14:16:35.0867 3588 hkmsvc - ok 14:16:35.0907 3588 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 14:16:35.0969 3588 HomeGroupListener - ok 14:16:36.0009 3588 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 14:16:36.0069 3588 HomeGroupProvider - ok 14:16:36.0129 3588 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 14:16:36.0179 3588 HpSAMD - ok 14:16:36.0231 3588 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 14:16:36.0333 3588 HTTP - ok 14:16:36.0463 3588 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 14:16:36.0503 3588 hwpolicy - ok 14:16:36.0563 3588 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 14:16:36.0603 3588 i8042prt - ok 14:16:36.0675 3588 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 14:16:36.0705 3588 iaStorV - ok 14:16:36.0815 3588 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:16:36.0855 3588 idsvc - ok 14:16:36.0917 3588 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 14:16:36.0947 3588 iirsp - ok 14:16:37.0019 3588 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 14:16:37.0129 3588 IKEEXT - ok 14:16:37.0291 3588 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys 14:16:37.0341 3588 IntcAzAudAddService - ok 14:16:37.0395 3588 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 14:16:37.0413 3588 intelide - ok 14:16:37.0453 3588 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 14:16:37.0493 3588 intelppm - ok 14:16:37.0553 3588 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 14:16:37.0633 3588 IPBusEnum - ok 14:16:37.0693 3588 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:16:37.0773 3588 IpFilterDriver - ok 14:16:37.0823 3588 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 14:16:37.0913 3588 iphlpsvc - ok 14:16:37.0983 3588 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 14:16:38.0003 3588 IPMIDRV - ok 14:16:38.0043 3588 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 14:16:38.0123 3588 IPNAT - ok 14:16:38.0233 3588 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe 14:16:38.0263 3588 iPod Service - ok 14:16:38.0383 3588 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 14:16:38.0433 3588 IRENUM - ok 14:16:38.0563 3588 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 14:16:38.0583 3588 isapnp - ok 14:16:38.0673 3588 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 14:16:38.0723 3588 iScsiPrt - ok 14:16:38.0823 3588 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 14:16:38.0843 3588 kbdclass - ok 14:16:38.0933 3588 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 14:16:39.0003 3588 kbdhid - ok 14:16:39.0103 3588 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:16:39.0173 3588 KeyIso - ok 14:16:39.0245 3588 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 14:16:39.0295 3588 KSecDD - ok 14:16:39.0395 3588 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 14:16:39.0435 3588 KSecPkg - ok 14:16:39.0525 3588 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 14:16:39.0675 3588 ksthunk - ok 14:16:39.0847 3588 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 14:16:40.0017 3588 KtmRm - ok 14:16:40.0277 3588 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 14:16:40.0427 3588 LanmanServer - ok 14:16:40.0547 3588 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 14:16:40.0627 3588 LanmanWorkstation - ok 14:16:40.0737 3588 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 14:16:40.0867 3588 lltdio - ok 14:16:41.0017 3588 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 14:16:41.0197 3588 lltdsvc - ok 14:16:41.0327 3588 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 14:16:41.0457 3588 lmhosts - ok 14:16:41.0617 3588 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 14:16:41.0657 3588 LSI_FC - ok 14:16:41.0797 3588 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 14:16:41.0837 3588 LSI_SAS - ok 14:16:41.0987 3588 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 14:16:42.0027 3588 LSI_SAS2 - ok 14:16:42.0170 3588 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 14:16:42.0218 3588 LSI_SCSI - ok 14:16:42.0393 3588 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 14:16:42.0498 3588 luafv - ok 14:16:42.0689 3588 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 14:16:42.0731 3588 MBAMProtector - ok 14:16:43.0007 3588 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 14:16:43.0071 3588 MBAMService - ok 14:16:43.0211 3588 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 14:16:43.0304 3588 Mcx2Svc - ok 14:16:43.0611 3588 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 14:16:43.0666 3588 megasas - ok 14:16:43.0805 3588 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 14:16:43.0859 3588 MegaSR - ok 14:16:44.0036 3588 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 14:16:44.0074 3588 Microsoft Office Groove Audit Service - ok 14:16:44.0181 3588 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:16:44.0322 3588 MMCSS - ok 14:16:44.0448 3588 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 14:16:44.0567 3588 Modem - ok 14:16:44.0711 3588 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 14:16:44.0761 3588 monitor - ok 14:16:44.0916 3588 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 14:16:44.0959 3588 mouclass - ok 14:16:45.0053 3588 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 14:16:45.0128 3588 mouhid - ok 14:16:45.0281 3588 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 14:16:45.0327 3588 mountmgr - ok 14:16:45.0435 3588 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 14:16:45.0483 3588 mpio - ok 14:16:45.0621 3588 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 14:16:45.0741 3588 mpsdrv - ok 14:16:45.0914 3588 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 14:16:46.0090 3588 MpsSvc - ok 14:16:46.0255 3588 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 14:16:46.0340 3588 MRxDAV - ok 14:16:46.0490 3588 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:16:46.0585 3588 mrxsmb - ok 14:16:46.0734 3588 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:16:46.0817 3588 mrxsmb10 - ok 14:16:46.0967 3588 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:16:47.0018 3588 mrxsmb20 - ok 14:16:47.0162 3588 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 14:16:47.0208 3588 msahci - ok 14:16:47.0307 3588 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 14:16:47.0354 3588 msdsm - ok 14:16:47.0491 3588 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 14:16:47.0580 3588 MSDTC - ok 14:16:47.0799 3588 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 14:16:47.0896 3588 Msfs - ok 14:16:48.0069 3588 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 14:16:48.0196 3588 mshidkmdf - ok 14:16:48.0341 3588 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 14:16:48.0381 3588 msisadrv - ok 14:16:48.0476 3588 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 14:16:48.0583 3588 MSiSCSI - ok 14:16:48.0658 3588 msiserver - ok 14:16:48.0716 3588 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 14:16:48.0847 3588 MSKSSRV - ok 14:16:49.0009 3588 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 14:16:49.0112 3588 MSPCLOCK - ok 14:16:49.0249 3588 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 14:16:49.0380 3588 MSPQM - ok 14:16:49.0543 3588 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 14:16:49.0602 3588 MsRPC - ok 14:16:49.0714 3588 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 14:16:49.0736 3588 mssmbios - ok 14:16:49.0797 3588 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 14:16:49.0931 3588 MSTEE - ok 14:16:49.0993 3588 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 14:16:50.0059 3588 MTConfig - ok 14:16:50.0104 3588 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 14:16:50.0149 3588 Mup - ok 14:16:50.0209 3588 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 14:16:50.0318 3588 napagent - ok 14:16:50.0379 3588 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 14:16:50.0474 3588 NativeWifiP - ok 14:16:50.0546 3588 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 14:16:50.0647 3588 NDIS - ok 14:16:50.0707 3588 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 14:16:50.0778 3588 NdisCap - ok 14:16:50.0811 3588 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 14:16:50.0859 3588 NdisTapi - ok 14:16:50.0907 3588 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 14:16:50.0975 3588 Ndisuio - ok 14:16:51.0125 3588 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 14:16:51.0195 3588 NdisWan - ok 14:16:51.0279 3588 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 14:16:51.0325 3588 NDProxy - ok 14:16:51.0495 3588 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 14:16:51.0526 3588 Nero BackItUp Scheduler 4.0 - ok 14:16:51.0649 3588 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 14:16:51.0701 3588 NetBIOS - ok 14:16:51.0855 3588 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 14:16:51.0927 3588 NetBT - ok 14:16:52.0086 3588 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:16:52.0109 3588 Netlogon - ok 14:16:52.0218 3588 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 14:16:52.0324 3588 Netman - ok 14:16:52.0469 3588 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 14:16:52.0644 3588 netprofm - ok 14:16:52.0759 3588 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:16:52.0796 3588 NetTcpPortSharing - ok 14:16:52.0921 3588 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 14:16:52.0944 3588 nfrd960 - ok 14:16:53.0108 3588 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 14:16:53.0218 3588 NlaSvc - ok 14:16:53.0438 3588 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys 14:16:53.0493 3588 nmwcd - ok 14:16:53.0710 3588 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys 14:16:53.0810 3588 nmwcdc - ok 14:16:53.0980 3588 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 14:16:54.0045 3588 Npfs - ok 14:16:54.0172 3588 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 14:16:54.0232 3588 nsi - ok 14:16:54.0404 3588 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 14:16:54.0504 3588 nsiproxy - ok 14:16:54.0644 3588 NSL (e127420b7feb65c7f279eaac183bbc0e) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe 14:16:54.0684 3588 NSL - ok 14:16:54.0864 3588 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 14:16:54.0940 3588 Ntfs - ok 14:16:55.0096 3588 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 14:16:55.0216 3588 Null - ok 14:16:55.0386 3588 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 14:16:55.0416 3588 nvraid - ok 14:16:55.0566 3588 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 14:16:55.0616 3588 nvstor - ok 14:16:55.0768 3588 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 14:16:55.0828 3588 nv_agp - ok 14:16:55.0940 3588 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe 14:16:55.0995 3588 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning 14:16:55.0995 3588 Oasis2Service - detected UnsignedFile.Multi.Generic (1) 14:16:56.0152 3588 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 14:16:56.0202 3588 odserv - ok 14:16:56.0352 3588 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 14:16:56.0452 3588 ohci1394 - ok 14:16:56.0542 3588 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:16:56.0582 3588 ose - ok 14:16:56.0774 3588 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:16:57.0034 3588 osppsvc - ok 14:16:57.0144 3588 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:16:57.0264 3588 p2pimsvc - ok 14:16:57.0306 3588 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 14:16:57.0346 3588 p2psvc - ok 14:16:57.0386 3588 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 14:16:57.0426 3588 Parport - ok 14:16:57.0476 3588 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 14:16:57.0496 3588 partmgr - ok 14:16:57.0546 3588 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 14:16:57.0616 3588 PcaSvc - ok 14:16:57.0686 3588 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 14:16:57.0736 3588 pci - ok 14:16:57.0776 3588 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 14:16:57.0816 3588 pciide - ok 14:16:57.0862 3588 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 14:16:57.0878 3588 pcmcia - ok 14:16:57.0918 3588 PCTBD (99a3a277a99c437283324067970e1d37) C:\Windows\system32\Drivers\PCTBD64.sys 14:16:57.0938 3588 PCTBD - ok 14:16:58.0008 3588 PCTCore (dbb55b4da79a6f59b63e233907ba6bae) C:\Windows\system32\drivers\PCTCore64.sys 14:16:58.0038 3588 PCTCore - ok 14:16:58.0130 3588 pctDS (ba1f42a42f405f62ceff6b69a2797f7c) C:\Windows\system32\drivers\pctDS64.sys 14:16:58.0160 3588 pctDS - ok 14:16:58.0230 3588 pctEFA (146cc91c93ced13e7fe40e8d8615be39) C:\Windows\system32\drivers\pctEFA64.sys 14:16:58.0290 3588 pctEFA - ok 14:16:58.0360 3588 PCTSD (afa19eff0197c474379ed904e25a995d) C:\Windows\system32\Drivers\PCTSD64.sys 14:16:58.0380 3588 PCTSD - ok 14:16:58.0420 3588 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 14:16:58.0440 3588 pcw - ok 14:16:58.0470 3588 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 14:16:58.0581 3588 PEAUTH - ok 14:16:58.0636 3588 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 14:16:58.0702 3588 PerfHost - ok 14:16:58.0824 3588 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 14:16:58.0944 3588 pla - ok 14:16:59.0114 3588 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 14:16:59.0204 3588 PlugPlay - ok 14:16:59.0324 3588 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 14:16:59.0364 3588 PMBDeviceInfoProvider - ok 14:16:59.0464 3588 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 14:16:59.0504 3588 PNRPAutoReg - ok 14:16:59.0574 3588 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:16:59.0624 3588 PNRPsvc - ok 14:16:59.0764 3588 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 14:16:59.0963 3588 PolicyAgent - ok 14:17:00.0086 3588 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 14:17:00.0276 3588 Power - ok 14:17:00.0386 3588 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 14:17:00.0501 3588 PptpMiniport - ok 14:17:00.0638 3588 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 14:17:00.0708 3588 Processor - ok 14:17:00.0878 3588 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 14:17:01.0028 3588 ProfSvc - ok 14:17:01.0208 3588 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:17:01.0268 3588 ProtectedStorage - ok 14:17:01.0428 3588 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 14:17:01.0528 3588 Psched - ok 14:17:01.0648 3588 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 14:17:01.0688 3588 PxHlpa64 - ok 14:17:01.0858 3588 pxkbf (ba5f7c107eace67973b4b798832a74c7) C:\Windows\system32\drivers\pxkbf.sys 14:17:01.0904 3588 pxkbf - ok 14:17:02.0120 3588 pxrts (007e57428802f587d0d6737ae7a9d989) C:\Windows\system32\drivers\pxrts.sys 14:17:02.0140 3588 pxrts - ok 14:17:02.0332 3588 pxscan (66d4d00c8908888a68b749d91f1e6789) C:\Windows\system32\drivers\pxscan.sys 14:17:02.0342 3588 pxscan - ok 14:17:02.0522 3588 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 14:17:02.0614 3588 ql2300 - ok 14:17:02.0766 3588 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 14:17:02.0796 3588 ql40xx - ok 14:17:02.0926 3588 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 14:17:02.0986 3588 QWAVE - ok 14:17:03.0166 3588 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 14:17:03.0206 3588 QWAVEdrv - ok 14:17:03.0346 3588 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 14:17:03.0416 3588 RasAcd - ok 14:17:03.0556 3588 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:17:03.0633 3588 RasAgileVpn - ok 14:17:03.0778 3588 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 14:17:03.0858 3588 RasAuto - ok 14:17:04.0018 3588 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:17:04.0078 3588 Rasl2tp - ok 14:17:04.0250 3588 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 14:17:04.0410 3588 RasMan - ok 14:17:04.0570 3588 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 14:17:04.0708 3588 RasPppoe - ok 14:17:04.0812 3588 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 14:17:04.0962 3588 RasSstp - ok 14:17:05.0142 3588 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 14:17:05.0244 3588 rdbss - ok 14:17:05.0414 3588 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 14:17:05.0494 3588 rdpbus - ok 14:17:05.0674 3588 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:17:05.0764 3588 RDPCDD - ok 14:17:05.0934 3588 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 14:17:06.0026 3588 RDPENCDD - ok 14:17:06.0186 3588 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 14:17:06.0286 3588 RDPREFMP - ok 14:17:06.0466 3588 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 14:17:06.0566 3588 RDPWD - ok 14:17:06.0766 3588 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 14:17:06.0816 3588 rdyboost - ok 14:17:06.0986 3588 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 14:17:07.0098 3588 RemoteAccess - ok 14:17:07.0278 3588 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 14:17:07.0428 3588 RemoteRegistry - ok 14:17:07.0598 3588 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 14:17:07.0650 3588 RFCOMM - ok 14:17:07.0800 3588 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 14:17:07.0940 3588 RpcEptMapper - ok 14:17:08.0100 3588 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 14:17:08.0190 3588 RpcLocator - ok 14:17:08.0390 3588 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:17:08.0472 3588 RpcSs - ok 14:17:08.0612 3588 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 14:17:08.0702 3588 rspndr - ok 14:17:08.0874 3588 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\Windows\system32\Drivers\RtsUStor.sys 14:17:08.0904 3588 RSUSBSTOR - ok 14:17:09.0054 3588 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys 14:17:09.0094 3588 RTHDMIAzAudService - ok 14:17:09.0264 3588 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys 14:17:09.0314 3588 RTL8167 - ok 14:17:09.0506 3588 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:17:09.0546 3588 SamSs - ok 14:17:09.0686 3588 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 14:17:09.0716 3588 SASDIFSV - ok 14:17:09.0776 3588 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 14:17:09.0806 3588 SASKUTIL - ok 14:17:09.0906 3588 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 14:17:09.0936 3588 sbp2port - ok 14:17:09.0986 3588 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 14:17:10.0056 3588 SCardSvr - ok 14:17:10.0116 3588 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 14:17:10.0186 3588 scfilter - ok 14:17:10.0276 3588 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 14:17:10.0418 3588 Schedule - ok 14:17:10.0538 3588 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:17:10.0618 3588 SCPolicySvc - ok 14:17:10.0798 3588 sdAuxService (17d6a03103586d7954ba74c2219ce1bb) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe 14:17:10.0848 3588 sdAuxService - ok 14:17:10.0908 3588 sdCoreService (697e0a2a300ee8719cafae55b4771053) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe 14:17:10.0948 3588 sdCoreService - ok 14:17:11.0040 3588 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 14:17:11.0140 3588 SDRSVC - ok 14:17:11.0210 3588 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 14:17:11.0341 3588 secdrv - ok 14:17:11.0402 3588 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 14:17:11.0542 3588 seclogon - ok 14:17:11.0572 3588 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 14:17:11.0682 3588 SENS - ok 14:17:11.0722 3588 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 14:17:11.0782 3588 SensrSvc - ok 14:17:11.0834 3588 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 14:17:11.0874 3588 Serenum - ok 14:17:11.0954 3588 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 14:17:12.0014 3588 Serial - ok 14:17:12.0064 3588 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 14:17:12.0124 3588 sermouse - ok 14:17:12.0406 3588 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 14:17:12.0556 3588 SessionEnv - ok 14:17:12.0646 3588 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 14:17:12.0726 3588 SFEP - ok 14:17:12.0816 3588 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 14:17:12.0916 3588 sffdisk - ok 14:17:12.0946 3588 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 14:17:12.0976 3588 sffp_mmc - ok 14:17:13.0016 3588 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 14:17:13.0076 3588 sffp_sd - ok 14:17:13.0138 3588 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 14:17:13.0168 3588 sfloppy - ok 14:17:13.0218 3588 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 14:17:13.0248 3588 Sftfs - ok 14:17:13.0360 3588 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 14:17:13.0390 3588 sftlist - ok 14:17:13.0512 3588 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 14:17:13.0542 3588 Sftplay - ok 14:17:13.0569 3588 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 14:17:13.0584 3588 Sftredir - ok 14:17:13.0624 3588 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 14:17:13.0644 3588 Sftvol - ok 14:17:13.0734 3588 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 14:17:13.0754 3588 sftvsa - ok 14:17:13.0894 3588 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 14:17:13.0964 3588 SharedAccess - ok 14:17:14.0154 3588 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 14:17:14.0244 3588 ShellHWDetection - ok 14:17:14.0404 3588 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 14:17:14.0424 3588 SiSRaid2 - ok 14:17:14.0564 3588 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 14:17:14.0594 3588 SiSRaid4 - ok 14:17:14.0758 3588 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 14:17:14.0818 3588 Smb - ok 14:17:14.0960 3588 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 14:17:15.0030 3588 SNMPTRAP - ok 14:17:15.0160 3588 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe 14:17:15.0170 3588 SOHCImp - ok 14:17:15.0332 3588 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 14:17:15.0352 3588 SOHDms - ok 14:17:15.0422 3588 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe 14:17:15.0442 3588 SOHDs - ok 14:17:15.0542 3588 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe 14:17:15.0562 3588 SpfService - ok 14:17:15.0682 3588 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 14:17:15.0702 3588 spldr - ok 14:17:15.0754 3588 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 14:17:15.0834 3588 Spooler - ok 14:17:15.0954 3588 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 14:17:16.0146 3588 sppsvc - ok 14:17:16.0258 3588 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 14:17:16.0350 3588 sppuinotify - ok 14:17:16.0420 3588 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 14:17:16.0480 3588 srv - ok 14:17:16.0560 3588 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 14:17:16.0610 3588 srv2 - ok 14:17:16.0710 3588 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 14:17:16.0740 3588 srvnet - ok 14:17:16.0850 3588 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 14:17:16.0940 3588 SSDPSRV - ok 14:17:17.0050 3588 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 14:17:17.0150 3588 SstpSvc - ok 14:17:17.0190 3588 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 14:17:17.0210 3588 stexstor - ok 14:17:17.0300 3588 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 14:17:17.0420 3588 stisvc - ok 14:17:17.0500 3588 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 14:17:17.0540 3588 swenum - ok 14:17:17.0750 3588 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 14:17:17.0830 3588 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 14:17:17.0830 3588 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 14:17:17.0950 3588 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 14:17:18.0070 3588 swprv - ok 14:17:18.0240 3588 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 14:17:18.0402 3588 SysMain - ok 14:17:18.0514 3588 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 14:17:18.0604 3588 TabletInputService - ok 14:17:18.0724 3588 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 14:17:18.0846 3588 TapiSrv - ok 14:17:18.0978 3588 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 14:17:19.0088 3588 TBS - ok 14:17:19.0208 3588 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 14:17:19.0358 3588 Tcpip - ok 14:17:19.0470 3588 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 14:17:19.0520 3588 TCPIP6 - ok 14:17:19.0580 3588 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 14:17:19.0703 3588 tcpipreg - ok 14:17:19.0752 3588 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 14:17:19.0802 3588 TDPIPE - ok 14:17:19.0862 3588 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 14:17:19.0922 3588 TDTCP - ok 14:17:19.0982 3588 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 14:17:20.0102 3588 tdx - ok 14:17:20.0172 3588 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 14:17:20.0212 3588 TermDD - ok 14:17:20.0292 3588 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 14:17:20.0452 3588 TermService - ok 14:17:20.0562 3588 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 14:17:20.0622 3588 Themes - ok 14:17:20.0672 3588 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:17:20.0752 3588 THREADORDER - ok 14:17:20.0792 3588 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 14:17:20.0892 3588 TrkWks - ok 14:17:20.0982 3588 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 14:17:21.0112 3588 TrustedInstaller - ok 14:17:21.0172 3588 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:17:21.0265 3588 tssecsrv - ok 14:17:21.0314 3588 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 14:17:21.0334 3588 TsUsbFlt - ok 14:17:21.0384 3588 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 14:17:21.0484 3588 tunnel - ok 14:17:21.0534 3588 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 14:17:21.0584 3588 uagp35 - ok 14:17:21.0644 3588 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 14:17:21.0790 3588 udfs - ok 14:17:21.0866 3588 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 14:17:21.0896 3588 UI0Detect - ok 14:17:21.0956 3588 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 14:17:21.0976 3588 uliagpkx - ok 14:17:22.0026 3588 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 14:17:22.0076 3588 umbus - ok 14:17:22.0156 3588 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 14:17:22.0228 3588 UmPass - ok 14:17:22.0460 3588 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 14:17:22.0582 3588 upnphost - ok 14:17:22.0764 3588 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 14:17:22.0834 3588 upperdev - ok 14:17:22.0984 3588 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys 14:17:23.0047 3588 USBAAPL64 - ok 14:17:23.0256 3588 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 14:17:23.0306 3588 usbccgp - ok 14:17:23.0446 3588 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 14:17:23.0476 3588 usbcir - ok 14:17:23.0598 3588 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 14:17:23.0628 3588 usbehci - ok 14:17:23.0748 3588 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys 14:17:23.0768 3588 usbfilter - ok 14:17:23.0968 3588 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 14:17:24.0018 3588 usbhub - ok 14:17:24.0168 3588 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 14:17:24.0218 3588 usbohci - ok 14:17:24.0398 3588 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 14:17:24.0478 3588 usbprint - ok 14:17:24.0628 3588 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 14:17:24.0688 3588 usbser - ok 14:17:24.0858 3588 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 14:17:24.0898 3588 UsbserFilt - ok 14:17:25.0068 3588 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:17:25.0148 3588 USBSTOR - ok 14:17:25.0318 3588 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 14:17:25.0358 3588 usbuhci - ok 14:17:25.0553 3588 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 14:17:25.0609 3588 usbvideo - ok 14:17:25.0786 3588 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 14:17:25.0984 3588 UxSms - ok 14:17:26.0141 3588 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 14:17:26.0168 3588 VAIO Entertainment TV Device Arbitration Service - ok 14:17:26.0363 3588 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 14:17:26.0396 3588 VAIO Event Service - ok 14:17:26.0563 3588 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe 14:17:26.0602 3588 VAIO Power Management - ok 14:17:26.0718 3588 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:17:26.0753 3588 VaultSvc - ok 14:17:26.0887 3588 VBoxDrv (81952471021f6a6f56dda6ed6b5dd638) C:\Windows\system32\DRIVERS\VBoxDrv.sys 14:17:26.0933 3588 VBoxDrv - ok 14:17:27.0062 3588 VBoxNetAdp (c9f86aeb504355541ec9820e3155e253) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 14:17:27.0093 3588 VBoxNetAdp - ok 14:17:27.0249 3588 VBoxNetFlt (64715ce639d05d753bcd86f5abf4d82a) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 14:17:27.0287 3588 VBoxNetFlt - ok 14:17:27.0434 3588 VBoxUSB (4831ee295c9911b0236867931be493f1) C:\Windows\system32\Drivers\VBoxUSB.sys 14:17:27.0474 3588 VBoxUSB - ok 14:17:27.0638 3588 VBoxUSBMon (edeb78b6a969107a66a5af145ac0a43f) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 14:17:27.0648 3588 VBoxUSBMon - ok 14:17:27.0818 3588 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 14:17:27.0848 3588 VCFw - ok 14:17:28.0018 3588 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 14:17:28.0048 3588 VcmIAlzMgr - ok 14:17:28.0180 3588 VcmINSMgr (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 14:17:28.0200 3588 VcmINSMgr - ok 14:17:28.0390 3588 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe 14:17:28.0410 3588 VcmXmlIfHelper - ok 14:17:28.0760 3588 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe 14:17:28.0780 3588 VCService - ok 14:17:28.0890 3588 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 14:17:28.0910 3588 vdrvroot - ok 14:17:28.0980 3588 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 14:17:29.0072 3588 vds - ok 14:17:29.0172 3588 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 14:17:29.0212 3588 vga - ok 14:17:29.0314 3588 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 14:17:29.0384 3588 VgaSave - ok 14:17:29.0536 3588 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 14:17:29.0556 3588 vhdmp - ok 14:17:29.0628 3588 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 14:17:29.0638 3588 viaide - ok 14:17:29.0668 3588 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 14:17:29.0698 3588 volmgr - ok 14:17:29.0790 3588 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 14:17:29.0830 3588 volmgrx - ok 14:17:29.0970 3588 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 14:17:30.0020 3588 volsnap - ok 14:17:30.0120 3588 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 14:17:30.0150 3588 vsmraid - ok 14:17:30.0372 3588 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 14:17:30.0494 3588 VSS - ok 14:17:30.0667 3588 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe 14:17:30.0698 3588 VUAgent - ok 14:17:30.0830 3588 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 14:17:30.0890 3588 vwifibus - ok 14:17:31.0003 3588 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 14:17:31.0053 3588 vwififlt - ok 14:17:31.0204 3588 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 14:17:31.0224 3588 vwifimp - ok 14:17:31.0466 3588 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 14:17:31.0558 3588 W32Time - ok 14:17:31.0700 3588 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 14:17:31.0750 3588 WacomPen - ok 14:17:31.0940 3588 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:17:32.0020 3588 WANARP - ok 14:17:32.0030 3588 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:17:32.0082 3588 Wanarpv6 - ok 14:17:32.0242 3588 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 14:17:32.0302 3588 WatAdminSvc - ok 14:17:32.0462 3588 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 14:17:32.0594 3588 wbengine - ok 14:17:32.0724 3588 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 14:17:32.0806 3588 WbioSrvc - ok 14:17:32.0936 3588 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 14:17:33.0036 3588 wcncsvc - ok 14:17:33.0156 3588 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 14:17:33.0219 3588 WcsPlugInService - ok 14:17:33.0268 3588 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 14:17:33.0288 3588 Wd - ok 14:17:33.0368 3588 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 14:17:33.0398 3588 Wdf01000 - ok 14:17:33.0438 3588 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:17:33.0510 3588 WdiServiceHost - ok 14:17:33.0522 3588 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:17:33.0558 3588 WdiSystemHost - ok 14:17:33.0715 3588 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 14:17:33.0772 3588 WebClient - ok 14:17:33.0872 3588 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 14:17:33.0964 3588 Wecsvc - ok 14:17:34.0064 3588 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 14:17:34.0144 3588 wercplsupport - ok 14:17:34.0234 3588 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 14:17:34.0384 3588 WerSvc - ok 14:17:34.0454 3588 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 14:17:34.0514 3588 WfpLwf - ok 14:17:34.0534 3588 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 14:17:34.0564 3588 WIMMount - ok 14:17:34.0614 3588 WinDefend - ok 14:17:34.0714 3588 WindowBlinds (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe 14:17:34.0764 3588 WindowBlinds - ok 14:17:34.0814 3588 WinHttpAutoProxySvc - ok 14:17:34.0934 3588 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 14:17:35.0064 3588 Winmgmt - ok 14:17:35.0264 3588 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 14:17:35.0464 3588 WinRM - ok 14:17:35.0646 3588 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 14:17:35.0726 3588 WinUsb - ok 14:17:35.0886 3588 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 14:17:36.0046 3588 Wlansvc - ok 14:17:36.0156 3588 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 14:17:36.0176 3588 wlcrasvc - ok 14:17:36.0278 3588 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:17:36.0348 3588 wlidsvc - ok 14:17:36.0450 3588 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 14:17:36.0520 3588 WmiAcpi - ok 14:17:36.0630 3588 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 14:17:36.0712 3588 wmiApSrv - ok 14:17:36.0784 3588 WMPNetworkSvc - ok 14:17:36.0884 3588 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 14:17:36.0924 3588 WPCSvc - ok 14:17:36.0974 3588 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 14:17:37.0004 3588 WPDBusEnum - ok 14:17:37.0074 3588 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 14:17:37.0184 3588 ws2ifsl - ok 14:17:37.0294 3588 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 14:17:37.0414 3588 wscsvc - ok 14:17:37.0504 3588 WSearch - ok 14:17:37.0656 3588 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 14:17:37.0878 3588 wuauserv - ok 14:17:37.0988 3588 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 14:17:38.0088 3588 WudfPf - ok 14:17:38.0128 3588 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:17:38.0208 3588 WUDFRd - ok 14:17:38.0258 3588 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 14:17:38.0398 3588 wudfsvc - ok 14:17:38.0458 3588 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 14:17:38.0548 3588 WwanSvc - ok 14:17:38.0638 3588 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:17:38.0858 3588 \Device\Harddisk0\DR0 - ok 14:17:38.0868 3588 Boot (0x1200) (263c0ff3e51adaecd439148ccfe93a1e) \Device\Harddisk0\DR0\Partition0 14:17:38.0868 3588 \Device\Harddisk0\DR0\Partition0 - ok 14:17:38.0898 3588 Boot (0x1200) (da14fde0126e5bf1db56a5158c69884c) \Device\Harddisk0\DR0\Partition1 14:17:38.0908 3588 \Device\Harddisk0\DR0\Partition1 - ok 14:17:38.0928 3588 Boot (0x1200) (1c2307a2554ef25fd814817fa3fca47c) \Device\Harddisk0\DR0\Partition2 14:17:38.0938 3588 \Device\Harddisk0\DR0\Partition2 - ok 14:17:38.0938 3588 ============================================================ 14:17:38.0938 3588 Scan finished 14:17:38.0938 3588 ============================================================ 14:17:38.0968 2912 Detected object count: 2 14:17:38.0968 2912 Actual detected object count: 2 14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user 14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip [/size][/font][/color] [color=#444444][font=arial, tahoma, helvetica, sans-serif][size=3]
  12. Step 4 seems didnt work. When i used SecurityCheck.exe theres a windows appear sed.exe has stopped working A problem caused the progam to stop working corectly. Windows will close the program and notify you if a solution is available. Then a notepad appear with no text. 14:15:43.0271 0148 TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47 14:15:44.0491 0148 ============================================================ 14:15:44.0491 0148 Current date / time: 2012/04/22 14:15:44.0491 14:15:44.0491 0148 SystemInfo: 14:15:44.0491 0148 14:15:44.0491 0148 OS Version: 6.1.7601 ServicePack: 1.0 14:15:44.0491 0148 Product type: Workstation 14:15:44.0491 0148 ComputerName: JANEIRO-VAIO 14:15:44.0491 0148 UserName: Janiero 14:15:44.0491 0148 Windows directory: C:\Windows 14:15:44.0491 0148 System windows directory: C:\Windows 14:15:44.0491 0148 Running under WOW64 14:15:44.0491 0148 Processor architecture: Intel x64 14:15:44.0491 0148 Number of processors: 2 14:15:44.0491 0148 Page size: 0x1000 14:15:44.0491 0148 Boot type: Normal boot 14:15:44.0491 0148 ============================================================ 14:15:46.0021 0148 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 14:15:46.0041 0148 \Device\Harddisk0\DR0: 14:15:46.0041 0148 MBR partitions: 14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1320800, BlocksNum 0x32000 14:15:46.0041 0148 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1352800, BlocksNum 0x1F351830 14:15:46.0061 0148 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x206A5000, BlocksNum 0x19CE0800 14:15:46.0101 0148 C: <-> \Device\Harddisk0\DR0\Partition1 14:15:46.0131 0148 D: <-> \Device\Harddisk0\DR0\Partition2 14:15:46.0131 0148 Initialize success 14:15:46.0131 0148 ============================================================ 14:16:12.0263 3588 ============================================================ 14:16:12.0263 3588 Scan started 14:16:12.0263 3588 Mode: Manual; SigCheck; TDLFS; 14:16:12.0263 3588 ============================================================ 14:16:12.0943 3588 !SASCORE (7d9d615201a483d6fa99491c2e655a5a) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE 14:16:13.0113 3588 !SASCORE - ok 14:16:13.0233 3588 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 14:16:13.0373 3588 1394ohci - ok 14:16:13.0443 3588 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 14:16:13.0583 3588 ACDaemon - ok 14:16:13.0673 3588 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 14:16:13.0733 3588 ACPI - ok 14:16:13.0773 3588 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 14:16:13.0913 3588 AcpiPmi - ok 14:16:14.0063 3588 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 14:16:14.0093 3588 AdobeARMservice - ok 14:16:14.0193 3588 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 14:16:14.0263 3588 adp94xx - ok 14:16:14.0315 3588 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 14:16:14.0365 3588 adpahci - ok 14:16:14.0405 3588 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 14:16:14.0455 3588 adpu320 - ok 14:16:14.0485 3588 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 14:16:14.0785 3588 AeLookupSvc - ok 14:16:14.0885 3588 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 14:16:15.0005 3588 AFD - ok 14:16:15.0067 3588 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 14:16:15.0085 3588 agp440 - ok 14:16:15.0122 3588 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 14:16:15.0180 3588 ALG - ok 14:16:15.0232 3588 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 14:16:15.0274 3588 aliide - ok 14:16:15.0311 3588 AMD External Events Utility (8318a3b3ce74b851082af2c0745e979e) C:\Windows\system32\atiesrxx.exe 14:16:15.0441 3588 AMD External Events Utility - ok 14:16:15.0545 3588 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 14:16:15.0573 3588 amdide - ok 14:16:15.0623 3588 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 14:16:15.0702 3588 AmdK8 - ok 14:16:16.0009 3588 amdkmdag (2d597c853db5ea1b1f6d98610039bb50) C:\Windows\system32\DRIVERS\atipmdag.sys 14:16:16.0208 3588 amdkmdag - ok 14:16:16.0308 3588 amdkmdap (04d770537e5ac5c4676b9a83cb21ec0a) C:\Windows\system32\DRIVERS\atikmpag.sys 14:16:16.0352 3588 amdkmdap - ok 14:16:16.0397 3588 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 14:16:16.0437 3588 AmdPPM - ok 14:16:16.0483 3588 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 14:16:16.0501 3588 amdsata - ok 14:16:16.0545 3588 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 14:16:16.0567 3588 amdsbs - ok 14:16:16.0601 3588 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 14:16:16.0619 3588 amdxata - ok 14:16:16.0654 3588 amd_sata (08e8a4172c57abd7693a6915cf1e7a99) C:\Windows\system32\drivers\amd_sata.sys 14:16:16.0668 3588 amd_sata - ok 14:16:16.0708 3588 amd_xata (9866af4e4ad7f16e810b6c0b8473f9cd) C:\Windows\system32\drivers\amd_xata.sys 14:16:16.0721 3588 amd_xata - ok 14:16:16.0769 3588 ApfiltrService (29d63d80f23da504baa2db5d260dd4bd) C:\Windows\system32\DRIVERS\Apfiltr.sys 14:16:16.0788 3588 ApfiltrService - ok 14:16:16.0830 3588 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 14:16:17.0039 3588 AppID - ok 14:16:17.0113 3588 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 14:16:17.0179 3588 AppIDSvc - ok 14:16:17.0226 3588 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 14:16:17.0292 3588 Appinfo - ok 14:16:17.0347 3588 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 14:16:17.0362 3588 Apple Mobile Device - ok 14:16:17.0460 3588 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 14:16:17.0478 3588 arc - ok 14:16:17.0601 3588 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 14:16:17.0620 3588 arcsas - ok 14:16:17.0770 3588 aswFsBlk (4a57b2c375d82cbeb28454e0460d65ad) C:\Windows\system32\drivers\aswFsBlk.sys 14:16:17.0785 3588 aswFsBlk - ok 14:16:17.0927 3588 aswMonFlt (0dfa8428e92fa0398a4557077e03d0be) C:\Windows\system32\drivers\aswMonFlt.sys 14:16:17.0949 3588 aswMonFlt - ok 14:16:18.0138 3588 aswRdr (061bf40c947848b6f4a478c600b0298c) C:\Windows\system32\drivers\aswRdr.sys 14:16:18.0162 3588 aswRdr - ok 14:16:18.0315 3588 aswSnx (9597c6e9091369ef4b94956478d545bf) C:\Windows\system32\drivers\aswSnx.sys 14:16:18.0335 3588 aswSnx - ok 14:16:18.0486 3588 aswSP (6b31b59c48a5f45e9f26de37acae7db4) C:\Windows\system32\drivers\aswSP.sys 14:16:18.0507 3588 aswSP - ok 14:16:18.0707 3588 aswTdi (5c06c8ed0627a970dc7a4b6624f3bd08) C:\Windows\system32\drivers\aswTdi.sys 14:16:18.0721 3588 aswTdi - ok 14:16:18.0828 3588 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 14:16:18.0924 3588 AsyncMac - ok 14:16:19.0035 3588 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 14:16:19.0060 3588 atapi - ok 14:16:19.0133 3588 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys 14:16:19.0247 3588 athr - ok 14:16:19.0364 3588 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\Windows\system32\drivers\AtiPcie.sys 14:16:19.0391 3588 AtiPcie - ok 14:16:19.0477 3588 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:16:19.0653 3588 AudioEndpointBuilder - ok 14:16:19.0675 3588 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 14:16:19.0755 3588 AudioSrv - ok 14:16:19.0876 3588 avast! Antivirus (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 14:16:19.0893 3588 avast! Antivirus - ok 14:16:19.0926 3588 avast! Mail Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 14:16:19.0943 3588 avast! Mail Scanner - ok 14:16:19.0963 3588 avast! Web Scanner (ae28ba1361d8040d8850f21cacfccce9) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe 14:16:19.0983 3588 avast! Web Scanner - ok 14:16:20.0124 3588 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 14:16:20.0245 3588 AxInstSV - ok 14:16:20.0352 3588 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 14:16:20.0429 3588 b06bdrv - ok 14:16:20.0484 3588 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 14:16:20.0562 3588 b57nd60a - ok 14:16:20.0640 3588 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 14:16:20.0730 3588 BDESVC - ok 14:16:20.0828 3588 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 14:16:20.0938 3588 Beep - ok 14:16:20.0997 3588 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 14:16:21.0108 3588 BFE - ok 14:16:21.0179 3588 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 14:16:21.0368 3588 BITS - ok 14:16:21.0478 3588 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 14:16:21.0541 3588 blbdrive - ok 14:16:21.0648 3588 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Program Files (x86)\Bonjour\mDNSResponder.exe 14:16:21.0692 3588 Bonjour Service - ok 14:16:21.0781 3588 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 14:16:21.0815 3588 bowser - ok 14:16:21.0852 3588 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 14:16:21.0906 3588 BrFiltLo - ok 14:16:21.0950 3588 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 14:16:22.0003 3588 BrFiltUp - ok 14:16:22.0048 3588 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 14:16:22.0171 3588 Browser - ok 14:16:22.0387 3588 Browser Defender Update Service (9d5fd177db76a7f5d6b8678870820d3c) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe 14:16:22.0443 3588 Browser Defender Update Service - ok 14:16:22.0539 3588 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 14:16:22.0633 3588 Brserid - ok 14:16:22.0692 3588 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 14:16:22.0760 3588 BrSerWdm - ok 14:16:22.0797 3588 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 14:16:22.0853 3588 BrUsbMdm - ok 14:16:22.0902 3588 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 14:16:22.0965 3588 BrUsbSer - ok 14:16:23.0015 3588 bthav (0b2ee8b36081c1039ea3d20b952a8ddc) C:\Windows\system32\drivers\bthav.sys 14:16:23.0080 3588 bthav - ok 14:16:23.0142 3588 BTHBUS (f3371daab1c4ec83ab8841b9abdf8261) C:\Windows\system32\DRIVERS\bthbus.sys 14:16:23.0240 3588 BTHBUS - ok 14:16:23.0289 3588 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 14:16:23.0379 3588 BthEnum - ok 14:16:23.0465 3588 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 14:16:23.0547 3588 BTHMODEM - ok 14:16:23.0600 3588 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 14:16:23.0666 3588 BthPan - ok 14:16:23.0721 3588 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 14:16:23.0797 3588 BTHPORT - ok 14:16:23.0826 3588 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 14:16:23.0898 3588 bthserv - ok 14:16:23.0955 3588 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 14:16:23.0999 3588 BTHUSB - ok 14:16:24.0041 3588 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 14:16:24.0057 3588 btwaudio - ok 14:16:24.0094 3588 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\DRIVERS\btwavdt.sys 14:16:24.0110 3588 btwavdt - ok 14:16:24.0180 3588 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 14:16:24.0247 3588 btwdins - ok 14:16:24.0347 3588 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 14:16:24.0381 3588 btwl2cap - ok 14:16:24.0420 3588 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys 14:16:24.0454 3588 btwrchid - ok 14:16:24.0595 3588 ccSet_NST (a8ad33c9dd88c810cac00acc7f4329fb) C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys 14:16:24.0636 3588 ccSet_NST - ok 14:16:24.0686 3588 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 14:16:24.0820 3588 cdfs - ok 14:16:24.0871 3588 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 14:16:24.0939 3588 cdrom - ok 14:16:24.0996 3588 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:16:25.0121 3588 CertPropSvc - ok 14:16:25.0174 3588 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 14:16:25.0255 3588 circlass - ok 14:16:25.0309 3588 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 14:16:25.0411 3588 CLFS - ok 14:16:25.0492 3588 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 14:16:25.0535 3588 clr_optimization_v2.0.50727_32 - ok 14:16:25.0584 3588 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 14:16:25.0627 3588 clr_optimization_v2.0.50727_64 - ok 14:16:25.0688 3588 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 14:16:25.0771 3588 clr_optimization_v4.0.30319_32 - ok 14:16:25.0879 3588 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 14:16:25.0916 3588 clr_optimization_v4.0.30319_64 - ok 14:16:25.0976 3588 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 14:16:26.0046 3588 CmBatt - ok 14:16:26.0111 3588 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 14:16:26.0151 3588 cmdide - ok 14:16:26.0216 3588 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys 14:16:26.0291 3588 CNG - ok 14:16:26.0365 3588 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 14:16:26.0386 3588 Compbatt - ok 14:16:26.0433 3588 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 14:16:26.0475 3588 CompositeBus - ok 14:16:26.0488 3588 COMSysApp - ok 14:16:26.0533 3588 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 14:16:26.0548 3588 crcdisk - ok 14:16:26.0603 3588 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll 14:16:26.0765 3588 CryptSvc - ok 14:16:27.0024 3588 CSIScanner (5131d2469b6b19dc20b446ebe43ebb79) C:\Program Files\Prevx\prevx.exe 14:16:27.0160 3588 CSIScanner - ok 14:16:27.0280 3588 cvhsvc (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 14:16:27.0360 3588 cvhsvc - ok 14:16:27.0472 3588 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:16:27.0657 3588 DcomLaunch - ok 14:16:27.0713 3588 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 14:16:27.0872 3588 defragsvc - ok 14:16:27.0934 3588 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 14:16:28.0046 3588 DfsC - ok 14:16:28.0099 3588 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 14:16:28.0257 3588 Dhcp - ok 14:16:28.0302 3588 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 14:16:28.0400 3588 discache - ok 14:16:28.0445 3588 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 14:16:28.0488 3588 Disk - ok 14:16:28.0542 3588 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 14:16:28.0606 3588 Dnscache - ok 14:16:28.0661 3588 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 14:16:28.0726 3588 dot3svc - ok 14:16:28.0777 3588 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 14:16:28.0852 3588 DPS - ok 14:16:28.0901 3588 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 14:16:28.0973 3588 drmkaud - ok 14:16:29.0120 3588 DrvAgent64 (1ed08a6264c5c92099d6d1dae5e8f530) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS 14:16:29.0164 3588 DrvAgent64 - ok 14:16:29.0274 3588 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 14:16:29.0337 3588 DXGKrnl - ok 14:16:29.0374 3588 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 14:16:29.0473 3588 EapHost - ok 14:16:29.0599 3588 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 14:16:29.0829 3588 ebdrv - ok 14:16:29.0941 3588 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 14:16:30.0041 3588 EFS - ok 14:16:30.0131 3588 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 14:16:30.0251 3588 ehRecvr - ok 14:16:30.0311 3588 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 14:16:30.0371 3588 ehSched - ok 14:16:30.0453 3588 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 14:16:30.0513 3588 elxstor - ok 14:16:30.0563 3588 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 14:16:30.0633 3588 ErrDev - ok 14:16:30.0795 3588 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 14:16:30.0975 3588 EventSystem - ok 14:16:31.0025 3588 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 14:16:31.0169 3588 exfat - ok 14:16:31.0207 3588 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 14:16:31.0277 3588 fastfat - ok 14:16:31.0417 3588 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 14:16:31.0535 3588 Fax - ok 14:16:31.0579 3588 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 14:16:31.0619 3588 fdc - ok 14:16:31.0679 3588 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 14:16:31.0739 3588 fdPHost - ok 14:16:31.0759 3588 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 14:16:31.0839 3588 FDResPub - ok 14:16:31.0889 3588 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 14:16:31.0899 3588 FileInfo - ok 14:16:31.0929 3588 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 14:16:31.0999 3588 Filetrace - ok 14:16:32.0039 3588 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 14:16:32.0089 3588 flpydisk - ok 14:16:32.0139 3588 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 14:16:32.0169 3588 FltMgr - ok 14:16:32.0219 3588 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 14:16:32.0339 3588 FontCache - ok 14:16:32.0479 3588 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 14:16:32.0509 3588 FontCache3.0.0.0 - ok 14:16:32.0599 3588 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 14:16:32.0639 3588 FsDepends - ok 14:16:32.0799 3588 FSProFilter (8197c85348a33bccfe80dd6e2db53903) C:\Windows\system32\Drivers\FSPFltd.sys 14:16:32.0839 3588 FSProFilter - ok 14:16:32.0959 3588 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys 14:16:32.0989 3588 fssfltr - ok 14:16:33.0139 3588 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 14:16:33.0199 3588 fsssvc - ok 14:16:33.0309 3588 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 14:16:33.0359 3588 Fs_Rec - ok 14:16:33.0469 3588 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 14:16:33.0529 3588 fvevol - ok 14:16:33.0671 3588 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 14:16:33.0718 3588 gagp30kx - ok 14:16:33.0863 3588 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 14:16:33.0883 3588 GEARAspiWDM - ok 14:16:34.0015 3588 GGSAFERDriver - ok 14:16:34.0125 3588 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 14:16:34.0225 3588 gpsvc - ok 14:16:34.0355 3588 GPU-Z - ok 14:16:34.0425 3588 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:16:34.0445 3588 gupdate - ok 14:16:34.0465 3588 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 14:16:34.0495 3588 gupdatem - ok 14:16:34.0585 3588 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 14:16:34.0645 3588 hcw85cir - ok 14:16:34.0825 3588 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 14:16:34.0875 3588 HdAudAddService - ok 14:16:34.0995 3588 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 14:16:35.0045 3588 HDAudBus - ok 14:16:35.0095 3588 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 14:16:35.0165 3588 HidBatt - ok 14:16:35.0217 3588 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 14:16:35.0277 3588 HidBth - ok 14:16:35.0327 3588 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 14:16:35.0387 3588 HidIr - ok 14:16:35.0437 3588 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll 14:16:35.0587 3588 hidserv - ok 14:16:35.0667 3588 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 14:16:35.0717 3588 HidUsb - ok 14:16:35.0767 3588 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 14:16:35.0867 3588 hkmsvc - ok 14:16:35.0907 3588 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 14:16:35.0969 3588 HomeGroupListener - ok 14:16:36.0009 3588 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 14:16:36.0069 3588 HomeGroupProvider - ok 14:16:36.0129 3588 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 14:16:36.0179 3588 HpSAMD - ok 14:16:36.0231 3588 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 14:16:36.0333 3588 HTTP - ok 14:16:36.0463 3588 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 14:16:36.0503 3588 hwpolicy - ok 14:16:36.0563 3588 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys 14:16:36.0603 3588 i8042prt - ok 14:16:36.0675 3588 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 14:16:36.0705 3588 iaStorV - ok 14:16:36.0815 3588 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 14:16:36.0855 3588 idsvc - ok 14:16:36.0917 3588 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 14:16:36.0947 3588 iirsp - ok 14:16:37.0019 3588 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 14:16:37.0129 3588 IKEEXT - ok 14:16:37.0291 3588 IntcAzAudAddService (490947a9aff7ca31ef2e08f5776105eb) C:\Windows\system32\drivers\RTKVHD64.sys 14:16:37.0341 3588 IntcAzAudAddService - ok 14:16:37.0395 3588 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 14:16:37.0413 3588 intelide - ok 14:16:37.0453 3588 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 14:16:37.0493 3588 intelppm - ok 14:16:37.0553 3588 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 14:16:37.0633 3588 IPBusEnum - ok 14:16:37.0693 3588 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 14:16:37.0773 3588 IpFilterDriver - ok 14:16:37.0823 3588 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 14:16:37.0913 3588 iphlpsvc - ok 14:16:37.0983 3588 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 14:16:38.0003 3588 IPMIDRV - ok 14:16:38.0043 3588 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 14:16:38.0123 3588 IPNAT - ok 14:16:38.0233 3588 iPod Service (a3bda1a8a016b5e5a525bcf684894ebe) C:\Program Files\iPod\bin\iPodService.exe 14:16:38.0263 3588 iPod Service - ok 14:16:38.0383 3588 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 14:16:38.0433 3588 IRENUM - ok 14:16:38.0563 3588 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 14:16:38.0583 3588 isapnp - ok 14:16:38.0673 3588 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 14:16:38.0723 3588 iScsiPrt - ok 14:16:38.0823 3588 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 14:16:38.0843 3588 kbdclass - ok 14:16:38.0933 3588 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 14:16:39.0003 3588 kbdhid - ok 14:16:39.0103 3588 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:16:39.0173 3588 KeyIso - ok 14:16:39.0245 3588 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys 14:16:39.0295 3588 KSecDD - ok 14:16:39.0395 3588 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys 14:16:39.0435 3588 KSecPkg - ok 14:16:39.0525 3588 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 14:16:39.0675 3588 ksthunk - ok 14:16:39.0847 3588 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 14:16:40.0017 3588 KtmRm - ok 14:16:40.0277 3588 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll 14:16:40.0427 3588 LanmanServer - ok 14:16:40.0547 3588 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 14:16:40.0627 3588 LanmanWorkstation - ok 14:16:40.0737 3588 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 14:16:40.0867 3588 lltdio - ok 14:16:41.0017 3588 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 14:16:41.0197 3588 lltdsvc - ok 14:16:41.0327 3588 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 14:16:41.0457 3588 lmhosts - ok 14:16:41.0617 3588 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 14:16:41.0657 3588 LSI_FC - ok 14:16:41.0797 3588 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 14:16:41.0837 3588 LSI_SAS - ok 14:16:41.0987 3588 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 14:16:42.0027 3588 LSI_SAS2 - ok 14:16:42.0170 3588 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 14:16:42.0218 3588 LSI_SCSI - ok 14:16:42.0393 3588 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 14:16:42.0498 3588 luafv - ok 14:16:42.0689 3588 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys 14:16:42.0731 3588 MBAMProtector - ok 14:16:43.0007 3588 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 14:16:43.0071 3588 MBAMService - ok 14:16:43.0211 3588 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 14:16:43.0304 3588 Mcx2Svc - ok 14:16:43.0611 3588 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 14:16:43.0666 3588 megasas - ok 14:16:43.0805 3588 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 14:16:43.0859 3588 MegaSR - ok 14:16:44.0036 3588 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe 14:16:44.0074 3588 Microsoft Office Groove Audit Service - ok 14:16:44.0181 3588 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:16:44.0322 3588 MMCSS - ok 14:16:44.0448 3588 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 14:16:44.0567 3588 Modem - ok 14:16:44.0711 3588 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 14:16:44.0761 3588 monitor - ok 14:16:44.0916 3588 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 14:16:44.0959 3588 mouclass - ok 14:16:45.0053 3588 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 14:16:45.0128 3588 mouhid - ok 14:16:45.0281 3588 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 14:16:45.0327 3588 mountmgr - ok 14:16:45.0435 3588 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 14:16:45.0483 3588 mpio - ok 14:16:45.0621 3588 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 14:16:45.0741 3588 mpsdrv - ok 14:16:45.0914 3588 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 14:16:46.0090 3588 MpsSvc - ok 14:16:46.0255 3588 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 14:16:46.0340 3588 MRxDAV - ok 14:16:46.0490 3588 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 14:16:46.0585 3588 mrxsmb - ok 14:16:46.0734 3588 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 14:16:46.0817 3588 mrxsmb10 - ok 14:16:46.0967 3588 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 14:16:47.0018 3588 mrxsmb20 - ok 14:16:47.0162 3588 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 14:16:47.0208 3588 msahci - ok 14:16:47.0307 3588 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 14:16:47.0354 3588 msdsm - ok 14:16:47.0491 3588 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 14:16:47.0580 3588 MSDTC - ok 14:16:47.0799 3588 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 14:16:47.0896 3588 Msfs - ok 14:16:48.0069 3588 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 14:16:48.0196 3588 mshidkmdf - ok 14:16:48.0341 3588 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 14:16:48.0381 3588 msisadrv - ok 14:16:48.0476 3588 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 14:16:48.0583 3588 MSiSCSI - ok 14:16:48.0658 3588 msiserver - ok 14:16:48.0716 3588 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 14:16:48.0847 3588 MSKSSRV - ok 14:16:49.0009 3588 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 14:16:49.0112 3588 MSPCLOCK - ok 14:16:49.0249 3588 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 14:16:49.0380 3588 MSPQM - ok 14:16:49.0543 3588 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 14:16:49.0602 3588 MsRPC - ok 14:16:49.0714 3588 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 14:16:49.0736 3588 mssmbios - ok 14:16:49.0797 3588 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 14:16:49.0931 3588 MSTEE - ok 14:16:49.0993 3588 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 14:16:50.0059 3588 MTConfig - ok 14:16:50.0104 3588 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 14:16:50.0149 3588 Mup - ok 14:16:50.0209 3588 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 14:16:50.0318 3588 napagent - ok 14:16:50.0379 3588 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 14:16:50.0474 3588 NativeWifiP - ok 14:16:50.0546 3588 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 14:16:50.0647 3588 NDIS - ok 14:16:50.0707 3588 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 14:16:50.0778 3588 NdisCap - ok 14:16:50.0811 3588 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 14:16:50.0859 3588 NdisTapi - ok 14:16:50.0907 3588 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 14:16:50.0975 3588 Ndisuio - ok 14:16:51.0125 3588 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 14:16:51.0195 3588 NdisWan - ok 14:16:51.0279 3588 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 14:16:51.0325 3588 NDProxy - ok 14:16:51.0495 3588 Nero BackItUp Scheduler 4.0 (7d2633295eb6ff2b938185874884059d) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe 14:16:51.0526 3588 Nero BackItUp Scheduler 4.0 - ok 14:16:51.0649 3588 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 14:16:51.0701 3588 NetBIOS - ok 14:16:51.0855 3588 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 14:16:51.0927 3588 NetBT - ok 14:16:52.0086 3588 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:16:52.0109 3588 Netlogon - ok 14:16:52.0218 3588 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 14:16:52.0324 3588 Netman - ok 14:16:52.0469 3588 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 14:16:52.0644 3588 netprofm - ok 14:16:52.0759 3588 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 14:16:52.0796 3588 NetTcpPortSharing - ok 14:16:52.0921 3588 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 14:16:52.0944 3588 nfrd960 - ok 14:16:53.0108 3588 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 14:16:53.0218 3588 NlaSvc - ok 14:16:53.0438 3588 nmwcd (907b5e1e4a592e5edc5e4ccbde4863c2) C:\Windows\system32\drivers\ccdcmbx64.sys 14:16:53.0493 3588 nmwcd - ok 14:16:53.0710 3588 nmwcdc (41c1ac1f3613435eb32d67bcb80a5fa5) C:\Windows\system32\drivers\ccdcmbox64.sys 14:16:53.0810 3588 nmwcdc - ok 14:16:53.0980 3588 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 14:16:54.0045 3588 Npfs - ok 14:16:54.0172 3588 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 14:16:54.0232 3588 nsi - ok 14:16:54.0404 3588 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 14:16:54.0504 3588 nsiproxy - ok 14:16:54.0644 3588 NSL (e127420b7feb65c7f279eaac183bbc0e) C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe 14:16:54.0684 3588 NSL - ok 14:16:54.0864 3588 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 14:16:54.0940 3588 Ntfs - ok 14:16:55.0096 3588 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 14:16:55.0216 3588 Null - ok 14:16:55.0386 3588 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 14:16:55.0416 3588 nvraid - ok 14:16:55.0566 3588 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 14:16:55.0616 3588 nvstor - ok 14:16:55.0768 3588 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 14:16:55.0828 3588 nv_agp - ok 14:16:55.0940 3588 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe 14:16:55.0995 3588 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning 14:16:55.0995 3588 Oasis2Service - detected UnsignedFile.Multi.Generic (1) 14:16:56.0152 3588 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 14:16:56.0202 3588 odserv - ok 14:16:56.0352 3588 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 14:16:56.0452 3588 ohci1394 - ok 14:16:56.0542 3588 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 14:16:56.0582 3588 ose - ok 14:16:56.0774 3588 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 14:16:57.0034 3588 osppsvc - ok 14:16:57.0144 3588 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:16:57.0264 3588 p2pimsvc - ok 14:16:57.0306 3588 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 14:16:57.0346 3588 p2psvc - ok 14:16:57.0386 3588 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 14:16:57.0426 3588 Parport - ok 14:16:57.0476 3588 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys 14:16:57.0496 3588 partmgr - ok 14:16:57.0546 3588 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 14:16:57.0616 3588 PcaSvc - ok 14:16:57.0686 3588 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 14:16:57.0736 3588 pci - ok 14:16:57.0776 3588 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 14:16:57.0816 3588 pciide - ok 14:16:57.0862 3588 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 14:16:57.0878 3588 pcmcia - ok 14:16:57.0918 3588 PCTBD (99a3a277a99c437283324067970e1d37) C:\Windows\system32\Drivers\PCTBD64.sys 14:16:57.0938 3588 PCTBD - ok 14:16:58.0008 3588 PCTCore (dbb55b4da79a6f59b63e233907ba6bae) C:\Windows\system32\drivers\PCTCore64.sys 14:16:58.0038 3588 PCTCore - ok 14:16:58.0130 3588 pctDS (ba1f42a42f405f62ceff6b69a2797f7c) C:\Windows\system32\drivers\pctDS64.sys 14:16:58.0160 3588 pctDS - ok 14:16:58.0230 3588 pctEFA (146cc91c93ced13e7fe40e8d8615be39) C:\Windows\system32\drivers\pctEFA64.sys 14:16:58.0290 3588 pctEFA - ok 14:16:58.0360 3588 PCTSD (afa19eff0197c474379ed904e25a995d) C:\Windows\system32\Drivers\PCTSD64.sys 14:16:58.0380 3588 PCTSD - ok 14:16:58.0420 3588 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 14:16:58.0440 3588 pcw - ok 14:16:58.0470 3588 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 14:16:58.0581 3588 PEAUTH - ok 14:16:58.0636 3588 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 14:16:58.0702 3588 PerfHost - ok 14:16:58.0824 3588 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 14:16:58.0944 3588 pla - ok 14:16:59.0114 3588 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 14:16:59.0204 3588 PlugPlay - ok 14:16:59.0324 3588 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 14:16:59.0364 3588 PMBDeviceInfoProvider - ok 14:16:59.0464 3588 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 14:16:59.0504 3588 PNRPAutoReg - ok 14:16:59.0574 3588 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 14:16:59.0624 3588 PNRPsvc - ok 14:16:59.0764 3588 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 14:16:59.0963 3588 PolicyAgent - ok 14:17:00.0086 3588 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 14:17:00.0276 3588 Power - ok 14:17:00.0386 3588 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 14:17:00.0501 3588 PptpMiniport - ok 14:17:00.0638 3588 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 14:17:00.0708 3588 Processor - ok 14:17:00.0878 3588 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll 14:17:01.0028 3588 ProfSvc - ok 14:17:01.0208 3588 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:17:01.0268 3588 ProtectedStorage - ok 14:17:01.0428 3588 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 14:17:01.0528 3588 Psched - ok 14:17:01.0648 3588 PxHlpa64 (4712cc14e720ecccc0aa16949d18aaf1) C:\Windows\system32\Drivers\PxHlpa64.sys 14:17:01.0688 3588 PxHlpa64 - ok 14:17:01.0858 3588 pxkbf (ba5f7c107eace67973b4b798832a74c7) C:\Windows\system32\drivers\pxkbf.sys 14:17:01.0904 3588 pxkbf - ok 14:17:02.0120 3588 pxrts (007e57428802f587d0d6737ae7a9d989) C:\Windows\system32\drivers\pxrts.sys 14:17:02.0140 3588 pxrts - ok 14:17:02.0332 3588 pxscan (66d4d00c8908888a68b749d91f1e6789) C:\Windows\system32\drivers\pxscan.sys 14:17:02.0342 3588 pxscan - ok 14:17:02.0522 3588 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 14:17:02.0614 3588 ql2300 - ok 14:17:02.0766 3588 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 14:17:02.0796 3588 ql40xx - ok 14:17:02.0926 3588 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 14:17:02.0986 3588 QWAVE - ok 14:17:03.0166 3588 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 14:17:03.0206 3588 QWAVEdrv - ok 14:17:03.0346 3588 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 14:17:03.0416 3588 RasAcd - ok 14:17:03.0556 3588 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 14:17:03.0633 3588 RasAgileVpn - ok 14:17:03.0778 3588 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 14:17:03.0858 3588 RasAuto - ok 14:17:04.0018 3588 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 14:17:04.0078 3588 Rasl2tp - ok 14:17:04.0250 3588 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 14:17:04.0410 3588 RasMan - ok 14:17:04.0570 3588 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 14:17:04.0708 3588 RasPppoe - ok 14:17:04.0812 3588 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 14:17:04.0962 3588 RasSstp - ok 14:17:05.0142 3588 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 14:17:05.0244 3588 rdbss - ok 14:17:05.0414 3588 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 14:17:05.0494 3588 rdpbus - ok 14:17:05.0674 3588 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 14:17:05.0764 3588 RDPCDD - ok 14:17:05.0934 3588 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 14:17:06.0026 3588 RDPENCDD - ok 14:17:06.0186 3588 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 14:17:06.0286 3588 RDPREFMP - ok 14:17:06.0466 3588 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys 14:17:06.0566 3588 RDPWD - ok 14:17:06.0766 3588 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 14:17:06.0816 3588 rdyboost - ok 14:17:06.0986 3588 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 14:17:07.0098 3588 RemoteAccess - ok 14:17:07.0278 3588 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 14:17:07.0428 3588 RemoteRegistry - ok 14:17:07.0598 3588 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 14:17:07.0650 3588 RFCOMM - ok 14:17:07.0800 3588 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 14:17:07.0940 3588 RpcEptMapper - ok 14:17:08.0100 3588 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 14:17:08.0190 3588 RpcLocator - ok 14:17:08.0390 3588 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 14:17:08.0472 3588 RpcSs - ok 14:17:08.0612 3588 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 14:17:08.0702 3588 rspndr - ok 14:17:08.0874 3588 RSUSBSTOR (5aab4808e8ccae8c2ecda5b791260616) C:\Windows\system32\Drivers\RtsUStor.sys 14:17:08.0904 3588 RSUSBSTOR - ok 14:17:09.0054 3588 RTHDMIAzAudService (d6d381b76056c668679723938f06f16c) C:\Windows\system32\drivers\RtHDMIVX.sys 14:17:09.0094 3588 RTHDMIAzAudService - ok 14:17:09.0264 3588 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys 14:17:09.0314 3588 RTL8167 - ok 14:17:09.0506 3588 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:17:09.0546 3588 SamSs - ok 14:17:09.0686 3588 SASDIFSV (3289766038db2cb14d07dc84392138d5) C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS 14:17:09.0716 3588 SASDIFSV - ok 14:17:09.0776 3588 SASKUTIL (58a38e75f3316a83c23df6173d41f2b5) C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS 14:17:09.0806 3588 SASKUTIL - ok 14:17:09.0906 3588 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 14:17:09.0936 3588 sbp2port - ok 14:17:09.0986 3588 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 14:17:10.0056 3588 SCardSvr - ok 14:17:10.0116 3588 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 14:17:10.0186 3588 scfilter - ok 14:17:10.0276 3588 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 14:17:10.0418 3588 Schedule - ok 14:17:10.0538 3588 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 14:17:10.0618 3588 SCPolicySvc - ok 14:17:10.0798 3588 sdAuxService (17d6a03103586d7954ba74c2219ce1bb) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe 14:17:10.0848 3588 sdAuxService - ok 14:17:10.0908 3588 sdCoreService (697e0a2a300ee8719cafae55b4771053) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe 14:17:10.0948 3588 sdCoreService - ok 14:17:11.0040 3588 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 14:17:11.0140 3588 SDRSVC - ok 14:17:11.0210 3588 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 14:17:11.0341 3588 secdrv - ok 14:17:11.0402 3588 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 14:17:11.0542 3588 seclogon - ok 14:17:11.0572 3588 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 14:17:11.0682 3588 SENS - ok 14:17:11.0722 3588 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 14:17:11.0782 3588 SensrSvc - ok 14:17:11.0834 3588 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 14:17:11.0874 3588 Serenum - ok 14:17:11.0954 3588 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 14:17:12.0014 3588 Serial - ok 14:17:12.0064 3588 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 14:17:12.0124 3588 sermouse - ok 14:17:12.0406 3588 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 14:17:12.0556 3588 SessionEnv - ok 14:17:12.0646 3588 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys 14:17:12.0726 3588 SFEP - ok 14:17:12.0816 3588 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 14:17:12.0916 3588 sffdisk - ok 14:17:12.0946 3588 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 14:17:12.0976 3588 sffp_mmc - ok 14:17:13.0016 3588 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 14:17:13.0076 3588 sffp_sd - ok 14:17:13.0138 3588 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 14:17:13.0168 3588 sfloppy - ok 14:17:13.0218 3588 Sftfs (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys 14:17:13.0248 3588 Sftfs - ok 14:17:13.0360 3588 sftlist (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 14:17:13.0390 3588 sftlist - ok 14:17:13.0512 3588 Sftplay (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys 14:17:13.0542 3588 Sftplay - ok 14:17:13.0569 3588 Sftredir (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys 14:17:13.0584 3588 Sftredir - ok 14:17:13.0624 3588 Sftvol (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys 14:17:13.0644 3588 Sftvol - ok 14:17:13.0734 3588 sftvsa (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 14:17:13.0754 3588 sftvsa - ok 14:17:13.0894 3588 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 14:17:13.0964 3588 SharedAccess - ok 14:17:14.0154 3588 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 14:17:14.0244 3588 ShellHWDetection - ok 14:17:14.0404 3588 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 14:17:14.0424 3588 SiSRaid2 - ok 14:17:14.0564 3588 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 14:17:14.0594 3588 SiSRaid4 - ok 14:17:14.0758 3588 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 14:17:14.0818 3588 Smb - ok 14:17:14.0960 3588 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 14:17:15.0030 3588 SNMPTRAP - ok 14:17:15.0160 3588 SOHCImp (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe 14:17:15.0170 3588 SOHCImp - ok 14:17:15.0332 3588 SOHDms (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 14:17:15.0352 3588 SOHDms - ok 14:17:15.0422 3588 SOHDs (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe 14:17:15.0442 3588 SOHDs - ok 14:17:15.0542 3588 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe 14:17:15.0562 3588 SpfService - ok 14:17:15.0682 3588 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 14:17:15.0702 3588 spldr - ok 14:17:15.0754 3588 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 14:17:15.0834 3588 Spooler - ok 14:17:15.0954 3588 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 14:17:16.0146 3588 sppsvc - ok 14:17:16.0258 3588 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 14:17:16.0350 3588 sppuinotify - ok 14:17:16.0420 3588 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 14:17:16.0480 3588 srv - ok 14:17:16.0560 3588 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 14:17:16.0610 3588 srv2 - ok 14:17:16.0710 3588 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 14:17:16.0740 3588 srvnet - ok 14:17:16.0850 3588 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 14:17:16.0940 3588 SSDPSRV - ok 14:17:17.0050 3588 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 14:17:17.0150 3588 SstpSvc - ok 14:17:17.0190 3588 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 14:17:17.0210 3588 stexstor - ok 14:17:17.0300 3588 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 14:17:17.0420 3588 stisvc - ok 14:17:17.0500 3588 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 14:17:17.0540 3588 swenum - ok 14:17:17.0750 3588 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 14:17:17.0830 3588 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning 14:17:17.0830 3588 SwitchBoard - detected UnsignedFile.Multi.Generic (1) 14:17:17.0950 3588 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 14:17:18.0070 3588 swprv - ok 14:17:18.0240 3588 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 14:17:18.0402 3588 SysMain - ok 14:17:18.0514 3588 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 14:17:18.0604 3588 TabletInputService - ok 14:17:18.0724 3588 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 14:17:18.0846 3588 TapiSrv - ok 14:17:18.0978 3588 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 14:17:19.0088 3588 TBS - ok 14:17:19.0208 3588 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys 14:17:19.0358 3588 Tcpip - ok 14:17:19.0470 3588 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys 14:17:19.0520 3588 TCPIP6 - ok 14:17:19.0580 3588 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 14:17:19.0703 3588 tcpipreg - ok 14:17:19.0752 3588 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 14:17:19.0802 3588 TDPIPE - ok 14:17:19.0862 3588 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 14:17:19.0922 3588 TDTCP - ok 14:17:19.0982 3588 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 14:17:20.0102 3588 tdx - ok 14:17:20.0172 3588 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 14:17:20.0212 3588 TermDD - ok 14:17:20.0292 3588 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 14:17:20.0452 3588 TermService - ok 14:17:20.0562 3588 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 14:17:20.0622 3588 Themes - ok 14:17:20.0672 3588 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 14:17:20.0752 3588 THREADORDER - ok 14:17:20.0792 3588 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 14:17:20.0892 3588 TrkWks - ok 14:17:20.0982 3588 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 14:17:21.0112 3588 TrustedInstaller - ok 14:17:21.0172 3588 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 14:17:21.0265 3588 tssecsrv - ok 14:17:21.0314 3588 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 14:17:21.0334 3588 TsUsbFlt - ok 14:17:21.0384 3588 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 14:17:21.0484 3588 tunnel - ok 14:17:21.0534 3588 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 14:17:21.0584 3588 uagp35 - ok 14:17:21.0644 3588 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 14:17:21.0790 3588 udfs - ok 14:17:21.0866 3588 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 14:17:21.0896 3588 UI0Detect - ok 14:17:21.0956 3588 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 14:17:21.0976 3588 uliagpkx - ok 14:17:22.0026 3588 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 14:17:22.0076 3588 umbus - ok 14:17:22.0156 3588 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 14:17:22.0228 3588 UmPass - ok 14:17:22.0460 3588 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 14:17:22.0582 3588 upnphost - ok 14:17:22.0764 3588 upperdev (4e93c8496359e97830c75ac36393654d) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys 14:17:22.0834 3588 upperdev - ok 14:17:22.0984 3588 USBAAPL64 (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys 14:17:23.0047 3588 USBAAPL64 - ok 14:17:23.0256 3588 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 14:17:23.0306 3588 usbccgp - ok 14:17:23.0446 3588 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 14:17:23.0476 3588 usbcir - ok 14:17:23.0598 3588 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys 14:17:23.0628 3588 usbehci - ok 14:17:23.0748 3588 usbfilter (2c780746dc44a28fe67004dc58173f05) C:\Windows\system32\DRIVERS\usbfilter.sys 14:17:23.0768 3588 usbfilter - ok 14:17:23.0968 3588 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 14:17:24.0018 3588 usbhub - ok 14:17:24.0168 3588 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys 14:17:24.0218 3588 usbohci - ok 14:17:24.0398 3588 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys 14:17:24.0478 3588 usbprint - ok 14:17:24.0628 3588 usbser (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys 14:17:24.0688 3588 usbser - ok 14:17:24.0858 3588 UsbserFilt (8844cb19a37b65e27049d4a7786726a9) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys 14:17:24.0898 3588 UsbserFilt - ok 14:17:25.0068 3588 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 14:17:25.0148 3588 USBSTOR - ok 14:17:25.0318 3588 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys 14:17:25.0358 3588 usbuhci - ok 14:17:25.0553 3588 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 14:17:25.0609 3588 usbvideo - ok 14:17:25.0786 3588 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 14:17:25.0984 3588 UxSms - ok 14:17:26.0141 3588 VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 14:17:26.0168 3588 VAIO Entertainment TV Device Arbitration Service - ok 14:17:26.0363 3588 VAIO Event Service (218f78b39832a2a0761ce2422828a57c) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 14:17:26.0396 3588 VAIO Event Service - ok 14:17:26.0563 3588 VAIO Power Management (1cf1a4dd7a58c966c9014b83c7229cf3) C:\Program Files\Sony\VAIO Power Management\SPMService.exe 14:17:26.0602 3588 VAIO Power Management - ok 14:17:26.0718 3588 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 14:17:26.0753 3588 VaultSvc - ok 14:17:26.0887 3588 VBoxDrv (81952471021f6a6f56dda6ed6b5dd638) C:\Windows\system32\DRIVERS\VBoxDrv.sys 14:17:26.0933 3588 VBoxDrv - ok 14:17:27.0062 3588 VBoxNetAdp (c9f86aeb504355541ec9820e3155e253) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys 14:17:27.0093 3588 VBoxNetAdp - ok 14:17:27.0249 3588 VBoxNetFlt (64715ce639d05d753bcd86f5abf4d82a) C:\Windows\system32\DRIVERS\VBoxNetFlt.sys 14:17:27.0287 3588 VBoxNetFlt - ok 14:17:27.0434 3588 VBoxUSB (4831ee295c9911b0236867931be493f1) C:\Windows\system32\Drivers\VBoxUSB.sys 14:17:27.0474 3588 VBoxUSB - ok 14:17:27.0638 3588 VBoxUSBMon (edeb78b6a969107a66a5af145ac0a43f) C:\Windows\system32\DRIVERS\VBoxUSBMon.sys 14:17:27.0648 3588 VBoxUSBMon - ok 14:17:27.0818 3588 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 14:17:27.0848 3588 VCFw - ok 14:17:28.0018 3588 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 14:17:28.0048 3588 VcmIAlzMgr - ok 14:17:28.0180 3588 VcmINSMgr (7a88cfd3fe99f2c9b95a6e2a08b96e14) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 14:17:28.0200 3588 VcmINSMgr - ok 14:17:28.0390 3588 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe 14:17:28.0410 3588 VcmXmlIfHelper - ok 14:17:28.0760 3588 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe 14:17:28.0780 3588 VCService - ok 14:17:28.0890 3588 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 14:17:28.0910 3588 vdrvroot - ok 14:17:28.0980 3588 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 14:17:29.0072 3588 vds - ok 14:17:29.0172 3588 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 14:17:29.0212 3588 vga - ok 14:17:29.0314 3588 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 14:17:29.0384 3588 VgaSave - ok 14:17:29.0536 3588 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 14:17:29.0556 3588 vhdmp - ok 14:17:29.0628 3588 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 14:17:29.0638 3588 viaide - ok 14:17:29.0668 3588 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 14:17:29.0698 3588 volmgr - ok 14:17:29.0790 3588 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 14:17:29.0830 3588 volmgrx - ok 14:17:29.0970 3588 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 14:17:30.0020 3588 volsnap - ok 14:17:30.0120 3588 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 14:17:30.0150 3588 vsmraid - ok 14:17:30.0372 3588 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 14:17:30.0494 3588 VSS - ok 14:17:30.0667 3588 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe 14:17:30.0698 3588 VUAgent - ok 14:17:30.0830 3588 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 14:17:30.0890 3588 vwifibus - ok 14:17:31.0003 3588 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 14:17:31.0053 3588 vwififlt - ok 14:17:31.0204 3588 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys 14:17:31.0224 3588 vwifimp - ok 14:17:31.0466 3588 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 14:17:31.0558 3588 W32Time - ok 14:17:31.0700 3588 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 14:17:31.0750 3588 WacomPen - ok 14:17:31.0940 3588 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:17:32.0020 3588 WANARP - ok 14:17:32.0030 3588 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 14:17:32.0082 3588 Wanarpv6 - ok 14:17:32.0242 3588 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 14:17:32.0302 3588 WatAdminSvc - ok 14:17:32.0462 3588 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 14:17:32.0594 3588 wbengine - ok 14:17:32.0724 3588 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 14:17:32.0806 3588 WbioSrvc - ok 14:17:32.0936 3588 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 14:17:33.0036 3588 wcncsvc - ok 14:17:33.0156 3588 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 14:17:33.0219 3588 WcsPlugInService - ok 14:17:33.0268 3588 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 14:17:33.0288 3588 Wd - ok 14:17:33.0368 3588 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 14:17:33.0398 3588 Wdf01000 - ok 14:17:33.0438 3588 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:17:33.0510 3588 WdiServiceHost - ok 14:17:33.0522 3588 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 14:17:33.0558 3588 WdiSystemHost - ok 14:17:33.0715 3588 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 14:17:33.0772 3588 WebClient - ok 14:17:33.0872 3588 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 14:17:33.0964 3588 Wecsvc - ok 14:17:34.0064 3588 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 14:17:34.0144 3588 wercplsupport - ok 14:17:34.0234 3588 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 14:17:34.0384 3588 WerSvc - ok 14:17:34.0454 3588 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 14:17:34.0514 3588 WfpLwf - ok 14:17:34.0534 3588 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 14:17:34.0564 3588 WIMMount - ok 14:17:34.0614 3588 WinDefend - ok 14:17:34.0714 3588 WindowBlinds (97c7f30787a30cfa760b0247631a5463) C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\VistaSrv.exe 14:17:34.0764 3588 WindowBlinds - ok 14:17:34.0814 3588 WinHttpAutoProxySvc - ok 14:17:34.0934 3588 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 14:17:35.0064 3588 Winmgmt - ok 14:17:35.0264 3588 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 14:17:35.0464 3588 WinRM - ok 14:17:35.0646 3588 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 14:17:35.0726 3588 WinUsb - ok 14:17:35.0886 3588 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 14:17:36.0046 3588 Wlansvc - ok 14:17:36.0156 3588 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 14:17:36.0176 3588 wlcrasvc - ok 14:17:36.0278 3588 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 14:17:36.0348 3588 wlidsvc - ok 14:17:36.0450 3588 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 14:17:36.0520 3588 WmiAcpi - ok 14:17:36.0630 3588 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 14:17:36.0712 3588 wmiApSrv - ok 14:17:36.0784 3588 WMPNetworkSvc - ok 14:17:36.0884 3588 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 14:17:36.0924 3588 WPCSvc - ok 14:17:36.0974 3588 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 14:17:37.0004 3588 WPDBusEnum - ok 14:17:37.0074 3588 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 14:17:37.0184 3588 ws2ifsl - ok 14:17:37.0294 3588 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll 14:17:37.0414 3588 wscsvc - ok 14:17:37.0504 3588 WSearch - ok 14:17:37.0656 3588 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll 14:17:37.0878 3588 wuauserv - ok 14:17:37.0988 3588 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 14:17:38.0088 3588 WudfPf - ok 14:17:38.0128 3588 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 14:17:38.0208 3588 WUDFRd - ok 14:17:38.0258 3588 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 14:17:38.0398 3588 wudfsvc - ok 14:17:38.0458 3588 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 14:17:38.0548 3588 WwanSvc - ok 14:17:38.0638 3588 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 14:17:38.0858 3588 \Device\Harddisk0\DR0 - ok 14:17:38.0868 3588 Boot (0x1200) (263c0ff3e51adaecd439148ccfe93a1e) \Device\Harddisk0\DR0\Partition0 14:17:38.0868 3588 \Device\Harddisk0\DR0\Partition0 - ok 14:17:38.0898 3588 Boot (0x1200) (da14fde0126e5bf1db56a5158c69884c) \Device\Harddisk0\DR0\Partition1 14:17:38.0908 3588 \Device\Harddisk0\DR0\Partition1 - ok 14:17:38.0928 3588 Boot (0x1200) (1c2307a2554ef25fd814817fa3fca47c) \Device\Harddisk0\DR0\Partition2 14:17:38.0938 3588 \Device\Harddisk0\DR0\Partition2 - ok 14:17:38.0938 3588 ============================================================ 14:17:38.0938 3588 Scan finished 14:17:38.0938 3588 ============================================================ 14:17:38.0968 2912 Detected object count: 2 14:17:38.0968 2912 Actual detected object count: 2 14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user 14:19:09.0388 2912 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user 14:19:09.0388 2912 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip then checkup.txt appear with No Text. Just a blank notepad. Step 5. TDSSKiller
  13. info.txt info.txt logfile of random's system information tool 1.09 2012-04-22 13:54:00 ======Uninstall list====== Update for Microsoft Office 2007 (KB2508958)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} -->"C:\Program Files (x86)\InstallShield Installation Information\{0489D044-6386-4BDF-9F98-577D60CF79DD}\setup.exe" -runfromtemp -l0x0011 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{04EAE65A-CDCF-480F-B754-5C3A9364239C}\setup.exe" -runfromtemp -l0x0011 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{06C05B90-2127-4933-8ABA-61833BDE13FA}\setup.exe" -runfromtemp -l0x0011 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}\setup.exe" -runfromtemp -l0x0009 -removeonly -->"C:\Program Files (x86)\InstallShield Installation Information\{A6B90666-2A1F-49E8-A40E-27EAAD11C096}\setup.exe" -runfromtemp -l0x0011 -removeonly -->C:\ProgramData\{F974CC36-BF25-4374-A035-B0A9DA79E735}\VAIO Messenger Setup 2.0.424.0.exe µTorrent-->"C:\Program Files (x86)\uTorrent\uTorrent.exe" /UNINSTALL Adobe AIR-->C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall Adobe AIR-->MsiExec.exe /I{47FA2C44-D148-4DBC-AF60-B91934AA4842} Adobe Community Help-->msiexec /qb /x {3521BDBD-D453-5D9F-AA55-44B75D214629} Adobe Community Help-->MsiExec.exe /I{3521BDBD-D453-5D9F-AA55-44B75D214629} Adobe Download Assistant-->msiexec /qb /x {969E11AA-8F3A-F162-1A5A-0965E216B6CE} Adobe Download Assistant-->MsiExec.exe /I{969E11AA-8F3A-F162-1A5A-0965E216B6CE} Adobe Flash Player 10 Plugin-->MsiExec.exe /X{1C5EC8F6-5C5F-421F-85BE-919B5D0CAD4C} Adobe Flash Player 11 ActiveX 64-bit-->C:\Windows\system32\Macromed\Flash\FlashUtil64_11_1_102_ActiveX.exe -maintain activex Adobe Photoshop CS5.1-->C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="1.0" --mode="Uninstall" --mediaSignature="{9158FF30-78D7-40EF-B83E-451AC5334640}" Adobe Reader X (10.1.3)-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-AA1000000001} Advertising Center-->MsiExec.exe /X{B2EC4A38-B545-4A00-8214-13FE0E915E6D} Alps Pointing-device for VAIO-->%ProgramFiles%\Apoint\Uninstap.exe ADDREMOVE Altap Salamander 2.54-->C:\Program Files (x86)\Altap Salamander\remove\remove.exe AMD USB Filter Driver-->MsiExec.exe /X{987B04C4-B5AC-4AD6-A7E9-8D681085B850} Any Video Converter 2.7.9-->"C:\Program Files (x86)\Any Video Converter\unins000.exe" Apple Application Support-->MsiExec.exe /I{853A4763-6643-4604-8D64-28BDD8925F4C} Apple Mobile Device Support-->MsiExec.exe /I{8F473675-D702-45F9-8EBC-342B40C17BF5} Apple Software Update-->MsiExec.exe /I{C41300B9-185D-475E-BFEC-39EF732F19B1} Application Manager for VAIO-->C:\Program Files (x86)\Sony\VAIO Uninstaller\vaiouninstaller.exe ArcSoft WebCam Companion 3-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}\Setup.exe" -l0x9 ATI Catalyst Install Manager-->msiexec /q/x{475672E2-253A-4B55-2E0E-1456A2BFD3E7} REBOOT=ReallySuppress Bonjour-->MsiExec.exe /X{0E543634-7E25-4B8F-8D5B-97880E5E5088} Browser Guard 4.0-->"C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\unins000.exe" Catalyst Control Center - Branding-->MsiExec.exe /I{9EAC0E21-510E-4259-A9C6-F5D5B8969036} CCleaner-->"C:\Program Files\CCleaner\uninst.exe" CDBurnerXP-->"C:\Program Files (x86)\CDBurnerXP\unins000.exe" Click to Disc MergeModules x64-->MsiExec.exe /I{393A9268-A428-4F5A-9B20-BD753309A98E} CPUID CPU-Z 1.60-->"C:\Program Files\CPUID\CPU-Z\unins000.exe" CursorFX Plus-->"C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118}\CursorFX_setup.exe" REMOVE=TRUE MODIFY=FALSE CursorFX-->C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118}\CursorFX_setup.exe D3DX10-->MsiExec.exe /X{E09C4DB7-630C-4F06-A631-8EA7239923AF} DolbyFiles-->MsiExec.exe /X{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF} Download Accelerator Plus (DAP)-->C:\PROGRA~2\DAP\DAPREMOVE.EXE Driver Genius Professional Edition-->"C:\Program Files (x86)\Driver-Soft\DriverGenius\unins000.exe" DriverAgent by eSupport.com-->RunDll32.exe advpack.dll,LaunchINFSection driveragent_exe.inf,TVICHW32Remove ERUNT 1.1j-->"C:\Program Files (x86)\ERUNT\unins000.exe" Evernote-->MsiExec.exe /X{F761359C-9CED-45AE-9A51-9D6605CD55C4} Facebook Video Calling 1.2.0.159-->MsiExec.exe /X{7CAC6A44-C3DE-4153-ACA6-7524602C789E} Garena 2010-->C:\Program Files (x86)\Garena\uninst.exe Garena Plus-->C:\Program Files (x86)\Garena Plus\uninst.exe Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} iPad/iPhone/iPod to Computer Transfer 7.5.9-->"C:\Program Files\Cucusoft\iPod to Computer\unins000.exe" iTunes-->MsiExec.exe /I{16DDB3D1-5C27-4599-9C63-E583287191CC} Java(TM) 6 Update 20 (64-bit)-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F86416020FF} Java(TM) 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Junk Mail filter update-->MsiExec.exe /I{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} Malwarebytes Anti-Malware version 1.61.0.1400-->"C:\Program Files (x86)\Malwarebytes' Anti-Malware\unins000.exe" Media Gallery MergeModules x64-->MsiExec.exe /I{115B60D5-BBDB-490E-AF2E-064D37A3CE01} Media Gallery-->"C:\Program Files (x86)\InstallShield Installation Information\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}\setup.exe" -runfromtemp -l0x0009 -removeonly Menu Templates - Starter Kit-->MsiExec.exe /X{B78120A0-CF84-4366-A393-4D0A59BC546C} Mesh Runtime-->MsiExec.exe /I{8C6D6116-B724-4810-8F2D-D047E6B7D68E} Messenger Companion-->MsiExec.exe /I{50816F92-1652-4A7C-B9BC-48F682742C4B} Microsoft .NET Framework 4 Client Profile-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /x64 /parameterfolder Client Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0000-1000-0000000FF1CE} /uninstall {664655D8-B9BB-455D-8A58-7EAF7B0B2862} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-002A-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E107EB7-8B55-48BF-ACCB-199F86A2CD93} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0116-0409-1000-0000000FF1CE} /uninstall {98333358-268C-4164-B6D4-C96DF5153727} Microsoft Office 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {AAA19365-932B-49BD-8138-BE28CEE9C4B4} Microsoft Office 2010-->MsiExec.exe /X{95140000-0070-0000-0000-0000000FF1CE} Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE} Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE} Microsoft Office Click-to-Run 2010-->"C:\PROGRA~2\COMMON~1\MICROS~1\VIRTUA~1\CVHBS.EXE" /removeall Microsoft Office Click-to-Run 2010-->MsiExec.exe /I{90140000-006D-0409-1000-0000000FF1CE} Microsoft Office Enterprise 2007-->"C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE} Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE} Microsoft Office File Validation Add-In-->MsiExec.exe /I{90140000-2005-0000-0000-0000000FF1CE} Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE} Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE} Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE} Microsoft Office Office 64-bit Components 2007-->MsiExec.exe /X{90120000-002A-0000-1000-0000000FF1CE} Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE} Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE} Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE} Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE} Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE} Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE} Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {1FF96026-A04A-4C3E-B50A-BB7022654D0F} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {71F055E8-E2C6-4214-BB3D-BFE03561B89E} Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE} Microsoft Office Shared 64-bit MUI (English) 2007-->MsiExec.exe /X{90120000-002A-0409-1000-0000000FF1CE} Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0116-0409-1000-0000000FF1CE} Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE} Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE} Microsoft Office Starter 2010 - English-->C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvhbs.exe /uninstall {90140011-0066-0409-0000-0000000FF1CE} Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE} Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} Microsoft SQL Server Compact 3.5 SP2 ENU-->MsiExec.exe /I{3A9FC03D-C685-4831-94CF-4EDFD3749497} Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c} Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570-->MsiExec.exe /X{8338783A-0968-3B85-AFC7-BAAE0A63DC50} Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570-->MsiExec.exe /X{86CE85E6-DBAC-3FFD-B977-E4B79F83C909} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17-->MsiExec.exe /X{8220EEFE-38CD-377E-8595-13398D740ACE} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148-->MsiExec.exe /X{4B6C7001-C7D6-3710-913E-5BC23FCE91E6} Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161-->MsiExec.exe /X{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161-->MsiExec.exe /X{9BE518E6-ECC6-35A9-88E4-87755C07200F} Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219-->MsiExec.exe /X{1D8E6291-B0D5-35EC-8441-6616F567A0F7} Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319-->MsiExec.exe /X{196BB40D-1578-3D01-B289-BEFC77A11A1E} Microsoft_VC80_ATL_x86_x64-->MsiExec.exe /I{925D058B-564A-443A-B4B2-7E90C6432E55} Microsoft_VC80_ATL_x86-->MsiExec.exe /I{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} Microsoft_VC80_CRT_x86_x64-->MsiExec.exe /I{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} Microsoft_VC80_CRT_x86-->MsiExec.exe /I{92D58719-BBC1-4CC3-A08B-56C9E884CC2C} Microsoft_VC80_MFC_x86_x64-->MsiExec.exe /I{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} Microsoft_VC80_MFC_x86-->MsiExec.exe /I{D1A19B02-817E-4296-A45B-07853FD74D57} Microsoft_VC80_MFCLOC_x86_x64-->MsiExec.exe /I{1E9FC118-651D-4934-97BE-E53CAE5C7D45} Microsoft_VC80_MFCLOC_x86-->MsiExec.exe /I{D92BBB52-82FF-42ED-8A3C-4E062F944AB7} Microsoft_VC90_ATL_x86_x64-->MsiExec.exe /I{8557397C-A42D-486F-97B3-A2CBC2372593} Microsoft_VC90_ATL_x86-->MsiExec.exe /I{033E378E-6AD3-4AD5-BDEB-CBD69B31046C} Microsoft_VC90_CRT_x86_x64-->MsiExec.exe /I{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} Microsoft_VC90_CRT_x86-->MsiExec.exe /I{08D2E121-7F6A-43EB-97FD-629B44903403} Microsoft_VC90_MFC_x86_x64-->MsiExec.exe /I{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} Microsoft_VC90_MFC_x86-->MsiExec.exe /I{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} Microsoft_VC90_MFCLOC_x86_x64-->MsiExec.exe /I{90BF0360-A1DB-4599-A643-95AB90A52C1E} Microsoft_VC90_MFCLOC_x86-->MsiExec.exe /I{B6D38690-755E-4F40-A35A-23F8BC2B86AC} Movie Templates - Starter Kit-->MsiExec.exe /X{E498385E-1C51-459A-B45F-1721E37AA1A0} MSVCRT_amd64-->MsiExec.exe /I{D0B44725-3666-492D-BEF6-587A14BD9BD9} MSVCRT-->MsiExec.exe /I{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} My Lockbox 2.8.2-->"C:\Program Files\My Lockbox\unins000.exe" Nero 9 Essentials-->C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="2M0M-K0CC-7353-1KE3-A3CL-HP88-AW2X-T02E-412P-6Z4U-5L66-X9C5-2W2Z-0L09-M69L-5U07-K5L1-45XH-3T47-0P2E-272W-605L-4Z8Z-334U-0P79-A104" Nero BurnRights Help-->MsiExec.exe /X{F6BDD7C5-89ED-4569-9318-469AA9732572} Nero BurnRights-->MsiExec.exe /X{7829DB6F-A066-4E40-8912-CB07887C20BB} Nero ControlCenter-->MsiExec.exe /X{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A} Nero ControlCenter-->MsiExec.exe /X{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36} Nero CoverDesigner Help-->MsiExec.exe /X{CE96F5A5-584D-4F8F-AA3E-9BAED413DB72} Nero CoverDesigner-->MsiExec.exe /X{62AC81F6-BDD3-4110-9D36-3E9EAAB40999} Nero Disc Copy Gadget Help-->MsiExec.exe /X{60C731FB-C951-41CE-AD41-8E54C8594609} Nero Disc Copy Gadget-->MsiExec.exe /X{F1861F30-3419-44DB-B2A1-C274825698B3} Nero DiscSpeed Help-->MsiExec.exe /X{CC019E3F-59D2-4486-8D4B-878105B62A71} Nero DiscSpeed-->MsiExec.exe /X{869200DB-287A-4DC0-B02B-2B6787FBCD4C} Nero DriveSpeed Help-->MsiExec.exe /X{E5C7D048-F9B4-4219-B323-8BDB01A2563D} Nero DriveSpeed-->MsiExec.exe /X{33CF58F5-48D8-4575-83D6-96F574E4D83A} Nero Express Help-->MsiExec.exe /X{83202942-84B3-4C50-8622-B8C0AA2D2885} Nero InfoTool Help-->MsiExec.exe /X{20400DBD-E6DB-45B8-9B6B-1DD7033818EC} Nero InfoTool-->MsiExec.exe /X{FBCDFD61-7DCF-4E71-9226-873BA0053139} Nero Installer-->MsiExec.exe /X{E8A80433-302B-4FF1-815D-FCC8EAC482FF} Nero Online Upgrade-->MsiExec.exe /X{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E} Nero ShowTime-->MsiExec.exe /X{02627EE5-EACA-4742-A9CC-E687631773E4} Nero ShowTime-->MsiExec.exe /X{D9DCF92E-72EB-412D-AC71-3B01276E5F8B} Nero StartSmart Help-->MsiExec.exe /X{2348B586-C9AE-46CE-936C-A68E9426E214} Nero StartSmart-->MsiExec.exe /X{7748AC8C-18E3-43BB-959B-088FAEA16FB2} Nero Vision Help-->MsiExec.exe /X{5D9BE3C1-8BA4-4E7E-82FD-9F74FA6815D1} Nero Vision-->MsiExec.exe /X{43E39830-1826-415D-8BAE-86845787B54B} NeroExpress-->MsiExec.exe /X{595A3116-40BB-4E0F-A2E8-D7951DA56270} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} Nokia Connectivity Cable Driver-->RUNDLL32.EXE ccdcmbwux64.dll,WuUninstall Norton Safe Web Lite-->C:\Program Files (x86)\NortonInstaller\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST\LicenseType\2.0.0.16\InstStub.exe /X /ARP Oasis2Service-->MsiExec.exe /I{E50FC5DB-7CBD-407D-A46E-0C13E45BC386} OOBE-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1B500D37-E7CF-480B-8054-8A563594EC4E}\setup.exe" -l0x9 -removeonly Oracle VM VirtualBox 4.1.10-->MsiExec.exe /I{B374E6A8-501F-4BC0-BA59-4EE78F06B3B2} PC Tools Spyware Doctor 9.0-->C:\Program Files (x86)\PC Tools\PC Tools Security\unins000.exe /LOG PDF Settings CS5-->MsiExec.exe /I{A78FE97A-C0C8-49CE-89D0-EDD524A17392} Perfect Uninstaller v6.3.3.9-->"C:\Program Files\Perfect Uninstaller\unins000.exe" PlayReady PC Runtime amd64-->MsiExec.exe /X{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04} PMB VAIO Edition Guide-->"C:\Program Files (x86)\InstallShield Installation Information\{88C252C8-A7EE-4B60-BF74-8E5919A8048F}\setup.exe" -runfromtemp -l0x0409 -removeonly PMB VAIO Edition Guide-->MsiExec.exe /X{88C252C8-A7EE-4B60-BF74-8E5919A8048F} PMB VAIO Edition plug-in (Click to Disc)-->"C:\Program Files (x86)\InstallShield Installation Information\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}\setup.exe" -runfromtemp -l0x0409 -removeonly PMB VAIO Edition plug-in (Click to Disc)-->MsiExec.exe /X{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF} PMB VAIO Edition plug-in (VAIO Image Optimizer)-->"C:\Program Files (x86)\InstallShield Installation Information\{1873FFC1-FDCB-47E1-B7C7-F418211E3530}\setup.exe" -runfromtemp -l0x0409 -removeonly PMB VAIO Edition plug-in (VAIO Image Optimizer)-->MsiExec.exe /X{1873FFC1-FDCB-47E1-B7C7-F418211E3530} PMB VAIO Edition plug-in (VAIO Movie Story)-->"C:\Program Files (x86)\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe" -runfromtemp -l0x0409 -removeonly PMB VAIO Edition plug-in (VAIO Movie Story)-->MsiExec.exe /X{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3} PMB-->MsiExec.exe /X{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C} Prevx-->"C:\Program Files\Prevx\prevx.exe" /prop UNINSTALL=Y QuickTime-->MsiExec.exe /I{57752979-A1C9-4C02-856B-FBB27AC4E02C} Rainmeter-->C:\Program Files\Rainmeter\uninst.exe RealNetworks - Microsoft Visual C++ 2008 Runtime-->MsiExec.exe /X{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA} RealPlayer-->c:\program files (x86)\real\realplayer\Update\r1puninst.exe RealNetworks|RealPlayer|15.0 Realtek HDMI Audio Driver for ATI-->C:\Program Files\Realtek\Audio\HDA\RtkUpd64.exe -k -m -nrg2709 Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -removeonly Realtek USB 2.0 Card Reader-->"C:\Program Files (x86)\InstallShield Installation Information\{96AE7E41-E34E-47D0-AC07-1091A8127911}\setup.exe" -runfromtemp -removeonly RealUpgrade 1.1-->MsiExec.exe /I{28C2DED6-325B-4CC7-983A-1777C8F7FBAB} RegTweaker version 3.2.2.1-->"C:\Program Files (x86)\RegTweaker\unins000.exe" Revo Uninstaller 1.93-->C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe RocketDock 1.3.5-->"C:\Program Files (x86)\RocketDock\unins000.exe" Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FD8D7C9A-E56A-3E7B-BA6D-FE68F13296E3} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {F66C3466-1FDB-347C-B3AE-FB6C50627B10} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {B5BD3CA1-11AB-35A6-B22A-6A219DC0668E} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E720AD01-93D5-3E8E-BB8D-E4EF5AF4E5DD} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {BCD37DCB-F479-3D4D-A90E-A0F7575549C4} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FF811680-AECE-3F35-A98C-1B84B6E09168} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {5D45782A-1099-317E-ABCC-FF63D5B21386} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {E59B2174-E924-311F-8549-AD714C14664D} /parameterfolder Client Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {FDD13F1E-9C6B-311E-A0D9-D6E172FC28FF} /parameterfolder Client Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {293FB6BE-D3EB-4162-B522-F9108040B9FE} Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC} Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AEA16A27-0B97-4670-818F-A98D06EC0A6F} Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} Setting Utility Series-->"C:\Program Files (x86)\InstallShield Installation Information\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}\setup.exe" -runfromtemp -l0x0009 -removeonly Setup_msm_VCMS_x64-->MsiExec.exe /I{1C6B6716-84AC-412A-A296-247D41EBB7FB} Setup_msm_VOFS_x64-->MsiExec.exe /I{C69A835B-67A5-4542-AD24-FE36E3140BA9} Setup_VEP_x64-->MsiExec.exe /I{7BF099BD-10EE-4B04-A195-CAE2742C943E} SIW version 2011.10.29-->"C:\Program Files (x86)\SIW\unins000.exe" Skype Toolbars-->MsiExec.exe /I{981029E0-7FC9-4CF3-AB39-6F133621921A} Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36} SmartWi Connection Utility-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}\setup.exe" -l0x9 -removeonly SOHLib Merge Module-->MsiExec.exe /I{4A221E47-E361-45C3-886A-7B2D7AD0E5AA} Sony Home Network Library-->"C:\Program Files (x86)\InstallShield Installation Information\{A6B90666-2A1F-49E8-A40E-27EAAD11C096}\setup.exe" -runfromtemp -l0x0009 -removeonly SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe" Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D} Update for Microsoft .NET Framework 4 Client Profile (KB2468871)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {29C7BE97-DE59-37A2-A687-2ADD5321948A} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2473228)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {A45DD0BE-3CD9-3F1E-B233-B90C6983AE77} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2533523)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {7D799A81-5661-3159-BF92-754161CED6E6} /parameterfolder Client Update for Microsoft .NET Framework 4 Client Profile (KB2600217)-->C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\Client\setup.exe /uninstallpatch {4DFA8287-EA36-3469-99FE-F568FEC81653} /parameterfolder Client Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42} Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B7873DF5-9E1C-45EE-8895-D29C6AE01202} Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C20964A7-5181-45E5-9E82-72F5D400DEBF} Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1070E28-73A6-4C99-98DF-17F584E4C2B6} Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987} Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {567103D1-96CD-4B76-93B9-2681A187DEFF} Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9} Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63} Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245} Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784} Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876} Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F} Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C} Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726} USB Disk Security 5.1.0.15-->"C:\Program Files (x86)\USB Disk Security\unins000.exe" VAIO - Remote Keyboard-->"C:\Program Files (x86)\InstallShield Installation Information\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Care-->"C:\Program Files (x86)\InstallShield Installation Information\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Content Monitoring Settings-->"C:\Program Files (x86)\InstallShield Installation Information\{06C05B90-2127-4933-8ABA-61833BDE13FA}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Control Center-->"C:\Program Files (x86)\InstallShield Installation Information\{72042FA6-5609-489F-A8EA-3C2DD650F667}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Data Restore Tool-->"C:\Program Files (x86)\InstallShield Installation Information\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO DVD Menu Data-->C:\Program Files (x86)\InstallShield Installation Information\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}\setup.exe -runfromtemp -l0x0009 -removeonly VAIO Entertainment Platform-->"C:\Program Files (x86)\InstallShield Installation Information\{0489D044-6386-4BDF-9F98-577D60CF79DD}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Event Service-->"C:\Program Files (x86)\InstallShield Installation Information\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Gate Default-->"C:\Program Files (x86)\InstallShield Installation Information\{B7546697-2A80-4256-A24B-1C33163F535B}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Gate-->"C:\Program Files (x86)\InstallShield Installation Information\{A7C30414-2382-4086-B0D6-01A88ABA21C3}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Help and Support-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AD3E7141-A22E-40F1-A7A4-55E898AE35E3}\setup.exe" -l0x9 -removeonly VAIO Manual-->"C:\Program Files (x86)\InstallShield Installation Information\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Media plus Opening Movie-->"C:\Program Files (x86)\InstallShield Installation Information\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Media plus-->"C:\Program Files (x86)\InstallShield Installation Information\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Movie Story MergeModules x64-->MsiExec.exe /I{C37B6246-7D4A-4E5C-BFB4-11C8660BDC99} VAIO Movie Story Template Data-->"C:\Program Files (x86)\InstallShield Installation Information\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}\setup.exe" -runfromtemp -l0x0409 -removeonly VAIO Movie Story Template Data-->MsiExec.exe /X{6FA8BA2C-052B-4072-B8E2-2302C268BE9E} VAIO Original Function Settings-->"C:\Program Files (x86)\InstallShield Installation Information\{04EAE65A-CDCF-480F-B754-5C3A9364239C}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Power Management-->"C:\Program Files (x86)\InstallShield Installation Information\{803E4FA5-A940-4420-B89D-A8BC2E160247}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Sample Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Survey-->RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{34B37A74-125E-4406-87BA-E4BD3D097AE5}\setup.exe" -l0x9 -removeonly VAIO Transfer Support-->"C:\Program Files (x86)\InstallShield Installation Information\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}\setup.exe" -runfromtemp -l0x0009 -removeonly VAIO Update Merge Module x64-->MsiExec.exe /I{11D25EF7-85FC-4B58-8278-485939C8637F} VAIO Update Merge Module x64-->MsiExec.exe /I{7C3AC18F-F19B-4082-8D13-7D603848E06C} VAIO Update Merge Module x64-->MsiExec.exe /I{E743BA71-5955-420B-AA52-67508054AD66} VAIO Update-->"C:\Program Files (x86)\InstallShield Installation Information\{5BEE8F1F-BD32-4553-8107-500439E43BD7}\setup.exe" -runfromtemp -l0x0409 -removeonly VAIO Wallpaper Contents-->"C:\Program Files (x86)\InstallShield Installation Information\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}\setup.exe" -runfromtemp -l0x0009 -removeonly VLC media player 1.1.11-->C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe VMp MergeModule x64-->MsiExec.exe /I{5AFD1F5C-8FDA-413C-AF38-F1E7BD10D72F} VU5x64-->MsiExec.exe /X{46261E1C-5E0D-484E-8CCC-7F770375FBA2} VU5x86-->MsiExec.exe /X{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6} WIDCOMM Bluetooth Software-->MsiExec.exe /X{9E9D49A4-1DF4-4138-B7DB-5D87A893088E} WindowBlinds-->C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\UNWISE.EXE C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\INSTALL.LOG Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbtums-win7x64-brcm.inf_amd64_neutral_40a2acff2629a139\bcbtums-win7x64-brcm.inf Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)-->C:\PROGRA~1\DIFX\84B2E36983483FEB\DPInst.exe /u C:\Windows\System32\DriverStore\FileRepository\bcbthid64.inf_amd64_neutral_737f347105a3e66a\bcbthid64.inf Windows Installer Clean Up-->MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52} Windows Live Communications Platform-->MsiExec.exe /I{D45240D3-B6B3-4FF9-B243-54ECE3E10066} Windows Live Essentials-->C:\Program Files (x86)\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{FE044230-9CA5-43F7-9B58-5AC5A28A1F33} Windows Live Family Safety-->MsiExec.exe /I{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC} Windows Live Family Safety-->MsiExec.exe /X{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A} Windows Live ID Sign-in Assistant-->MsiExec.exe /I{1B8ABA62-74F0-47ED-B18C-A43128E591B8} Windows Live Installer-->MsiExec.exe /I{0B0F231F-CE6A-483D-AA23-77B364F75917} Windows Live Language Selector-->MsiExec.exe /I{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0} Windows Live Mail-->MsiExec.exe /I{9D56775A-93F3-44A3-8092-840E3826DE30} Windows Live Mail-->MsiExec.exe /I{C66824E4-CBB3-4851-BB3F-E8CFD6350923} Windows Live Mesh ActiveX Control for Remote Connections-->MsiExec.exe /I{2902F983-B4C1-44BA-B85D-5C6D52E2C441} Windows Live Mesh-->MsiExec.exe /I{A0C91188-C88F-4E86-93E6-CD7C9A266649} Windows Live Mesh-->MsiExec.exe /I{DECDCB7C-58CC-4865-91AF-627F9798FE48} Windows Live Messenger Companion Core-->MsiExec.exe /I{78A96B4C-A643-4D0F-98C2-A8E16A6669F9} Windows Live Messenger-->MsiExec.exe /X{80956555-A512-4190-9CAD-B000C36D6B6B} Windows Live Messenger-->MsiExec.exe /X{EB4DF488-AAEF-406F-A341-CB2AAA315B90} Windows Live MIME IFilter-->MsiExec.exe /I{DA54F80E-261C-41A2-A855-549A144F2F59} Windows Live Movie Maker-->MsiExec.exe /X{19BA08F7-C728-469C-8A35-BFBD3633BE08} Windows Live Movie Maker-->MsiExec.exe /X{92EA4134-10D1-418A-91E1-5A0453131A38} Windows Live Photo Common-->MsiExec.exe /X{A9BDCA6B-3653-467B-AC83-94367DA3BFE3} Windows Live Photo Common-->MsiExec.exe /X{D436F577-1695-4D2F-8B44-AC76C99E0002} Windows Live Photo Gallery-->MsiExec.exe /X{3336F667-9049-4D46-98B6-4C743EEBC5B1} Windows Live Photo Gallery-->MsiExec.exe /X{34F4D9A4-42C2-4348-BEF4-E553C84549E7} Windows Live PIMT Platform-->MsiExec.exe /I{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A} Windows Live Remote Client Resources-->MsiExec.exe /I{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5} Windows Live Remote Client-->MsiExec.exe /I{DF6D988A-EEA0-4277-AAB8-158E086E439B} Windows Live Remote Service Resources-->MsiExec.exe /I{656DEEDE-F6AC-47CA-A568-A1B4E34B5760} Windows Live Remote Service-->MsiExec.exe /I{E02A6548-6FDE-40E2-8ED9-119D7D7E641F} Windows Live SOXE Definitions-->MsiExec.exe /I{200FEC62-3C34-4D60-9CE8-EC372E01C08F} Windows Live SOXE-->MsiExec.exe /I{682B3E4F-696A-42DE-A41C-4C07EA1678B4} Windows Live UX Platform Language Pack-->MsiExec.exe /I{6A05FEDF-662E-46BF-8A25-010E3F1C9C69} Windows Live UX Platform-->MsiExec.exe /I{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} Windows Live Writer Resources-->MsiExec.exe /X{DDC8BDEE-DCAC-404D-8257-3E8D4B782467} Windows Live Writer-->MsiExec.exe /X{A726AE06-AAA3-43D1-87E3-70F510314F04} Windows Live Writer-->MsiExec.exe /X{AAAFC670-569B-4A2F-82B4-42945E0DE3EF} Windows Live Writer-->MsiExec.exe /X{AAF454FC-82CA-4F29-AB31-6A109485E76E} Windows Searchqu Toolbar-->C:\Program Files (x86)\Windows Searchqu Toolbar\uninstall.exe WinRAR 4.00 (32-bit)-->C:\Program Files (x86)\WinRAR\uninstall.exe XviD4PSP 6.0-->C:\Program Files (x86)\Winnydows\XviD4PSP60\Uninstall.exe ======System event log====== Computer Name: jAnEiro-VAIO Event Code: 11 Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Record Number: 394952 Source Name: Microsoft-Windows-Wininit Time Written: 20120415185938.691675-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: jAnEiro-VAIO Event Code: 6008 Message: The previous system shutdown at 8:37:53 AM on ‎4/‎15/‎2012 was unexpected. Record Number: 394892 Source Name: EventLog Time Written: 20120415185929.000000-000 Event Type: Error User: Computer Name: jAnEiro-VAIO Event Code: 11 Message: Custom dynamic link libraries are being loaded for every application. The system administrator should review the list of libraries to ensure they are related to trusted applications. Record Number: 394851 Source Name: Microsoft-Windows-Wininit Time Written: 20120415161843.850869-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: jAnEiro-VAIO Event Code: 219 Message: The driver \Driver\usbccgp failed to load for the device USB\VID_0408&PID_03F5\5&11d2702c&0&3. Record Number: 394797 Source Name: Microsoft-Windows-Kernel-PnP Time Written: 20120415161828.850044-000 Event Type: Warning User: NT AUTHORITY\SYSTEM Computer Name: jAnEiro-VAIO Event Code: 4001 Message: WLAN AutoConfig service has successfully stopped. Record Number: 394775 Source Name: Microsoft-Windows-WLAN-AutoConfig Time Written: 20120415144518.885665-000 Event Type: Warning User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: Janiero-VAIO Event Code: 3191 Message: {tid=9EC} -------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt) Record Number: 30827 Source Name: Application Virtualization Client Time Written: 20111014154855.000000-000 Event Type: Warning User: Computer Name: Janiero-VAIO Event Code: 12348 Message: Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{67ef6521-47a6-11e0-85aa-78843c30527e}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again. Operation: Removing auto-release shadow copies Loading provider Context: Execution Context: System Provider Record Number: 30804 Source Name: VSS Time Written: 20111014052244.000000-000 Event Type: Warning User: Computer Name: Janiero-VAIO Event Code: 12348 Message: Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{67ef6521-47a6-11e0-85aa-78843c30527e}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly. Check security on the volume, and try the operation again. Operation: Removing auto-release shadow copies Loading provider Context: Execution Context: System Provider Record Number: 30783 Source Name: VSS Time Written: 20111014051447.000000-000 Event Type: Warning User: Computer Name: Janiero-VAIO Event Code: 100 Message: Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation... Record Number: 30765 Source Name: CVHSVC Time Written: 20111014040752.000000-000 Event Type: Warning User: Computer Name: Janiero-VAIO Event Code: 100 Message: Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted. Record Number: 30764 Source Name: CVHSVC Time Written: 20111014040751.000000-000 Event Type: Warning User: =====Security event log===== Computer Name: jAnEiro-VAIO Event Code: 4672 Message: Special privileges assigned to new logon. Subject: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Privileges: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 168390 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120104010017.736154-000 Event Type: Audit Success User: Computer Name: jAnEiro-VAIO Event Code: 4624 Message: An account was successfully logged on. Subject: Security ID: S-1-5-18 Account Name: JANEIRO-VAIO$ Account Domain: CHRISTIAN Logon ID: 0x3e7 Logon Type: 5 New Logon: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Logon GUID: {00000000-0000-0000-0000-000000000000} Process Information: Process ID: 0x244 Process Name: C:\Windows\System32\services.exe Network Information: Workstation Name: Source Network Address: - Source Port: - Detailed Authentication Information: Logon Process: Advapi Authentication Package: Negotiate Transited Services: - Package Name (NTLM only): - Key Length: 0 This event is generated when a logon session is created. It is generated on the computer that was accessed. The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe. The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network). The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on. The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases. The authentication information fields provide detailed information about this specific logon request. - Logon GUID is a unique identifier that can be used to correlate this event with a KDC event. - Transited services indicate which intermediate services have participated in this logon request. - Package name indicates which sub-protocol was used among the NTLM protocols. - Key length indicates the length of the generated session key. This will be 0 if no session key was requested. Record Number: 168389 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120104010017.736154-000 Event Type: Audit Success User: Computer Name: jAnEiro-VAIO Event Code: 5061 Message: Cryptographic operation. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3e5 Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: RSA Key Name: c4c4e3f3-ae26-4511-a1cc-25b64ed40d25 Key Type: Machine key. Cryptographic Operation: Operation: Open Key. Return Code: 0x0 Record Number: 168388 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120104005824.677023-000 Event Type: Audit Success User: Computer Name: jAnEiro-VAIO Event Code: 5058 Message: Key file operation. Subject: Security ID: S-1-5-19 Account Name: LOCAL SERVICE Account Domain: NT AUTHORITY Logon ID: 0x3e5 Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: Not Available. Key Name: c4c4e3f3-ae26-4511-a1cc-25b64ed40d25 Key Type: Machine key. Key File Operation Information: File Path: C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\1ac16315653202550fd290c89f61a745_9147a5cf-b5c6-491d-ac79-fb42c85e44e0 Operation: Read persisted key from file. Return Code: 0x0 Record Number: 168387 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120104005824.676023-000 Event Type: Audit Success User: Computer Name: jAnEiro-VAIO Event Code: 4672 Message: Special privileges assigned to new logon. Subject: Security ID: S-1-5-18 Account Name: SYSTEM Account Domain: NT AUTHORITY Logon ID: 0x3e7 Privileges: SeAssignPrimaryTokenPrivilege SeTcbPrivilege SeSecurityPrivilege SeTakeOwnershipPrivilege SeLoadDriverPrivilege SeBackupPrivilege SeRestorePrivilege SeDebugPrivilege SeAuditPrivilege SeSystemEnvironmentPrivilege SeImpersonatePrivilege Record Number: 168386 Source Name: Microsoft-Windows-Security-Auditing Time Written: 20120104005728.305576-000 Event Type: Audit Success User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "Path"=C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\ "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC "PROCESSOR_ARCHITECTURE"=AMD64 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "USERNAME"=SYSTEM "windir"=%SystemRoot% "PSModulePath"=%SystemRoot%\system32\WindowsPowerShell\v1.0\Modules\ "NUMBER_OF_PROCESSORS"=2 "PROCESSOR_LEVEL"=16 "PROCESSOR_IDENTIFIER"=AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD "PROCESSOR_REVISION"=0603 "configsetroot"=%SystemRoot%\ConfigSetRoot "asl.log"=Destination=file "CLASSPATH"=.;C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files (x86)\Java\jre6\lib\ext\QTJava.zip "VBOX_INSTALL_PATH"=C:\Program Files\Oracle\VirtualBox\ -----------------EOF-----------------
  14. Yes i intentionally disable it because the aforementioned problem. Here is the logs of RSIT. log.txt Logfile of random's system information tool 1.09 (written by random/random) Run by Janiero at 2012-04-22 13:53:34 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 165 GB (64%) free of 256 GB Total RAM: 3835 MB (70% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:53:52 PM, on 4/22/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\Janiero.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: QuickNet - {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} - C:\Program Files (x86)\RegTweaker\key.dll O2 - BHO: Norton Safe Web Lite BHO - {F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll O3 - Toolbar: Norton Safe Web Lite - {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Clean Traces - C:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files (x86)\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files (x86)\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O20 - AppInit_DLLs: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Safe Web Lite (NSL) - Symantec Corporation - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11104 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe" /s "NSL" /m "C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\diMaster.dll" /prefetch:1 "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 1192 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" C:\Windows\system32\SearchIndexer.exe /Embedding "taskhost.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe" taskeng.exe {D58F1F0A-682C-4E44-80F8-630EA6443D2A} "C:\Program Files\Windows Media Player\wmpnetwk.exe" C:\Windows\System32\svchost.exe -k LocalServicePeerNet "C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary C:\Windows\system32\svchost.exe -k SDRSVC "C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel=2984.084A9E00.1814200131 /prefetch:3 "C:\Users\Janiero\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --force-fieldtest=ConnCountImpact/conn_count_6/ConnnectBackupJobs/ConnectBackupJobsEnabled/DnsImpact/default_enabled_prefetch/GlobalSdch/global_enable_sdch/IdleSktToImpact/idle_timeout_10/Instant/Inactive/Prerender/ContentPrefetchPrerender2/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ProxyConnectionImpact/proxy_connections_32/SpdyCwnd/cwnd10/SpdyImpact/npn_with_spdy/WarmSocketImpact/warm_socket/WebStoreLinkExperiment/Disabled/ --renderer-print-preview --channel=2984.0A332380.1866914207 /prefetch:3 "C:\Users\Janiero\Desktop\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1086382805-1383657886-4138368961-1006UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}] DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\x64\BROWSE~1.DLL [2011-11-10 118168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-12-02 43520] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-03 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}] PC Tools Browser Guard BHO - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-03-20 1128376] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}] RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-11-30 425680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}] Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}] DataMngr - C:\PROGRA~2\WIA6EB~1\Datamngr\BROWSE~1.DLL [2011-11-10 101272] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9FDDE16B-836F-4806-AB1F-1455CBEFF289}] Windows Live Messenger Companion Helper - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10 393600] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype add-on for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-02-19 804136] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-12-02 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7}] QuickNet BHO - C:\Program Files (x86)\RegTweaker\key.dll [2011-05-20 243200] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0DA78E9-6B60-42fb-BC26-EF2CFB8C8FF3}] Norton Safe Web Lite BHO - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll [2011-10-14 492984] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {99079a25-328f-4bd4-be04-00955acaa0a7} - Searchqu Toolbar - C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar\searchqudtx.dll [2011-09-19 88976] {30CEEEA2-3742-40e4-85DD-812BF1CBB83D} - Norton Safe Web Lite - C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\coIEPlg.dll [2011-10-14 492984] {472734EA-242A-422B-ADF8-83D1E48CC825} - PC Tools Browser Guard - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll [2012-03-20 1128376] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15 499608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [2011-01-12 1523360] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Apoint] C:\Program Files\Apoint\Apoint.exe [2010-07-29 226160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe [2010-05-06 2815192] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CursorFX] C:\Program Files (x86)\Stardock\CursorFX\CursorFX.exe [2011-11-29 653128] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DATAMNGR] C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE [2011-11-10 1694608] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update] C:\Users\Janiero\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-18 137536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update] C:\Users\Janiero\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13 116648] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray] C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe [2012-03-20 2670008] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-04-14 421160] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mylbx] C:\Program Files\My Lockbox\mylbx.exe [2012-03-21 2143552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-01-21 597792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files (x86)\QuickTime\QTTask.exe [2010-11-29 421888] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe [2007-09-02 495616] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-04-06 10134560] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartWiHelper] C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [2010-07-15 89080] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-01-20 5487488] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe [2011-11-30 296056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USB Antivirus] C:\Program Files (x86)\USB Disk Security\USBGuard.exe [2008-09-23 798720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk] C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-09-04 1081632] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk] C:\PROGRA~1\RAINME~1\RAINME~1.EXE [2012-01-08 107720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Janiero^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk] C:\PROGRA~2\MICROS~3\Office12\ONENOTEM.EXE [2009-02-26 97680] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "TaskTray"= [] "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] "Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2012-04-04 462408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WB] C:\PROGRA~2\Stardock\OBJECT~1\WINDOW~1\fast64.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PEVSystemStart] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "aux6"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2012-04-22 13:53:34 ----D---- C:\rsit 2012-04-22 13:53:34 ----D---- C:\Program Files\trend micro 2012-04-22 13:50:49 ----D---- C:\Windows\ERDNT 2012-04-22 13:48:43 ----D---- C:\Program Files (x86)\ERUNT 2012-04-21 12:44:40 ----A---- C:\Windows\ntbtlog.txt 2012-04-21 12:38:28 ----D---- C:\Users\Janiero\AppData\Roaming\Malwarebytes 2012-04-21 12:38:22 ----D---- C:\ProgramData\Malwarebytes 2012-04-21 12:38:21 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-04-21 12:38:21 ----A---- C:\Windows\system32\drivers\mbam.sys 2012-04-19 17:05:35 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys 2012-04-19 17:05:34 ----A---- C:\Windows\system32\drivers\aswSP.sys 2012-04-19 17:05:30 ----A---- C:\Windows\system32\drivers\aswSnx.sys 2012-04-19 17:05:29 ----A---- C:\Windows\system32\drivers\aswRdr.sys 2012-04-19 17:05:26 ----A---- C:\Windows\system32\drivers\aswTdi.sys 2012-04-19 17:05:21 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys 2012-04-19 17:04:55 ----A---- C:\Windows\SYSWOW64\aswBoot.exe 2012-04-19 16:18:22 ----A---- C:\Windows\system32\drivers\PCTBD64.sys 2012-04-19 16:18:21 ----A---- C:\Windows\SGDetectionTool.dll 2012-04-19 16:18:21 ----A---- C:\Windows\PCTBDCore.dll 2012-04-19 16:18:21 ----A---- C:\Windows\BDTSupport.dll 2012-04-19 16:18:20 ----A---- C:\Windows\PCTBDRes.dll 2012-04-19 16:17:36 ----A---- C:\Windows\system32\drivers\pctwfpfilter64.sys 2012-04-19 16:17:36 ----A---- C:\Windows\system32\drivers\pctgntdi64.sys 2012-04-19 16:17:29 ----A---- C:\Windows\system32\drivers\pctBTFix64.sys 2012-04-19 16:17:24 ----A---- C:\Windows\system32\drivers\pctplsg64.sys 2012-04-19 16:17:17 ----D---- C:\Program Files (x86)\PC Tools 2012-04-19 15:26:38 ----A---- C:\Windows\system32\drivers\Cat.DB 2012-04-19 15:26:36 ----A---- C:\Windows\system32\drivers\pctEFA64.sys 2012-04-19 15:26:36 ----A---- C:\Windows\system32\drivers\pctDS64.sys 2012-04-19 15:26:35 ----A---- C:\Windows\system32\drivers\PCTCore64.sys 2012-04-19 15:26:33 ----A---- C:\Windows\system32\drivers\PCTSD64.sys 2012-04-19 15:24:19 ----D---- C:\ProgramData\PC Tools 2012-04-19 15:24:18 ----D---- C:\Users\Janiero\AppData\Roaming\TestApp 2012-04-19 13:07:07 ----D---- C:\Users\Janiero\AppData\Roaming\SUPERAntiSpyware.com 2012-04-19 13:06:41 ----D---- C:\ProgramData\SUPERAntiSpyware.com 2012-04-19 13:06:41 ----D---- C:\Program Files\SUPERAntiSpyware 2012-04-18 16:10:16 ----D---- C:\Program Files (x86)\RegTweaker 2012-04-18 15:45:28 ----A---- C:\TDSSKiller.2.7.28.0_18.04.2012_15.45.28_log.txt 2012-04-18 00:25:58 ----A---- C:\Windows\SYSWOW64\PxSecure.dll 2012-04-18 00:25:57 ----D---- C:\Program Files\Prevx 2012-04-18 00:25:57 ----A---- C:\Windows\system32\drivers\pxscan.sys 2012-04-18 00:25:57 ----A---- C:\Windows\system32\drivers\pxrts.sys 2012-04-18 00:25:57 ----A---- C:\Windows\system32\drivers\pxkbf.sys 2012-04-18 00:16:54 ----D---- C:\ProgramData\PrevxCSI 2012-04-17 14:32:13 ----D---- C:\Windows\system32\drivers\NSTx64 2012-04-17 14:32:13 ----D---- C:\Program Files (x86)\Norton Safe Web Lite 2012-04-17 14:32:00 ----D---- C:\Program Files (x86)\NortonInstaller 2012-04-15 17:23:23 ----SD---- C:\32788R22FWJFW 2012-04-15 12:01:00 ----D---- C:\Rbackup 2012-04-15 06:25:54 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2012-04-15 06:25:54 ----A---- C:\Windows\system32\mshtmled.dll 2012-04-15 06:25:51 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2012-04-15 06:25:51 ----A---- C:\Windows\system32\iertutil.dll 2012-04-15 06:25:50 ----A---- C:\Windows\SYSWOW64\url.dll 2012-04-15 06:25:50 ----A---- C:\Windows\SYSWOW64\ieui.dll 2012-04-15 06:25:50 ----A---- C:\Windows\system32\url.dll 2012-04-15 06:25:50 ----A---- C:\Windows\system32\jscript9.dll 2012-04-15 06:25:49 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2012-04-15 06:25:49 ----A---- C:\Windows\SYSWOW64\jscript.dll 2012-04-15 06:25:49 ----A---- C:\Windows\system32\ieui.dll 2012-04-15 06:25:48 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2012-04-15 06:25:48 ----A---- C:\Windows\system32\jscript.dll 2012-04-15 06:25:47 ----A---- C:\Windows\system32\urlmon.dll 2012-04-15 06:25:47 ----A---- C:\Windows\system32\jsproxy.dll 2012-04-15 06:25:46 ----A---- C:\Windows\SYSWOW64\wininet.dll 2012-04-15 06:25:46 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2012-04-15 06:25:46 ----A---- C:\Windows\system32\wininet.dll 2012-04-15 06:25:44 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2012-04-15 06:25:43 ----A---- C:\Windows\system32\mshtml.dll 2012-04-15 06:25:40 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2012-04-15 06:25:38 ----A---- C:\Windows\system32\ieframe.dll 2012-04-14 21:49:44 ----D---- C:\Program Files (x86)\Windows Installer Clean Up 2012-04-14 21:48:43 ----D---- C:\Program Files (x86)\MSECACHE 2012-04-14 21:01:40 ----A---- C:\Windows\system32\FNTCACHE.DAT 2012-04-14 17:39:40 ----A---- C:\Uninstall.dat 2012-04-13 15:11:24 ----D---- C:\Users\Janiero\AppData\Roaming\Rainmeter 2012-04-13 15:11:17 ----D---- C:\Program Files\Rainmeter 2012-04-13 12:23:41 ----D---- C:\Program Files\My Lockbox 2012-04-13 11:29:44 ----D---- C:\Users\Janiero\AppData\Roaming\Mozilla 2012-04-13 02:34:29 ----D---- C:\Program Files\Perfect Uninstaller 2012-04-13 00:08:48 ----D---- C:\ProgramData\Stardock 2012-04-13 00:07:37 ----HD---- C:\ProgramData\{CEC42AA7-80BC-42B4-B5F3-8E754D04A118} 2012-04-12 23:49:53 ----A---- C:\Windows\SYSWOW64\fsproflt.exe 2012-04-12 23:49:53 ----A---- C:\Windows\system32\drivers\FSPFltd.sys 2012-04-12 14:43:24 ----A---- C:\Windows\system32\wbload.dll 2012-04-12 14:43:20 ----A---- C:\Windows\SYSWOW64\wbload.dll 2012-04-12 14:43:18 ----A---- C:\Windows\SYSWOW64\wbsys.dll 2012-04-12 14:43:15 ----D---- C:\Program Files (x86)\Stardock 2012-04-12 03:26:42 ----A---- C:\Windows\system32\ntoskrnl.exe 2012-04-12 03:26:40 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2012-04-12 03:26:39 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2012-04-12 03:00:53 ----A---- C:\Windows\system32\imagehlp.dll 2012-04-12 03:00:53 ----A---- C:\Windows\system32\drivers\fs_rec.sys 2012-04-12 03:00:52 ----A---- C:\Windows\SYSWOW64\imagehlp.dll 2012-04-12 03:00:50 ----A---- C:\Windows\SYSWOW64\wintrust.dll 2012-04-12 03:00:49 ----A---- C:\Windows\system32\wmi.dll 2012-04-12 03:00:49 ----A---- C:\Windows\system32\wintrust.dll 2012-04-12 03:00:48 ----A---- C:\Windows\SYSWOW64\wmi.dll 2012-04-10 07:27:59 ----D---- C:\Windows\W7SBC 2012-04-10 07:27:59 ----A---- C:\Windows\explorer_edit_w7sbc.exe 2012-04-10 07:27:59 ----A---- C:\Windows\explorer_backup_w7sbc.exe 2012-04-10 07:27:59 ----A---- C:\Windows\explorer.exe 2012-04-10 04:38:00 ----D---- C:\Windows\W7SOC 2012-04-10 04:38:00 ----A---- C:\Windows\explorer.backup.exe 2012-04-10 03:23:36 ----D---- C:\Program Files (x86)\RocketDock 2012-04-09 16:47:52 ----D---- C:\Users\Janiero\AppData\Roaming\Nero 2012-04-09 15:29:47 ----D---- C:\Program Files (x86)\Nero 2012-04-09 15:29:19 ----D---- C:\ProgramData\Nero 2012-04-01 19:11:25 ----D---- C:\Program Files (x86)\SIW 2012-04-01 18:54:17 ----A---- C:\Windows\SYSWOW64\drivers\DrvAgent64.SYS 2012-03-29 18:41:27 ----D---- C:\Program Files\Common Files\Adobe 2012-03-28 17:58:35 ----D---- C:\Program Files (x86)\Adobe Download Assistant 2012-03-28 01:12:29 ----D---- C:\ProgramData\regid.1986-12.com.adobe 2012-03-28 01:07:23 ----D---- C:\Program Files\Adobe 2012-03-27 04:10:05 ----D---- C:\Users\Janiero\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2012-03-27 02:43:26 ----D---- C:\Users\Janiero\AppData\Roaming\MAXON 2012-03-27 00:04:45 ----D---- C:\Program Files (x86)\Adobe 2012-03-26 23:32:02 ----D---- C:\Windows\pss 2012-03-24 15:45:33 ----AD---- C:\ProgramData\TEMP 2012-03-24 15:45:30 ----D---- C:\ProgramData\SpeedBit 2012-03-24 15:45:27 ----A---- C:\Windows\SYSWOW64\EasyHook64.dll 2012-03-24 15:45:27 ----A---- C:\Windows\SYSWOW64\EasyHook32.dll 2012-03-24 15:45:26 ----D---- C:\Program Files (x86)\DAP 2012-03-23 18:23:23 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys 2012-03-23 18:23:05 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys 2012-03-23 18:22:57 ----D---- C:\Program Files\Oracle 2012-03-23 18:13:02 ----D---- C:\Program Files (x86)\VS Revo Group 2012-03-23 17:52:58 ----A---- C:\Windows\system32\drivers\cpuz135_x64.sys 2012-03-23 17:52:57 ----D---- C:\Program Files\CPUID ======List of files/folders modified in the last 1 month====== 2012-04-22 13:53:34 ----RD---- C:\Program Files 2012-04-22 13:51:01 ----D---- C:\Windows\Temp 2012-04-22 13:50:49 ----D---- C:\Windows 2012-04-22 13:48:43 ----D---- C:\Program Files (x86) 2012-04-22 12:22:58 ----D---- C:\Windows\system32\config 2012-04-21 13:47:36 ----D---- C:\Windows\system32\catroot2 2012-04-21 13:08:53 ----D---- C:\Windows\inf 2012-04-21 12:38:22 ----HD---- C:\ProgramData 2012-04-21 12:38:21 ----D---- C:\Windows\system32\drivers 2012-04-21 12:35:47 ----D---- C:\Windows\SysWOW64 2012-04-21 11:50:27 ----D---- C:\Windows\SoftwareDistribution 2012-04-21 11:48:59 ----D---- C:\Windows\debug 2012-04-21 11:34:07 ----SHD---- C:\System Volume Information 2012-04-20 23:34:55 ----D---- C:\Windows\System32 2012-04-19 17:05:19 ----SHD---- C:\Windows\Installer 2012-04-19 16:17:26 ----D---- C:\Windows\winsxs 2012-04-19 15:26:33 ----D---- C:\Program Files (x86)\Common Files 2012-04-18 17:42:36 ----D---- C:\Windows\system32\Tasks 2012-04-18 14:25:33 ----D---- C:\Program Files (x86)\Chikka Messenger 2012-04-18 13:03:14 ----D---- C:\Windows\Prefetch 2012-04-17 14:32:13 ----D---- C:\ProgramData\Norton 2012-04-15 20:51:54 ----D---- C:\ProgramData\Alwil Software 2012-04-15 06:27:35 ----D---- C:\Windows\SYSWOW64\migration 2012-04-15 06:27:35 ----D---- C:\Windows\system32\migration 2012-04-15 06:27:35 ----D---- C:\Program Files\Internet Explorer 2012-04-15 06:27:35 ----D---- C:\Program Files (x86)\Internet Explorer 2012-04-15 06:26:23 ----D---- C:\Windows\system32\catroot 2012-04-14 21:49:44 ----SD---- C:\Users\Janiero\AppData\Roaming\Microsoft 2012-04-13 21:34:47 ----A---- C:\Windows\system32\PerfStringBackup.INI 2012-04-13 20:14:00 ----D---- C:\Windows\Tasks 2012-04-13 12:08:24 ----D---- C:\Program Files (x86)\Google 2012-04-13 11:46:51 ----D---- C:\Users\Janiero\AppData\Roaming\Chikka Messenger 2012-04-13 11:30:13 ----D---- C:\Program Files (x86)\Microsoft 2012-04-13 11:29:44 ----SD---- C:\ProgramData\Microsoft 2012-04-13 11:17:21 ----D---- C:\Users\Janiero\AppData\Roaming\uTorrent 2012-04-13 11:09:52 ----RD---- C:\Users 2012-04-13 10:54:20 ----D---- C:\Windows\system32\wfp 2012-04-13 10:54:20 ----D---- C:\Windows\system32\DriverStore 2012-04-13 10:54:17 ----D---- C:\Windows\system32\wbem 2012-04-13 10:54:17 ----D---- C:\Windows\system32\CodeIntegrity 2012-04-13 10:54:12 ----D---- C:\Windows\registration 2012-04-13 10:53:53 ----D---- C:\Users\Janiero\AppData\Roaming\SoftGrid Client 2012-04-13 10:53:51 ----D---- C:\ProgramData\Real 2012-04-12 20:36:14 ----A---- C:\Windows\Model.txt 2012-04-12 18:32:42 ----SHD---- C:\$Recycle.Bin 2012-04-12 17:11:53 ----D---- C:\Program Files (x86)\DDNi 2012-04-12 17:07:19 ----D---- C:\ProgramData\DDNi 2012-04-12 14:49:25 ----A---- C:\Windows\win.ini 2012-04-12 12:58:33 ----RSD---- C:\Windows\assembly 2012-04-12 12:58:33 ----D---- C:\Windows\Microsoft.NET 2012-04-12 03:06:00 ----D---- C:\ProgramData\Microsoft Help 2012-04-12 03:01:21 ----A---- C:\Windows\system32\MRT.exe 2012-04-12 00:38:45 ----RSD---- C:\Windows\Fonts 2012-04-11 14:12:06 ----D---- C:\Update 2012-04-11 00:22:12 ----D---- C:\Users\Janiero\AppData\Roaming\Adobe 2012-04-10 14:27:55 ----D---- C:\Program Files\CCleaner 2012-04-10 04:30:51 ----D---- C:\Program Files (x86)\Any Video Converter 2012-04-10 04:28:21 ----D---- C:\Program Files (x86)\Garena 2012-04-10 04:10:56 ----D---- C:\Users\Janiero\AppData\Roaming\vlc 2012-04-01 18:54:17 ----D---- C:\Windows\SYSWOW64\drivers 2012-03-30 23:45:52 ----D---- C:\ProgramData\Adobe 2012-03-29 18:41:27 ----D---- C:\Program Files\Common Files 2012-03-27 02:55:15 ----D---- C:\Program Files (x86)\uTorrent 2012-03-25 09:30:05 ----D---- C:\Users\Janiero\AppData\Roaming\Any Video Converter 2012-03-23 18:23:23 ----DC---- C:\Windows\system32\DRVSTORE ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 amd_sata;amd_sata; C:\Windows\system32\drivers\amd_sata.sys [2010-06-30 73856] R0 amd_xata;amd_xata; C:\Windows\system32\drivers\amd_xata.sys [2010-06-30 28800] R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\drivers\AtiPcie.sys [2010-09-15 16440] R0 FSProFilter;FSPro File Filter; C:\Windows\System32\Drivers\FSPFltd.sys [2010-07-22 54848] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-13 12352] R0 PCTCore;PCTools KDS; C:\Windows\system32\drivers\PCTCore64.sys [2012-03-16 426104] R0 pctDS;PC Tools Data Store; C:\Windows\system32\drivers\pctDS64.sys [2012-02-28 453896] R0 pctEFA;PC Tools Extended File Attributes; C:\Windows\system32\drivers\pctEFA64.sys [2012-02-28 1096176] R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280] R0 pxscan;pxscan; C:\Windows\System32\drivers\pxscan.sys [2012-04-18 36384] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888] R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2010-05-06 28752] R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2010-05-06 424016] R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2010-05-06 121936] R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2010-05-06 51280] R1 ccSet_NST;Norton Safe Web Lite Settings Manager; C:\Windows\system32\drivers\NSTx64\0200000.010\ccSetx64.sys [2011-08-08 167048] R1 PCTSD;PC Tools Spyware Doctor Driver; C:\Windows\System32\Drivers\PCTSD64.sys [2012-03-20 251528] R1 pxrts;pxrts; C:\Windows\System32\drivers\pxrts.sys [2012-04-18 65736] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] R1 VBoxDrv;VirtualBox Service; C:\Windows\system32\DRIVERS\VBoxDrv.sys [2012-03-14 224048] R1 VBoxUSBMon;VirtualBox USB Monitor Driver; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [2012-03-14 130864] R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-13 59904] R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2010-05-06 22096] R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2010-05-06 63568] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atipmdag.sys [2010-09-15 6403072] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-09-15 188928] R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2010-08-25 306296] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-04-06 2298400] R3 pxkbf;pxkbf; C:\Windows\System32\drivers\pxkbf.sys [2012-04-18 24024] R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-03-22 242720] R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2010-03-08 231328] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-04-06 346144] R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-03-09 12032] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-12-22 38456] R3 VBoxNetFlt;VirtualBox Bridged Networking Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys [2012-03-14 166192] S3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2010-03-08 1550848] S3 bthav;Bluetooth AV Profile; C:\Windows\system32\drivers\bthav.sys [2008-07-10 40448] S3 BTHBUS;YRT Bluetooth Bus Driver; C:\Windows\system32\DRIVERS\bthbus.sys [2011-04-25 345968] S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-13 41984] S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-13 118784] S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-27 552960] S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-27 80384] S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2010-03-08 98344] S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\DRIVERS\btwavdt.sys [2010-03-08 132648] S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2010-03-08 35104] S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2010-03-08 21160] S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2012-04-01 21712] S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488] S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [] S3 GPU-Z;GPU-Z; \??\C:\Users\Janiero\AppData\Local\Temp\GPU-Z.sys [] S3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2012-04-04 24904] S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2011-08-17 19968] S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2011-08-17 27136] S3 PCTBD;PC Tools Browser Defender Driver; C:\Windows\System32\Drivers\PCTBD64.sys [2012-03-20 85192] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-13 158720] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2011-08-17 9216] S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-02-18 51712] S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2010-11-20 32768] S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2011-08-17 9216] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2012-03-14 147248] S3 VBoxUSB;VirtualBox USB; C:\Windows\System32\Drivers\VBoxUSB.sys [2012-03-14 117040] S3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-13 17920] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] R2 NSL;Norton Safe Web Lite; C:\Program Files (x86)\Norton Safe Web Lite\Engine\2.0.0.16\ccSvcHst.exe [2011-08-10 138760] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-03-13 1255736] S4 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672] S4 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152] S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S4 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-09-15 202752] S4 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-02-18 37664] S4 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] S4 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] S4 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-05-06 40384] S4 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-04-06 349472] S4 Browser Defender Update Service;Browser Defender Update Service; C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-03-20 571320] S4 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248] S4 CSIScanner;CSIScanner; C:\Program Files\Prevx\prevx.exe [2012-04-18 6746280] S4 gupdate;Google Update Service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-05 136176] S4 gupdatem;Google Update Service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-05 136176] S4 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-04-14 934176] S4 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408] S4 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-09-23 935208] S4 Oasis2Service;Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-09 53248] S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] S4 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192] S4 sdAuxService;PC Tools Auxiliary Service; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-03-20 402336] S4 sdCoreService;PC Tools Security Service; C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe [2012-03-20 1118648] S4 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400] S4 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280] S4 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952] S4 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936] S4 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] S4 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2010-09-27 74496] S4 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2010-05-14 217968] S4 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-03-25 574320] S4 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000] S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776] S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-02-19 386416] S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568] S4 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736] S4 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040] -----------------EOF-----------------
  15. Should i leave it unchecked or checked? What is the default when you installed Mbam? I will wait to your next reply before i do your last post.