Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Had google redirect virus, ran hitman, wont boot [Solved]

Started by mhk44 , Feb 27 2012 12:55 PM

  • This topic is locked This topic is locked

#16
mhk44
Posted 29 February 2012 - 06:28 PM

mhk44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
The computer seems to be running fine.;)

I use the free version of AVG 2012.

I first noticed the Google Redirect Virus after visiting a site where I watched a couple of Knicks games due to the squabble between MSG and TWC.

I uninstalled AVG via the Control Panel.

The computer is still not connected to the internet.

Should I go back online and reinstall AVG?
  • 0

Advertisements

#17
CompCav
Posted 29 February 2012 - 07:07 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
We recommend two other antivirus products here at Geekstogo:

These are among the best free antivirus/antispyware products.
*Please note* You should never install more than one anti-virus program on a PC because it will cause conflicts.

I have multiple computers and use both of them with excellent results and they play well with programs like ComboFix vs. AVG.

If you choose Avast! Free Edition please do a boot time scan. If you choose MS security Essentials please do a full scan.

But your choice.



I will have additional instructions after my instructor approves them.
  • 0

#18
CompCav
Posted 29 February 2012 - 07:32 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

    Posted Image
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

    Posted Image
  • Click the Start Scan button.

    Posted Image
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    Posted Image
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

    Posted Image
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 2.


Posted ImagePlease download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.

  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.



Step 3.


Download OTL to your Desktop
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select Scan All Users
  • Select Lop Check and Purity Check
  • Under the Custom Scan box paste this in
    netsvcs
    %SYSTEMDRIVE%\*.exe
    /md5start
    consrv.dll
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    C:\Windows\assembly\tmp\U\*.* /s
    C:\Program Files\Common Files\ComObjects\*.* /s
    C:\windows\*. /RP /s
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    CREATERESTOREPOINT
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Post both logs


Step 4.

Please post:

TDSSKiller log
mbam log
OTL.txt
Extras.txt


Please tell me how the computer is performing!
  • 0

#19
mhk44
Posted 02 March 2012 - 02:50 PM

mhk44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
Computer is running well except that it apparently hung overnight.

I booted normally and all appears to be OK.

Ran TDSSKiller:

12:37:05.0873 4460 TDSS rootkit removing tool 2.7.17.0 Feb 29 2012 14:02:24
12:37:10.0366 4460 ============================================================
12:37:10.0366 4460 Current date / time: 2012/03/02 12:37:10.0366
12:37:10.0366 4460 SystemInfo:
12:37:10.0366 4460
12:37:10.0366 4460 OS Version: 6.1.7601 ServicePack: 1.0
12:37:10.0366 4460 Product type: Workstation
12:37:10.0366 4460 ComputerName: M-TOSHIBA
12:37:10.0366 4460 UserName: Mike
12:37:10.0366 4460 Windows directory: C:\Windows
12:37:10.0366 4460 System windows directory: C:\Windows
12:37:10.0366 4460 Processor architecture: Intel x86
12:37:10.0366 4460 Number of processors: 2
12:37:10.0366 4460 Page size: 0x1000
12:37:10.0366 4460 Boot type: Normal boot
12:37:10.0366 4460 ============================================================
12:37:11.0084 4460 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:37:11.0084 4460 Drive \Device\Harddisk1\DR1 - Size: 0x1E6000000 (7.59 Gb), SectorSize: 0x200, Cylinders: 0x3DF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:37:11.0084 4460 \Device\Harddisk0\DR0:
12:37:11.0084 4460 MBR used
12:37:11.0084 4460 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1CED6970
12:37:11.0084 4460 \Device\Harddisk1\DR1:
12:37:11.0084 4460 MBR used
12:37:11.0115 4460 Initialize success
12:37:11.0115 4460 ============================================================
12:37:56.0215 4488 ============================================================
12:37:56.0215 4488 Scan started
12:37:56.0215 4488 Mode: Manual; SigCheck; TDLFS;
12:37:56.0215 4488 ============================================================
12:37:56.0854 4488 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
12:37:56.0964 4488 1394ohci - ok
12:37:57.0042 4488 61883 (beb5e6a8c17c3c7485563281e0f9e77e) C:\Windows\system32\DRIVERS\61883.sys
12:37:57.0120 4488 61883 - ok
12:37:57.0198 4488 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
12:37:57.0229 4488 ACPI - ok
12:37:57.0322 4488 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
12:37:57.0385 4488 AcpiPmi - ok
12:37:57.0556 4488 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
12:37:57.0603 4488 adp94xx - ok
12:37:57.0697 4488 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
12:37:57.0728 4488 adpahci - ok
12:37:57.0822 4488 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
12:37:57.0853 4488 adpu320 - ok
12:37:57.0946 4488 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
12:37:57.0993 4488 AFD - ok
12:37:58.0118 4488 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
12:37:58.0180 4488 AgereSoftModem - ok
12:37:58.0274 4488 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
12:37:58.0305 4488 agp440 - ok
12:37:58.0414 4488 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
12:37:58.0430 4488 aic78xx - ok
12:37:58.0586 4488 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
12:37:58.0602 4488 aliide - ok
12:37:58.0664 4488 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
12:37:58.0680 4488 amdagp - ok
12:37:58.0695 4488 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
12:37:58.0711 4488 amdide - ok
12:37:58.0820 4488 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
12:37:58.0867 4488 AmdK8 - ok
12:37:58.0898 4488 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
12:37:58.0945 4488 AmdPPM - ok
12:37:59.0038 4488 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
12:37:59.0070 4488 amdsata - ok
12:37:59.0132 4488 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
12:37:59.0148 4488 amdsbs - ok
12:37:59.0179 4488 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
12:37:59.0194 4488 amdxata - ok
12:37:59.0272 4488 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
12:37:59.0335 4488 AppID - ok
12:37:59.0475 4488 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
12:37:59.0491 4488 arc - ok
12:37:59.0522 4488 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
12:37:59.0553 4488 arcsas - ok
12:37:59.0584 4488 aswFsBlk (581b82df5dbcc1dda6b775fac0d92472) C:\Windows\system32\drivers\aswFsBlk.sys
12:37:59.0631 4488 aswFsBlk - ok
12:37:59.0725 4488 aswMonFlt (0787b434e9098840966c23bb1c77df49) C:\Windows\system32\drivers\aswMonFlt.sys
12:37:59.0756 4488 aswMonFlt - ok
12:37:59.0803 4488 aswRdr (03a901b0ba42aac44d7669c7c71dbbc0) C:\Windows\System32\Drivers\aswrdr2.sys
12:37:59.0818 4488 aswRdr - ok
12:37:59.0943 4488 aswSnx (ca9601cd277a1e510b80422a40240a95) C:\Windows\system32\drivers\aswSnx.sys
12:37:59.0990 4488 aswSnx - ok
12:38:00.0068 4488 aswSP (05ea22dde5ca7ee3a865046aff2f0229) C:\Windows\system32\drivers\aswSP.sys
12:38:00.0099 4488 aswSP - ok
12:38:00.0208 4488 aswTdi (3ac73a9e7378848d1bde174b4bb39212) C:\Windows\system32\drivers\aswTdi.sys
12:38:00.0240 4488 aswTdi - ok
12:38:00.0302 4488 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
12:38:00.0364 4488 AsyncMac - ok
12:38:00.0458 4488 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
12:38:00.0474 4488 atapi - ok
12:38:00.0536 4488 Avc (c44bdd77e06053cf5afe046f3a47c16b) C:\Windows\system32\DRIVERS\avc.sys
12:38:00.0567 4488 Avc - ok
12:38:00.0645 4488 AVC3310F (b5c31213e9eb0e7a1134c9b9bd444ef1) C:\Windows\system32\Drivers\avcuwfl2.sys
12:38:00.0676 4488 AVC3310F - ok
12:38:00.0770 4488 AvcUWil2 (39a8db97747b5bc9ec17887b8bdafe5a) C:\Windows\system32\DRIVERS\avcuwil2.sys
12:38:00.0832 4488 AvcUWil2 - ok
12:38:00.0973 4488 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
12:38:01.0035 4488 b06bdrv - ok
12:38:01.0129 4488 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
12:38:01.0160 4488 b57nd60x - ok
12:38:01.0207 4488 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
12:38:01.0254 4488 Beep - ok
12:38:01.0378 4488 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
12:38:01.0425 4488 blbdrive - ok
12:38:01.0503 4488 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
12:38:01.0550 4488 bowser - ok
12:38:01.0628 4488 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:38:01.0675 4488 BrFiltLo - ok
12:38:01.0722 4488 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:38:01.0768 4488 BrFiltUp - ok
12:38:01.0846 4488 BridgeMP (77361d72a04f18809d0efb6cceb74d4b) C:\Windows\system32\DRIVERS\bridge.sys
12:38:01.0924 4488 BridgeMP - ok
12:38:01.0971 4488 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
12:38:02.0018 4488 Brserid - ok
12:38:02.0096 4488 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
12:38:02.0143 4488 BrSerWdm - ok
12:38:02.0236 4488 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
12:38:02.0283 4488 BrUsbMdm - ok
12:38:02.0377 4488 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
12:38:02.0424 4488 BrUsbSer - ok
12:38:02.0502 4488 BTCFilterService - ok
12:38:02.0580 4488 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
12:38:02.0626 4488 BthEnum - ok
12:38:02.0720 4488 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
12:38:02.0767 4488 BTHMODEM - ok
12:38:02.0829 4488 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
12:38:02.0876 4488 BthPan - ok
12:38:02.0985 4488 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
12:38:03.0032 4488 BTHPORT - ok
12:38:03.0157 4488 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
12:38:03.0204 4488 BTHUSB - ok
12:38:03.0313 4488 btusbflt (f549c3fb145a4928e40bb1518b2034dc) C:\Windows\system32\drivers\btusbflt.sys
12:38:03.0328 4488 btusbflt - ok
12:38:03.0375 4488 btwaudio (ce5833c144ca6623bcbde93b188aa850) C:\Windows\system32\drivers\btwaudio.sys
12:38:03.0391 4488 btwaudio - ok
12:38:03.0469 4488 btwavdt (af9148c3e844131ac954cb53ff43d971) C:\Windows\system32\DRIVERS\btwavdt.sys
12:38:03.0484 4488 btwavdt - ok
12:38:03.0562 4488 btwl2cap (aafd7cb76ba61fbb08e302da208c974a) C:\Windows\system32\DRIVERS\btwl2cap.sys
12:38:03.0562 4488 btwl2cap - ok
12:38:03.0640 4488 btwrchid (480b3d195854b2e55299cddddc50bcf9) C:\Windows\system32\DRIVERS\btwrchid.sys
12:38:03.0656 4488 btwrchid - ok
12:38:03.0750 4488 catchme - ok
12:38:03.0874 4488 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
12:38:03.0937 4488 cdfs - ok
12:38:03.0999 4488 Cdr4_xp (bf79e659c506674c0497cc9c61f1a165) C:\Windows\system32\drivers\Cdr4_xp.sys
12:38:04.0015 4488 Cdr4_xp ( UnsignedFile.Multi.Generic ) - warning
12:38:04.0015 4488 Cdr4_xp - detected UnsignedFile.Multi.Generic (1)
12:38:04.0077 4488 Cdralw2k (2c41cd49d82d5fd85c72d57b6ca25471) C:\Windows\system32\drivers\Cdralw2k.sys
12:38:04.0108 4488 Cdralw2k ( UnsignedFile.Multi.Generic ) - warning
12:38:04.0108 4488 Cdralw2k - detected UnsignedFile.Multi.Generic (1)
12:38:04.0202 4488 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\DRIVERS\cdrom.sys
12:38:04.0264 4488 cdrom - ok
12:38:04.0374 4488 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
12:38:04.0420 4488 circlass - ok
12:38:04.0483 4488 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
12:38:04.0530 4488 CLFS - ok
12:38:04.0623 4488 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
12:38:04.0670 4488 CmBatt - ok
12:38:04.0732 4488 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
12:38:04.0748 4488 cmdide - ok
12:38:04.0810 4488 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
12:38:04.0842 4488 CNG - ok
12:38:04.0920 4488 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
12:38:04.0951 4488 Compbatt - ok
12:38:05.0013 4488 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
12:38:05.0060 4488 CompositeBus - ok
12:38:05.0154 4488 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
12:38:05.0185 4488 crcdisk - ok
12:38:05.0278 4488 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
12:38:05.0341 4488 DfsC - ok
12:38:05.0434 4488 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
12:38:05.0497 4488 discache - ok
12:38:05.0590 4488 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
12:38:05.0622 4488 Disk - ok
12:38:05.0715 4488 dpK0Bx01 (aa586b977f26720193e76c6ce4975f0e) C:\Windows\system32\DRIVERS\dpK0Bx01.sys
12:38:05.0746 4488 dpK0Bx01 - ok
12:38:05.0824 4488 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
12:38:05.0840 4488 drmkaud - ok
12:38:05.0918 4488 DVDRIVER (623a63239b076628591434dc1788b7e8) C:\Windows\system32\DRIVERS\dvdriver.sys
12:38:05.0934 4488 DVDRIVER - ok
12:38:06.0012 4488 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
12:38:06.0027 4488 DXGKrnl - ok
12:38:06.0246 4488 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
12:38:06.0386 4488 ebdrv - ok
12:38:06.0495 4488 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
12:38:06.0542 4488 elxstor - ok
12:38:06.0620 4488 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
12:38:06.0667 4488 ErrDev - ok
12:38:06.0792 4488 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
12:38:06.0854 4488 exfat - ok
12:38:06.0885 4488 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
12:38:06.0932 4488 fastfat - ok
12:38:07.0026 4488 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
12:38:07.0072 4488 fdc - ok
12:38:07.0150 4488 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
12:38:07.0166 4488 FileInfo - ok
12:38:07.0213 4488 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
12:38:07.0260 4488 Filetrace - ok
12:38:07.0353 4488 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
12:38:07.0400 4488 flpydisk - ok
12:38:07.0462 4488 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
12:38:07.0494 4488 FltMgr - ok
12:38:07.0572 4488 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
12:38:07.0603 4488 FsDepends - ok
12:38:07.0618 4488 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
12:38:07.0634 4488 Fs_Rec - ok
12:38:07.0696 4488 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
12:38:07.0728 4488 fvevol - ok
12:38:07.0821 4488 FwLnk (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
12:38:07.0852 4488 FwLnk - ok
12:38:07.0899 4488 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
12:38:07.0915 4488 gagp30kx - ok
12:38:07.0962 4488 GEARAspiWDM (ab8a6a87d9d7255c3884d5b9541a6e80) C:\Windows\system32\Drivers\GEARAspiWDM.sys
12:38:07.0962 4488 GEARAspiWDM - ok
12:38:08.0086 4488 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
12:38:08.0118 4488 hcw85cir - ok
12:38:08.0180 4488 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
12:38:08.0211 4488 HDAudBus - ok
12:38:08.0305 4488 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
12:38:08.0352 4488 HidBatt - ok
12:38:08.0398 4488 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
12:38:08.0445 4488 HidBth - ok
12:38:08.0539 4488 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
12:38:08.0601 4488 HidIr - ok
12:38:08.0726 4488 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
12:38:08.0773 4488 HidUsb - ok
12:38:08.0898 4488 hitmanpro35 (72472b9ce5d02e443cff49a40355455d) C:\Windows\system32\drivers\hitmanpro35.sys
12:38:08.0929 4488 hitmanpro35 - ok
12:38:09.0022 4488 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
12:38:09.0054 4488 HpSAMD - ok
12:38:09.0178 4488 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
12:38:09.0256 4488 HTTP - ok
12:38:09.0350 4488 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
12:38:09.0381 4488 hwpolicy - ok
12:38:09.0459 4488 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
12:38:09.0506 4488 i8042prt - ok
12:38:09.0615 4488 iaStor (e5a0034847537eaee3c00349d5c34c5f) C:\Windows\system32\DRIVERS\iaStor.sys
12:38:09.0631 4488 iaStor - ok
12:38:09.0709 4488 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
12:38:09.0724 4488 iaStorV - ok
12:38:09.0927 4488 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
12:38:10.0146 4488 igfx - ok
12:38:10.0255 4488 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
12:38:10.0270 4488 iirsp - ok
12:38:10.0411 4488 IntcAzAudAddService (8a4341616976e47712b60f18c7049dcc) C:\Windows\system32\drivers\RTKVHDA.sys
12:38:10.0458 4488 IntcAzAudAddService - ok
12:38:10.0567 4488 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
12:38:10.0582 4488 intelide - ok
12:38:10.0645 4488 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
12:38:10.0692 4488 intelppm - ok
12:38:10.0785 4488 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:38:10.0848 4488 IpFilterDriver - ok
12:38:10.0910 4488 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
12:38:10.0941 4488 IPMIDRV - ok
12:38:11.0019 4488 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
12:38:11.0097 4488 IPNAT - ok
12:38:11.0128 4488 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
12:38:11.0175 4488 IRENUM - ok
12:38:11.0253 4488 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
12:38:11.0284 4488 isapnp - ok
12:38:11.0347 4488 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
12:38:11.0362 4488 iScsiPrt - ok
12:38:11.0456 4488 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\DRIVERS\kbdclass.sys
12:38:11.0487 4488 kbdclass - ok
12:38:11.0534 4488 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\DRIVERS\kbdhid.sys
12:38:11.0581 4488 kbdhid - ok
12:38:11.0674 4488 KR10I (e8ca038f51f7761bd6e3a3b0b8014263) C:\Windows\system32\drivers\kr10i.sys
12:38:11.0706 4488 KR10I - ok
12:38:11.0752 4488 KR10N (6a4adb9186dd0e114e623daf57e42b31) C:\Windows\system32\drivers\kr10n.sys
12:38:11.0799 4488 KR10N - ok
12:38:11.0893 4488 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
12:38:11.0924 4488 KSecDD - ok
12:38:11.0955 4488 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
12:38:11.0971 4488 KSecPkg - ok
12:38:12.0096 4488 LHidFilt (7f9c7b28cf1c859e1c42619eea946dc8) C:\Windows\system32\DRIVERS\LHidFilt.Sys
12:38:12.0111 4488 LHidFilt - ok
12:38:12.0220 4488 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
12:38:12.0283 4488 lltdio - ok
12:38:12.0392 4488 LMouFilt (ab33792a87285344f43b5ce23421bab0) C:\Windows\system32\DRIVERS\LMouFilt.Sys
12:38:12.0408 4488 LMouFilt - ok
12:38:12.0470 4488 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
12:38:12.0501 4488 LSI_FC - ok
12:38:12.0579 4488 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
12:38:12.0610 4488 LSI_SAS - ok
12:38:12.0657 4488 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:38:12.0688 4488 LSI_SAS2 - ok
12:38:12.0751 4488 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:38:12.0782 4488 LSI_SCSI - ok
12:38:12.0844 4488 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
12:38:12.0907 4488 luafv - ok
12:38:13.0016 4488 LUsbFilt (77030525cd86a93f1af34fa9b96d33ce) C:\Windows\system32\Drivers\LUsbFilt.Sys
12:38:13.0032 4488 LUsbFilt - ok
12:38:13.0094 4488 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
12:38:13.0125 4488 megasas - ok
12:38:13.0203 4488 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
12:38:13.0234 4488 MegaSR - ok
12:38:13.0281 4488 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
12:38:13.0328 4488 Modem - ok
12:38:13.0422 4488 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
12:38:13.0468 4488 monitor - ok
12:38:13.0515 4488 motccgp - ok
12:38:13.0531 4488 motccgpfl - ok
12:38:13.0546 4488 motmodem - ok
12:38:13.0624 4488 MotoSwitchService - ok
12:38:13.0656 4488 Motousbnet - ok
12:38:13.0702 4488 motusbdevice - ok
12:38:13.0765 4488 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\DRIVERS\mouclass.sys
12:38:13.0780 4488 mouclass - ok
12:38:13.0874 4488 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
12:38:13.0921 4488 mouhid - ok
12:38:13.0999 4488 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
12:38:14.0014 4488 mountmgr - ok
12:38:14.0092 4488 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
12:38:14.0124 4488 mpio - ok
12:38:14.0186 4488 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
12:38:14.0264 4488 mpsdrv - ok
12:38:14.0358 4488 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
12:38:14.0404 4488 MRxDAV - ok
12:38:14.0514 4488 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
12:38:14.0560 4488 mrxsmb - ok
12:38:14.0607 4488 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:38:14.0638 4488 mrxsmb10 - ok
12:38:14.0654 4488 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:38:14.0701 4488 mrxsmb20 - ok
12:38:14.0779 4488 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
12:38:14.0810 4488 msahci - ok
12:38:14.0950 4488 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
12:38:14.0982 4488 msdsm - ok
12:38:15.0060 4488 MSDV (114b67c324d64c8195fd3bf93b4df02a) C:\Windows\system32\DRIVERS\msdv.sys
12:38:15.0091 4488 MSDV - ok
12:38:15.0184 4488 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
12:38:15.0247 4488 Msfs - ok
12:38:15.0262 4488 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
12:38:15.0325 4488 mshidkmdf - ok
12:38:15.0418 4488 MSHUSBVideo (5119ffc2a6b51089cdb0efdc75808c97) C:\Windows\system32\Drivers\nx6000.sys
12:38:15.0434 4488 MSHUSBVideo - ok
12:38:15.0496 4488 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
12:38:15.0512 4488 msisadrv - ok
12:38:15.0637 4488 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
12:38:15.0699 4488 MSKSSRV - ok
12:38:15.0730 4488 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
12:38:15.0777 4488 MSPCLOCK - ok
12:38:15.0886 4488 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
12:38:15.0964 4488 MSPQM - ok
12:38:16.0011 4488 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
12:38:16.0027 4488 MsRPC - ok
12:38:16.0058 4488 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
12:38:16.0074 4488 mssmbios - ok
12:38:16.0167 4488 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
12:38:16.0230 4488 MSTEE - ok
12:38:16.0276 4488 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
12:38:16.0308 4488 MTConfig - ok
12:38:16.0401 4488 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
12:38:16.0417 4488 Mup - ok
12:38:16.0479 4488 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
12:38:16.0510 4488 NativeWifiP - ok
12:38:16.0620 4488 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
12:38:16.0666 4488 NDIS - ok
12:38:16.0760 4488 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
12:38:16.0838 4488 NdisCap - ok
12:38:16.0885 4488 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
12:38:16.0932 4488 NdisTapi - ok
12:38:17.0010 4488 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
12:38:17.0072 4488 Ndisuio - ok
12:38:17.0134 4488 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
12:38:17.0212 4488 NdisWan - ok
12:38:17.0306 4488 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
12:38:17.0353 4488 NDProxy - ok
12:38:17.0415 4488 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
12:38:17.0493 4488 NetBIOS - ok
12:38:17.0571 4488 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
12:38:17.0634 4488 NetBT - ok
12:38:17.0883 4488 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
12:38:18.0086 4488 netw5v32 - ok
12:38:18.0195 4488 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
12:38:18.0226 4488 nfrd960 - ok
12:38:18.0289 4488 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
12:38:18.0336 4488 Npfs - ok
12:38:18.0414 4488 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
12:38:18.0460 4488 nsiproxy - ok
12:38:18.0554 4488 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
12:38:18.0601 4488 Ntfs - ok
12:38:18.0694 4488 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
12:38:18.0741 4488 Null - ok
12:38:18.0804 4488 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
12:38:18.0835 4488 nvraid - ok
12:38:18.0897 4488 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
12:38:18.0928 4488 nvstor - ok
12:38:18.0991 4488 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
12:38:19.0022 4488 nv_agp - ok
12:38:19.0069 4488 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
12:38:19.0100 4488 ohci1394 - ok
12:38:19.0209 4488 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
12:38:19.0240 4488 Parport - ok
12:38:19.0303 4488 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
12:38:19.0334 4488 partmgr - ok
12:38:19.0350 4488 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
12:38:19.0365 4488 Parvdm - ok
12:38:19.0443 4488 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
12:38:19.0474 4488 pci - ok
12:38:19.0490 4488 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
12:38:19.0506 4488 pciide - ok
12:38:19.0552 4488 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
12:38:19.0584 4488 pcmcia - ok
12:38:19.0599 4488 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
12:38:19.0615 4488 pcw - ok
12:38:19.0724 4488 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
12:38:19.0786 4488 PEAUTH - ok
12:38:19.0958 4488 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
12:38:20.0005 4488 PptpMiniport - ok
12:38:20.0036 4488 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
12:38:20.0083 4488 Processor - ok
12:38:20.0176 4488 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
12:38:20.0254 4488 Psched - ok
12:38:20.0301 4488 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\Windows\system32\Drivers\PxHelp20.sys
12:38:20.0317 4488 PxHelp20 - ok
12:38:20.0426 4488 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
12:38:20.0488 4488 ql2300 - ok
12:38:20.0582 4488 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
12:38:20.0598 4488 ql40xx - ok
12:38:20.0644 4488 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
12:38:20.0660 4488 QWAVEdrv - ok
12:38:20.0676 4488 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
12:38:20.0722 4488 RasAcd - ok
12:38:20.0816 4488 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
12:38:20.0878 4488 RasAgileVpn - ok
12:38:20.0956 4488 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
12:38:21.0034 4488 Rasl2tp - ok
12:38:21.0128 4488 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
12:38:21.0206 4488 RasPppoe - ok
12:38:21.0253 4488 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
12:38:21.0300 4488 RasSstp - ok
12:38:21.0393 4488 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
12:38:21.0456 4488 rdbss - ok
12:38:21.0502 4488 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
12:38:21.0565 4488 rdpbus - ok
12:38:21.0643 4488 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
12:38:21.0705 4488 RDPCDD - ok
12:38:21.0768 4488 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
12:38:21.0830 4488 RDPENCDD - ok
12:38:21.0924 4488 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
12:38:21.0970 4488 RDPREFMP - ok
12:38:22.0033 4488 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
12:38:22.0095 4488 RDPWD - ok
12:38:22.0204 4488 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
12:38:22.0236 4488 rdyboost - ok
12:38:22.0314 4488 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
12:38:22.0360 4488 RFCOMM - ok
12:38:22.0438 4488 rimmptsk (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
12:38:22.0485 4488 rimmptsk - ok
12:38:22.0563 4488 rimsptsk (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
12:38:22.0626 4488 rimsptsk - ok
12:38:22.0719 4488 RimVSerPort (2c4fb2e9f039287767c384e46ee91030) C:\Windows\system32\DRIVERS\RimSerial.sys
12:38:22.0750 4488 RimVSerPort - ok
12:38:22.0797 4488 rismxdp (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
12:38:22.0828 4488 rismxdp - ok
12:38:22.0860 4488 ROOTMODEM (564297827d213f52c7a3a2ff749568ca) C:\Windows\system32\Drivers\RootMdm.sys
12:38:22.0922 4488 ROOTMODEM - ok
12:38:23.0047 4488 RsFx0105 (6a7360e36cbd636972aeef0dd292a946) C:\Windows\system32\DRIVERS\RsFx0105.sys
12:38:23.0062 4488 RsFx0105 - ok
12:38:23.0125 4488 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
12:38:23.0187 4488 rspndr - ok
12:38:23.0296 4488 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
12:38:23.0328 4488 RTL8167 - ok
12:38:23.0406 4488 RTL8169 (13e97cf38286b8a1d7605d3175db28ee) C:\Windows\system32\DRIVERS\Rtlh86.sys
12:38:23.0421 4488 RTL8169 - ok
12:38:23.0546 4488 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
12:38:23.0577 4488 SASKUTIL - ok
12:38:23.0671 4488 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
12:38:23.0686 4488 sbp2port - ok
12:38:23.0749 4488 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
12:38:23.0796 4488 scfilter - ok
12:38:23.0905 4488 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
12:38:23.0952 4488 sdbus - ok
12:38:24.0014 4488 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
12:38:24.0061 4488 secdrv - ok
12:38:24.0154 4488 ser2plms (227df2e68510d25462ee80136722374e) C:\Windows\system32\DRIVERS\ser2plms.sys
12:38:24.0186 4488 ser2plms - ok
12:38:24.0248 4488 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
12:38:24.0279 4488 Serenum - ok
12:38:24.0373 4488 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
12:38:24.0420 4488 Serial - ok
12:38:24.0482 4488 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
12:38:24.0529 4488 sermouse - ok
12:38:24.0638 4488 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
12:38:24.0685 4488 sffdisk - ok
12:38:24.0732 4488 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
12:38:24.0778 4488 sffp_mmc - ok
12:38:24.0856 4488 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
12:38:24.0919 4488 sffp_sd - ok
12:38:24.0981 4488 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
12:38:25.0028 4488 sfloppy - ok
12:38:25.0122 4488 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
12:38:25.0137 4488 sisagp - ok
12:38:25.0215 4488 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:38:25.0246 4488 SiSRaid2 - ok
12:38:25.0324 4488 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
12:38:25.0356 4488 SiSRaid4 - ok
12:38:25.0387 4488 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
12:38:25.0418 4488 Smb - ok
12:38:25.0527 4488 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
12:38:25.0543 4488 spldr - ok
12:38:25.0652 4488 SpNtDrv - ok
12:38:25.0761 4488 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
12:38:25.0792 4488 srv - ok
12:38:25.0870 4488 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
12:38:25.0917 4488 srv2 - ok
12:38:25.0948 4488 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
12:38:25.0980 4488 srvnet - ok
12:38:26.0089 4488 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
12:38:26.0120 4488 stexstor - ok
12:38:26.0198 4488 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
12:38:26.0229 4488 swenum - ok
12:38:26.0323 4488 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
12:38:26.0354 4488 SynTP - ok
12:38:26.0479 4488 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
12:38:26.0541 4488 Tcpip - ok
12:38:26.0666 4488 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
12:38:26.0713 4488 TCPIP6 - ok
12:38:26.0806 4488 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
12:38:26.0884 4488 tcpipreg - ok
12:38:26.0962 4488 tdcmdpst (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
12:38:26.0978 4488 tdcmdpst - ok
12:38:27.0056 4488 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
12:38:27.0118 4488 TDPIPE - ok
12:38:27.0150 4488 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
12:38:27.0181 4488 TDTCP - ok
12:38:27.0243 4488 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
12:38:27.0290 4488 tdx - ok
12:38:27.0368 4488 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
12:38:27.0384 4488 TermDD - ok
12:38:27.0524 4488 tosrfec (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
12:38:27.0571 4488 tosrfec - ok
12:38:27.0680 4488 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
12:38:27.0774 4488 tssecsrv - ok
12:38:27.0867 4488 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
12:38:27.0898 4488 TsUsbFlt - ok
12:38:27.0992 4488 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
12:38:28.0054 4488 tunnel - ok
12:38:28.0101 4488 TVALZ (fc24015b4052600c324c43e3a79c0664) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
12:38:28.0101 4488 TVALZ - ok
12:38:28.0179 4488 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
12:38:28.0210 4488 uagp35 - ok
12:38:28.0288 4488 ubloxusb (d363d7083263704287609b607fa9ba8a) C:\Windows\system32\DRIVERS\ubloxusb.sys
12:38:28.0335 4488 ubloxusb - ok
12:38:28.0429 4488 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
12:38:28.0491 4488 udfs - ok
12:38:28.0569 4488 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
12:38:28.0585 4488 uliagpkx - ok
12:38:28.0694 4488 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\drivers\umbus.sys
12:38:28.0741 4488 umbus - ok
12:38:28.0803 4488 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
12:38:28.0866 4488 UmPass - ok
12:38:28.0959 4488 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
12:38:29.0006 4488 usbaudio - ok
12:38:29.0053 4488 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
12:38:29.0068 4488 usbccgp - ok
12:38:29.0162 4488 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
12:38:29.0209 4488 usbcir - ok
12:38:29.0256 4488 usbdpfp (334fd1ed28cf35113522d86733ab576c) C:\Windows\system32\DRIVERS\usbdpfp.sys
12:38:29.0271 4488 usbdpfp - ok
12:38:29.0318 4488 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
12:38:29.0334 4488 usbehci - ok
12:38:29.0396 4488 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
12:38:29.0427 4488 usbhub - ok
12:38:29.0490 4488 usbohci (a6fb7957ea7afb1165991e54ce934b74) C:\Windows\system32\DRIVERS\usbohci.sys
12:38:29.0536 4488 usbohci - ok
12:38:29.0630 4488 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
12:38:29.0692 4488 usbprint - ok
12:38:29.0739 4488 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:38:29.0802 4488 USBSTOR - ok
12:38:29.0864 4488 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
12:38:29.0895 4488 usbuhci - ok
12:38:29.0973 4488 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\system32\Drivers\usbvideo.sys
12:38:30.0036 4488 usbvideo - ok
12:38:30.0098 4488 UVCFTR (237c444fbd1c697a2e3fa60f02c61f22) C:\Windows\system32\Drivers\UVCFTR_S.SYS
12:38:30.0114 4488 UVCFTR - ok
12:38:30.0192 4488 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
12:38:30.0207 4488 vdrvroot - ok
12:38:30.0254 4488 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
12:38:30.0285 4488 vga - ok
12:38:30.0363 4488 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
12:38:30.0410 4488 VgaSave - ok
12:38:30.0472 4488 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
12:38:30.0504 4488 vhdmp - ok
12:38:30.0582 4488 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
12:38:30.0613 4488 viaagp - ok
12:38:30.0660 4488 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
12:38:30.0706 4488 ViaC7 - ok
12:38:30.0738 4488 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
12:38:30.0753 4488 viaide - ok
12:38:30.0831 4488 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
12:38:30.0847 4488 volmgr - ok
12:38:30.0925 4488 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
12:38:30.0956 4488 volmgrx - ok
12:38:31.0003 4488 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
12:38:31.0034 4488 volsnap - ok
12:38:31.0112 4488 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
12:38:31.0159 4488 vsmraid - ok
12:38:31.0190 4488 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\System32\drivers\vwifibus.sys
12:38:31.0221 4488 vwifibus - ok
12:38:31.0330 4488 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
12:38:31.0377 4488 WacomPen - ok
12:38:31.0455 4488 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:38:31.0502 4488 WANARP - ok
12:38:31.0518 4488 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
12:38:31.0549 4488 Wanarpv6 - ok
12:38:31.0689 4488 WCDV_Aud (3bc8598cd4a09464088664c21964efde) C:\Windows\system32\drivers\wcdvaud.sys
12:38:31.0689 4488 WCDV_Aud ( UnsignedFile.Multi.Generic ) - warning
12:38:31.0689 4488 WCDV_Aud - detected UnsignedFile.Multi.Generic (1)
12:38:31.0767 4488 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
12:38:31.0783 4488 Wd - ok
12:38:31.0830 4488 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
12:38:31.0861 4488 Wdf01000 - ok
12:38:31.0954 4488 WebCamDV (1fc55a99b043e6e0ec1b0d36ca181448) C:\Windows\system32\DRIVERS\WebCamDV.sys
12:38:31.0970 4488 WebCamDV ( UnsignedFile.Multi.Generic ) - warning
12:38:31.0970 4488 WebCamDV - detected UnsignedFile.Multi.Generic (1)
12:38:32.0110 4488 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
12:38:32.0157 4488 WfpLwf - ok
12:38:32.0188 4488 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
12:38:32.0204 4488 WIMMount - ok
12:38:32.0329 4488 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
12:38:32.0360 4488 WinUsb - ok
12:38:32.0438 4488 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
12:38:32.0469 4488 WmiAcpi - ok
12:38:32.0578 4488 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
12:38:32.0641 4488 ws2ifsl - ok
12:38:32.0719 4488 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
12:38:32.0766 4488 WudfPf - ok
12:38:32.0890 4488 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
12:38:32.0937 4488 WUDFRd - ok
12:38:33.0218 4488 xusb21 (c26c68bcbac1f33f890c226769759209) C:\Windows\system32\DRIVERS\xusb21.sys
12:38:33.0249 4488 xusb21 - ok
12:38:33.0296 4488 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
12:38:33.0436 4488 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
12:38:33.0436 4488 \Device\Harddisk0\DR0 - detected TDSS File System (1)
12:38:33.0436 4488 MBR (0x1B8) (35c80442b0d2c4e70d24dc1c7cadda28) \Device\Harddisk1\DR1
12:38:37.0477 4488 \Device\Harddisk1\DR1 - ok
12:38:37.0477 4488 Boot (0x1200) (5ea43d59371c2005361d8ecd63e54d72) \Device\Harddisk0\DR0\Partition0
12:38:37.0477 4488 \Device\Harddisk0\DR0\Partition0 - ok
12:38:37.0477 4488 ============================================================
12:38:37.0477 4488 Scan finished
12:38:37.0477 4488 ============================================================
12:38:37.0492 4560 Detected object count: 5
12:38:37.0492 4560 Actual detected object count: 5
12:40:33.0603 4560 Cdr4_xp ( UnsignedFile.Multi.Generic ) - skipped by user
12:40:33.0603 4560 Cdr4_xp ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:40:33.0603 4560 Cdralw2k ( UnsignedFile.Multi.Generic ) - skipped by user
12:40:33.0603 4560 Cdralw2k ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:40:33.0619 4560 WCDV_Aud ( UnsignedFile.Multi.Generic ) - skipped by user
12:40:33.0619 4560 WCDV_Aud ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:40:33.0619 4560 WebCamDV ( UnsignedFile.Multi.Generic ) - skipped by user
12:40:33.0619 4560 WebCamDV ( UnsignedFile.Multi.Generic ) - User select action: Skip
12:40:33.0619 4560 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
12:40:33.0619 4560 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
12:41:09.0608 4484 Deinitialize success

Ran Malwarebytes but forgot to copy/paste.
It reported zero problems.

Ran OTL:

OTL logfile created on: 3/2/2012 2:00:09 PM - Run 1
OTL by OldTimer - Version 3.2.34.0 Folder = C:\Users\Mike\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 63.70% Memory free
5.98 Gb Paging File | 4.82 Gb Available in Paging File | 80.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 171.00 Gb Free Space | 73.89% Space Free | Partition Type: NTFS
Drive F: | 7.59 Gb Total Space | 7.57 Gb Free Space | 99.73% Space Free | Partition Type: FAT32

Computer Name: M-TOSHIBA | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/01 12:02:08 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2012/02/23 11:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/02/23 11:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/21 17:56:57 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/10 14:35:20 | 000,227,184 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/08/08 17:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/06/06 04:23:09 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/04/15 19:30:58 | 000,137,216 | ---- | M] (Eagletron Inc.) -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe
PRC - [2009/09/04 11:43:40 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/09/04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/08/21 08:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2009/08/21 08:29:20 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2009/08/05 13:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2009/07/28 13:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2009/07/20 11:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/05/22 11:33:00 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/09/26 14:22:44 | 000,417,792 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008/07/04 14:51:54 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/01/29 20:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/21 18:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2007/09/28 19:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
PRC - [2006/10/09 15:28:06 | 000,230,928 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHost.exe
PRC - [2006/10/09 15:27:54 | 000,807,440 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/05/20 08:59:32 | 001,056,768 | ---- | M] (OrangeWare, Inc.) -- C:\Windows\system\wcdvtray.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/08 17:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2009/07/29 14:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll
MOD - [2009/07/20 11:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll
MOD - [2009/07/16 14:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 14:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2009/03/12 18:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2006/10/10 14:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 14:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (ITSQS)
SRV - [2012/02/23 11:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/21 17:56:57 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/10 14:35:20 | 000,227,184 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/05/01 07:35:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/15 19:30:58 | 000,137,216 | ---- | M] (Eagletron Inc.) [Auto | Running] -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe -- (Eagletron TrackerPod Service)
SRV - [2009/09/04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/08/21 08:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/07/20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/21 18:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/10/09 15:28:06 | 000,230,928 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHost.exe -- (DpHost)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2012/02/27 15:41:45 | 000,023,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV - [2012/02/23 11:12:28 | 000,610,648 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/02/23 11:12:16 | 000,337,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/02/23 11:10:59 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV - [2012/02/23 11:10:39 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/02/23 11:10:34 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/02/23 11:10:16 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/21 17:56:38 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/22 17:10:34 | 000,238,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0105.sys -- (RsFx0105)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/05/20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/04/14 00:01:48 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/12/20 10:53:32 | 000,234,016 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/11/27 07:40:02 | 000,075,264 | ---- | M] (u-blox AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ubloxusb.sys -- (ubloxusb)
DRV - [2009/11/18 19:36:00 | 000,035,016 | ---- | M] (Eagletron Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dvdriver.sys -- (DVDRIVER)
DRV - [2009/07/14 14:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 17:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/07/15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/03/22 01:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 17:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 19:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/20 17:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/23 19:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/09/16 16:25:38 | 000,035,584 | ---- | M] (DigitalPersona®, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dpK0Bx01.sys -- (dpK0Bx01)
DRV - [2006/09/16 16:23:06 | 000,047,360 | ---- | M] (DigitalPersona®, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbdpfp.sys -- (usbdpfp)
DRV - [2005/11/16 15:18:00 | 001,461,376 | ---- | M] (Adaptec Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avcuwil2.sys -- (AvcUWil2)
DRV - [2005/10/31 12:49:00 | 000,018,048 | ---- | M] (Adaptec, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avcuwfl2.sys -- (AVC3310F)
DRV - [2004/07/22 07:36:16 | 000,042,240 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2plms.sys -- (ser2plms)
DRV - [2004/05/11 06:27:32 | 000,212,608 | ---- | M] (OrangeWare, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\WebCamDV.sys -- (WebCamDV)
DRV - [2004/01/30 13:08:59 | 000,012,672 | ---- | M] (OrangeWare, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wcdvaud.sys -- (WCDV_Aud)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {818C4535-5321-4B26-AF08-3FB82D902B66}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{818C4535-5321-4B26-AF08-3FB82D902B66}: "URL" = http://www.google.co...Page={startPage};


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\..\SearchScopes\{63122B02-73DE-4F31-84D7-4A2051A84145}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...{outputEncoding?}
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;192.168.*.*

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.0: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/02/20 06:26:58 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/02/29 17:39:23 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OWCWebCamDV] C:\Windows\system\wcdvtray.exe (OrangeWare, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} http://ryansmarine.v.../SysCamInst.cab (Panasonic Network Camera)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://68.15.12.110:...activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FDAC3966-5DDA-4DE8-B936-14714E467426} http://173.164.248.3...ommon/audio.cab (Canon Network Camea Audio Receiver)
O16 - DPF: {FE92D9C3-4A69-4EC7-8651-1DC8531D0075} http://68.15.12.110:...er/TSBnwCam.CAB (TSBnwCam Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CF85910-BA77-4D6B-8247-99CD1440BF6B}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9686F2EA-63EA-4357-A475-EDAF1A4CCBD9}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DPWLN : DllName - (C:\Windows\system32\DPWLEvHd.dll) - C:\Windows\System32\DPWLEvHd.dll (DigitalPersona, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/03/02 13:55:17 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2012/03/02 12:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/02 12:55:25 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/03/02 12:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/03/02 12:33:30 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2012/03/01 10:18:51 | 000,337,112 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/03/01 10:18:51 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/03/01 10:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/03/01 10:18:50 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/03/01 10:18:49 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/03/01 10:18:47 | 000,610,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/03/01 10:18:45 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/03/01 10:18:23 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/03/01 10:18:22 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/03/01 10:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/03/01 10:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/02/29 17:39:25 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/02/29 17:15:03 | 004,422,703 | R--- | C] (Swearware) -- C:\Users\Mike\Desktop\George.exe
[2012/02/29 10:03:01 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\temp
[2012/02/28 23:11:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/28 23:11:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/28 23:11:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/28 23:10:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/28 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{E0F05176-0E47-4E7E-A0FC-206BE5AD1F5C}
[2012/02/28 22:01:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{7DBED469-DA22-4F4E-86C7-C09847712CC9}
[2012/02/28 10:24:37 | 000,000,000 | ---D | C] -- C:\FRST
[2012/02/28 06:58:22 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{743730CB-5FB0-4CAC-A606-ED10DB34AB7A}
[2012/02/28 06:58:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{E6B29566-F048-4668-AB78-3EB36D8EC9AE}
[2012/02/27 15:43:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{DADC8D2D-9FCE-486F-8AF2-C7E93FC0E6BE}
[2012/02/27 15:43:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{2AAA5E14-16B0-4D79-9E05-9F9FD700988F}
[2012/02/24 11:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2012/02/23 23:49:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{985ABA6E-1CEB-4B56-A12B-A3691EA80FF4}
[2012/02/23 23:49:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{BF43E938-C045-4B1A-9537-AB6AFDFE0227}
[2012/02/23 17:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/02/23 11:48:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{67AC2953-C88A-46AD-AD4A-A4233584E396}
[2012/02/23 11:48:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{5342F956-E7A4-4C48-9AFD-DB8465E4219D}
[2012/02/22 05:51:00 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{35FB42A1-EFAE-43AC-AADA-C197D9BC9DC4}
[2012/02/22 05:50:40 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{CA9E22F8-418B-45D8-8F71-FFB68C51BA0F}
[2012/02/21 17:50:09 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B45C1F8A-4CF8-4707-BEFF-8B9652150FC5}
[2012/02/21 17:49:56 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B535F8AB-88AC-437D-B68E-9670D9182259}
[2012/02/20 06:34:26 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{65067E31-1D96-4194-AAB1-F9E0416AC465}
[2012/02/20 06:34:02 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{78ACE10B-35E1-4724-960E-49C7C9C35FE3}
[2012/02/20 02:43:19 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{E2688B55-3941-4090-B3D5-EF1D9BE840A7}
[2012/02/20 02:43:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{AFA83908-C99E-408F-BBAE-C01EF153A702}
[2012/02/20 02:42:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{D031911A-0F1D-42E7-A26A-396063446F39}
[2012/02/19 14:42:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{C89F1D6F-1EA8-479E-BFA0-BABA703FF92E}
[2012/02/18 23:51:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{54FB8247-BAF9-4CA9-9D50-DDAD076216B4}
[2012/02/18 23:50:53 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{D8E721A0-32CF-4575-9BE5-529BE43E4884}
[2012/02/18 20:46:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/18 15:57:16 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Ulead Systems
[2012/02/18 15:57:06 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Ulead DVD MovieFactory
[2012/02/18 13:42:19 | 000,000,000 | ---D | C] -- C:\Intel
[2012/02/18 11:50:15 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{77E5FF78-B997-4622-B9BF-5B71A3F1376D}
[2012/02/18 11:49:38 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{DC26F4C1-8358-433E-8D7B-BA45A237F2A0}
[2012/02/18 07:02:14 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B3ACDF28-3BD0-4C83-8733-A291F802EF96}
[2012/02/17 19:01:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{4941C780-618C-47FB-ADFE-1BEA2D151B55}
[2012/02/17 07:01:23 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{5CB61C05-9ABE-4211-B252-49E3747216A6}
[2012/02/16 19:00:58 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{8E619F7A-C3AF-4A98-A96D-8F7FDF1BE158}
[2012/02/16 19:00:47 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{C81D1AEC-EAF4-4B25-8734-9E84CAF3647E}
[2012/02/16 11:12:38 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Malwarebytes
[2012/02/16 11:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/16 07:00:22 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{1545D97E-4FC1-4E70-89D9-679A414D6409}
[2012/02/16 07:00:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{8900A161-8521-41E7-BF3F-43A3C6646271}
[2012/02/15 16:38:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{0E63733E-21CD-4264-9C0C-70EA737BA0F1}
[2012/02/15 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{62EDBD9D-22C6-429D-B7FC-2603BEAE31A1}
[2012/02/15 04:38:02 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{960A7B3E-E7B1-436B-B8FE-98640E76E9F4}
[2012/02/14 16:37:39 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{C6944C6A-5D9F-4CBF-A9D1-C7B7F1F156AE}
[2012/02/14 16:37:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B0EC813E-CFF4-46C7-A034-5671023B8408}
[2012/02/14 01:12:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{75F345C4-753B-46F4-ABE3-566955CB1AF4}
[2012/02/13 13:12:21 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{223B71A0-02A7-4858-AFC1-A858B43F975F}
[2012/02/13 01:11:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{D8DBDB79-ED04-45BC-B2C5-EA79E55B83F6}
[2012/02/12 13:11:19 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{F173E388-0BC5-4B5B-B643-8B578C6E782A}
[2012/02/12 01:10:50 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{20566B4D-CE62-4448-A46C-8E4C3F4EF9E7}
[2012/02/11 13:10:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B21D86A8-F6FB-46DB-8BD4-75E25CE7AB86}
[2012/02/11 01:09:50 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{F963AB52-DB56-43B0-AEB2-E0EDE9E60C8D}
[2012/02/10 13:09:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{45349407-4851-4A6B-B311-0ADB600D85AD}
[2012/02/10 01:09:03 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{9E4EB32A-C404-44D5-8341-903E9EB20810}
[2012/02/09 13:08:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{86B7BA6F-8396-41AA-97C5-0088F4A5DDD4}
[2012/02/09 01:08:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{7D49DAA1-EAF6-4590-9C06-7D3D4354ABCD}
[2012/02/08 13:07:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{13C14BFE-ED66-4598-B2FE-125F00387218}
[2012/02/08 01:07:35 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{83C9F9DA-2088-4745-9643-950AC0C4092B}
[2012/02/07 13:07:13 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{00A8C89B-1DAB-41AA-8622-4E3502ADE088}
[2012/02/07 01:06:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{FD885E42-FE7B-4B9F-92DB-AB98AC55E31A}
[2012/02/06 13:06:30 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{448C01D1-C7A7-4804-B8B1-9EF34E39A675}
[2012/02/06 01:06:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{1933979C-F2F6-4691-B576-7D207A576728}
[2012/02/05 13:05:47 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{080F944A-B97A-4BF9-A4A4-C08FFE90BA41}
[2012/02/05 01:05:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{6EBC5230-5D47-42D5-956C-7A1B02A956CF}
[2012/02/04 17:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\LastPass
[2012/02/04 13:04:59 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{821BC5BC-1613-4104-8800-9CDDCB70319B}
[2012/02/04 01:04:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{851B7486-A556-4F48-A9FF-6C0E6DA1EE59}
[2012/02/03 13:04:13 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{79AF760F-E18E-4BE6-998B-1E129FCA0C29}
[2012/02/03 01:03:52 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{0A90ECD8-62F9-44FF-B794-948607E229FA}
[2012/02/02 13:03:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{828867CD-B98D-4694-960F-6B53474742B3}
[2012/02/02 01:03:07 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{03013DBC-6FA8-48B7-9FC3-8989C3553C18}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/03/02 13:25:00 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/02 12:55:27 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/02 12:34:33 | 000,689,660 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/02 12:34:33 | 000,131,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/02 12:19:44 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/02 12:19:44 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/02 12:16:09 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/02 12:12:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/02 12:11:46 | 2408,017,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/01 12:02:08 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2012/03/01 11:53:56 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2012/03/01 10:18:51 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/03/01 10:18:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/02/29 17:39:23 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/02/29 17:15:02 | 004,422,703 | R--- | M] (Swearware) -- C:\Users\Mike\Desktop\George.exe
[2012/02/28 03:16:16 | 000,006,744 | ---- | M] () -- C:\Users\Mike\Documents\MyPasswords.pwd
[2012/02/27 15:41:45 | 000,023,624 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2012/02/26 01:26:39 | 000,032,768 | ---- | M] () -- C:\BCD_Backup
[2012/02/24 11:41:33 | 000,003,594 | ---- | M] () -- C:\Windows\System32\.crusader
[2012/02/23 11:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/02/23 11:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/02/23 11:12:28 | 000,610,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/02/23 11:12:16 | 000,337,112 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/02/23 11:10:59 | 000,044,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/02/23 11:10:39 | 000,053,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/02/23 11:10:34 | 000,057,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/02/23 11:10:16 | 000,020,696 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/02/21 21:13:40 | 000,567,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/20 09:44:55 | 482,110,895 | ---- | M] () -- C:\Windows\MEMORY.DMP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/03/02 12:55:27 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/01 10:18:51 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/28 23:11:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/28 23:11:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/28 23:11:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/28 23:11:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/28 23:11:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/26 01:26:38 | 000,032,768 | ---- | C] () -- C:\BCD_Backup
[2012/02/24 11:41:33 | 000,003,594 | ---- | C] () -- C:\Windows\System32\.crusader
[2012/02/24 11:31:03 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2012/01/01 07:24:04 | 000,001,352 | -HS- | C] () -- C:\Users\Mike\AppData\Local\xpk64vn22kq6ilhpiwrg703053i2qqf716s20byhjg2
[2012/01/01 07:24:04 | 000,001,352 | -HS- | C] () -- C:\ProgramData\xpk64vn22kq6ilhpiwrg703053i2qqf716s20byhjg2
[2011/10/25 06:28:19 | 000,175,971 | ---- | C] () -- C:\Users\Mike\AppData\Local\debuggee.mdmp
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/04/29 14:22:35 | 000,000,042 | ---- | C] () -- C:\Windows\BDNET32.INI
[2010/12/17 09:04:59 | 000,074,240 | ---- | C] () -- C:\Windows\trackerpod_server.exe
[2010/12/14 15:10:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/02 09:20:05 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/05/25 07:22:08 | 000,013,312 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/27 02:36:47 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/26 22:43:48 | 000,022,880 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

========== LOP Check ==========

[2011/10/12 06:54:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG2012
[2012/02/18 13:28:27 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\BitZipper
[2010/09/07 12:50:13 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\DigitalPersona
[2011/12/11 17:40:07 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\flightgear.org
[2010/04/30 10:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ImgBurn
[2011/05/06 17:08:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Leadertech
[2010/04/30 10:37:05 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\LimeWire
[2010/04/30 10:37:31 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mael
[2010/06/29 10:08:58 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Open Source Applications Foundation
[2010/06/29 10:08:57 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Python-Eggs
[2011/10/19 16:01:52 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Sikuli
[2010/04/30 10:37:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\SPAMfighter
[2011/12/11 09:36:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Subversion
[2010/04/30 10:37:52 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Template
[2010/08/27 12:48:04 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Toshiba
[2012/02/18 15:57:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Ulead Systems
[2010/04/30 10:37:53 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\WinBatch
[2010/11/01 06:10:08 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Windows Live Writer
[2012/02/23 20:10:57 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*.exe >


< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\ERDNT\cache\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: SVCHOST.EXE >
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\ERDNT\cache\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\System32\svchost.exe
[2009/07/13 20:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=54A47F6B5E09A77E61649109C6A08866 -- C:\Windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 00:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\ERDNT\cache\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT /s >
"DisplayName" = @%SystemRoot%\system32\drivers\netbt.sys,-2
"Group" = PNP_TDI
"ImagePath" = System32\DRIVERS\netbt.sys -- [2010/11/20 03:39:44 | 000,187,904 | ---- | M] (Microsoft Corporation)
"Description" = @%SystemRoot%\system32\drivers\netbt.sys,-1
"ErrorControl" = 1
"Start" = 1
"Type" = 1
"DependOnService" = Tdxtcpip [binary data]
"Tag" = 95
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Linkage]
"OtherDependencies" = Tcpip [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters]
"BcastNameQueryCount" = 3
"BcastQueryTimeout" = 750
"CacheTimeout" = 600000
"EnableLMHOSTS" = 1
"NameServerPort" = 137
"NameSrvQueryCount" = 3
"NameSrvQueryTimeout" = 1500
"NbProvider" = _tcp
"SessionKeepAlive" = 3600000
"Size/Small/Medium/Large" = 1
"TransportBindName" = \Device\
"UseNewSmb" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{7CF85910-BA77-4D6B-8247-99CD1440BF6B}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{9686F2EA-63EA-4357-A475-EDAF1A4CCBD9}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Parameters\Interfaces\Tcpip_{C3EC5B26-521B-45D0-B2B3-AC12534971FE}]
"NameServerList" = [binary data]
"NetbiosOptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Security]
"Security" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBT\Enum]
"0" = Root\LEGACY_NETBT\0000
"Count" = 1
"NextInstance" = 1

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS /s >
"Type" = 2
"Start" = 1
"ErrorControl" = 1
"Tag" = 2
"ImagePath" = system32\DRIVERS\netbios.sys -- [2009/07/13 18:53:54 | 000,036,352 | ---- | M] (Microsoft Corporation)
"DisplayName" = NetBIOS Interface
"Group" = NetBIOSGroup
"Description" = NetBIOS Interface
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Linkage]
"LanaMap" = 01 06 01 00 01 01 01 05 01 04 01 0B 01 08 01 07 01 03 01 02 [binary data]
"Bind" = [Binary data over 100 bytes]
"Route" = [Binary data over 100 bytes]
"Export" = [Binary data over 100 bytes]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters]
"MaxLana" = 11
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Parameters\Winsock]
"HelperDllName" = %SystemRoot%\System32\wshnetbs.dll -- [2009/07/13 20:16:20 | 000,010,752 | ---- | M] (Microsoft Corporation)
"MaxSockAddrLength" = 20
"MinSockAddrLength" = 20
"Mapping" = 02 00 00 00 03 00 00 00 11 00 00 00 05 00 00 00 00 00 00 00 11 00 00 00 02 00 00 00 00 00 00 00 [binary data]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\NetBIOS\Enum]
"0" = Root\LEGACY_NETBIOS\0000
"Count" = 1
"NextInstance" = 1

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/01/04 05:17:35 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/01/04 05:17:35 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/01/04 05:17:35 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/01/04 05:17:38 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/01/04 05:17:38 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2012/01/04 05:17:35 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2012/01/04 05:17:35 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2012/01/04 05:17:35 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2012/01/04 05:17:38 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" [2012/01/04 05:17:38 | 000,748,336 | ---- | M] (Microsoft Corporation)

< C:\Windows\assembly\tmp\U\*.* /s >

< C:\Program Files\Common Files\ComObjects\*.* /s >

< C:\windows\*. /RP /s >

< %Temp%\smtmp\1\*.* >

< %Temp%\smtmp\2\*.* >

< %Temp%\smtmp\3\*.* >

< %Temp%\smtmp\4\*.* >

========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\History] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History -> Junction
[C:\windows\System32\config\systemprofile\AppData\Local\Temporary Internet Files] -> C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files -> Junction
[C:\windows\System32\config\systemprofile\Application Data] -> C:\Windows\system32\config\systemprofile\AppData\Roaming -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Music] -> C:\Windows\system32\config\systemprofile\Music -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Pictures] -> C:\Windows\system32\config\systemprofile\Pictures -> Junction
[C:\windows\System32\config\systemprofile\Documents\My Videos] -> C:\Windows\system32\config\systemprofile\Videos -> Junction
[C:\windows\System32\config\systemprofile\Local Settings] -> C:\Windows\system32\config\systemprofile\AppData\Local -> Junction
[C:\windows\System32\config\systemprofile\My Documents] -> C:\Windows\system32\config\systemprofile\Documents -> Junction
[C:\windows\System32\config\systemprofile\NetHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Network Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\PrintHood] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Printer Shortcuts -> Junction
[C:\windows\System32\config\systemprofile\Recent] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Recent -> Junction
[C:\windows\System32\config\systemprofile\SendTo] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\SendTo -> Junction
[C:\windows\System32\config\systemprofile\Start Menu] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu -> Junction
[C:\windows\System32\config\systemprofile\Templates] -> C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Templates -> Junction

========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

OTL Extras logfile created on: 3/2/2012 2:00:09 PM - Run 1
OTL by OldTimer - Version 3.2.34.0 Folder = C:\Users\Mike\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.90 Gb Available Physical Memory | 63.70% Memory free
5.98 Gb Paging File | 4.82 Gb Available in Paging File | 80.56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 171.00 Gb Free Space | 73.89% Space Free | Partition Type: NTFS
Drive F: | 7.59 Gb Total Space | 7.57 Gb Free Space | 99.73% Space Free | Partition Type: FAT32

Computer Name: M-TOSHIBA | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- "C:\Program Files\JGsoft\EditPadLite\EditPad.exe" "%1"
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- ()
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine -- (TOSHIBA Corporation)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{03240EBA-04F2-4652-BC7F-B055902BDCD3}" = Memeo AutoBackup
"{044F9133-B8D7-4d11-BF39-803FA20F5C8B}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{08F32589-5E39-42B8-8BC5-6A8126ED2A70}" = Microsoft Visual C++ 2008 Redistributable Package
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C19D563-5F25-4621-BF10-01F741BD283F}" = Microsoft SQL Server Compact 3.5 SP1 Design Tools English
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{0D2E9DCB-9938-475E-B4DD-8851738852FF}" = AIO_Scan
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{1746EA69-DCB6-4408-B5A5-E75F55439CDF}" = Scan
"{179C56A4-F57F-4561-8BBF-F911D26EB435}" = WebReg
"{196E77C5-F524-4B50-BD1A-2C21EEE9B8F7}" = Microsoft SQL Server 2008 Common Files
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1D76A52C-87A6-4AB0-A7B0-08C8D5DF1D75}" = Motorola Mobile Drivers Installation 5.2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FCC7185-DCF3-4478-86AD-C2F2D1116BE3}" = 7300
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{26E76762-7F20-4694-AD06-CC3A9B547A71}" = Microsoft Office Live Meeting 2007
"{2883F6F5-0509-43F3-868C-D50330DD9DD3}" = TOSHIBA Hardware Setup
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{3101CB58-3482-4D21-AF1A-7057FC935355}" = KhalInstallWrapper
"{32257980-61DF-4685-A72B-08683838233B}" = 7300_Help
"{326957C7-83FD-4550-A59A-849B7B4297DE}" = Microsoft Easy Assist v2
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}" = SQL Server System CLR Types
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{377739AE-00D9-4E80-8ECB-4C8A7EFFE526}" = 7300Trb
"{37C866E4-AA67-4725-9E95-A39968DD7960}" = Camera Assistant Software for Toshiba
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{405ABBEB-8DF1-4174-86C0-DCB5E1C78F14}" = NetDeviceManager
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{4360BB46-507E-4361-8DCB-4FF9BDC9907B}" = SnagIt 7
"{4815BD99-96A4-49FE-A885-DCF06E9E4E78}" = Microsoft SQL Server 2008 Database Engine Shared
"{49F2B650-2D7B-4F59-B33D-346F63776BD3}" = DocProc
"{4A6F34E2-09E5-4616-B227-4A26A488A6F9}" = Microsoft SQL Server 2008 Common Files
"{4B1E87C3-00DE-4898-8E39-E390AAEF2391}" = TOSHIBA Supervisor Password
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{58721EC3-8D4E-4B79-BC51-1054E2DDCD10}" = Microsoft SQL Server 2008 Database Engine Services
"{5BE1E709-30E4-3D6D-A708-96CE8D5E5E8D}" = Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu
"{5DA0E02F-970B-424B-BF41-513A5018E4C0}" = TOSHIBA Disc Creator
"{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"{63A6E9A9-A190-46D4-9430-2DB28654AFD8}" = Norton 360
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}" = HPProductAssistant
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C5F3BDC-0A1B-4436-A696-5939629D5C31}" = TOSHIBA DVD PLAYER
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"{73ECBBAB-86D8-4A32-854C-DCAF90E63AFF}" = DigitalPersona Password Manager 2.0.1
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}" = TOSHIBA ConfigFree
"{7A7DC702-DEDE-42A8-8722-B3BA724D546F}" = Fax
"{83298573-A6B6-42AB-A234-FE91CA2859C0}" = Microsoft SQL Server 2008 Native Client
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F72E2D4-1E48-4534-8DB8-1E8E012899C6}" = Microsoft SQL Server 2008 Setup Support Files
"{90120000-00D1-0409-0000-0000000FF1CE}" = Microsoft Office Access database engine 2007 (English)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90280409-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional with FrontPage
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}" = MarketResearch
"{978C25EE-5777-46e4-8988-732C297CBDBD}" = Status
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}" = Destinations
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A36CD345-625C-4d6c-B3E2-76E1248CB451}" = SolutionCenter
"{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}" = Copy
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A945BD16-4774-4A1F-96A7-118BEC004881}" = mCorev32.ism_new
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}" = Windows 7 Upgrade Advisor
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B5153233-9AEE-4CD4-9D2C-4FAAC870DBE2}" = Microsoft SQL Server 2008 Database Engine Services
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B67C01B3-8502-4BE7-AEAB-BBDE910AD3EE}" = Microsoft Web Platform Installer 2.0
"{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}" = Microsoft SQL Server VSS Writer
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BE77A81F-B315-4666-9BF3-AE70C0ADB057}" = BufferChm
"{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}" = Toshiba Registration
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C688457E-03FD-4941-923B-A27F4D42A7DD}" = Microsoft SQL Server 2008 Browser
"{C716522C-3731-4667-8579-40B098294500}" = Toolbox
"{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C82185E8-C27B-4EF4-2007-4444BC2C2B6D}" = Microsoft Streets & Trips 2007 with GPS Locator
"{C82185E8-C27B-4EF4-2010-4444BC2C2B6D}" = Microsoft Streets & Trips 2010
"{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}" = HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B
"{C965F01C-76EA-4BD7-973E-46236AE312D7}" = Sql Server Customer Experience Improvement Program
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5068583-D569-468B-9755-5FBF5848F46F}" = Sony Picture Utility
"{DCC7B12C-930B-4DC9-A8D1-3A15E31E88DB}" = Design Era 11.03
"{DD622B1D-A78E-3FE8-9C8C-246F5764B0D0}" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DF38C72B-8A86-4727-99D2-FA7CC5E17A24}" = Microsoft SQL Server 2008 RsFx Driver
"{DF38F332-2AC3-37FF-9FDC-8C4C80E531FB}" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"{E05F0409-0E9A-48A1-AC04-E35E3033604A}" = Visual Studio .NET Enterprise Architect 2003 - English
"{E06F04B9-45E6-4AC0-8083-85F7515F40F7}" = UnloadSupport
"{E09575B2-498D-4C8B-A9D2-623F78574F29}" = AIO_CDB_Software
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{EB21A812-671B-4D08-B974-2A347F0D8F70}" = HP Photosmart Essential
"{EB75DE50-5754-4F6F-875D-126EDF8E4CB3}" = HPSSupply
"{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}" = TOSHIBA SD Memory Utilities
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}" = DVD MovieFactory for TOSHIBA
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{F32ED8B1-2442-4B0E-8DEC-3F3BFC1C2B7F}" = mCPlug
"{F3494AB6-6900-41C6-AF57-823626827ED8}" = Microsoft SQL Server 2008 Database Engine Shared
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5E87B12-3C27-452F-8E78-21D42164FD83}" = Microsoft SQL Server 2008 Management Objects
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"{FF075778-6E50-47ed-991D-3B07FD4E3250}" = TrayApp
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"A6A8668C0A13640CA28FE2A7D9654BE4AE478B13" = Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"avast" = avast! Free Antivirus
"B7541EC5F72AA713F557569278EB6273725F5607" = Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000)
"BF20603967CFDCB2BBF91950E8A56DFBC5C833FE" = Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
"Cisco Connect" = Cisco Connect
"Euchre_is1" = Euchre 1.0.4.3
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 8.0
"HP Solution Center & Imaging Support Tools" = HP Solution Center 8.0
"HPExtendedCapabilities" = HP Customer Participation Program 8.0
"HPOCR" = HP OCR Software 8.0
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.6.6
"ImgBurn" = ImgBurn
"InstallShield_{03240EBA-04F2-4652-BC7F-B055902BDCD3}" = Memeo AutoBackup
"InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}" = TOSHIBA Extended Tiles for Windows Mobility Center
"InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}" = DesignPro 5.4 Limited Edition
"InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}" = TOSHIBA Face Recognition
"InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}" = TOSHIBA Value Added Package
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.60.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft SQL Server 10" = Microsoft SQL Server 2008
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008
"Microsoft Visual Basic 2008 Express Edition with SP1 - ENU" = Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
"MotoHelper" = MotoHelper 2.0.53 Driver 5.2.0
"MSDN Library for Microsoft Visual Studio 2008 Express Editions" = MSDN Library for Microsoft Visual Studio 2008 Express Editions
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"ProInst" = Intel® PROSet/Wireless Software
"RealPlayer 12.0" = RealPlayer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"TVWiz" = Intel® TV Wizard
"Visual Basic 6.0 Enterprise Edition" = Microsoft Visual Basic 6.0 Enterprise Edition
"Visual Studio .NET Enterprise Architect 2003 - English" = Microsoft Visual Studio .NET Enterprise Architect 2003 - English
"Way2call Multiple Hi-Phone Devices Drivers installer" = Way2call Multiple Hi-Phone Devices Drivers
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinLiveSuite" = Windows Live Essentials
"WinZip" = WinZip

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1232369899-2449157733-2034571274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >



  • 0

#20
CompCav
Posted 02 March 2012 - 07:57 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

OTL Fix


We need to run an OTL Fix

  • Please reopen Posted Image on your desktop.
  • Copy and Paste the following code into the Posted Image textbox.

    :OTL
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;192.168.*.*
O3 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2012/01/01 07:24:04 | 000,001,352 | -HS- | C] () -- C:\Users\Mike\AppData\Local\xpk64vn22kq6ilhpiwrg703053i2qqf716s20byhjg2
[2012/01/01 07:24:04 | 000,001,352 | -HS- | C] () -- C:\ProgramData\xpk64vn22kq6ilhpiwrg703053i2qqf716s20byhjg2
[2011/10/12 06:54:23 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\AVG2012
[2012/02/18 13:28:27 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\BitZipper
[2010/04/30 10:37:05 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\LimeWire





:files
ipconfig /flushdns /c


:Commands
[resethosts]
[emptytemp]
[createrestorepoint]
  • Push Posted Image
  • OTL may ask to reboot the machine. Please do so if asked.
  • Click the OK button.
  • A report will open. Copy and Paste that report in your next reply.
  • If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, where mmddyyyy_hhmmss is the date and the time of the tool run.


Step 2.

Clear Event Logs

  • Click the Start Orb
  • Right click on Computer and click on Manage
  • Click (Continue) on the UAC screen. The Computer Management window will come up.
    Posted Image
  • In the left side column of the window click the arrow beside Event Viewer. .
  • Click the arrow beside Windows Logs
  • Right click on Application and click Clear Log
  • Right click on System and click Clear Log
  • Close the Computer Management window and Reboot.


Step 3.

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.

  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Step 4.

Security Check
Download Security Check by screen317 from here or here.

Save it to your Desktop.
Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Step 5.

Please post:

OTL fix log
eset scan log
Checkup.txt


How is the computer performing? Have there been anyother instances of it hanging?
  • 0

#21
mhk44
Posted 03 March 2012 - 11:10 AM

mhk44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OTL log:

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{472734EA-242A-422b-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422b-ADF8-83D1E48CC825}\ not found.
HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Registry value HKEY_USERS\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_USERS\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel\ not found.
Registry key HKEY_USERS\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Users\Mike\AppData\Local\xpk64vn22kq6ilhpiwrg703053i2qqf716s20byhjg2 moved successfully.
C:\ProgramData\xpk64vn22kq6ilhpiwrg703053i2qqf716s20byhjg2 moved successfully.
C:\Users\Mike\AppData\Roaming\AVG2012\cfgall folder moved successfully.
C:\Users\Mike\AppData\Roaming\AVG2012 folder moved successfully.
C:\Users\Mike\AppData\Roaming\BitZipper folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire\xml\data folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire\xml folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire\themes\windows_theme folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire\themes folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire\promotion folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire\certificate folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire\.AppSpecialShare folder moved successfully.
C:\Users\Mike\AppData\Roaming\LimeWire folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Mike\Desktop\cmd.bat deleted successfully.
C:\Users\Mike\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Mike
->Temp folder emptied: 5110894 bytes
->Temporary Internet Files folder emptied: 850712500 bytes
->Java cache emptied: 536501 bytes
->Flash cache emptied: 486 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 105827 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 348 bytes

Total Files Cleaned = 817.00 mb



OTL by OldTimer - Version 3.2.34.0 log created on 03022012_211918

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

ESET log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=70d49d791066ec478d813aba3285851c
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-03 11:56:23
# local_time=2012-03-03 06:56:23 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 11427950 11427950 0 0
# compatibility_mode=5893 16776573 100 94 0 82318323 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=67773
# found=0
# cleaned=0
# scan_time=2251
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=70d49d791066ec478d813aba3285851c
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-03-03 02:38:01
# local_time=2012-03-03 09:38:01 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1024 16777215 100 0 11433887 11433887 0 0
# compatibility_mode=5893 16776573 100 94 0 82320660 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=270724
# found=0
# cleaned=0
# scan_time=9611

SecurityCheck log:

Results of screen317's Security Check version 0.99.31
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 9
``````````````````````````````
Antivirus/Firewall Check:
Windows Firewall Enabled!
avast! Free Antivirus
Norton 360
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
SUPERAntiSpyware
Adobe Reader X (10.1.2)
````````````````````````````````
Process Check:
objlist.exe by Laurent
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
``````````End of Log````````````

Comments:

The computer seems to be running OK, no hangs.

Do you reccomend running any registry cleanup program?

What do you suggest I use for a file system backup program?




  • 0

#22
CompCav
Posted 03 March 2012 - 11:48 AM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
I will get back to you with a response once it is approved by my instructor but in the mean time do not use registry cleaners.
  • 0

#23
CompCav
Posted 03 March 2012 - 03:17 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Step 1.

Rerun OTL

Start OTL, make sure all other programs are not running.

Select All users.

Click Quickscan. It will produce a log, OTL.txt. Post OTL.txt in your next reply.

Step 2.

Do you reccomend running any registry cleanup program?


I do not recommend running a registry cleaner program. At best they do no harm and at worst they can render your computer unbootable. The advertising for these programs is amazing and very misleading.


What do you suggest I use for a file system backup program?


Windows 7 has a good file back up system built in. Here are instructions for using it for an image of your entire computer or for just files.

Other free ones I have used that work well include:

EaseUs Todo

DriveImage XML


The best purchased one I have used:

Acronis


The key to all of these is to make regular backups. Using these tools you can minimize your loss if you need to reimage and minimize the time preparing your computer with updates and programs you have installed that were not part of the factory restore package.


Step 3.

Please post:

OTL.txt


Tell me if there is any change in your computer's performance.
  • 0

#24
mhk44
Posted 03 March 2012 - 03:57 PM

mhk44

    Member

  • Topic Starter
  • Member
  • PipPip
  • 12 posts
OLT log:

OTL logfile created on: 3/3/2012 4:34:47 PM - Run 2
OTL by OldTimer - Version 3.2.34.0 Folder = C:\Users\Mike\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 1.67 Gb Available Physical Memory | 55.89% Memory free
5.98 Gb Paging File | 4.62 Gb Available in Paging File | 77.36% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231.42 Gb Total Space | 170.93 Gb Free Space | 73.86% Space Free | Partition Type: NTFS
Drive F: | 7.59 Gb Total Space | 7.57 Gb Free Space | 99.73% Space Free | Partition Type: FAT32

Computer Name: M-TOSHIBA | User Name: Mike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/03/01 12:02:08 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
PRC - [2012/02/23 11:23:24 | 004,031,368 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/02/23 11:23:21 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/02/21 17:56:57 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/08/10 14:35:20 | 000,227,184 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/08/08 17:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/06/06 04:23:09 | 000,273,544 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\real\realplayer\Update\realsched.exe
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/11/20 07:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/04/15 19:30:58 | 000,137,216 | ---- | M] (Eagletron Inc.) -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe
PRC - [2009/09/04 11:43:40 | 000,795,936 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009/09/04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009/08/21 08:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2009/08/21 08:29:20 | 000,476,512 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
PRC - [2009/08/05 13:04:54 | 000,738,616 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
PRC - [2009/07/28 13:00:10 | 000,460,088 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe
PRC - [2009/07/20 11:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/05/22 11:33:00 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/09/26 14:22:44 | 000,417,792 | ---- | M] (Chicony) -- C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2008/07/04 14:51:54 | 000,430,080 | ---- | M] (TOSHIBA) -- C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2008/01/29 20:51:52 | 004,911,104 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008/01/21 18:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2007/09/28 19:03:46 | 000,075,136 | ---- | M] ( TOSHIBA CORPORATION) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
PRC - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () -- C:\Toshiba\IVP\ISM\pinger.exe
PRC - [2006/10/09 15:28:06 | 000,230,928 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DpHost.exe
PRC - [2006/10/09 15:27:54 | 000,807,440 | ---- | M] (DigitalPersona, Inc.) -- C:\Program Files\DigitalPersona\Bin\DPAgnt.exe
PRC - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2004/05/20 08:59:32 | 001,056,768 | ---- | M] (OrangeWare, Inc.) -- C:\Windows\system\wcdvtray.exe


========== Modules (No Company Name) ==========

MOD - [2011/08/08 17:11:06 | 000,681,840 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2009/07/29 14:35:38 | 000,014,648 | ---- | M] () -- C:\Program Files\Toshiba\TBS\NotifyTBS.dll
MOD - [2009/07/20 11:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll
MOD - [2009/07/16 14:27:48 | 000,052,536 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
MOD - [2009/07/16 14:27:44 | 007,263,544 | ---- | M] () -- C:\Program Files\Toshiba\FlashCards\BlackPng.dll
MOD - [2009/03/12 18:08:04 | 000,049,152 | ---- | M] () -- C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
MOD - [2006/10/10 14:44:16 | 000,009,728 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Assist\NotifyX.dll
MOD - [2006/10/07 14:57:04 | 000,053,248 | ---- | M] () -- C:\Program Files\Toshiba\TOSHIBA Disc Creator\NotifyTDC.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (ITSQS)
SRV - [2012/02/23 11:23:21 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/02/21 17:56:57 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/01/03 08:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/08/10 14:35:20 | 000,227,184 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2010/12/13 14:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/05/01 07:35:48 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/04/15 19:30:58 | 000,137,216 | ---- | M] (Eagletron Inc.) [Auto | Running] -- C:\Program Files\Common Files\Eagletron\TrackerPodSvcSvr.exe -- (Eagletron TrackerPod Service)
SRV - [2009/09/04 11:43:38 | 000,595,232 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009/08/21 08:29:40 | 000,464,224 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2009/07/20 11:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/21 18:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007/12/25 16:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007/11/21 20:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/10/23 19:27:16 | 000,066,928 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2007/09/28 19:05:16 | 000,128,360 | ---- | M] (TOSHIBA CORPORATION) [Auto | Stopped] -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2007/01/25 21:47:50 | 000,136,816 | ---- | M] () [Auto | Running] -- C:\Toshiba\IVP\ISM\pinger.exe -- (pinger)
SRV - [2006/10/09 15:28:06 | 000,230,928 | ---- | M] (DigitalPersona, Inc.) [Auto | Running] -- C:\Program Files\DigitalPersona\Bin\DpHost.exe -- (DpHost)
SRV - [2006/08/23 19:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)


========== Driver Services (SafeList) ==========

DRV - [2012/02/27 15:41:45 | 000,023,624 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hitmanpro35.sys -- (hitmanpro35)
DRV - [2012/02/23 11:12:28 | 000,610,648 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/02/23 11:12:16 | 000,337,112 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/02/23 11:10:59 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\Drivers\aswrdr2.sys -- (aswRdr)
DRV - [2012/02/23 11:10:39 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/02/23 11:10:34 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/02/23 11:10:16 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/02/21 17:56:38 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/09/22 17:10:34 | 000,238,696 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0105.sys -- (RsFx0105)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/05/20 15:27:24 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/04/14 00:01:48 | 000,045,736 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btusbflt.sys -- (btusbflt)
DRV - [2009/12/20 10:53:32 | 000,234,016 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/11/27 07:40:02 | 000,075,264 | ---- | M] (u-blox AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ubloxusb.sys -- (ubloxusb)
DRV - [2009/11/18 19:36:00 | 000,035,016 | ---- | M] (Eagletron Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\dvdriver.sys -- (DVDRIVER)
DRV - [2009/07/14 14:28:42 | 000,023,512 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2009/07/13 17:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2009/07/13 17:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel®
DRV - [2009/06/17 11:56:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009/06/17 11:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 11:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2008/07/15 19:59:06 | 000,017,960 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/03/22 01:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/02/24 17:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007/01/23 19:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2006/11/20 17:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006/11/09 01:32:00 | 000,219,264 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006/11/09 01:31:00 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2006/10/23 19:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006/10/18 14:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006/10/04 21:42:42 | 000,002,560 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2006/10/04 21:42:42 | 000,002,432 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2006/09/16 16:25:38 | 000,035,584 | ---- | M] (DigitalPersona®, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dpK0Bx01.sys -- (dpK0Bx01)
DRV - [2006/09/16 16:23:06 | 000,047,360 | ---- | M] (DigitalPersona®, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbdpfp.sys -- (usbdpfp)
DRV - [2005/11/16 15:18:00 | 001,461,376 | ---- | M] (Adaptec Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avcuwil2.sys -- (AvcUWil2)
DRV - [2005/10/31 12:49:00 | 000,018,048 | ---- | M] (Adaptec, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avcuwfl2.sys -- (AVC3310F)
DRV - [2004/07/22 07:36:16 | 000,042,240 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2plms.sys -- (ser2plms)
DRV - [2004/05/11 06:27:32 | 000,212,608 | ---- | M] (OrangeWare, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\WebCamDV.sys -- (WebCamDV)
DRV - [2004/01/30 13:08:59 | 000,012,672 | ---- | M] (OrangeWare, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wcdvaud.sys -- (WCDV_Aud)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope = {818C4535-5321-4B26-AF08-3FB82D902B66}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{818C4535-5321-4B26-AF08-3FB82D902B66}: "URL" = http://www.google.co...Page={startPage};


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKU\..\SearchScopes\{63122B02-73DE-4F31-84D7-4A2051A84145}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...{outputEncoding?}
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = ;192.168.*.*

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.0: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.647: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/02/20 06:26:58 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2012/03/02 21:19:22 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [00TCrdMain] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe (DigitalPersona, Inc.)
O4 - HKLM..\Run: [HSON] C:\Program Files\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe ( TOSHIBA CORPORATION)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [OWCWebCamDV] C:\Windows\system\wcdvtray.exe (OrangeWare, Inc.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Program Files\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [TPwrMain] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000..\Run: [TOSCDSPD] C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1232369899-2449157733-2034571274-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1C3DE665-D259-4C72-9D7D-C51FCB4CCFB9} http://ryansmarine.v.../SysCamInst.cab (Panasonic Network Camera)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://68.15.12.110:...activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {FDAC3966-5DDA-4DE8-B936-14714E467426} http://173.164.248.3...ommon/audio.cab (Canon Network Camea Audio Receiver)
O16 - DPF: {FE92D9C3-4A69-4EC7-8651-1DC8531D0075} http://68.15.12.110:...er/TSBnwCam.CAB (TSBnwCam Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CF85910-BA77-4D6B-8247-99CD1440BF6B}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9686F2EA-63EA-4357-A475-EDAF1A4CCBD9}: DhcpNameServer = 209.18.47.61 209.18.47.62 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\DPWLN : DllName - (C:\Windows\system32\DPWLEvHd.dll) - C:\Windows\System32\DPWLEvHd.dll (DigitalPersona, Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012/03/02 21:19:18 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/03/02 13:55:17 | 000,584,704 | ---- | C] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2012/03/02 12:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/03/02 12:55:25 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/03/02 12:55:25 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/03/02 12:33:30 | 002,063,920 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2012/03/01 10:18:51 | 000,337,112 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/03/01 10:18:51 | 000,020,696 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/03/01 10:18:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/03/01 10:18:50 | 000,044,376 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/03/01 10:18:49 | 000,053,848 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/03/01 10:18:47 | 000,610,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/03/01 10:18:45 | 000,057,688 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/03/01 10:18:23 | 000,041,184 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/03/01 10:18:22 | 000,201,352 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/03/01 10:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/03/01 10:18:09 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/02/29 17:39:25 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/02/29 17:15:03 | 004,422,703 | R--- | C] (Swearware) -- C:\Users\Mike\Desktop\George.exe
[2012/02/29 10:03:01 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\temp
[2012/02/28 23:11:02 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/02/28 23:11:02 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/02/28 23:11:02 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/02/28 23:10:58 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012/02/28 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{E0F05176-0E47-4E7E-A0FC-206BE5AD1F5C}
[2012/02/28 22:01:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{7DBED469-DA22-4F4E-86C7-C09847712CC9}
[2012/02/28 10:24:37 | 000,000,000 | ---D | C] -- C:\FRST
[2012/02/28 06:58:22 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{743730CB-5FB0-4CAC-A606-ED10DB34AB7A}
[2012/02/28 06:58:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{E6B29566-F048-4668-AB78-3EB36D8EC9AE}
[2012/02/27 15:43:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{DADC8D2D-9FCE-486F-8AF2-C7E93FC0E6BE}
[2012/02/27 15:43:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{2AAA5E14-16B0-4D79-9E05-9F9FD700988F}
[2012/02/24 11:30:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Hitman Pro
[2012/02/23 23:49:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{985ABA6E-1CEB-4B56-A12B-A3691EA80FF4}
[2012/02/23 23:49:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{BF43E938-C045-4B1A-9537-AB6AFDFE0227}
[2012/02/23 17:05:10 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/02/23 11:48:55 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{67AC2953-C88A-46AD-AD4A-A4233584E396}
[2012/02/23 11:48:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{5342F956-E7A4-4C48-9AFD-DB8465E4219D}
[2012/02/22 05:51:00 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{35FB42A1-EFAE-43AC-AADA-C197D9BC9DC4}
[2012/02/22 05:50:40 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{CA9E22F8-418B-45D8-8F71-FFB68C51BA0F}
[2012/02/21 17:50:09 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B45C1F8A-4CF8-4707-BEFF-8B9652150FC5}
[2012/02/21 17:49:56 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B535F8AB-88AC-437D-B68E-9670D9182259}
[2012/02/20 06:34:26 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{65067E31-1D96-4194-AAB1-F9E0416AC465}
[2012/02/20 06:34:02 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{78ACE10B-35E1-4724-960E-49C7C9C35FE3}
[2012/02/20 02:43:19 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{E2688B55-3941-4090-B3D5-EF1D9BE840A7}
[2012/02/20 02:43:10 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{AFA83908-C99E-408F-BBAE-C01EF153A702}
[2012/02/20 02:42:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{D031911A-0F1D-42E7-A26A-396063446F39}
[2012/02/19 14:42:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{C89F1D6F-1EA8-479E-BFA0-BABA703FF92E}
[2012/02/18 23:51:04 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{54FB8247-BAF9-4CA9-9D50-DDAD076216B4}
[2012/02/18 23:50:53 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{D8E721A0-32CF-4575-9BE5-529BE43E4884}
[2012/02/18 20:46:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/02/18 15:57:16 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Ulead Systems
[2012/02/18 15:57:06 | 000,000,000 | ---D | C] -- C:\Users\Mike\Documents\Ulead DVD MovieFactory
[2012/02/18 13:42:19 | 000,000,000 | ---D | C] -- C:\Intel
[2012/02/18 11:50:15 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{77E5FF78-B997-4622-B9BF-5B71A3F1376D}
[2012/02/18 11:49:38 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{DC26F4C1-8358-433E-8D7B-BA45A237F2A0}
[2012/02/18 07:02:14 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B3ACDF28-3BD0-4C83-8733-A291F802EF96}
[2012/02/17 19:01:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{4941C780-618C-47FB-ADFE-1BEA2D151B55}
[2012/02/17 07:01:23 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{5CB61C05-9ABE-4211-B252-49E3747216A6}
[2012/02/16 19:00:58 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{8E619F7A-C3AF-4A98-A96D-8F7FDF1BE158}
[2012/02/16 19:00:47 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{C81D1AEC-EAF4-4B25-8734-9E84CAF3647E}
[2012/02/16 11:12:38 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Roaming\Malwarebytes
[2012/02/16 11:12:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/02/16 07:00:22 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{1545D97E-4FC1-4E70-89D9-679A414D6409}
[2012/02/16 07:00:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{8900A161-8521-41E7-BF3F-43A3C6646271}
[2012/02/15 16:38:46 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{0E63733E-21CD-4264-9C0C-70EA737BA0F1}
[2012/02/15 16:38:32 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{62EDBD9D-22C6-429D-B7FC-2603BEAE31A1}
[2012/02/15 04:38:02 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{960A7B3E-E7B1-436B-B8FE-98640E76E9F4}
[2012/02/14 16:37:39 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{C6944C6A-5D9F-4CBF-A9D1-C7B7F1F156AE}
[2012/02/14 16:37:29 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B0EC813E-CFF4-46C7-A034-5671023B8408}
[2012/02/14 01:12:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{75F345C4-753B-46F4-ABE3-566955CB1AF4}
[2012/02/13 13:12:21 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{223B71A0-02A7-4858-AFC1-A858B43F975F}
[2012/02/13 01:11:49 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{D8DBDB79-ED04-45BC-B2C5-EA79E55B83F6}
[2012/02/12 13:11:19 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{F173E388-0BC5-4B5B-B643-8B578C6E782A}
[2012/02/12 01:10:50 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{20566B4D-CE62-4448-A46C-8E4C3F4EF9E7}
[2012/02/11 13:10:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{B21D86A8-F6FB-46DB-8BD4-75E25CE7AB86}
[2012/02/11 01:09:50 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{F963AB52-DB56-43B0-AEB2-E0EDE9E60C8D}
[2012/02/10 13:09:25 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{45349407-4851-4A6B-B311-0ADB600D85AD}
[2012/02/10 01:09:03 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{9E4EB32A-C404-44D5-8341-903E9EB20810}
[2012/02/09 13:08:41 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{86B7BA6F-8396-41AA-97C5-0088F4A5DDD4}
[2012/02/09 01:08:20 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{7D49DAA1-EAF6-4590-9C06-7D3D4354ABCD}
[2012/02/08 13:07:57 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{13C14BFE-ED66-4598-B2FE-125F00387218}
[2012/02/08 01:07:35 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{83C9F9DA-2088-4745-9643-950AC0C4092B}
[2012/02/07 13:07:13 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{00A8C89B-1DAB-41AA-8622-4E3502ADE088}
[2012/02/07 01:06:51 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{FD885E42-FE7B-4B9F-92DB-AB98AC55E31A}
[2012/02/06 13:06:30 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{448C01D1-C7A7-4804-B8B1-9EF34E39A675}
[2012/02/06 01:06:08 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{1933979C-F2F6-4691-B576-7D207A576728}
[2012/02/05 13:05:47 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{080F944A-B97A-4BF9-A4A4-C08FFE90BA41}
[2012/02/05 01:05:24 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{6EBC5230-5D47-42D5-956C-7A1B02A956CF}
[2012/02/04 17:23:56 | 000,000,000 | ---D | C] -- C:\Program Files\LastPass
[2012/02/04 13:04:59 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{821BC5BC-1613-4104-8800-9CDDCB70319B}
[2012/02/04 01:04:36 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{851B7486-A556-4F48-A9FF-6C0E6DA1EE59}
[2012/02/03 13:04:13 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{79AF760F-E18E-4BE6-998B-1E129FCA0C29}
[2012/02/03 01:03:52 | 000,000,000 | ---D | C] -- C:\Users\Mike\AppData\Local\{0A90ECD8-62F9-44FF-B794-948607E229FA}

========== Files - Modified Within 30 Days ==========

[2012/03/03 16:25:01 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/03/03 15:25:00 | 000,000,878 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/03/03 11:42:06 | 000,879,700 | ---- | M] () -- C:\Users\Mike\Desktop\SecurityCheck.exe
[2012/03/03 06:54:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/02 21:43:56 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/02 21:43:56 | 000,009,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/02 21:36:14 | 2408,017,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/02 21:19:22 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts
[2012/03/02 12:55:27 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/02 12:34:33 | 000,689,660 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/03/02 12:34:33 | 000,131,094 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/03/01 12:02:08 | 000,584,704 | ---- | M] (OldTimer Tools) -- C:\Users\Mike\Desktop\OTL.exe
[2012/03/01 11:53:56 | 002,063,920 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Mike\Desktop\tdsskiller.exe
[2012/03/01 10:18:51 | 000,002,009 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/03/01 10:18:45 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012/02/29 17:15:02 | 004,422,703 | R--- | M] (Swearware) -- C:\Users\Mike\Desktop\George.exe
[2012/02/28 03:16:16 | 000,006,744 | ---- | M] () -- C:\Users\Mike\Documents\MyPasswords.pwd
[2012/02/27 15:41:45 | 000,023,624 | ---- | M] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2012/02/26 01:26:39 | 000,032,768 | ---- | M] () -- C:\BCD_Backup
[2012/02/24 11:41:33 | 000,003,594 | ---- | M] () -- C:\Windows\System32\.crusader
[2012/02/23 11:23:26 | 000,041,184 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/02/23 11:23:21 | 000,201,352 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/02/23 11:12:28 | 000,610,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/02/23 11:12:16 | 000,337,112 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/02/23 11:10:59 | 000,044,376 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012/02/23 11:10:39 | 000,053,848 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/02/23 11:10:34 | 000,057,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/02/23 11:10:16 | 000,020,696 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/02/21 21:13:40 | 000,567,336 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/02/20 09:44:55 | 482,110,895 | ---- | M] () -- C:\Windows\MEMORY.DMP

========== Files Created - No Company Name ==========

[2012/03/03 11:42:06 | 000,879,700 | ---- | C] () -- C:\Users\Mike\Desktop\SecurityCheck.exe
[2012/03/02 12:55:27 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/01 10:18:51 | 000,002,009 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/02/28 23:11:02 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/02/28 23:11:02 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/02/28 23:11:02 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/02/28 23:11:02 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/02/28 23:11:02 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/02/26 01:26:38 | 000,032,768 | ---- | C] () -- C:\BCD_Backup
[2012/02/24 11:41:33 | 000,003,594 | ---- | C] () -- C:\Windows\System32\.crusader
[2012/02/24 11:31:03 | 000,023,624 | ---- | C] () -- C:\Windows\System32\drivers\hitmanpro35.sys
[2011/10/25 06:28:19 | 000,175,971 | ---- | C] () -- C:\Users\Mike\AppData\Local\debuggee.mdmp
[2011/06/10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011/04/29 14:22:35 | 000,000,042 | ---- | C] () -- C:\Windows\BDNET32.INI
[2010/12/17 09:04:59 | 000,074,240 | ---- | C] () -- C:\Windows\trackerpod_server.exe
[2010/12/14 15:10:56 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/06/02 09:20:05 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
[2010/05/25 07:22:08 | 000,013,312 | ---- | C] () -- C:\Users\Mike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/04/27 02:36:47 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2010/04/26 22:43:48 | 000,022,880 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat

========== LOP Check ==========

[2010/09/07 12:50:13 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\DigitalPersona
[2011/12/11 17:40:07 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\flightgear.org
[2010/04/30 10:37:04 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\ImgBurn
[2011/05/06 17:08:41 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Leadertech
[2010/04/30 10:37:31 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Mael
[2010/06/29 10:08:58 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Open Source Applications Foundation
[2010/06/29 10:08:57 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Python-Eggs
[2011/10/19 16:01:52 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Sikuli
[2010/04/30 10:37:51 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\SPAMfighter
[2011/12/11 09:36:03 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Subversion
[2010/04/30 10:37:52 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Template
[2010/08/27 12:48:04 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Toshiba
[2012/02/18 15:57:16 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Ulead Systems
[2010/04/30 10:37:53 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\WinBatch
[2010/11/01 06:10:08 | 000,000,000 | ---D | M] -- C:\Users\Mike\AppData\Roaming\Windows Live Writer
[2012/02/23 20:10:57 | 000,032,548 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 142 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

Comment:

Performance seems very good.

However I haven't been using it much besides doing the tasks you have requested.




  • 0

#25
CompCav
Posted 03 March 2012 - 03:59 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Go ahead and take it for a spin. I will be back soon with some closing thoughts and cleanup.
  • 0

Advertisements

#26
CompCav
Posted 03 March 2012 - 04:16 PM

CompCav

    Member 5k

  • Expert
  • 12,454 posts
Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :Commands
    [resethosts]
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done

Remove ComboFix

  • Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
  • In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK

    Posted Image
  • Follow the prompts on the screen
  • A message should appear confirming that ComboFix was uninstalled

Run OTL and hit the cleanup button. It will remove all the programs we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


SPRING CLEAN

To manually create a new Restore Point
  • Go to Control Panel and select System
  • Select System
  • On the left select System Protection and accept the warning if you get one
  • Select System Protection Tab
  • Select Create at the bottom
  • Type in a name i.e. Clean
  • Select Create

Now we can purge the infected ones
  • GoStart > All programs > Accessories > system tools
  • Right click Disc cleanup and select run as administrator
  • Select Your main drive and accept the warning if you get one
  • For a few moments the system will make some calculations
  • Select the More Options tab
  • In the System Restore and Shadow Backups select Clean up
  • Select Delete on the pop up
  • Select OK
  • Select Delete

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:
Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

Keep safe :wave:
  • 0

#27
NeonFx
Posted 04 March 2012 - 07:50 PM

NeonFx

    Malware Removal Dude

  • Expert
  • 3,798 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Computer Won't Boot - Malware Related · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Computer Won't Boot - Malware Related

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP