Solved Infected Sony Vaio Vista Home Premium

learninmypc

learninmypc

Posts: 9,679   +724
Its owner told me it has a virus. It had Avg 2003 I believe on it, Registry Mechanic & Norton scanner which I think all 3 have been removed.
When I reboot. it tries to,but don't. I've had to unplug it & boot up & I get the screen of options so I click Start Windows Normally & it starts up.
Logs are below;


Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.09.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Michelle :: PATDU-PC [administrator]

10/9/2012 12:27:01 AM
mbam-log-2012-10-09 (03-41-56).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399218
Time elapsed: 1 hour(s), 50 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Users\Michelle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com (Adware.ArcadeWeb) -> No action taken.
C:\Users\Michelle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components (Adware.ArcadeWeb) -> No action taken.

Files Detected: 0
(No malicious items detected)

(end)

This one may be the first one.
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.09.02

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Michelle :: PATDU-PC [administrator]

10/9/2012 12:27:01 AM
mbam-log-2012-10-09 (00-27-01).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 399218
Time elapsed: 1 hour(s), 50 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 2
C:\Users\Michelle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com (Adware.ArcadeWeb) -> Quarantined and deleted successfully.
C:\Users\Michelle\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@arcadeweb.com\components (Adware.ArcadeWeb) -> Quarantined and deleted successfully.

Files Detected: 0
(No malicious items detected)

(end)

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/08/2012 at 06:23 PM

Application Version : 5.5.1022

Core Rules Database Version : 9363
Trace Rules Database Version: 7175

Scan type : Complete Scan
Total Scan Time : 01:31:01

Operating System Information
Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned : 770
Memory threats detected : 0
Registry items scanned : 42395
Registry threats detected : 0
File items scanned : 54949
File threats detected : 24

Adware.ArcadeWeb
C:\PROGRAM FILES\ARCADEWEB\AWUN.EXE
C:\USERS\MICHELLE\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\HGAILGALDCHAJPKKMBJDLBIMHDNMMGLD\ARCADEWEBCHROME.DLL
C:\WINDOWS\TEMP\TMP0000007639C8ACF3A2F4899E
C:\WINDOWS\TEMP\TMP00000061304ACD79138CEFC3

Adware.Gamevance
C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\EXTENSIONS\{EC8030F7-C20A-464F-9B0E-13A3A9E97384}\TEXTLINKS@ARCADEWEB.COM\COMPONENTS\ARCADEWEBFIREFOX.DLL

Adware.Tracking Cookie
.doubleclick.net [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.edge.ru4.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.at.atwola.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.tracking.quisma.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
tracking.quisma.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\MICHELLE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\VWBKSQGS.DEFAULT\COOKIES.SQLITE ]
 
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit quick scan 2012-10-09 07:54:56
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 TOSHIBA_MK1246GSX rev.LB212A
Running: ml5dl70v.exe; Driver: C:\Users\Michelle\AppData\Local\Temp\kwtoapob.sys


---- System - GMER 1.0.15 ----

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0x8FA24966]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)
Device \FileSystem\fastfat \Fat aswSP.SYS (avast! self protection module/AVAST Software)

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \Driver\tdx \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\tdx \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)
AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----
 
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Michelle at 7:58:09 on 2012-10-09
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2038.1000 [GMT -7:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\PSIService.exe
C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\ArcSoft\Magic-I Visual Effects\uCamMonitor.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\igfxext.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Windows\System32\wpcumi.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.kirotv.com/
uDefault_Page_URL = hxxp://www.sony.com/vaiopeople
mStart Page = hxxp://www.yahoo.com/
mDefault_Page_URL = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: FCToolbarURLSearchHook Class: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - c:\program files\dogpile bundle toolbar\Helper.dll
uURLSearchHooks: H - No File
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Dogpile Bundle Toolbar BHO: {bfe4b5cb-63f7-4a51-9266-6167655d5b4f} - c:\program files\dogpile bundle toolbar\Toolbar.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_B7C5AC242193BB3E.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Dogpile Bundle Toolbar: {c80bdeb2-8735-44c6-bd55-a1ccd555667a} - c:\program files\dogpile bundle toolbar\Toolbar.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [cdloader] "c:\users\michelle\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Google Update] "c:\users\michelle\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [Facebook Update] "c:\users\michelle\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [ISBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"
mRun: [SunJavaUpdateSched] "c:\program files\java\jre1.6.0\bin\jusched.exe"
mRun: [VAIOMyMemCenter] "c:\program files\sony\vaio my memory center\VAIO MyMemCenter.exe" 1
mRun: [VWLASU] "c:\program files\sony\vaio wireless wizard\AutoLaunchWLASU.exe"
mRun: [SmartWiHelper] "c:\program files\sony corporation\smartwi connection utility\SmartWiHelper.exe" /WindowsStartup
mRun: [VAIO Help and Support Demo] "c:\program files\sony\vaio help and support demo\LaunchVHSD.exe"
mRun: [VAIORegistration] "c:\program files\sony\first experience\WelcomeLauncher.exe"
mRun: [VAIOSurvey] c:\program files\sony\vaio survey\Vista VAIO Survey.exe
mRun: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [hpqSRMon] c:\program files\hp\digital imaging\bin\hpqSRMon.exe
mRun: [WPCUMI] c:\windows\system32\WpcUmi.exe
mRun: [Skytel] Skytel.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [InstaLAN] "c:\program files\belkin\router setup and monitor\BelkinRouterMonitor.exe" startup
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [MaxMenuMgr] "c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
StartupFolder: c:\users\michelle\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\quickb~1.lnk - c:\program files\common files\intuit\quickbooks\qbupdate\qbupdate.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
LSP: c:\windows\system32\wpclsp.dll
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: DhcpNameServer = 192.168.1.1 74.40.74.40
TCP: Interfaces\{70654C8C-B4A7-4F27-A51E-A8534FA42658} : DhcpNameServer = 192.168.1.1 74.40.74.40
TCP: Interfaces\{9B6666C3-B9D8-4BB9-8F82-6AB42C740BEC} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{D05CB988-618B-4977-B383-7742239BFB58} : DhcpNameServer = 192.168.1.1 74.40.74.40
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:\program files\intuit\quickbooks 2008\HelpAsyncPluggableProtocol.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - c:\windows\system32\mscoree.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: VESWinlogon - VESWinlogon.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\michelle\appdata\roaming\mozilla\firefox\profiles\vwbksqgs.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.kirotv.com/
FF - prefs.js: network.proxy.type - 0
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\canon\zoombrowser ex\program\NPCIG.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\users\michelle\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\michelle\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\users\michelle\appdata\roaming\move networks\plugins\npqmp071505000011.dll
FF - plugin: c:\users\michelle\appdata\roaming\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\users\michelle\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\michelle\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-10-8 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-10-8 355632]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-10-8 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-8 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-10-8 44808]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-5-1 181544]
R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2012-10-8 1153368]
R2 uCamMonitor;CamMonitor;c:\program files\arcsoft\magic-I visual effects\uCamMonitor.exe [2008-8-5 104960]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\drivers\ArcSoftKsUFilter.sys [2008-8-5 17408]
R3 R5U870FLx86;R5U870 UVC Lower Filter ;c:\windows\system32\drivers\R5U870FLx86.sys [2008-4-18 73472]
R3 R5U870FUx86;R5U870 UVC Upper Filter ;c:\windows\system32\drivers\R5U870FUx86.sys [2008-4-18 43904]
R3 RTL8192su;%RTL8192su.DeviceDesc.DispName%;c:\windows\system32\drivers\RTL8192su.sys [2012-10-8 528896]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-4-18 9344]
R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2008-4-18 818688]
S2 gupdate1cadf3d526de3be;Google Update Service (gupdate1cadf3d526de3be);c:\program files\google\update\GoogleUpdate.exe [2010-4-18 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-10-8 250808]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2008-4-18 28464]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-18 133104]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-10-8 114144]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-8-5 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-8-5 350048]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-8-5 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-4-18 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-4-18 87328]
.
=============== Created Last 30 ================
.
2012-10-09 05:23:42 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-09 05:19:23 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2012-10-09 05:19:21 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-10-09 05:19:20 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-10-09 02:18:02 -------- d-----w- c:\program files\FileHippo.com
2012-10-09 02:12:02 -------- d-----w- c:\users\michelle\appdata\local\Macromedia
2012-10-09 02:11:21 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-08 23:46:20 -------- d-----w- c:\program files\Belarc
2012-10-08 23:41:31 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-10-08 23:41:30 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-10-08 23:27:19 -------- d-----w- c:\users\michelle\appdata\roaming\SUPERAntiSpyware.com
2012-10-08 23:25:22 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-10-08 23:22:18 -------- d-----w- c:\program files\SpywareBlaster
2012-10-08 23:18:56 -------- d-----w- c:\users\michelle\appdata\roaming\Malwarebytes
2012-10-08 23:18:41 -------- d-----w- c:\programdata\Malwarebytes
2012-10-08 23:18:40 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-08 23:18:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-08 22:11:59 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-08 22:11:43 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-08 22:05:02 41224 ----a-w- c:\windows\avastSS.scr
2012-10-08 22:03:37 -------- d-----w- c:\programdata\AVAST Software
2012-10-08 22:03:37 -------- d-----w- c:\program files\AVAST Software
2012-10-08 21:19:58 528896 ----a-w- c:\windows\system32\drivers\RTL8192su.sys
2012-10-06 08:35:17 6980552 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{90ef20c5-3d45-4373-8bbf-a291c4f29302}\mpengine.dll
2012-10-04 04:41:47 0 ----a-w- C:\DFR1D5C.tmp
2012-10-01 02:52:09 -------- d-----w- c:\program files\Bonjour
.
==================== Find3M ====================
.
2012-10-09 02:42:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 7:59:02.06 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 8/5/2008 9:07:56 AM
System Uptime: 10/9/2012 7:14:24 AM (0 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz | N/A | 2000/167mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 104 GiB total, 1.139 GiB free.
D: is Removable
E: is Removable
H: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0009
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #8
PNP Device ID: ROOT\*6TO4MP\0009
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0010
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #9
PNP Device ID: ROOT\*6TO4MP\0010
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0012
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #11
PNP Device ID: ROOT\*6TO4MP\0012
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0003
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #4
PNP Device ID: ROOT\*ISATAP\0003
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0004
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #5
PNP Device ID: ROOT\*ISATAP\0004
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0005
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #6
PNP Device ID: ROOT\*ISATAP\0005
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0007
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #3
PNP Device ID: ROOT\*ISATAP\0007
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0010
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #9
PNP Device ID: ROOT\*ISATAP\0010
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0012
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #10
PNP Device ID: ROOT\*ISATAP\0012
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0013
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #11
PNP Device ID: ROOT\*ISATAP\0013
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0015
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #12
PNP Device ID: ROOT\*ISATAP\0015
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0019
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #13
PNP Device ID: ROOT\*ISATAP\0019
Service: tunnel
.
==== System Restore Points ===================
.
RP1065: 10/8/2012 7:45:38 PM - Installed Adobe Reader X (10.1.0).
RP1066: 10/9/2012 3:00:13 AM - Windows Update
.
==== Installed Programs ======================
.
.
Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.4)
Adobe Shockwave Player 11.6
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcGIS Explorer
ArcSoft Magic-I Visual Effects
ArcSoft WebCam Companion 2
avast! Free Antivirus
Belarc Advisor 8.2
Belkin Setup and Router Monitor
Bonjour
BufferChm
Business Contact Manager for Outlook 2007 SP2
C4400
C4400_Help
Canon DIGITAL CAMERA Solution Disk Software Guide
CANON iMAGE GATEWAY Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon MOV Decoder
Canon MOV Encoder
Canon MovieEdit Task for ZoomBrowser EX
Canon Personal Printing Guide
Canon PowerShot SX20 IS Camera User Guide
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC 8
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
Cards_Calendar_OrderGift_DoMorePlugout
Click to Disc
Click to Disc Editor
Compatibility Pack for the 2007 Office system
Copy
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Setup
DocProc
DocProcQFolder
Dogpile Bundle Toolbar
eSupportQFolder
Facebook Video Calling 1.0.0.8953
FileHippo.com Update Checker
Google Chrome
Google Earth Plug-in
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
GPBaseService
HDAUDIO SoftV92 Data Fax Modem with SmartCP
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Participation Program 10.0
HP Imaging Device Functions 10.0
HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
HP Photosmart Essential 2.5
HP Smart Web Printing
HP Solution Center 10.0
HP Update
HPPhotoSmartPhotobookWebPack1
HPProductAssistant
HPSSupply
Instant Mode
Intel(R) Graphics Media Accelerator Driver
iTunes
Java(TM) SE Runtime Environment 6
Malwarebytes Anti-Malware version 1.65.0.1400
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Accounting 2007
Microsoft Office Accounting ADP Payroll Addin
Microsoft Office Accounting Equifax Addin
Microsoft Office Accounting Fixed Asset Manager
Microsoft Office Accounting PayPal Addin
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
Move Media Player
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MP3 Rocket
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
OCR Software by I.R.I.S. 10.0
OM Explorer for KRM for Excel 2007
OpenMG Secure Module 5.0.00
PanoStandAlone
PS_AIO_03_C4400_ProductContext
PS_AIO_03_C4400_Software
PS_AIO_03_C4400_Software_Min
PSSWCORE
QuickBooks Simple Start 2008
QuickTime
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
Realtek High Definition Audio Driver
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Safari
Scan
Seagate Manager Installer
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
Setting Utility Series
Shop for HP Supplies
Skype Click to Call
Skype™ 5.10
SmartWebPrintingOC
SmartWi Connection Utility
SolutionCenter
Sony Video Shared Library
Spybot - Search & Destroy
SpywareBlaster 4.6
Status
SUPERAntiSpyware
SupportSoft Assisted Service
swMSM
Synaptics Pointing Device Driver
TaxCut Premium + State + Efile 2008
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
VAIO Content Folder Setting
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Manager Setting
VAIO Content Metadata XML Interface Library
VAIO Control Center
VAIO DVD Menu Data Basic
VAIO Entertainment Platform
VAIO Event Service
VAIO Help and Support
VAIO Launcher
VAIO Media plus
VAIO Movie Story
VAIO Movie Story Template Data
VAIO My Memory Center
VAIO OOBE and Welcome Center
VAIO Original Function Setting
VAIO Power Management
VAIO Startup Assistant
VAIO Survey
VAIO Update 3
VAIO Wallpaper Contents
VAIO Wireless Wizard
VC80CRTRedist - 8.0.50727.6195
VideoToolkit01
VLC media player 1.0.5
WebReg
WIDCOMM Bluetooth Software 6.1.0.2200
WinDVD for VAIO
.
==== Event Viewer Messages From Past Week ========
.
10/9/2012 7:17:52 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running.
10/9/2012 7:17:17 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
10/9/2012 7:17:17 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
10/9/2012 7:17:17 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/9/2012 7:17:17 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
10/9/2012 7:17:15 AM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error 2147749155 (0x80040D23).
10/9/2012 7:17:07 AM, Error: Service Control Manager [7022] - The HP CUE DeviceDiscovery Service service hung on starting.
10/9/2012 7:15:42 AM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10/9/2012 7:15:07 AM, Error: EventLog [6008] - The previous system shutdown at 7:13:32 AM on 10/9/2012 was unexpected.
10/9/2012 7:15:04 AM, Error: volmgr [49] - Configuring the Page file for crash dump failed. Make sure there is a page file on the boot partition and that is large enough to contain all physical memory.
10/9/2012 4:44:42 AM, Error: EventLog [6008] - The previous system shutdown at 4:42:28 AM on 10/9/2012 was unexpected.
10/9/2012 12:22:14 AM, Error: EventLog [6008] - The previous system shutdown at 12:19:39 AM on 10/9/2012 was unexpected.
10/8/2012 6:54:10 PM, Error: EventLog [6008] - The previous system shutdown at 6:50:46 PM on 10/8/2012 was unexpected.
10/8/2012 6:51:00 PM, Error: cdrom [15] - The device, \Device\CdRom0, is not ready for access yet.
10/8/2012 6:51:00 PM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort1.
10/8/2012 4:34:26 PM, Error: volsnap [25] - The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.
10/8/2012 3:27:27 PM, Error: EventLog [6008] - The previous system shutdown at 3:25:49 PM on 10/8/2012 was unexpected.
10/8/2012 2:59:34 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
10/8/2012 2:11:39 PM, Error: Microsoft-Windows-Dhcp-Client [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 00215C0F78E1. The following error occurred: The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
10/8/2012 10:24:11 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.
10/7/2012 3:56:22 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the iPod Service service to connect.
10/7/2012 3:56:22 PM, Error: Service Control Manager [7000] - The iPod Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
10/7/2012 3:56:22 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service iPod Service with arguments "" in order to run the server: {063D34A4-BF84-4B8D-B699-E8CA06504DDE}
10/7/2012 3:21:52 PM, Error: Microsoft-Windows-WPD-MTPClassDriver [15300] - MTP WPD Driver has failed to start. Error 0x80070002.
10/6/2012 5:59:52 PM, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: Insufficient system resources exist to complete the requested service.
10/6/2012 5:59:52 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1450" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
10/6/2012 5:49:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VzCdbSvc service.
10/6/2012 11:12:46 PM, Error: EventLog [6008] - The previous system shutdown at 11:09:49 PM on 10/6/2012 was unexpected.
10/6/2012 1:40:40 AM, Error: volsnap [15] - The shadow copies of volume C: were aborted because of insufficient paged heap.
10/6/2012 1:39:36 AM, Error: volsnap [6] - The shadow copy of volume C: could not create a new paged heap. The system may be low on virtual memory.
10/5/2012 9:59:09 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
10/5/2012 2:29:21 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
10/5/2012 10:04:44 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer OWNER-E59094EF5 that believes that it is the master browser for the domain on transport NetBT_Tcpip_{70654C8C-B4A7-4F27-A51E-A8. The master browser is stopping or an election is being forced.
10/2/2012 7:23:51 PM, Error: EventLog [6008] - The previous system shutdown at 7:22:26 PM on 10/2/2012 was unexpected.
.
==== End Of File ===========================
 
I don't need Avast log.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

==============================

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

=============================

  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

===============================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.
 
08:56:08.0958 4396 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
08:56:09.0566 4396 ============================================================
08:56:09.0566 4396 Current date / time: 2012/10/09 08:56:09.0566
08:56:09.0566 4396 SystemInfo:
08:56:09.0566 4396
08:56:09.0566 4396 OS Version: 6.0.6002 ServicePack: 2.0
08:56:09.0566 4396 Product type: Workstation
08:56:09.0566 4396 ComputerName: PATDU-PC
08:56:09.0566 4396 UserName: Michelle
08:56:09.0566 4396 Windows directory: C:\Windows
08:56:09.0566 4396 System windows directory: C:\Windows
08:56:09.0566 4396 Processor architecture: Intel x86
08:56:09.0566 4396 Number of processors: 2
08:56:09.0566 4396 Page size: 0x1000
08:56:09.0566 4396 Boot type: Normal boot
08:56:09.0566 4396 ============================================================
08:56:11.0360 4396 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:56:11.0407 4396 Drive \Device\Harddisk2\DR2 - Size: 0x1D9988C00 (7.40 Gb), SectorSize: 0x200, Cylinders: 0x3C6, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:56:11.0407 4396 ============================================================
08:56:11.0407 4396 \Device\Harddisk0\DR0:
08:56:11.0407 4396 MBR partitions:
08:56:11.0407 4396 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF8B000, BlocksNum 0xD0093B0
08:56:11.0407 4396 \Device\Harddisk2\DR2:
08:56:11.0407 4396 MBR partitions:
08:56:11.0407 4396 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0xECC000
08:56:11.0407 4396 ============================================================
08:56:11.0454 4396 C: <-> \Device\Harddisk0\DR0\Partition1
08:56:11.0454 4396 ============================================================
08:56:11.0454 4396 Initialize success
08:56:11.0454 4396 ============================================================
08:56:57.0006 1136 ============================================================
08:56:57.0006 1136 Scan started
08:56:57.0006 1136 Mode: Manual;
08:56:57.0006 1136 ============================================================
08:57:14.0665 1136 ================ Scan system memory ========================
08:57:14.0665 1136 System memory - ok
08:57:14.0665 1136 ================ Scan services =============================
08:57:15.0070 1136 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
08:57:15.0133 1136 !SASCORE - ok
08:57:16.0334 1136 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
08:57:16.0350 1136 ACPI - ok
08:57:16.0677 1136 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
08:57:16.0693 1136 AdobeARMservice - ok
08:57:16.0989 1136 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:57:17.0036 1136 AdobeFlashPlayerUpdateSvc - ok
08:57:17.0192 1136 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
08:57:17.0239 1136 adp94xx - ok
08:57:17.0348 1136 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
08:57:17.0379 1136 adpahci - ok
08:57:17.0410 1136 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
08:57:17.0426 1136 adpu160m - ok
08:57:17.0473 1136 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
08:57:17.0504 1136 adpu320 - ok
08:57:17.0551 1136 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
08:57:17.0566 1136 AeLookupSvc - ok
08:57:17.0738 1136 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
08:57:17.0754 1136 AFD - ok
08:57:18.0034 1136 [ 7E077309910CE334C3B2B7B8665A55C4 ] AffinegyService C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
08:57:18.0081 1136 AffinegyService - ok
08:57:18.0175 1136 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
08:57:18.0190 1136 agp440 - ok
08:57:18.0237 1136 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
08:57:18.0268 1136 aic78xx - ok
08:57:18.0315 1136 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
08:57:18.0331 1136 ALG - ok
08:57:18.0346 1136 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
08:57:18.0362 1136 aliide - ok
08:57:18.0424 1136 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
08:57:18.0440 1136 amdagp - ok
08:57:18.0471 1136 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
08:57:18.0487 1136 amdide - ok
08:57:18.0549 1136 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
08:57:18.0549 1136 AmdK7 - ok
08:57:18.0580 1136 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
08:57:18.0580 1136 AmdK8 - ok
08:57:18.0674 1136 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
08:57:18.0690 1136 Appinfo - ok
08:57:19.0048 1136 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:57:19.0048 1136 Apple Mobile Device - ok
08:57:19.0158 1136 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
08:57:19.0204 1136 arc - ok
08:57:19.0267 1136 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
08:57:19.0298 1136 arcsas - ok
08:57:19.0392 1136 [ 6B3AB8F67B37402A4174CAA45002903E ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
08:57:19.0392 1136 ArcSoftKsUFilter - ok
08:57:19.0470 1136 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
08:57:19.0470 1136 aswFsBlk - ok
08:57:19.0516 1136 [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
08:57:19.0532 1136 aswMonFlt - ok
08:57:19.0563 1136 [ B7D5E4486BA658ED08624D8084ABB830 ] AswRdr C:\Windows\system32\drivers\AswRdr.sys
08:57:19.0563 1136 AswRdr - ok
08:57:19.0688 1136 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
08:57:19.0782 1136 aswSnx - ok
08:57:19.0860 1136 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\Windows\system32\drivers\aswSP.sys
08:57:19.0875 1136 aswSP - ok
08:57:19.0938 1136 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
08:57:19.0938 1136 aswTdi - ok
08:57:20.0000 1136 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
08:57:20.0016 1136 AsyncMac - ok
08:57:20.0078 1136 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
08:57:20.0078 1136 atapi - ok
08:57:20.0187 1136 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:57:20.0265 1136 AudioEndpointBuilder - ok
08:57:20.0312 1136 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
08:57:20.0312 1136 Audiosrv - ok
08:57:20.0406 1136 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:57:20.0421 1136 avast! Antivirus - ok
08:57:20.0640 1136 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
08:57:20.0671 1136 BcmSqlStartupSvc - ok
08:57:20.0733 1136 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
08:57:20.0749 1136 Beep - ok
08:57:20.0858 1136 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
08:57:20.0952 1136 BFE - ok
08:57:21.0170 1136 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
08:57:21.0295 1136 BITS - ok
08:57:21.0357 1136 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
08:57:21.0357 1136 blbdrive - ok
08:57:21.0529 1136 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:57:21.0576 1136 Bonjour Service - ok
08:57:21.0669 1136 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
08:57:21.0685 1136 bowser - ok
08:57:21.0747 1136 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
08:57:21.0763 1136 BrFiltLo - ok
08:57:21.0794 1136 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
08:57:21.0810 1136 BrFiltUp - ok
08:57:21.0856 1136 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
08:57:21.0856 1136 Browser - ok
08:57:21.0919 1136 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
08:57:21.0919 1136 Brserid - ok
08:57:21.0981 1136 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
08:57:21.0997 1136 BrSerWdm - ok
08:57:22.0012 1136 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
08:57:22.0028 1136 BrUsbMdm - ok
08:57:22.0044 1136 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
08:57:22.0044 1136 BrUsbSer - ok
08:57:22.0106 1136 [ 6D39C954799B63BA866910234CF7D726 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
08:57:22.0122 1136 BthEnum - ok
08:57:22.0168 1136 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
08:57:22.0184 1136 BTHMODEM - ok
08:57:22.0246 1136 [ 5904EFA25F829BF84EA6FB045134A1D8 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
08:57:22.0262 1136 BthPan - ok
08:57:22.0402 1136 [ 611FF3F2F095C8D4A6D4CFD9DCC09793 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
08:57:22.0480 1136 BTHPORT - ok
08:57:22.0512 1136 [ A4C8377FA4A994E07075107DBE2E3DCE ] BthServ C:\Windows\System32\bthserv.dll
08:57:22.0512 1136 BthServ - ok
08:57:22.0558 1136 [ D330803EAB2A15CAEC7F011F1D4CB30E ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
08:57:22.0590 1136 BTHUSB - ok
08:57:22.0652 1136 [ 7F256D9FFF384FAA40DF5DB1CB8531D9 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
08:57:22.0699 1136 btwaudio - ok
08:57:22.0746 1136 [ D87D990131AAABB27D4046790292366D ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
08:57:22.0777 1136 btwavdt - ok
08:57:22.0824 1136 [ D02F4D18AA4A38F781BEEFEB1892E144 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
08:57:22.0824 1136 btwl2cap - ok
08:57:22.0902 1136 [ E1771C0FB49E747AB2B2D29DA50510F9 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
08:57:22.0917 1136 btwrchid - ok
08:57:23.0058 1136 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
08:57:23.0073 1136 cdfs - ok
08:57:23.0167 1136 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
08:57:23.0182 1136 cdrom - ok
08:57:23.0276 1136 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
08:57:23.0307 1136 CertPropSvc - ok
08:57:23.0354 1136 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
08:57:23.0370 1136 circlass - ok
08:57:23.0557 1136 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
08:57:23.0744 1136 CLFS - ok
08:57:23.0947 1136 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:57:23.0947 1136 clr_optimization_v2.0.50727_32 - ok
08:57:25.0678 1136 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
08:57:25.0866 1136 CmBatt - ok
08:57:25.0881 1136 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
08:57:25.0897 1136 cmdide - ok
08:57:25.0959 1136 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
08:57:25.0959 1136 Compbatt - ok
08:57:25.0975 1136 COMSysApp - ok
08:57:26.0084 1136 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
08:57:26.0084 1136 crcdisk - ok
08:57:26.0209 1136 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
08:57:26.0209 1136 Crusoe - ok
08:57:26.0474 1136 [ 75C6A297E364014840B48ECCD7525E30 ] CryptSvc C:\Windows\system32\cryptsvc.dll
08:57:26.0490 1136 CryptSvc - ok
08:57:26.0661 1136 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
08:57:26.0770 1136 DcomLaunch - ok
08:57:26.0848 1136 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
08:57:26.0864 1136 DfsC - ok
08:57:27.0394 1136 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
08:57:27.0504 1136 DFSR - ok
08:57:27.0613 1136 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
08:57:27.0644 1136 Dhcp - ok
08:57:27.0706 1136 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
08:57:27.0722 1136 disk - ok
08:57:27.0769 1136 [ F206E28ED74C491FD5D7C0A1119CE37F ] DMICall C:\Windows\system32\DRIVERS\DMICall.sys
08:57:27.0784 1136 DMICall - ok
08:57:27.0878 1136 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
08:57:27.0894 1136 Dnscache - ok
08:57:27.0956 1136 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
08:57:27.0987 1136 dot3svc - ok
08:57:28.0081 1136 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
08:57:28.0096 1136 Dot4 - ok
08:57:28.0174 1136 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
08:57:28.0174 1136 Dot4Print - ok
08:57:28.0206 1136 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
08:57:28.0221 1136 dot4usb - ok
08:57:28.0330 1136 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
08:57:28.0346 1136 DPS - ok
08:57:28.0424 1136 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
08:57:28.0424 1136 drmkaud - ok
08:57:28.0564 1136 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
08:57:28.0689 1136 DXGKrnl - ok
08:57:28.0752 1136 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
08:57:28.0767 1136 E1G60 - ok
08:57:28.0814 1136 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
08:57:28.0830 1136 EapHost - ok
08:57:28.0955 1136 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
08:57:28.0971 1136 Ecache - ok
08:57:29.0080 1136 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
08:57:29.0080 1136 ehRecvr - ok
08:57:29.0096 1136 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
08:57:29.0127 1136 ehSched - ok
08:57:29.0158 1136 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
08:57:29.0174 1136 ehstart - ok
08:57:29.0299 1136 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
08:57:29.0345 1136 elxstor - ok
08:57:29.0470 1136 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
08:57:29.0564 1136 EMDMgmt - ok
08:57:29.0657 1136 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
08:57:29.0657 1136 ErrDev - ok
08:57:29.0751 1136 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
08:57:29.0782 1136 EventSystem - ok
08:57:29.0891 1136 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
08:57:29.0923 1136 exfat - ok
08:57:30.0016 1136 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
08:57:30.0047 1136 fastfat - ok
08:57:30.0094 1136 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
08:57:30.0110 1136 fdc - ok
08:57:30.0141 1136 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
08:57:30.0141 1136 fdPHost - ok
08:57:30.0188 1136 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
08:57:30.0203 1136 FDResPub - ok
08:57:30.0437 1136 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
08:57:30.0453 1136 FileInfo - ok
08:57:30.0453 1136 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
08:57:30.0469 1136 Filetrace - ok
08:57:30.0484 1136 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
08:57:30.0500 1136 flpydisk - ok
08:57:30.0547 1136 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
08:57:30.0547 1136 FltMgr - ok
08:57:30.0749 1136 [ 452FEAAB2A8DBB42ED751754CB2594F5 ] FontCache C:\Windows\system32\FntCache.dll
08:57:30.0749 1136 FontCache - ok
08:57:30.0843 1136 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
08:57:30.0843 1136 FontCache3.0.0.0 - ok
08:57:31.0046 1136 [ 07AF7870ABF051EBBAE8A8A92FF34ABE ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
08:57:31.0061 1136 FreeAgentGoNext Service - ok
08:57:31.0264 1136 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
08:57:31.0264 1136 Fs_Rec - ok
08:57:31.0295 1136 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
08:57:31.0295 1136 gagp30kx - ok
08:57:31.0358 1136 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:57:31.0358 1136 GEARAspiWDM - ok
08:57:31.0405 1136 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
08:57:31.0420 1136 gpsvc - ok
08:57:31.0701 1136 [ 626A24ED1228580B9518C01930936DF9 ] gupdate1cadf3d526de3be C:\Program Files\Google\Update\GoogleUpdate.exe
08:57:31.0763 1136 gupdate1cadf3d526de3be - ok
08:57:31.0935 1136 [ 626A24ED1228580B9518C01930936DF9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:57:31.0935 1136 gupdatem - ok
08:57:32.0044 1136 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:57:32.0044 1136 gusvc - ok
08:57:32.0107 1136 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
08:57:32.0122 1136 HdAudAddService - ok
08:57:32.0169 1136 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
08:57:32.0185 1136 HDAudBus - ok
08:57:32.0200 1136 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
08:57:32.0216 1136 HidBth - ok
08:57:32.0247 1136 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
08:57:32.0247 1136 HidIr - ok
08:57:32.0294 1136 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
08:57:32.0294 1136 hidserv - ok
08:57:32.0341 1136 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
08:57:32.0356 1136 HidUsb - ok
08:57:32.0387 1136 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
08:57:32.0387 1136 hkmsvc - ok
08:57:32.0434 1136 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
08:57:32.0434 1136 HpCISSs - ok
08:57:32.0575 1136 [ F50F7984FDD151EDD8A70A8DBD9E2A44 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
08:57:32.0590 1136 hpqcxs08 - ok
08:57:32.0637 1136 [ DF446BA625CC441617843E87798CE048 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
08:57:32.0637 1136 hpqddsvc - ok
08:57:32.0715 1136 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
08:57:32.0715 1136 HSFHWAZL - ok
08:57:32.0809 1136 [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
08:57:32.0824 1136 HSF_DPV - ok
08:57:32.0855 1136 [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
08:57:32.0871 1136 HSXHWAZL - ok
08:57:32.0902 1136 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
08:57:32.0918 1136 HTTP - ok
08:57:32.0980 1136 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
08:57:32.0996 1136 i2omp - ok
08:57:33.0089 1136 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
08:57:33.0089 1136 i8042prt - ok
08:57:33.0136 1136 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
08:57:33.0136 1136 iaStorV - ok
08:57:33.0199 1136 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:57:33.0230 1136 idsvc - ok
08:57:33.0308 1136 [ 62448322731AC1BEDA52E2B3327046EE ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
08:57:33.0323 1136 igfx - ok
08:57:33.0370 1136 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
08:57:33.0370 1136 iirsp - ok
08:57:33.0417 1136 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
08:57:33.0417 1136 IKEEXT - ok
08:57:33.0511 1136 [ D729199B204C3FB78C58FF30550D965C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
08:57:33.0542 1136 IntcAzAudAddService - ok
08:57:33.0589 1136 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
08:57:33.0589 1136 intelide - ok
08:57:33.0620 1136 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
08:57:33.0620 1136 intelppm - ok
08:57:33.0651 1136 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
08:57:33.0651 1136 IPBusEnum - ok
08:57:33.0698 1136 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:57:33.0698 1136 IpFilterDriver - ok
08:57:33.0760 1136 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
08:57:33.0760 1136 iphlpsvc - ok
08:57:33.0776 1136 IpInIp - ok
08:57:33.0807 1136 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
08:57:33.0807 1136 IPMIDRV - ok
08:57:33.0854 1136 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
08:57:33.0869 1136 IPNAT - ok
08:57:33.0932 1136 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
08:57:33.0947 1136 iPod Service - ok
08:57:33.0979 1136 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
08:57:33.0979 1136 IRENUM - ok
08:57:33.0994 1136 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
08:57:33.0994 1136 isapnp - ok
08:57:34.0041 1136 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
08:57:34.0041 1136 iScsiPrt - ok
08:57:34.0088 1136 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
08:57:34.0088 1136 iteatapi - ok
08:57:34.0119 1136 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
08:57:34.0119 1136 iteraid - ok
08:57:34.0150 1136 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:57:34.0150 1136 IviRegMgr - ok
08:57:34.0166 1136 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
 
Sorry, probably some over lap.
C:\Windows\system32\drivers\iteatapi.sys
08:57:34.0088 1136 iteatapi - ok
08:57:34.0119 1136 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
08:57:34.0119 1136 iteraid - ok
08:57:34.0150 1136 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:57:34.0150 1136 IviRegMgr - ok
08:57:34.0166 1136 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
08:57:34.0166 1136 kbdclass - ok
08:57:34.0197 1136 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
08:57:34.0197 1136 kbdhid - ok
08:57:34.0259 1136 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
08:57:34.0275 1136 KeyIso - ok
08:57:34.0322 1136 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
08:57:34.0337 1136 KSecDD - ok
08:57:34.0400 1136 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
08:57:34.0415 1136 KtmRm - ok
08:57:34.0447 1136 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
08:57:34.0447 1136 LanmanServer - ok
08:57:34.0478 1136 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:57:34.0493 1136 LanmanWorkstation - ok
08:57:34.0525 1136 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
08:57:34.0525 1136 lltdio - ok
08:57:34.0556 1136 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
08:57:34.0571 1136 lltdsvc - ok
08:57:34.0587 1136 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
08:57:34.0603 1136 lmhosts - ok
08:57:34.0649 1136 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
08:57:34.0649 1136 LSI_FC - ok
08:57:34.0681 1136 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
08:57:34.0681 1136 LSI_SAS - ok
08:57:34.0712 1136 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
08:57:34.0712 1136 LSI_SCSI - ok
08:57:34.0727 1136 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
08:57:34.0743 1136 luafv - ok
08:57:34.0774 1136 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
08:57:34.0805 1136 Mcx2Svc - ok
08:57:34.0899 1136 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
08:57:34.0915 1136 mdmxsdk - ok
08:57:34.0977 1136 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
08:57:34.0977 1136 megasas - ok
08:57:35.0071 1136 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
08:57:35.0102 1136 MegaSR - ok
08:57:35.0164 1136 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
08:57:35.0164 1136 MMCSS - ok
08:57:35.0211 1136 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
08:57:35.0227 1136 Modem - ok
08:57:35.0273 1136 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
08:57:35.0289 1136 monitor - ok
08:57:35.0305 1136 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
08:57:35.0320 1136 mouclass - ok
08:57:35.0367 1136 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
08:57:35.0367 1136 mouhid - ok
08:57:35.0570 1136 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
08:57:35.0570 1136 MountMgr - ok
08:57:35.0679 1136 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:57:35.0679 1136 MozillaMaintenance - ok
08:57:35.0741 1136 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
08:57:35.0757 1136 mpio - ok
08:57:35.0788 1136 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
08:57:35.0788 1136 mpsdrv - ok
08:57:35.0866 1136 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
08:57:35.0913 1136 MpsSvc - ok
08:57:35.0929 1136 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
08:57:35.0929 1136 Mraid35x - ok
08:57:35.0991 1136 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
08:57:36.0007 1136 MRxDAV - ok
08:57:36.0069 1136 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
08:57:36.0085 1136 mrxsmb - ok
08:57:36.0163 1136 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:57:36.0178 1136 mrxsmb10 - ok
08:57:36.0225 1136 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:57:36.0225 1136 mrxsmb20 - ok
08:57:36.0272 1136 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
08:57:36.0303 1136 msahci - ok
08:57:36.0443 1136 [ 31FE01F58C95E1296F909BE52DEA63DD ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
08:57:36.0443 1136 MSCSPTISRV - ok
08:57:36.0521 1136 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
08:57:36.0521 1136 msdsm - ok
08:57:36.0537 1136 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
08:57:36.0553 1136 MSDTC - ok
08:57:36.0584 1136 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
08:57:36.0584 1136 Msfs - ok
08:57:36.0646 1136 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
08:57:36.0662 1136 msisadrv - ok
08:57:36.0693 1136 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
08:57:36.0724 1136 MSiSCSI - ok
08:57:36.0740 1136 msiserver - ok
08:57:36.0771 1136 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
08:57:36.0787 1136 MSKSSRV - ok
08:57:36.0818 1136 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
08:57:36.0818 1136 MSPCLOCK - ok
08:57:36.0833 1136 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
08:57:36.0849 1136 MSPQM - ok
08:57:36.0911 1136 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
08:57:36.0911 1136 MsRPC - ok
08:57:36.0943 1136 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
08:57:36.0958 1136 mssmbios - ok
08:57:37.0161 1136 MSSQL$MSSMLBIZ - ok
08:57:37.0239 1136 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
08:57:37.0270 1136 MSSQLServerADHelper - ok
08:57:37.0317 1136 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
08:57:37.0333 1136 MSTEE - ok
08:57:37.0379 1136 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
08:57:37.0395 1136 Mup - ok
08:57:37.0442 1136 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
08:57:37.0457 1136 napagent - ok
08:57:37.0535 1136 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
08:57:37.0551 1136 NativeWifiP - ok
08:57:37.0645 1136 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
08:57:37.0676 1136 NDIS - ok
08:57:37.0738 1136 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
08:57:37.0754 1136 NdisTapi - ok
08:57:37.0785 1136 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
08:57:37.0801 1136 Ndisuio - ok
08:57:37.0847 1136 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
08:57:37.0863 1136 NdisWan - ok
08:57:37.0957 1136 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
08:57:37.0972 1136 NDProxy - ok
08:57:38.0050 1136 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
08:57:38.0066 1136 Net Driver HPZ12 - ok
08:57:38.0128 1136 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
08:57:38.0128 1136 NetBIOS - ok
08:57:38.0175 1136 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
08:57:38.0191 1136 netbt - ok
08:57:38.0206 1136 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
08:57:38.0206 1136 Netlogon - ok
08:57:38.0269 1136 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
08:57:38.0284 1136 Netman - ok
08:57:38.0315 1136 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
08:57:38.0331 1136 netprofm - ok
08:57:38.0393 1136 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:57:38.0393 1136 NetTcpPortSharing - ok
08:57:38.0549 1136 [ 25ACCCFC33DD448B9D3037C5E439E830 ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
08:57:38.0659 1136 NETw4v32 - ok
08:57:38.0690 1136 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
08:57:38.0690 1136 nfrd960 - ok
08:57:38.0752 1136 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
08:57:38.0768 1136 NlaSvc - ok
08:57:38.0815 1136 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
08:57:38.0830 1136 Npfs - ok
08:57:38.0877 1136 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
08:57:38.0893 1136 nsi - ok
08:57:38.0924 1136 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
08:57:38.0924 1136 nsiproxy - ok
08:57:38.0986 1136 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
08:57:39.0049 1136 Ntfs - ok
08:57:39.0095 1136 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
08:57:39.0095 1136 ntrigdigi - ok
08:57:39.0111 1136 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
08:57:39.0111 1136 Null - ok
08:57:39.0158 1136 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
08:57:39.0173 1136 nvraid - ok
08:57:39.0205 1136 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
08:57:39.0205 1136 nvstor - ok
08:57:39.0220 1136 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
08:57:39.0220 1136 nv_agp - ok
08:57:39.0236 1136 NwlnkFlt - ok
08:57:39.0236 1136 NwlnkFwd - ok
08:57:39.0345 1136 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:57:39.0376 1136 odserv - ok
08:57:39.0423 1136 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
08:57:39.0439 1136 ohci1394 - ok
08:57:39.0485 1136 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:57:39.0517 1136 ose - ok
08:57:39.0610 1136 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
08:57:39.0641 1136 p2pimsvc - ok
08:57:39.0688 1136 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
08:57:39.0704 1136 p2psvc - ok
08:57:39.0735 1136 [ F5395A0379C51283471354402F7B949D ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
08:57:39.0751 1136 PACSPTISVR - ok
08:57:39.0797 1136 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
08:57:39.0844 1136 Parport - ok
08:57:39.0891 1136 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
08:57:39.0907 1136 partmgr - ok
08:57:39.0938 1136 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
08:57:39.0938 1136 Parvdm - ok
08:57:39.0985 1136 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
08:57:39.0985 1136 PcaSvc - ok
08:57:40.0031 1136 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
08:57:40.0031 1136 pci - ok
08:57:40.0063 1136 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
08:57:40.0078 1136 pciide - ok
08:57:40.0156 1136 [ 3BB2244F343B610C29C98035504C9B75 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
08:57:40.0187 1136 pcmcia - ok
08:57:40.0297 1136 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
08:57:40.0359 1136 PEAUTH - ok
08:57:40.0499 1136 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
08:57:40.0593 1136 pla - ok
08:57:40.0687 1136 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
08:57:40.0702 1136 PlugPlay - ok
08:57:40.0733 1136 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
08:57:40.0749 1136 Pml Driver HPZ12 - ok
08:57:40.0796 1136 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
08:57:40.0827 1136 PNRPAutoReg - ok
08:57:40.0843 1136 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
08:57:40.0858 1136 PNRPsvc - ok
08:57:40.0889 1136 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
08:57:40.0936 1136 PolicyAgent - ok
08:57:40.0983 1136 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
08:57:40.0983 1136 PptpMiniport - ok
08:57:41.0030 1136 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
08:57:41.0061 1136 Processor - ok
08:57:41.0108 1136 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
08:57:41.0123 1136 ProfSvc - ok
08:57:41.0139 1136 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
08:57:41.0186 1136 ProtectedStorage - ok
08:57:41.0389 1136 [ F115AF58ABE5605D7D709CBFBD83F418 ] ProtexisLicensing C:\Windows\system32\PSIService.exe
08:57:41.0451 1136 ProtexisLicensing - ok
08:57:41.0529 1136 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
08:57:41.0560 1136 PSched - ok
08:57:41.0623 1136 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
08:57:41.0638 1136 PxHelp20 - ok
08:57:41.0825 1136 [ 0A2C21B3168F2EFC3468B35FF5508CEA ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
08:57:41.0825 1136 QBCFMonitorService - ok
08:57:41.0888 1136 [ BAB30D2799754F6EA22F0B9076311793 ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
08:57:41.0935 1136 QBFCService - ok
08:57:42.0106 1136 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
08:57:42.0356 1136 ql2300 - ok
08:57:42.0387 1136 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
08:57:42.0387 1136 ql40xx - ok
08:57:42.0418 1136 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
08:57:42.0434 1136 QWAVE - ok
08:57:42.0465 1136 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
08:57:42.0465 1136 QWAVEdrv - ok
08:57:42.0590 1136 [ 68E04F3944E6F82C64B53F8A8F13FB3A ] R5U870FLx86 C:\Windows\system32\Drivers\R5U870FLx86.sys
08:57:42.0590 1136 R5U870FLx86 - ok
08:57:42.0637 1136 [ 7F1356060D1894B46554A0D8E6F13958 ] R5U870FUx86 C:\Windows\system32\Drivers\R5U870FUx86.sys
08:57:42.0637 1136 R5U870FUx86 - ok
08:57:42.0793 1136 [ 70DBDAB246C18B78E2200D6401D038BE ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
08:57:42.0824 1136 RapiMgr - ok
08:57:43.0042 1136 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
08:57:43.0089 1136 RasAcd - ok
08:57:43.0151 1136 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
08:57:43.0307 1136 RasAuto - ok
08:57:43.0417 1136 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
08:57:43.0432 1136 Rasl2tp - ok
08:57:43.0651 1136 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
08:57:43.0697 1136 RasMan - ok
08:57:43.0744 1136 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
08:57:43.0760 1136 RasPppoe - ok
08:57:43.0807 1136 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
08:57:43.0838 1136 RasSstp - ok
08:57:43.0885 1136 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
08:57:43.0916 1136 rdbss - ok
08:57:43.0963 1136 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
08:57:43.0994 1136 RDPCDD - ok
08:57:44.0056 1136 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
08:57:44.0087 1136 rdpdr - ok
08:57:44.0103 1136 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
08:57:44.0119 1136 RDPENCDD - ok
08:57:44.0181 1136 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
08:57:44.0181 1136 RDPWD - ok
08:57:44.0259 1136 [ 001B4278407F4303EFC902A2B16F2453 ] regi C:\Windows\system32\drivers\regi.sys
08:57:44.0259 1136 regi - ok
08:57:44.0399 1136 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
08:57:44.0446 1136 RemoteAccess - ok
08:57:44.0633 1136 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
08:57:44.0680 1136 RemoteRegistry - ok
08:57:44.0852 1136 [ 6482707F9F4DA0ECBAB43B2E0398A101 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
08:57:44.0883 1136 RFCOMM - ok
08:57:44.0992 1136 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
08:57:44.0992 1136 RpcLocator - ok
08:57:45.0023 1136 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
08:57:45.0039 1136 RpcSs - ok
08:57:45.0086 1136 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
08:57:45.0101 1136 rspndr - ok
08:57:45.0164 1136 [ B7E1C523E2F7787D700766FC78E01F77 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
08:57:45.0164 1136 RTL8169 - ok
08:57:45.0257 1136 [ 3EDFB0089B9455B26154B572DB650EE3 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
08:57:45.0273 1136 RTL8192su - ok
08:57:45.0320 1136 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
08:57:45.0351 1136 SamSs - ok
08:57:45.0476 1136 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:57:45.0491 1136 SASDIFSV - ok
08:57:45.0523 1136 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:57:45.0538 1136 SASKUTIL - ok
08:57:45.0585 1136 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
08:57:45.0585 1136 sbp2port - ok
08:57:45.0741 1136 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
08:57:45.0757 1136 SBSDWSCService - ok
08:57:45.0803 1136 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
08:57:45.0803 1136 SCardSvr - ok
08:57:45.0881 1136 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
08:57:45.0913 1136 Schedule - ok
08:57:45.0928 1136 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
08:57:45.0944 1136 SCPolicySvc - ok
08:57:45.0975 1136 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
08:57:45.0991 1136 SDRSVC - ok
08:57:46.0022 1136 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
08:57:46.0053 1136 secdrv - ok
08:57:46.0100 1136 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
08:57:46.0193 1136 seclogon - ok
08:57:46.0256 1136 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
08:57:46.0271 1136 SENS - ok
08:57:46.0318 1136 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
08:57:46.0334 1136 Serenum - ok
08:57:46.0381 1136 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
08:57:46.0381 1136 Serial - ok
08:57:46.0412 1136 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
08:57:46.0412 1136 sermouse - ok
08:57:46.0474 1136 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
08:57:46.0490 1136 SessionEnv - ok
08:57:46.0537 1136 [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys
08:57:46.0537 1136 SFEP - ok
08:57:46.0583 1136 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
08:57:46.0583 1136 sffdisk - ok
08:57:46.0599 1136 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
08:57:46.0599 1136 sffp_mmc - ok
08:57:46.0646 1136 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
08:57:46.0661 1136 sffp_sd - ok
08:57:46.0661 1136 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
08:57:46.0661 1136 sfloppy - ok
08:57:46.0708 1136 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
08:57:46.0708 1136 SharedAccess - ok
08:57:46.0771 1136 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:57:46.0771 1136 ShellHWDetection - ok
08:57:46.0802 1136 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
08:57:46.0802 1136 sisagp - ok
08:57:46.0833 1136 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
08:57:46.0833 1136 SiSRaid2 - ok
08:57:46.0880 1136 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
08:57:46.0880 1136 SiSRaid4 - ok
08:57:46.0989 1136 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
08:57:47.0005 1136 SkypeUpdate - ok
08:57:47.0285 1136 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
08:57:47.0707 1136 slsvc - ok
08:57:47.0847 1136 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
08:57:47.0909 1136 SLUINotify - ok
08:57:47.0956 1136 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
08:57:47.0956 1136 Smb - ok
08:57:47.0987 1136 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
08:57:48.0003 1136 SNMPTRAP - ok
08:57:48.0081 1136 [ D07F3C6FE13D291A5C27E2D2E8EC7F52 ] SOHCImp C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe
08:57:48.0081 1136 SOHCImp - ok
08:57:48.0112 1136 [ E507433FC0237B9FFCB6F97235E8C47D ] SOHDms C:\Program Files\Sony\VAIO Media plus\SOHDms.exe
08:57:48.0128 1136 SOHDms - ok
08:57:48.0143 1136 [ E674417F83C45679CD9C804D77E485A3 ] SOHDs C:\Program Files\Sony\VAIO Media plus\SOHDs.exe
08:57:48.0143 1136 SOHDs - ok
08:57:48.0175 1136 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
08:57:48.0175 1136 spldr - ok
08:57:48.0253 1136 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
08:57:48.0268 1136 Spooler - ok
08:57:48.0315 1136 [ CF7532B3D8061F3D0A9C6478850DABD4 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
08:57:48.0331 1136 SPTISRV - ok
08:57:48.0455 1136 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
08:57:48.0487 1136 SQLBrowser - ok
08:57:48.0549 1136 [ D89083C4EB02DACA8F944B0E05E57F9D ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
08:57:48.0565 1136 SQLWriter - ok
08:57:48.0643 1136 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
08:57:48.0643 1136 srv - ok
08:57:48.0736 1136 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
08:57:48.0736 1136 srv2 - ok
08:57:48.0799 1136 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
08:57:48.0814 1136 srvnet - ok
08:57:48.0845 1136 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
08:57:48.0861 1136 SSDPSRV - ok
08:57:48.0923 1136 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
08:57:48.0923 1136 SstpSvc - ok
08:57:49.0033 1136 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
08:57:49.0095 1136 stisvc - ok
08:57:49.0126 1136 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
08:57:49.0142 1136 swenum - ok
08:57:49.0189 1136 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
08:57:49.0235 1136 swprv - ok
08:57:49.0251 1136 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
08:57:49.0267 1136 Symc8xx - ok
08:57:49.0313 1136 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
08:57:49.0313 1136 Sym_hi - ok
08:57:49.0345 1136 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
08:57:49.0345 1136 Sym_u3 - ok
08:57:49.0407 1136 [ 99DA94793332AADBB17BBB521AE56E21 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
08:57:49.0423 1136 SynTP - ok
08:57:49.0469 1136 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
08:57:49.0485 1136 SysMain - ok
08:57:49.0516 1136 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:57:49.0516 1136 TabletInputService - ok
08:57:49.0547 1136 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
08:57:49.0563 1136 TapiSrv - ok
08:57:49.0594 1136 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
08:57:49.0594 1136 TBS - ok
08:57:49.0781 1136 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
08:57:49.0797 1136 Tcpip - ok
08:57:49.0828 1136 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
08:57:49.0844 1136 Tcpip6 - ok
08:57:49.0891 1136 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
08:57:49.0891 1136 tcpipreg - ok
08:57:49.0922 1136 [ 07D174A992AB0EA6001F390DE1AFA27B ] TcUsb C:\Windows\system32\Drivers\tcusb.sys
08:57:49.0922 1136 TcUsb - ok
08:57:49.0953 1136 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
08:57:49.0953 1136 TDPIPE - ok
08:57:50.0062 1136 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
08:57:50.0062 1136 TDTCP - ok
08:57:50.0125 1136 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
08:57:50.0156 1136 tdx - ok
08:57:50.0203 1136 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
08:57:50.0218 1136 TermDD - ok
08:57:50.0249 1136 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
08:57:50.0390 1136 TermService - ok
08:57:50.0405 1136 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
08:57:50.0437 1136 Themes - ok
08:57:50.0452 1136 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
08:57:50.0452 1136 THREADORDER - ok
08:57:50.0593 1136 [ 030F439AC1CCDA7AC6CE01CC02102045 ] ti21sony C:\Windows\system32\drivers\ti21sony.sys
08:57:50.0624 1136 ti21sony - ok
08:57:50.0655 1136 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
08:57:50.0671 1136 TrkWks - ok
08:57:50.0733 1136 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:57:50.0733 1136 TrustedInstaller - ok
08:57:50.0764 1136 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
08:57:50.0764 1136 tssecsrv - ok
08:57:50.0795 1136 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
08:57:50.0795 1136 tunmp - ok
08:57:50.0858 1136 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
08:57:50.0858 1136 tunnel - ok
08:57:50.0889 1136 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
08:57:50.0889 1136 uagp35 - ok
08:57:50.0936 1136 [ 3D7B66D3B25DFBDE7B96114E2D8EF2B3 ] uCamMonitor C:\Program Files\ArcSoft\Magic-I Visual Effects\uCamMonitor.exe
08:57:50.0983 1136 uCamMonitor - ok
08:57:51.0076 1136 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
08:57:51.0076 1136 udfs - ok
08:57:51.0326 1136 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
08:57:51.0326 1136 UI0Detect - ok
08:57:51.0341 1136 UIUSys - ok
08:57:51.0357 1136 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
08:57:51.0373 1136 uliagpkx - ok
08:57:51.0404 1136 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
08:57:51.0404 1136 uliahci - ok
08:57:51.0451 1136 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
08:57:51.0451 1136 UlSata - ok
08:57:51.0497 1136 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
08:57:51.0497 1136 ulsata2 - ok
08:57:51.0544 1136 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
08:57:51.0544 1136 umbus - ok
08:57:51.0591 1136 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
08:57:51.0607 1136 upnphost - ok
08:57:51.0685 1136 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
08:57:51.0685 1136 USBAAPL - ok
08:57:51.0747 1136 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
08:57:51.0747 1136 usbaudio - ok
08:57:51.0809 1136 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
08:57:52.0028 1136 usbccgp - ok
08:57:52.0075 1136 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
08:57:52.0090 1136 usbcir - ok
08:57:52.0137 1136 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
08:57:52.0137 1136 usbehci - ok
08:57:52.0215 1136 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
08:57:52.0215 1136 usbhub - ok
08:57:52.0293 1136 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
08:57:52.0293 1136 usbohci - ok
08:57:52.0324 1136 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
08:57:52.0340 1136 usbprint - ok
08:57:52.0371 1136 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
08:57:52.0387 1136 usbscan - ok
08:57:52.0418 1136 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:57:52.0433 1136 USBSTOR - ok
08:57:52.0480 1136 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
08:57:52.0480 1136 usbuhci - ok
08:57:52.0543 1136 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
08:57:52.0543 1136 usbvideo - ok
08:57:52.0574 1136 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
08:57:52.0589 1136 usb_rndisx - ok
08:57:52.0621 1136 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
08:57:52.0636 1136 UxSms - ok
08:57:52.0886 1136 [ D6E6BD77F4BEDD695553D5EA1FFDFCDD ] VAIO Entertainment TV Device Arbitration Service C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
08:57:52.0901 1136 VAIO Entertainment TV Device Arbitration Service - ok
08:57:53.0198 1136 [ 8A9F18ADAD471402236CA931553BF79B ] VAIO Event Service C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
08:57:53.0213 1136 VAIO Event Service - ok
08:57:53.0588 1136 [ 9D1DD772DEC13B0DA3289A4B266B0767 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
08:57:53.0603 1136 VcmIAlzMgr - ok
08:57:53.0775 1136 [ C44A507B71EB90E8299D2AF8FB05AE5B ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe
08:57:53.0837 1136 VcmXmlIfHelper - ok
08:57:53.0837 1136 Vcsw - ok
08:57:53.0884 1136 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
08:57:53.0962 1136 vds - ok
08:57:54.0040 1136 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
08:57:54.0056 1136 vga - ok
08:57:54.0103 1136 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
08:57:54.0103 1136 VgaSave - ok
08:57:54.0134 1136 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
08:57:54.0212 1136 viaagp - ok
08:57:54.0227 1136 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
08:57:54.0227 1136 ViaC7 - ok
08:57:54.0243 1136 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
08:57:54.0259 1136 viaide - ok
08:57:54.0274 1136 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
08:57:54.0274 1136 volmgr - ok
08:57:54.0337 1136 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
08:57:54.0337 1136 volmgrx - ok
08:57:54.0368 1136 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
08:57:54.0571 1136 volsnap - ok
08:57:54.0867 1136 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
08:57:55.0007 1136 vsmraid - ok
08:57:55.0132 1136 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
08:57:55.0803 1136 VSS - ok
08:57:56.0068 1136 [ 0E2357BF1E70E17EFB13D08FCE74FCBC ] VzCdbSvc C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
08:57:56.0131 1136 VzCdbSvc - ok
08:57:56.0255 1136 [ 99BCBD7F13779AE06944776A8D4BB5C3 ] VzFw C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
08:57:56.0287 1136 VzFw - ok
08:57:56.0349 1136 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
08:57:56.0411 1136 W32Time - ok
08:57:56.0474 1136 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
08:57:56.0474 1136 WacomPen - ok
08:57:56.0489 1136 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
08:57:56.0521 1136 Wanarp - ok
08:57:56.0536 1136 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
08:57:56.0536 1136 Wanarpv6 - ok
08:57:56.0817 1136 [ 779F9C90D3FE9C70B6FFD8EF035F3E83 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
08:57:56.0942 1136 WcesComm - ok
08:57:57.0160 1136 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
08:57:57.0581 1136 wcncsvc - ok
08:57:57.0675 1136 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:57:57.0706 1136 WcsPlugInService - ok
08:57:57.0737 1136 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
08:57:57.0753 1136 Wd - ok
08:57:57.0831 1136 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
08:57:57.0847 1136 Wdf01000 - ok
08:57:57.0878 1136 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
08:57:57.0909 1136 WdiServiceHost - ok
08:57:57.0925 1136 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
08:57:57.0940 1136 WdiSystemHost - ok
08:57:57.0987 1136 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
08:57:58.0003 1136 WebClient - ok
08:57:58.0065 1136 [ 905214925A88311FCE52F66153DE7610 ] Wecsvc C:\Windows\system32\wecsvc.dll
08:57:58.0252 1136 Wecsvc - ok
08:57:58.0315 1136 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
08:57:58.0408 1136 wercplsupport - ok
08:57:58.0611 1136 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
08:57:58.0658 1136 WerSvc - ok
08:57:58.0767 1136 [ F9AD3A5E3FD7E0BDB18B8202B0FDD4E4 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
08:57:58.0798 1136 WimFltr - ok
08:57:59.0235 1136 [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
08:57:59.0329 1136 winachsf - ok
08:58:00.0358 1136 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
08:58:00.0405 1136 WinDefend - ok
08:58:00.0405 1136 WinHttpAutoProxySvc - ok
08:58:00.0655 1136 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
08:58:00.0701 1136 Winmgmt - ok
08:58:01.0045 1136 [ 01874D4689C212460FBABF0ECD7CB7F7 ] WinRM C:\Windows\system32\WsmSvc.dll
08:58:01.0575 1136 WinRM - ok
08:58:01.0778 1136 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
08:58:01.0856 1136 Wlansvc - ok
08:58:01.0949 1136 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
08:58:01.0949 1136 WmiAcpi - ok
08:58:02.0090 1136 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
08:58:02.0105 1136 wmiApSrv - ok
08:58:02.0776 1136 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
08:58:03.0088 1136 WMPNetworkSvc - ok
08:58:03.0166 1136 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
08:58:03.0478 1136 WPCSvc - ok
08:58:03.0587 1136 [ 396D406292B0CD26E3504FFE82784702 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
08:58:03.0665 1136 WPDBusEnum - ok
08:58:03.0837 1136 [ 0CEC23084B51B8288099EB710224E955 ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
08:58:03.0868 1136 WpdUsb - ok
08:58:03.0946 1136 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
08:58:03.0946 1136 ws2ifsl - ok
08:58:04.0024 1136 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
08:58:04.0055 1136 wscsvc - ok
08:58:04.0071 1136 WSearch - ok
08:58:04.0945 1136 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
08:58:06.0177 1136 wuauserv - ok
08:58:06.0364 1136 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
08:58:06.0427 1136 WUDFRd - ok
08:58:06.0739 1136 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
08:58:06.0754 1136 wudfsvc - ok
08:58:07.0987 1136 [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
08:58:08.0018 1136 XAudio - ok
08:58:08.0486 1136 [ 15A317674A08DF26BE65164D959E9203 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
08:58:08.0517 1136 XAudioService - ok
08:58:08.0579 1136 ================ Scan global ===============================
08:58:08.0642 1136 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
08:58:08.0751 1136 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
08:58:08.0891 1136 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
08:58:09.0063 1136 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
08:58:09.0125 1136 [Global] - ok
08:58:09.0125 1136 ================ Scan MBR ==================================
08:58:09.0172 1136 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
08:58:12.0027 1136 \Device\Harddisk0\DR0 - ok
08:58:12.0027 1136 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
08:58:12.0043 1136 \Device\Harddisk2\DR2 - ok
08:58:12.0043 1136 ================ Scan VBR ==================================
08:58:12.0074 1136 [ 4C8BE833BDCEE989926808C1F52CA548 ] \Device\Harddisk0\DR0\Partition1
08:58:12.0199 1136 \Device\Harddisk0\DR0\Partition1 - ok
08:58:12.0199 1136 [ 6E695E0689AF922C7DFAC4BB03B3CE27 ] \Device\Harddisk2\DR2\Partition1
08:58:12.0199 1136 \Device\Harddisk2\DR2\Partition1 - ok
08:58:12.0199 1136 ============================================================
08:58:12.0199 1136 Scan finished
08:58:12.0199 1136 ============================================================
08:58:12.0214 2752 Detected object count: 0
08:58:12.0214 2752 Actual detected object count: 0
09:04:04.0459 3524 Deinitialize success
 
RogueKiller V8.1.1 [10/03/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: https://www.techspot.com/downloads/5562-roguekiller.html
Website: http://tigzy.geekstogo.com/roguekiller.php
Blog: http://tigzyrk.blogspot.com

Operating System: Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Michelle [Admin rights]
Mode : Remove -- Date : 10/09/2012 09:17:23

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : cdloader ("C:\Users\Michelle\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK) -> DELETED
[HJ DESK] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
::1 localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: TOSHIBA MK1246GSX ATA Device +++++
--- User ---
[MBR] 7a3599de38c6a88dcd4d31fca41aed4b
[BSP] b21b56746381b798b3a02139c0b64481 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 7957 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16297984 | Size: 106514 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive2: SD1 Device +++++
--- User ---
[MBR] 8a4a3f84a9eda68451f8bdccda84c484
[BSP] df4f83c1f72e36823a12b0dfc7617313 : MBR Code unknown
Partition table:
0 - [XXXXXX] FAT32 (0x0b) [VISIBLE] Offset (sectors): 8192 | Size: 7576 Mo
Error reading LL1 MBR!
Error reading LL2 MBR!

Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
 
While doing this Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
The pc has frozen up. I've pulled the plug & booting up.
I've re started it. Hope thats ok.
 
Ok, I restarted aswMBR but after a couple minutes a blue screen with white words "flashed" on the screen & it rebooted. Will wait for your instructions.
 
I just tried it & it didn't. It went for a couple minutes & flashed a blue screen with white words & is rebooting now.
 
Create new restore point before proceeding with the next step....
How to:
- Windows 7: http://www.howtogeek.com/howto/3195/create-a-system-restore-point-in-windows-7/
- Vista: http://www.howtogeek.com/howto/wind...tore-point-for-windows-vistas-system-restore/
- XP: http://support.microsoft.com/kb/948247

=============================

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If restarting doesn't help use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
Ok, I ran Combofix fine,it rebooted but when I click on the Firefox icon to post the results, I get
C:progran Files\Mozilla Firefox\firefox.exe

Illegal operation attempted on a registry key that has been marked for deletion

Same thing for IE & Safari
 
Ok, here is what I've done. I saved the Combofix log to a flashdrive & am posting it using my pc. I hope this works.
ComboFix 12-10-09.01 - Michelle 10/09/2012 13:03:26.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2038.685 [GMT -7:00]
Running from: c:\users\Michelle\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\DFR1D5C.tmp
c:\program files\explorer
c:\program files\explorer\AddressParser\AddressParserConfiguration.xml
c:\program files\explorer\AddressParser\parser_andorra.xml
c:\program files\explorer\AddressParser\parser_austria.xml
c:\program files\explorer\AddressParser\parser_belgium.xml
c:\program files\explorer\AddressParser\parser_canada.xml
c:\program files\explorer\AddressParser\parser_denmark.xml
c:\program files\explorer\AddressParser\parser_france.xml
c:\program files\explorer\AddressParser\parser_germany.xml
c:\program files\explorer\AddressParser\parser_ireland.xml
c:\program files\explorer\AddressParser\parser_italy.xml
c:\program files\explorer\AddressParser\parser_liechtenstein.xml
c:\program files\explorer\AddressParser\parser_luxembourg.xml
c:\program files\explorer\AddressParser\parser_monaco.xml
c:\program files\explorer\AddressParser\parser_netherlands.xml
c:\program files\explorer\AddressParser\parser_norway.xml
c:\program files\explorer\AddressParser\parser_portugal.xml
c:\program files\explorer\AddressParser\parser_spain.xml
c:\program files\explorer\AddressParser\parser_sweden.xml
c:\program files\explorer\AddressParser\parser_switzerland.xml
c:\program files\explorer\AddressParser\parser_uk.xml
c:\program files\explorer\AddressParser\parser_usa.xml
c:\program files\explorer\basemaps\basemaps.de.xml
c:\program files\explorer\basemaps\basemaps.es.xml
c:\program files\explorer\basemaps\basemaps.fr.xml
c:\program files\explorer\basemaps\basemaps.ja-jp.xml
c:\program files\explorer\basemaps\basemaps.xml
c:\program files\explorer\basemaps\basemaps.zh-CN.xml
c:\program files\explorer\basemaps\Server\basemap0.nmf
c:\program files\explorer\basemaps\Server\basemap0.png
c:\program files\explorer\basemaps\Server\basemap1.nmf
c:\program files\explorer\basemaps\Server\basemap1.png
c:\program files\explorer\basemaps\Server\basemap10.nmf
c:\program files\explorer\basemaps\Server\basemap10.png
c:\program files\explorer\basemaps\Server\basemap11.nmf
c:\program files\explorer\basemaps\Server\basemap11.png
c:\program files\explorer\basemaps\Server\basemap2.nmf
c:\program files\explorer\basemaps\Server\basemap2.png
c:\program files\explorer\basemaps\Server\basemap3.nmf
c:\program files\explorer\basemaps\Server\basemap3.png
c:\program files\explorer\basemaps\Server\basemap4.nmf
c:\program files\explorer\basemaps\Server\basemap4.png
c:\program files\explorer\basemaps\Server\basemap5.nmf
c:\program files\explorer\basemaps\Server\basemap5.png
c:\program files\explorer\basemaps\Server\basemap6.nmf
c:\program files\explorer\basemaps\Server\basemap6.png
c:\program files\explorer\basemaps\Server\basemap7.nmf
c:\program files\explorer\basemaps\Server\basemap7.png
c:\program files\explorer\basemaps\Server\basemap8.nmf
c:\program files\explorer\basemaps\Server\basemap8.png
c:\program files\explorer\basemaps\Server\basemap9.nmf
c:\program files\explorer\basemaps\Server\basemap9.png
c:\program files\explorer\basemaps\Server\basemaps.de.xml
c:\program files\explorer\basemaps\Server\basemaps.es.xml
c:\program files\explorer\basemaps\Server\basemaps.fr.xml
c:\program files\explorer\basemaps\Server\basemaps.ja-jp.xml
c:\program files\explorer\basemaps\Server\basemaps.xml
c:\program files\explorer\basemaps\Server\basemaps.zh-CN.xml
c:\program files\explorer\bin\3dAnalystUtil.dll
c:\program files\explorer\bin\3DSymbols.dll
c:\program files\explorer\bin\3DSymbolsLib.dll
c:\program files\explorer\bin\AfCore.dll
c:\program files\explorer\bin\AfUtil.dll
c:\program files\explorer\bin\AGSClient.dll
c:\program files\explorer\bin\aibase.dll
c:\program files\explorer\bin\aifeat.dll
c:\program files\explorer\bin\AISClient.dll
c:\program files\explorer\bin\AISGlobalLib.dll
c:\program files\explorer\bin\aishape.dll
c:\program files\explorer\bin\Animation.dll
c:\program files\explorer\bin\AnnoLayer.dll
c:\program files\explorer\bin\Annotation.dll
c:\program files\explorer\bin\AnnotationLib.dll
c:\program files\explorer\bin\AoInitializer.dll
c:\program files\explorer\bin\AppInitializerLib.dll
c:\program files\explorer\bin\ApplicationConfigurationManager.exe
c:\program files\explorer\bin\ArcGISExplorer.ISCConfig
c:\program files\explorer\bin\atl71.dll
c:\program files\explorer\bin\BasemapLayer.dll
c:\program files\explorer\bin\BasicRasterPicture.dll
c:\program files\explorer\bin\BGLAPI.dll
c:\program files\explorer\bin\BGLAPILib.dll
c:\program files\explorer\bin\BGLFontEngine.dll
c:\program files\explorer\bin\BGLGeomChestLib.dll
c:\program files\explorer\bin\BGLGeometricEffects.dll
c:\program files\explorer\bin\BGLImageCoders.dll
c:\program files\explorer\bin\BGLRasterizerLib.dll
c:\program files\explorer\bin\BGLRasterizerSW.dll
c:\program files\explorer\bin\BGLSymbols.dll
c:\program files\explorer\bin\BGLSymbolsLib.dll
c:\program files\explorer\bin\BGLToGDIHelper.dll
c:\program files\explorer\bin\bin.zreg
c:\program files\explorer\bin\CacheRasterDB.dll
c:\program files\explorer\bin\CadastralFabric.dll
c:\program files\explorer\bin\CadastralFabricLayer.dll
c:\program files\explorer\bin\CadEngine.dll
c:\program files\explorer\bin\CadFDB.dll
c:\program files\explorer\bin\CadLayer.dll
c:\program files\explorer\bin\CadWorkspaceFactory.dll
c:\program files\explorer\bin\Camera.dll
c:\program files\explorer\bin\CartoControlsLib.dll
c:\program files\explorer\bin\CartoConverter.dll
c:\program files\explorer\bin\CartoXLib.dll
c:\program files\explorer\bin\CIM.dll
c:\program files\explorer\bin\CIMLib.dll
c:\program files\explorer\bin\Color.dll
c:\program files\explorer\bin\ComplexSymbols.dll
c:\program files\explorer\bin\CompressedDataFile.dll
c:\program files\explorer\bin\Configuration\CATID\esri.catid.ecfg
c:\program files\explorer\bin\Configuration\CLSID\esri.clsid.ecfg
c:\program files\explorer\bin\DADFLib.dll
c:\program files\explorer\bin\DaeFile.dll
c:\program files\explorer\bin\DataConverterLib.dll
c:\program files\explorer\bin\dbghelp.dll
c:\program files\explorer\bin\de\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\de\DADFRes.dll
c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\de\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\de\ResToolkitPro.dll
c:\program files\explorer\bin\DECoreLib.dll
c:\program files\explorer\bin\DFORRT.DLL
c:\program files\explorer\bin\Display.dll
c:\program files\explorer\bin\DisplayFeedback.dll
c:\program files\explorer\bin\DisplayGraph.dll
c:\program files\explorer\bin\DisplayLib.dll
c:\program files\explorer\bin\DistributedGeodbLib.dll
c:\program files\explorer\bin\DynamicDisplay.dll
c:\program files\explorer\bin\e3.config.xml
c:\program files\explorer\bin\E3.exe
c:\program files\explorer\bin\E3.exe.config
c:\program files\explorer\bin\E3Control.dll
c:\program files\explorer\bin\E3EmailHelper.exe
c:\program files\explorer\bin\EngineGraphics.dll
c:\program files\explorer\bin\EnginePackager.dll
c:\program files\explorer\bin\es\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\es\DADFRes.dll
c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\es\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\es\ResToolkitPro.dll
c:\program files\explorer\bin\ESRI.ArcGIS.Utilities.Compression.dll
c:\program files\explorer\bin\ESRI.ArcGISExplorer.Application.dll
c:\program files\explorer\bin\ESRI.ArcGISExplorer.dll
c:\program files\explorer\bin\ESRI.ArcGISExplorer.MapCenter.dll
c:\program files\explorer\bin\ESRI.DADF.Core.dll
c:\program files\explorer\bin\ESRI.DADF.dll
c:\program files\explorer\bin\esrizip.exe
c:\program files\explorer\bin\Export.dll
c:\program files\explorer\bin\ExtTopoEngine.dll
c:\program files\explorer\bin\FdaCore.dll
c:\program files\explorer\bin\FdaCoreLib.dll
c:\program files\explorer\bin\FdaRel.dll
c:\program files\explorer\bin\FeatureDataConverter.dll
c:\program files\explorer\bin\FeatureDataElements.dll
c:\program files\explorer\bin\FeatureLayer.dll
c:\program files\explorer\bin\FeatureLayerLib.dll
c:\program files\explorer\bin\FgdbRasterDB.dll
c:\program files\explorer\bin\FgdbUtilLib.dll
c:\program files\explorer\bin\FileDataElements.dll
c:\program files\explorer\bin\FileDBCoreLib.dll
c:\program files\explorer\bin\FileGDB.dll
c:\program files\explorer\bin\FileGDBWorkspaceFactory.dll
c:\program files\explorer\bin\fr\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\fr\DADFRes.dll
c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\fr\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\fr\ResToolkitPro.dll
c:\program files\explorer\bin\FunctionRasterDB.dll
c:\program files\explorer\bin\gdal16.dll
c:\program files\explorer\bin\GdalRasterDB.dll
c:\program files\explorer\bin\GdbCatalog.dll
c:\program files\explorer\bin\GdbCore.dll
c:\program files\explorer\bin\GdbCoreLib.dll
c:\program files\explorer\bin\GdbNet.dll
c:\program files\explorer\bin\GdbTopo.dll
c:\program files\explorer\bin\GeoDataExtraction.dll
c:\program files\explorer\bin\GeoDataServer.dll
c:\program files\explorer\bin\GeoDataTransfer.dll
c:\program files\explorer\bin\Geometry.dll
c:\program files\explorer\bin\GeoprocessingLib.dll
c:\program files\explorer\bin\GeoProcessor.dll
c:\program files\explorer\bin\GeoRSSPlugin.dll
c:\program files\explorer\bin\glew32.dll
c:\program files\explorer\bin\Globe.dll
c:\program files\explorer\bin\GlobeCamera.dll
c:\program files\explorer\bin\GlobeClient.dll
c:\program files\explorer\bin\GlobeCoreLib.dll
c:\program files\explorer\bin\GlobeDisplay.dll
c:\program files\explorer\bin\GlobeLayers.dll
c:\program files\explorer\bin\GlobeServer.dll
c:\program files\explorer\bin\GlobeServerLayer.dll
c:\program files\explorer\bin\GlobeViewerCoreLib.dll
c:\program files\explorer\bin\GPClient.dll
c:\program files\explorer\bin\GpObjects.dll
c:\program files\explorer\bin\GpPythonCore.dll
c:\program files\explorer\bin\GPRasterFunctions.dll
c:\program files\explorer\bin\GraphicElements.dll
c:\program files\explorer\bin\hd420m.dll
c:\program files\explorer\bin\hdf5dll.dll
c:\program files\explorer\bin\hm420m.dll
c:\program files\explorer\bin\icudt40.dll
c:\program files\explorer\bin\icuin40.dll
c:\program files\explorer\bin\icuio40.dll
c:\program files\explorer\bin\icule40.dll
c:\program files\explorer\bin\icuuc40.dll
c:\program files\explorer\bin\ImageAccessLib.dll
c:\program files\explorer\bin\ImageClient.dll
c:\program files\explorer\bin\ImageServer.dll
c:\program files\explorer\bin\ImageServerLayer.dll
c:\program files\explorer\bin\IMSConnector.dll
c:\program files\explorer\bin\ImsFDB.dll
c:\program files\explorer\bin\IMSLayer.dll
c:\program files\explorer\bin\IMSLayerLib.dll
c:\program files\explorer\bin\IMSServiceLib.dll
c:\program files\explorer\bin\ImsWorkspaceFactory.dll
c:\program files\explorer\bin\InMemoryWorkspaceFactory.dll
c:\program files\explorer\bin\InputDevice3Dx.dll
c:\program files\explorer\bin\ja-JP\ApplicationConfigurationManager.resources.dll
c:\program files\explorer\bin\ja-JP\DADFRes.dll
c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\ja-JP\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\ja-JP\ResToolkitPro.dll
c:\program files\explorer\bin\kdu61.dll
c:\program files\explorer\bin\KmlLayer.dll
c:\program files\explorer\bin\LabelPlacement.dll
c:\program files\explorer\bin\Layer.dll
c:\program files\explorer\bin\LayerLib.dll
c:\program files\explorer\bin\lcms117lib.dll
c:\program files\explorer\bin\libcollada14dom21.dll
c:\program files\explorer\bin\libcurl.dll
c:\program files\explorer\bin\lti_dsdk_dll.dll
c:\program files\explorer\bin\Map.dll
c:\program files\explorer\bin\MapClient.dll
c:\program files\explorer\bin\MapDB.dll
c:\program files\explorer\bin\MapElements.dll
c:\program files\explorer\bin\MaplexEngineLib.dll
c:\program files\explorer\bin\MapLib.dll
c:\program files\explorer\bin\MappingCore.dll
c:\program files\explorer\bin\MappingCoreLib.dll
c:\program files\explorer\bin\MappingServicesLib.dll
c:\program files\explorer\bin\MapServer.dll
c:\program files\explorer\bin\MapServerLayer.dll
c:\program files\explorer\bin\Marker3DFile.dll
c:\program files\explorer\bin\MessageSupport.dll
c:\program files\explorer\bin\Microsoft.VC90.ATL\atl90.dll
c:\program files\explorer\bin\Microsoft.VC90.ATL\Microsoft.VC90.ATL.manifest
c:\program files\explorer\bin\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest
c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcm90.dll
c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcp90.dll
c:\program files\explorer\bin\Microsoft.VC90.CRT\msvcr90.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfc90u.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\mfcm90u.dll
c:\program files\explorer\bin\Microsoft.VC90.MFC\Microsoft.VC90.MFC.manifest
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHS.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90CHT.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90DEU.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ENU.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESN.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ESP.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90FRA.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90ITA.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90JPN.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\MFC90KOR.dll
c:\program files\explorer\bin\Microsoft.VC90.MFCLOC\Microsoft.VC90.MFCLOC.manifest
c:\program files\explorer\bin\Microsoft.VC90.OPENMP\Microsoft.VC90.OpenMP.manifest
c:\program files\explorer\bin\Microsoft.VC90.OPENMP\vcomp90.dll
c:\program files\explorer\bin\MosaicDB.dll
c:\program files\explorer\bin\msvcp71.dll
c:\program files\explorer\bin\msvcr71.dll
c:\program files\explorer\bin\Navigation.dll
c:\program files\explorer\bin\NetEngine80.dll
c:\program files\explorer\bin\Network.dll
c:\program files\explorer\bin\NetworkAnalystSolvers.dll
c:\program files\explorer\bin\NetworkDataset.dll
c:\program files\explorer\bin\OGCClient.dll
c:\program files\explorer\bin\OutputLib.dll
c:\program files\explorer\bin\PageLayout.dll
c:\program files\explorer\bin\pe.dll
c:\program files\explorer\bin\PlugInDataSource.dll
c:\program files\explorer\bin\PlugInWorkspaceFactory.dll
c:\program files\explorer\bin\PrintOut.dll
c:\program files\explorer\bin\RasterAnalysisUtilLib.dll
c:\program files\explorer\bin\RasterCatalog.dll
c:\program files\explorer\bin\RasterCoreLib.dll
c:\program files\explorer\bin\RasterDB.dll
c:\program files\explorer\bin\RasterEngine.dll
c:\program files\explorer\bin\RasterFormats.dat
c:\program files\explorer\bin\RasterGraphicElements.dll
c:\program files\explorer\bin\RasterIO.dll
c:\program files\explorer\bin\RasterLayer.dll
c:\program files\explorer\bin\RasterRenderer.dll
c:\program files\explorer\bin\RasterWorkspaceFactory.dll
c:\program files\explorer\bin\Renderers.dll
c:\program files\explorer\bin\RepresentationDB.dll
c:\program files\explorer\bin\RepresentationEffects.dll
c:\program files\explorer\bin\RepresentationLayer.dll
c:\program files\explorer\bin\RepresentationLib.dll
c:\program files\explorer\bin\RepresentationSymbols.dll
c:\program files\explorer\bin\SceneFilters.dll
c:\program files\explorer\bin\SceneGraph.dll
c:\program files\explorer\bin\sdcdbx.dll
c:\program files\explorer\bin\SDCPlugIn.dll
c:\program files\explorer\bin\sde.dll
c:\program files\explorer\bin\SdeFDB.dll
c:\program files\explorer\bin\SdeRasterDB.dll
c:\program files\explorer\bin\sdesetup.dll
c:\program files\explorer\bin\SdeWorkspaceFactory.dll
c:\program files\explorer\bin\ServerStyleGallery.dll
c:\program files\explorer\bin\sg.dll
c:\program files\explorer\bin\ShapefileFDB.dll
c:\program files\explorer\bin\ShapefileWorkspaceFactory.dll
c:\program files\explorer\bin\SimpleDataConverter.dll
c:\program files\explorer\bin\StyleGalleryClasses.dll
c:\program files\explorer\bin\SystemUIUtil.dll
c:\program files\explorer\bin\Terrain.dll
c:\program files\explorer\bin\TerrainLayer.dll
c:\program files\explorer\bin\TextureCookerService.exe
c:\program files\explorer\bin\TinDb.dll
c:\program files\explorer\bin\TinEngine.dll
c:\program files\explorer\bin\TinLayer.dll
c:\program files\explorer\bin\TinRenderer.dll
c:\program files\explorer\bin\TinWorkspaceFactory.dll
c:\program files\explorer\bin\ViewerCoreLib.dll
c:\program files\explorer\bin\VpfFDB.dll
c:\program files\explorer\bin\VpfWorkspaceFactory.dll
c:\program files\explorer\bin\WebServices.dll
c:\program files\explorer\bin\WMSLayer.dll
c:\program files\explorer\bin\xerces-c_2_7.dll
c:\program files\explorer\bin\XmlSupport.dat
c:\program files\explorer\bin\XMLSupport.dll
c:\program files\explorer\bin\zh-CN\applicationconfigurationmanager.resources.dll
c:\program files\explorer\bin\zh-CN\DADFRes.dll
c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.Application.resources.dll
c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.MapCenter.resources.dll
c:\program files\explorer\bin\zh-CN\ESRI.ArcGISExplorer.resources.dll
c:\program files\explorer\bin\zh-CN\ResToolkitPro.dll
c:\program files\explorer\bin\zlib1.dll
c:\program files\explorer\bin\zlibwapi.dll
c:\program files\explorer\ColorProfiles\esriGray22.icc
c:\program files\explorer\ColorProfiles\Lab2Lab.icm
c:\program files\explorer\ColorProfiles\sRGB_IEC61966-2-1_noBPC.icc
c:\program files\explorer\ColorProfiles\USWebCoatedSWOP.icc
c:\program files\explorer\ColorProfiles\Xyz2Xyz.icm
c:\program files\explorer\com\com.zreg
c:\program files\explorer\com\esriE3.olb
c:\program files\explorer\license\ExplorerEnglishLicense.pdf
c:\program files\explorer\license\ExplorerFrenchLicense.pdf
c:\program files\explorer\license\ExplorerGermanLicense.pdf
c:\program files\explorer\license\ExplorerJapaneseLicense.pdf
c:\program files\explorer\license\ExplorerSimplChineseLicense.pdf
c:\program files\explorer\license\ExplorerSpanishLicense.pdf
c:\program files\explorer\PackageTemplates\ArcGISExplorer.stylesheet
c:\program files\explorer\PackageTemplates\Package931.template
c:\program files\explorer\pedata\gdaldata\coordinate_axis.csv
c:\program files\explorer\pedata\gdaldata\cubewerx_extra.wkt
c:\program files\explorer\pedata\gdaldata\ecw_cs.dat
c:\program files\explorer\pedata\gdaldata\ellipsoid.csv
c:\program files\explorer\pedata\gdaldata\epsg.wkt
c:\program files\explorer\pedata\gdaldata\esri_extra.wkt
c:\program files\explorer\pedata\gdaldata\gcs.csv
c:\program files\explorer\pedata\gdaldata\gdal_datum.csv
c:\program files\explorer\pedata\gdaldata\gdalicon.png
c:\program files\explorer\pedata\gdaldata\pcs.csv
c:\program files\explorer\pedata\gdaldata\prime_meridian.csv
c:\program files\explorer\pedata\gdaldata\projop_wparm.csv
c:\program files\explorer\pedata\gdaldata\s57attributes.csv
c:\program files\explorer\pedata\gdaldata\s57expectedinput.csv
c:\program files\explorer\pedata\gdaldata\s57objectclasses.csv
c:\program files\explorer\pedata\gdaldata\seed_2d.dgn
c:\program files\explorer\pedata\gdaldata\seed_3d.dgn
c:\program files\explorer\pedata\gdaldata\stateplane.csv
c:\program files\explorer\pedata\gdaldata\unit_of_measure.csv
c:\program files\explorer\plugins\explorerCore.ecfg
c:\program files\explorer\schemas\ExplorerAddIn.xsd
c:\program files\explorer\schemas\ExplorerGeometry.xsd
c:\program files\explorer\schemas\NmfDocument.xsd
c:\program files\explorer\Styles\default.css
c:\program files\explorer\Styles\Directions\CheckeredFlag16.png
c:\program files\explorer\Styles\Directions\GreenFlag16.png
c:\program files\explorer\Styles\Directions\Print16.png
c:\program files\explorer\Styles\ExplorerColors.de.xml
c:\program files\explorer\Styles\ExplorerColors.es.xml
c:\program files\explorer\Styles\ExplorerColors.fr.xml
c:\program files\explorer\Styles\ExplorerColors.ja-JP.xml
c:\program files\explorer\Styles\ExplorerColors.xml
c:\program files\explorer\Styles\ExplorerColors.zh-CN.xml
c:\program files\explorer\Styles\ExplorerSymbols.de.xml
c:\program files\explorer\Styles\ExplorerSymbols.es.xml
c:\program files\explorer\Styles\ExplorerSymbols.fr.xml
c:\program files\explorer\Styles\ExplorerSymbols.ja-JP.xml
c:\program files\explorer\Styles\ExplorerSymbols.xml
c:\program files\explorer\Styles\ExplorerSymbols.zh-CN.xml
c:\program files\explorer\Styles\kml.css
c:\program files\explorer\Styles\KMLIcons\american-flag.png
c:\program files\explorer\Styles\KMLIcons\arrow.png
c:\program files\explorer\Styles\KMLIcons\asian-flag.png
c:\program files\explorer\Styles\KMLIcons\auto-service.png
c:\program files\explorer\Styles\KMLIcons\auto.png
c:\program files\explorer\Styles\KMLIcons\bang.png
c:\program files\explorer\Styles\KMLIcons\bars.png
c:\program files\explorer\Styles\KMLIcons\building.png
c:\program files\explorer\Styles\KMLIcons\coffee_house_16.png
c:\program files\explorer\Styles\KMLIcons\crosshair.png
c:\program files\explorer\Styles\KMLIcons\dining.png
c:\program files\explorer\Styles\KMLIcons\dining_16.png
c:\program files\explorer\Styles\KMLIcons\dot.png
c:\program files\explorer\Styles\KMLIcons\fast-food.png
c:\program files\explorer\Styles\KMLIcons\four-dollars.png
c:\program files\explorer\Styles\KMLIcons\french-flag.png
c:\program files\explorer\Styles\KMLIcons\hand.png
c:\program files\explorer\Styles\KMLIcons\high_res_places.png
c:\program files\explorer\Styles\KMLIcons\highway_16.png
c:\program files\explorer\Styles\KMLIcons\italian-flag.png
c:\program files\explorer\Styles\KMLIcons\large_traffic_count_16.png
c:\program files\explorer\Styles\KMLIcons\mexican-flag.png
c:\program files\explorer\Styles\KMLIcons\misc_dining.png
c:\program files\explorer\Styles\KMLIcons\note.png
c:\program files\explorer\Styles\KMLIcons\one-dollar.png
c:\program files\explorer\Styles\KMLIcons\palette-2.png
c:\program files\explorer\Styles\KMLIcons\palette-3.png
c:\program files\explorer\Styles\KMLIcons\palette-4.png
c:\program files\explorer\Styles\KMLIcons\palette-5.png
c:\program files\explorer\Styles\KMLIcons\parks.png
c:\program files\explorer\Styles\KMLIcons\recreation.png
c:\program files\explorer\Styles\KMLIcons\school_16.png
c:\program files\explorer\Styles\KMLIcons\search.png
c:\program files\explorer\Styles\KMLIcons\streamed_layer.png
c:\program files\explorer\Styles\KMLIcons\streamed_layers.png
c:\program files\explorer\Styles\KMLIcons\terrain_16.png
c:\program files\explorer\Styles\KMLIcons\three-dollars.png
c:\program files\explorer\Styles\KMLIcons\transportation.png
c:\program files\explorer\Styles\KMLIcons\two-dollars.png
c:\program files\explorer\Styles\KMLIcons\webcam_16.png
c:\program files\explorer\Styles\SlideTitleStyles.de.xml
c:\program files\explorer\Styles\SlideTitleStyles.es.xml
c:\program files\explorer\Styles\SlideTitleStyles.fr.xml
c:\program files\explorer\Styles\SlideTitleStyles.ja-JP.xml
c:\program files\explorer\Styles\SlideTitleStyles.xml
c:\program files\explorer\Styles\SlideTitleStyles.zh-CN.xml
c:\program files\explorer\Styles\StyleSheet.xsl
c:\program files\explorer\Styles\SymbolImages\Civic\ATM.png
c:\program files\explorer\Styles\SymbolImages\Civic\Bank.png
c:\program files\explorer\Styles\SymbolImages\Civic\Bell.png
c:\program files\explorer\Styles\SymbolImages\Civic\Cemetery.png
c:\program files\explorer\Styles\SymbolImages\Civic\City.png
c:\program files\explorer\Styles\SymbolImages\Civic\Clue.png
c:\program files\explorer\Styles\SymbolImages\Civic\Crowd.png
c:\program files\explorer\Styles\SymbolImages\Civic\GhostTown.png
c:\program files\explorer\Styles\SymbolImages\Civic\Horn.png
c:\program files\explorer\Styles\SymbolImages\Civic\Housing.png
c:\program files\explorer\Styles\SymbolImages\Civic\MailPost.png
c:\program files\explorer\Styles\SymbolImages\Civic\Office.png
c:\program files\explorer\Styles\SymbolImages\Civic\Radioactive.png
c:\program files\explorer\Styles\SymbolImages\Civic\School.png
c:\program files\explorer\Styles\SymbolImages\Civic\StarsStripes.png
c:\program files\explorer\Styles\SymbolImages\Flag\CheckeredFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\GreenFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\RedFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\WhiteFlag.png
c:\program files\explorer\Styles\SymbolImages\Flag\YellowFlag.png
c:\program files\explorer\Styles\SymbolImages\Health\AidStation.png
c:\program files\explorer\Styles\SymbolImages\Health\Ambulance.png
c:\program files\explorer\Styles\SymbolImages\Health\Doctor.png
c:\program files\explorer\Styles\SymbolImages\Health\Health.png
c:\program files\explorer\Styles\SymbolImages\Health\Hospital.png
c:\program files\explorer\Styles\SymbolImages\Health\Pharmacy.png
c:\program files\explorer\Styles\SymbolImages\Marine\AmberBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\BlackBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\BlueBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\BoatsKeepOut.png
c:\program files\explorer\Styles\SymbolImages\Marine\ControlledArea.png
c:\program files\explorer\Styles\SymbolImages\Marine\Danger.png
c:\program files\explorer\Styles\SymbolImages\Marine\DiverDown.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenDiamondDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenRedBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenSquareDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\GreenWhiteBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\OrangeBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\PersonOverboard.png
c:\program files\explorer\Styles\SymbolImages\Marine\RadioBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedDiamondDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedGreenBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedSquareDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedTriangleDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\RedWhiteBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\SkullandCrossbones.png
c:\program files\explorer\Styles\SymbolImages\Marine\UnderwaterOperations.png
c:\program files\explorer\Styles\SymbolImages\Marine\VioletBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteDiamondDaymark.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteGreenBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\WhiteRedBeacon.png
c:\program files\explorer\Styles\SymbolImages\Marine\Wreck.png
c:\program files\explorer\Styles\SymbolImages\Placemark\ArrowYellow.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Capital1.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Capital2.png
c:\program files\explorer\Styles\SymbolImages\Placemark\CircleX.png
c:\program files\explorer\Styles\SymbolImages\Placemark\CrossHair.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated1.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated2.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated3.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated4.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated5.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated6.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Populated7.png
c:\program files\explorer\Styles\SymbolImages\Placemark\Star.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\AmusementPark.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Bar.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Camera.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\CameraWeb.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\CellPhone.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Coffee.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dam.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\DepartmentStore.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Dining.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\DrinkingWater.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\FastFood.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\FitnessCenter.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Forest.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Globe.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Information.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\InformationQuestion.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\LandLine.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Light.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\LiveShow.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Mine.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\MovieTheater.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Museum.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\News.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Note.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\OilWell.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pizza.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Pub.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Question.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\RealEstate.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Reservoir.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Restroom.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shopping.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Shower.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Stadium.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerShort.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\TowerTall.png
c:\program files\explorer\Styles\SymbolImages\Points of Interest\Zoo.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Burglary.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\FireFighter.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\FireStation.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\FireTruck.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Homicide.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Police.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceCar.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceOfficer.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\PoliceStation.png
c:\program files\explorer\Styles\SymbolImages\Public Safety\Theft.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\BlackPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\BluePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\BrownPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\GrayPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\GreenPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\LightBluePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\OrangePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\PinkPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\PurplePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\RedPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\SpringGreenPushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\WhitePushpin.png
c:\program files\explorer\Styles\SymbolImages\Pushpin\YellowPushpin.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Beach.png
c:\program files\explorer\Styles\SymbolImages\Recreation\BoatLaunch.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Bowling.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Camping.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Deer.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Fishing.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Geocache.png
c:\program files\explorer\Styles\SymbolImages\Recreation\GeocacheFound.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Gliding.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Golf.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Hiking.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Mountain.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Park.png
c:\program files\explorer\Styles\SymbolImages\Recreation\RestArea.png
c:\program files\explorer\Styles\SymbolImages\Recreation\RVPark.png
c:\program files\explorer\Styles\SymbolImages\Recreation\SkyDiving.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Sports.png
c:\program files\explorer\Styles\SymbolImages\Recreation\Swimming.png
c:\program files\explorer\Styles\SymbolImages\Recreation\TrackBack.png
c:\program files\explorer\Styles\SymbolImages\Recreation\WaterSkiing.png
c:\program files\explorer\Styles\SymbolImages\Sphere\BlueSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\GreenSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\OrangeSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\PurpleSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\RedSphere.png
c:\program files\explorer\Styles\SymbolImages\Sphere\YellowSphere.png
c:\program files\explorer\Styles\SymbolImages\Square\BlackWaypoint.png
c:\program files\explorer\Styles\SymbolImages\Square\BlueWaypoint.png
c:\program files\explorer\Styles\SymbolImages\Square\WhiteWaypoint.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\BlackStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\BlueStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\BrownStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\GrayStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\GreenStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\LightBlueStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\OrangeStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\PinkStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\PurpleStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\RedStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\SpringGreenStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\WhiteStickpin.png
c:\program files\explorer\Styles\SymbolImages\Stickpin\YellowStickpin.png
c:\program files\explorer\Styles\SymbolImages\Transparent\Transparent.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Airplane.png
c:\program files\explorer\Styles\SymbolImages\Transportation\AirStrip.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Breakdown.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Bus.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenBack.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarGreenFront.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedBack.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRedFront.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRental.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarRepair.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowBack.png
c:\program files\explorer\Styles\SymbolImages\Transportation\CarYellowFront.png
c:\program files\explorer\Styles\SymbolImages\Transportation\ConvenienceStore.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Crossing.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Fuel.png
c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterGreen.png
c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterRed.png
c:\program files\explorer\Styles\SymbolImages\Transportation\HelicopterYellow.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Landingpad.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Lodging.png
c:\program files\explorer\Styles\SymbolImages\Transportation\MileMarker.png
c:\program files\explorer\Styles\SymbolImages\Transportation\MountainPass.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Overpass.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Parking.png
c:\program files\explorer\Styles\SymbolImages\Transportation\PrivateField.png
c:\program files\explorer\Styles\SymbolImages\Transportation\RoadClosure.png
c:\program files\explorer\Styles\SymbolImages\Transportation\RoadWork.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Sailing.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Scales.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Seaplane.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Tank.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Toll.png
c:\program files\explorer\Styles\SymbolImages\Transportation\TrafficAccident.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Tunnel.png
c:\program files\explorer\Styles\SymbolImages\Transportation\Ultralight.png
c:\program files\explorer\Styles\SymbolImages\Transportation\WarningRed.png
c:\program files\explorer\Styles\SymbolImages\Transportation\WarningYellow.png
c:\program files\explorer\Styles\SymbolImages\Transportation\YellowSemiTractor.png
c:\program files\explorer\Styles\SymbolImages\Weather\Cloudy.png
c:\program files\explorer\Styles\SymbolImages\Weather\HeatAdvisory.png
c:\program files\explorer\Styles\SymbolImages\Weather\Lightning.png
c:\program files\explorer\Styles\SymbolImages\Weather\PartlySunny.png
c:\program files\explorer\Styles\SymbolImages\Weather\Rain.png
c:\program files\explorer\Styles\SymbolImages\Weather\Snow.png
c:\program files\explorer\Styles\SymbolImages\Weather\Sunny.png
c:\program files\explorer\Styles\Template.ncfg
c:\program files\explorer\TilingSchemes\ArcGIS_Online_Bing_Maps_Google_Maps.xml
c:\program files\explorer\TilingSchemes\GoogleMapsVersions.xml
c:\program files\explorer\TilingSchemes\Yahoo.xml
c:\users\Michelle\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
.
.
 
((((((((((((((((((((((((( Files Created from 2012-09-09 to 2012-10-09 )))))))))))))))))))))))))))))))
.
.
2012-10-09 20:16 . 2012-10-09 20:16 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-10-09 20:16 . 2012-10-09 20:16 -------- d-----w- c:\users\Michelle Patdu\AppData\Local\temp
2012-10-09 20:16 . 2012-10-09 20:16 -------- d-----w- c:\users\Guest\AppData\Local\temp
2012-10-09 18:07 . 2012-10-09 18:06 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-09 15:59 . 2012-10-09 18:06 821736 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-10-09 15:59 . 2012-10-09 18:06 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-09 05:23 . 2012-10-09 05:24 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-10-09 02:18 . 2012-10-09 02:18 -------- d-----w- c:\program files\FileHippo.com
2012-10-09 02:12 . 2012-10-09 02:12 -------- d-----w- c:\users\Michelle\AppData\Local\Macromedia
2012-10-09 02:11 . 2012-10-09 02:42 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-08 23:46 . 2012-10-08 23:46 -------- d-----w- c:\program files\Belarc
2012-10-08 23:41 . 2012-10-08 23:45 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-10-08 23:41 . 2012-10-08 23:45 -------- d-----w- c:\program files\Spybot - Search & Destroy
2012-10-08 23:27 . 2012-10-08 23:27 -------- d-----w- c:\users\Michelle\AppData\Roaming\SUPERAntiSpyware.com
2012-10-08 23:25 . 2012-10-08 23:25 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-10-08 23:22 . 2012-10-08 23:23 -------- d-----w- c:\program files\SpywareBlaster
2012-10-08 23:18 . 2012-10-08 23:18 -------- d-----w- c:\users\Michelle\AppData\Roaming\Malwarebytes
2012-10-08 23:18 . 2012-10-08 23:18 -------- d-----w- c:\programdata\Malwarebytes
2012-10-08 23:18 . 2012-10-08 23:19 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-10-08 23:18 . 2012-09-08 00:04 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-10-08 22:48 . 2012-10-09 18:56 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-10-08 22:12 . 2012-08-21 09:13 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-10-08 22:12 . 2012-08-21 09:13 355632 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-10-08 22:12 . 2012-08-21 09:13 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-10-08 22:12 . 2012-08-21 09:13 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-10-08 22:11 . 2012-08-21 09:13 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-08 22:11 . 2012-08-21 09:13 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-10-08 22:05 . 2012-08-21 09:12 41224 ----a-w- c:\windows\avastSS.scr
2012-10-08 22:05 . 2012-08-21 09:12 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-10-08 22:03 . 2012-10-08 22:03 -------- d-----w- c:\programdata\AVAST Software
2012-10-08 22:03 . 2012-10-08 22:03 -------- d-----w- c:\program files\AVAST Software
2012-10-08 21:19 . 2010-01-06 09:20 528896 ----a-w- c:\windows\system32\drivers\RTL8192su.sys
2012-10-06 08:35 . 2012-08-30 08:17 6980552 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{90EF20C5-3D45-4373-8BBF-A291C4F29302}\mpengine.dll
2012-10-01 03:01 . 2012-10-01 03:01 -------- d-----w- c:\program files\Apple Software Update
2012-10-01 02:52 . 2012-10-01 02:52 -------- d-----w- c:\program files\Bonjour
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 02:42 . 2011-07-25 07:22 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 17:51 . 2012-10-09 17:51 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{f78bf7a8-cf12-4de7-a6da-c463d1b539a7}"= "c:\program files\Dogpile Bundle Toolbar\Helper.dll" [2011-08-25 361472]
.
[HKEY_CLASSES_ROOT\clsid\{f78bf7a8-cf12-4de7-a6da-c463d1b539a7}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{C766F9AD-E91E-43DE-91DC-D007680ED4AF}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}]
2011-08-25 06:23 1572864 ----a-w- c:\program files\Dogpile Bundle Toolbar\Toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{C80BDEB2-8735-44C6-BD55-A1CCD555667A}"= "c:\program files\Dogpile Bundle Toolbar\Toolbar.dll" [2011-08-25 1572864]
.
[HKEY_CLASSES_ROOT\clsid\{c80bdeb2-8735-44c6-bd55-a1ccd555667a}]
[HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CCBDEEA9-517A-4862-B0A1-862AE9532228}]
[HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{C80BDEB2-8735-44C6-BD55-A1CCD555667A}"= "c:\program files\Dogpile Bundle Toolbar\Toolbar.dll" [2011-08-25 1572864]
.
[HKEY_CLASSES_ROOT\clsid\{c80bdeb2-8735-44c6-bd55-a1ccd555667a}]
[HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{CCBDEEA9-517A-4862-B0A1-862AE9532228}]
[HKEY_CLASSES_ROOT\FCTB000060231.IEToolbar]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2012-07-13 17418928]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"RtHDVCpl"="RtHDVCpl.exe" [2008-02-28 4915200]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-10 835584]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"VAIOMyMemCenter"="c:\program files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" [2008-02-29 679936]
"VWLASU"="c:\program files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [2008-02-19 24576]
"SmartWiHelper"="c:\program files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe" [2008-04-17 73728]
"VAIO Help and Support Demo"="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
"VAIORegistration"="c:\program files\Sony\First Experience\WelcomeLauncher.exe" [2007-10-17 20480]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2007-07-20 577536]
"Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdSync.exe" [2008-01-21 215552]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 80896]
"WPCUMI"="c:\windows\system32\WpcUmi.exe" [2006-11-02 176128]
"Skytel"="Skytel.exe" [2008-02-28 1826816]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]
"InstaLAN"="c:\program files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-29 1485208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-30 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-08 421160]
"MaxMenuMgr"="c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe" [2009-05-01 185640]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
c:\users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-10-30 748072]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2007-11-12 972064]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2008-02-21 17:26 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder
.
2012-10-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 02:42]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-18 21:22]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-04-18 21:22]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356219450-332791921-1512930104-1001Core.job
- c:\users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-14 08:52]
.
2012-10-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3356219450-332791921-1512930104-1001UA.job
- c:\users\Michelle\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-14 08:52]
.
2012-10-09 c:\windows\Tasks\User_Feed_Synchronization-{FD1D9880-0DB3-4D5B-A0F3-AE3B430BB88E}.job
- c:\windows\system32\msfeedssync.exe [2012-03-01 17:59]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.kirotv.com/
mStart Page = hxxp://www.yahoo.com/
uInternet Settings,ProxyOverride = *.local
LSP: c:\windows\system32\wpclsp.dll
TCP: DhcpNameServer = 192.168.1.1 74.40.74.40
FF - ProfilePath - c:\users\Michelle\AppData\Roaming\Mozilla\Firefox\Profiles\vwbksqgs.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.kirotv.com/
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{FD2FD708-1F6F-4B68-B141-C5778F0C19BB} - (no file)
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKCU-Run-Facebook Update - c:\users\Michelle\AppData\Local\Facebook\Update\FacebookUpdate.exe
HKLM-Run-IgfxTray - c:\windows\system32\igfxtray.exe
AddRemove-MP3 Rocket - c:\users\Michelle\Documents\Music\MP3 Rocket\Uninstall.exe
.
.
.
**************************************************************************
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files:
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'Explorer.exe'(5340)
c:\windows\system32\btmmhook.dll
c:\windows\system32\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe
c:\program files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\windows\system32\PSIService.exe
c:\program files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\ArcSoft\Magic-I Visual Effects\uCamMonitor.exe
c:\program files\Sony\VAIO Event Service\VESMgr.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
c:\program files\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Spybot - Search & Destroy\SDWinSec.exe
c:\windows\system32\WUDFHost.exe
c:\windows\system32\igfxext.exe
c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\program files\Sony\VAIO Power Management\SPMgr.exe
c:\program files\Sony\VAIO Update 3\VAIOUpdt.exe
c:\program files\Sony Corporation\SmartWi Connection Utility\CCP.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Belkin\Router Setup and Monitor\BelkinSetup.exe
c:\program files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
c:\program files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
c:\program files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2012-10-09 13:30:44 - machine was rebooted
ComboFix-quarantined-files.txt 2012-10-09 20:30
.
Pre-Run: 740,614,144 bytes free
Post-Run: 4,614,266,880 bytes free
.
- - End Of File - - BCEB9E9D153C3D70B8BE0384D74B5C32
 
It's always good idea to read my instructions CAREFULLY.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
Click to expand...

I'll review your log now.
 
Combofix log looks good.

Any current issues?

========================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
OTL logfile created on: 10/9/2012 2:17:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michelle\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.23% Memory free
4.21 Gb Paging File | 2.83 Gb Available in Paging File | 67.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104.02 Gb Total Space | 2.99 Gb Free Space | 2.88% Space Free | Partition Type: NTFS
Drive E: | 7.39 Gb Total Space | 2.48 Gb Free Space | 33.59% Space Free | Partition Type: FAT32

Computer Name: PATDU-PC | User Name: Michelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/10/09 14:16:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michelle\Desktop\OTL.exe
PRC - [2012/08/21 02:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/08/21 02:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/07/11 11:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010/07/28 17:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe
PRC - [2010/07/28 17:33:58 | 006,995,864 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinSetup.exe
PRC - [2010/07/28 17:33:58 | 001,485,208 | ---- | M] (Affinegy, Inc.) -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
PRC - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
PRC - [2009/05/01 14:35:10 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
PRC - [2009/04/10 23:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/04/17 19:18:12 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
PRC - [2008/04/17 19:18:10 | 000,040,960 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
PRC - [2008/04/17 19:18:10 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
PRC - [2008/04/17 19:18:04 | 000,065,536 | ---- | M] (Sony Electronics, Inc.) -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\UIManager.exe
PRC - [2008/04/02 11:07:56 | 000,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
PRC - [2008/04/02 11:07:54 | 000,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
PRC - [2008/04/02 11:07:38 | 000,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
PRC - [2008/03/07 11:48:38 | 000,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
PRC - [2008/02/21 10:26:20 | 000,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
PRC - [2008/02/21 10:26:20 | 000,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2008/01/22 18:16:14 | 000,550,752 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
PRC - [2008/01/20 19:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
PRC - [2007/11/21 12:38:28 | 000,311,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe
PRC - [2007/11/12 20:59:54 | 000,020,480 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2007/11/09 17:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\Magic-I Visual Effects\uCamMonitor.exe
PRC - [2007/10/30 11:04:08 | 001,804,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2007/10/30 11:04:08 | 000,748,072 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () -- C:\Windows\System32\PSIService.exe
PRC - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
PRC - [2006/11/02 05:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe


========== Modules (No Company Name) ==========

MOD - [2012/08/27 21:33:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/08/27 21:33:08 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/06/18 03:42:08 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012/06/18 03:40:17 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012/06/18 03:40:08 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012/05/14 13:17:51 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012/05/14 13:17:35 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll
MOD - [2012/05/14 13:16:18 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012/05/14 13:14:33 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012/05/14 13:14:21 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012/04/23 04:01:12 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012/03/22 04:02:38 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012/01/03 03:58:08 | 003,186,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2011/07/28 16:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011/07/28 16:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
MOD - [2010/07/28 17:34:04 | 000,022,424 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinServicePS.dll
MOD - [2010/07/28 17:02:58 | 000,658,432 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
MOD - [2010/06/23 18:12:28 | 007,187,456 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtGui4.dll
MOD - [2010/06/23 18:11:52 | 000,325,632 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtXml4.dll
MOD - [2010/06/23 18:11:48 | 001,954,304 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtCore4.dll
MOD - [2010/06/23 18:11:48 | 000,847,360 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\QtNetwork4.dll
MOD - [2010/06/23 17:38:18 | 000,119,808 | ---- | M] () -- C:\Program Files\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
MOD - [2009/03/29 21:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009/03/29 21:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2008/04/18 14:48:28 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll
MOD - [2008/04/17 20:51:48 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll
MOD - [2008/04/17 19:18:12 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\CCP.exe
MOD - [2008/04/17 19:18:10 | 000,040,960 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\PowerManager.exe
MOD - [2008/04/17 19:18:10 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\ThirdPartyAppMgr.exe
MOD - [2008/04/17 19:18:08 | 000,040,960 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll
MOD - [2008/04/17 19:18:06 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll
MOD - [2008/04/17 19:10:12 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll
MOD - [2008/04/17 19:10:10 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll
MOD - [2008/04/17 19:10:08 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SharedInterfaces.dll
MOD - [2008/04/17 19:10:06 | 000,118,784 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SonyCommonLib.dll
MOD - [2008/04/17 19:10:06 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\DebugMsg.dll
MOD - [2008/04/17 17:10:56 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll
MOD - [2008/04/17 17:10:42 | 000,036,864 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll
MOD - [2008/04/17 01:00:02 | 000,016,384 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\SWGadgetInterface.dll
MOD - [2008/04/17 00:59:52 | 000,024,576 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\MessageXML.dll
MOD - [2008/04/17 00:59:52 | 000,020,480 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\Resources.dll
MOD - [2008/04/17 00:59:50 | 000,028,672 | ---- | M] () -- C:\Program Files\Sony Corporation\SmartWi Connection Utility\DictionaryLookup.dll
MOD - [2008/02/21 10:26:20 | 000,010,752 | ---- | M] () -- C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
MOD - [2008/02/04 17:08:45 | 000,249,856 | ---- | M] () -- C:\Windows\System32\igfxTMM.dll
MOD - [2007/10/30 10:57:58 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2007/10/30 10:44:52 | 000,393,216 | ---- | M] () -- C:\Windows\System32\btwhidcs.dll


========== Services (SafeList) ==========

SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012/10/09 10:51:31 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/08 19:42:33 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/21 02:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/07/27 13:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/07/11 11:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2010/07/28 17:34:02 | 000,569,752 | ---- | M] (Affinegy, Inc.) [Auto | Running] -- C:\Program Files\Belkin\Router Setup and Monitor\BelkinService.exe -- (AffinegyService)
SRV - [2009/05/01 14:35:54 | 000,181,544 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
SRV - [2008/04/02 11:07:58 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2008/04/02 11:07:56 | 000,147,456 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw)
SRV - [2008/04/02 11:07:54 | 000,184,320 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc)
SRV - [2008/04/02 11:07:38 | 000,279,848 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw)
SRV - [2008/03/04 20:58:30 | 000,063,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs)
SRV - [2008/03/04 20:56:42 | 000,350,048 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms)
SRV - [2008/03/04 20:54:50 | 000,104,288 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp)
SRV - [2008/03/03 14:45:48 | 000,333,088 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV - [2008/03/03 13:27:14 | 000,087,328 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper)
SRV - [2008/02/21 10:26:20 | 000,182,392 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2008/01/20 19:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008/01/20 19:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008/01/20 19:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008/01/11 17:50:16 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc)
SRV - [2007/11/28 02:08:02 | 000,077,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2007/11/28 02:02:20 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2007/11/28 01:43:44 | 000,053,248 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2007/11/12 20:59:54 | 000,020,480 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2007/11/09 17:34:28 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files\ArcSoft\Magic-I Visual Effects\uCamMonitor.exe -- (uCamMonitor)
SRV - [2007/06/05 13:20:32 | 000,177,704 | ---- | M] () [Auto | Running] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007/05/24 07:08:44 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2007/01/04 19:48:52 | 000,112,152 | R--- | M] (InterVideo) [Auto | Running] -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | Disabled | Stopped] -- system32\DRIVERS\UIUSYS.SYS -- (UIUSys)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2012/08/21 02:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/08/21 02:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/08/21 02:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/08/21 02:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012/08/21 02:13:14 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012/08/21 02:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/07/22 09:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 14:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010/01/06 02:20:00 | 000,528,896 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2008/02/12 17:01:28 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2008/02/12 17:01:28 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2008/02/06 17:03:27 | 000,008,192 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2008/02/06 17:03:06 | 000,084,480 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2008/01/30 17:33:28 | 000,017,408 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV - [2007/12/16 18:57:23 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007/12/13 17:40:06 | 000,010,216 | ---- | M] (Sony Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\DMICall.sys -- (DMICall)
DRV - [2007/11/15 17:29:22 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2007/09/18 20:29:09 | 002,222,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32)
DRV - [2007/05/26 01:03:06 | 000,128,104 | R--- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007/04/17 20:09:28 | 000,011,032 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\regi.sys -- (regi)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/...ahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://rover.ebay.com/rover/1/711- [Binary data over 200 bytes]
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.kirotv.com/
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\URLSearchHook: - No CLSID value found
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\URLSearchHook: {f78bf7a8-cf12-4de7-a6da-c463d1b539a7} - C:\Program Files\Dogpile Bundle Toolbar\Helper.dll ()
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\SearchScopes\{759BFA00-CF1A-4447-AFFC-810C4E977698}: "URL" = http://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={...504e0c71b3737&lang=us&ds=AVG&pr=&d=2012-02-21 08:30:51&v=9.0.0.18&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\SearchScopes\{BE28C22E-F666-424d-B5FD-125C4AFEE34E}: "URL" = http://search.myheritage.com?orig=ds&q={searchTerms}
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\SearchScopes\{EBD976F7-EF71-4753-A835-0CB6237756D4}: "URL" = http://slirsredirect.search.aol.com...nvocationType=tb50sonyie7&query={searchTerms}
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.kirotv.com/"
FF - prefs.js..extensions.enabledAddons: omnibar@ajitk.com:0.7.14.20120803
FF - prefs.js..extensions.enabledAddons: wrc@avast.com:7.0.1466
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926
FF - prefs.js..extensions.enabledAddons: john@velvetcache.org:1.3.7
FF - prefs.js..extensions.enabledAddons: donottrackplus@abine.com:2.2.1.829
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:7
FF - prefs.js..extensions.enabledItems: textlinks@arcadeweb.com:1.0.0
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.10.0.9560
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1466
FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Michelle\AppData\Roaming\Move Networks\plugins\npqmp071701000002.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Michelle\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Michelle\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Michelle\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Michelle\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/11/06 07:14:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/10/08 15:05:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/09 10:51:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/09 10:51:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\moveplayer@movenetworks.com: C:\Users\Michelle\AppData\Roaming\Move Networks [2009/11/12 17:25:13 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/09 10:51:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/10/09 10:51:15 | 000,000,000 | ---D | M]

[2010/07/09 15:40:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\Extensions
[2012/10/09 11:17:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\Firefox\Profiles\vwbksqgs.default\extensions
[2012/10/09 11:14:20 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Michelle\AppData\Roaming\mozilla\Firefox\Profiles\vwbksqgs.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/10/09 11:16:22 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\Michelle\AppData\Roaming\mozilla\Firefox\Profiles\vwbksqgs.default\extensions\donottrackplus@abine.com
[2012/10/09 11:17:09 | 000,017,677 | ---- | M] () (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\firefox\profiles\vwbksqgs.default\extensions\john@velvetcache.org.xpi
[2012/10/08 16:13:47 | 000,066,269 | ---- | M] () (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\firefox\profiles\vwbksqgs.default\extensions\omnibar@ajitk.com.xpi
[2012/10/08 15:53:33 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\firefox\profiles\vwbksqgs.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2012/10/08 16:08:17 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\firefox\profiles\vwbksqgs.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/08/29 13:56:22 | 000,007,915 | ---- | M] () (No name found) -- C:\Users\Michelle\AppData\Roaming\mozilla\firefox\profiles\vwbksqgs.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js
[2012/10/09 10:51:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/10/09 10:51:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/10/09 10:51:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012/10/08 15:05:22 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012/10/09 10:51:32 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/07/25 15:58:30 | 000,003,765 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/10/08 22:19:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/09 10:51:27 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========
 
CHR - homepage: http://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:eek:riginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - Extension: ArcadeWeb = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgailgaldchajpkkmbjdlbimhdnmmgld\
CHR - Extension: avast! WebRep = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: Skype Click to Call = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\

O1 HOSTS File: ([2012/10/09 13:21:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Dogpile Bundle Toolbar BHO) - {BFE4B5CB-63F7-4A51-9266-6167655D5B4F} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O3 - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\..\Toolbar\WebBrowser: (Dogpile Bundle Toolbar) - {C80BDEB2-8735-44C6-BD55-A1CCD555667A} - C:\Program Files\Dogpile Bundle Toolbar\Toolbar.dll ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [InstaLAN] C:\Program Files\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmartWiHelper] C:\Program Files\Sony Corporation\SmartWi Connection Utility\SmartWiHelper.exe (Sony Electronics Corporation)
O4 - HKLM..\Run: [VAIO Help and Support Demo] C:\Program Files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe ()
O4 - HKLM..\Run: [VAIOMyMemCenter] C:\Program Files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe ()
O4 - HKLM..\Run: [VAIORegistration] C:\Program Files\Sony\First Experience\WelcomeLauncher.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe ()
O4 - HKLM..\Run: [VWLASU] C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe (Sony Electronics, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 74.40.74.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70654C8C-B4A7-4F27-A51E-A8534FA42658}: DhcpNameServer = 192.168.1.1 74.40.74.40
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B6666C3-B9D8-4BB9-8F82-6AB42C740BEC}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D05CB988-618B-4977-B383-7742239BFB58}: DhcpNameServer = 192.168.1.1 74.40.74.40
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\intu-help-qb1 {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)
O24 - Desktop WallPaper: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Michelle\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/10/09 14:16:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Michelle\Desktop\OTL.exe
[2012/10/09 13:21:55 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2012/10/09 13:16:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/10/09 13:00:03 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/10/09 13:00:03 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/10/09 13:00:03 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/10/09 12:59:53 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/10/09 12:59:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/10/09 12:59:03 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012/10/09 12:56:45 | 004,764,951 | R--- | C] (Swearware) -- C:\Users\Michelle\Desktop\ComboFix.exe
[2012/10/09 11:50:57 | 000,000,000 | ---D | C] -- C:\Users\Michelle\Desktop\(Patdu-PC)_files
[2012/10/09 10:51:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/10/09 09:21:53 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Michelle\Desktop\aswMBR.exe
[2012/10/09 09:15:44 | 000,000,000 | ---D | C] -- C:\Users\Michelle\Desktop\RK_Quarantine
[2012/10/09 09:03:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/10/09 08:55:53 | 000,000,000 | ---D | C] -- C:\Users\Michelle\Desktop\tdsskiller
[2012/10/09 07:57:37 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Michelle\Desktop\dds.com
[2012/10/08 22:23:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/10/08 22:23:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/10/08 19:55:34 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/10/08 19:18:02 | 000,000,000 | ---D | C] -- C:\Program Files\FileHippo.com
[2012/10/08 19:12:02 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Local\Macromedia
[2012/10/08 19:08:44 | 000,000,000 | ---D | C] -- C:\Users\Michelle\Desktop\Desktop
[2012/10/08 16:46:20 | 000,000,000 | ---D | C] -- C:\Program Files\Belarc
[2012/10/08 16:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/10/08 16:41:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/10/08 16:41:30 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012/10/08 16:27:19 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Roaming\SUPERAntiSpyware.com
[2012/10/08 16:25:22 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/10/08 16:22:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
[2012/10/08 16:22:18 | 000,000,000 | ---D | C] -- C:\Program Files\SpywareBlaster
[2012/10/08 16:18:56 | 000,000,000 | ---D | C] -- C:\Users\Michelle\AppData\Roaming\Malwarebytes
[2012/10/08 16:18:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/10/08 16:18:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/10/08 16:18:40 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012/10/08 16:18:40 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012/10/08 15:48:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/10/08 15:48:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/10/08 15:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/10/08 15:12:15 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012/10/08 15:12:13 | 000,355,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012/10/08 15:12:02 | 000,035,928 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012/10/08 15:12:01 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012/10/08 15:11:59 | 000,729,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012/10/08 15:11:43 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012/10/08 15:05:02 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/10/08 15:05:01 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012/10/08 15:03:37 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/10/08 15:03:37 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/10/06 18:18:54 | 000,000,000 | ---D | C] -- C:\Users\Michelle\Documents\My Scans
[2012/10/05 23:20:33 | 000,000,000 | ---D | C] -- C:\Users\Michelle\Documents\A Joyful Heart AFH
[2012/09/30 20:01:38 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2012/09/30 19:52:09 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2 C:\Users\Michelle\Desktop\*.tmp files -> C:\Users\Michelle\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/10/09 14:20:00 | 000,000,436 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{FD1D9880-0DB3-4D5B-A0F3-AE3B430BB88E}.job
[2012/10/09 14:16:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Michelle\Desktop\OTL.exe
[2012/10/09 14:13:00 | 000,643,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/10/09 14:13:00 | 000,119,698 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/10/09 14:12:21 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/10/09 14:04:56 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/10/09 14:04:56 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/10/09 14:04:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/10/09 14:04:49 | 2137,448,448 | -HS- | M] () -- C:\hiberfil.sys
[2012/10/09 14:03:42 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/10/09 13:39:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/09 13:31:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3356219450-332791921-1512930104-1001UA.job
[2012/10/09 13:24:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/10/09 13:21:50 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/10/09 12:56:57 | 004,764,951 | R--- | M] (Swearware) -- C:\Users\Michelle\Desktop\ComboFix.exe
[2012/10/09 11:50:57 | 000,292,961 | ---- | M] () -- C:\Users\Michelle\Desktop\(Patdu-PC).html
[2012/10/09 09:21:55 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Michelle\Desktop\aswMBR.exe
[2012/10/09 09:15:06 | 001,422,336 | ---- | M] () -- C:\Users\Michelle\Desktop\RogueKiller.exe
[2012/10/09 08:54:50 | 002,193,278 | ---- | M] () -- C:\Users\Michelle\Desktop\tdsskiller.zip
[2012/10/09 07:57:38 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Michelle\Desktop\dds.com
[2012/10/09 07:47:40 | 000,302,592 | ---- | M] () -- C:\Users\Michelle\Desktop\ml5dl70v.exe
[2012/10/09 00:32:19 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3356219450-332791921-1512930104-1001Core.job
[2012/10/08 22:23:53 | 000,001,805 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/10/08 19:18:03 | 000,001,759 | ---- | M] () -- C:\Users\Michelle\Desktop\Update Checker.lnk
[2012/10/08 16:46:22 | 000,001,874 | ---- | M] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2012/10/08 16:46:22 | 000,001,850 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2012/10/08 16:41:43 | 000,001,084 | ---- | M] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/10/08 16:41:43 | 000,001,060 | ---- | M] () -- C:\Users\Michelle\Desktop\Spybot - Search & Destroy.lnk
[2012/10/08 16:22:20 | 000,000,881 | ---- | M] () -- C:\Users\Michelle\Desktop\SpywareBlaster.lnk
[2012/10/08 16:19:54 | 000,000,935 | ---- | M] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/10/08 16:19:54 | 000,000,911 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/08 15:41:53 | 000,001,753 | ---- | M] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/10/08 15:41:53 | 000,001,729 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/08 15:12:17 | 000,001,834 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/10/08 15:11:43 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2 C:\Users\Michelle\Desktop\*.tmp files -> C:\Users\Michelle\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/10/09 13:18:49 | 2137,448,448 | -HS- | C] () -- C:\hiberfil.sys
[2012/10/09 13:00:03 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/10/09 13:00:03 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/10/09 13:00:03 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/10/09 13:00:03 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/10/09 13:00:03 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/10/09 11:50:56 | 000,292,961 | ---- | C] () -- C:\Users\Michelle\Desktop\(Patdu-PC).html
[2012/10/09 09:15:05 | 001,422,336 | ---- | C] () -- C:\Users\Michelle\Desktop\RogueKiller.exe
[2012/10/09 08:54:47 | 002,193,278 | ---- | C] () -- C:\Users\Michelle\Desktop\tdsskiller.zip
[2012/10/09 07:47:38 | 000,302,592 | ---- | C] () -- C:\Users\Michelle\Desktop\ml5dl70v.exe
[2012/10/08 22:23:53 | 000,001,805 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/10/08 19:58:09 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/10/08 19:18:03 | 000,001,789 | ---- | C] () -- C:\Users\Michelle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk
[2012/10/08 19:18:03 | 000,001,759 | ---- | C] () -- C:\Users\Michelle\Desktop\Update Checker.lnk
[2012/10/08 19:11:26 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/10/08 16:46:22 | 000,001,874 | ---- | C] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2012/10/08 16:46:22 | 000,001,850 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2012/10/08 16:46:21 | 000,001,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2012/10/08 16:41:43 | 000,001,084 | ---- | C] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2012/10/08 16:41:43 | 000,001,060 | ---- | C] () -- C:\Users\Michelle\Desktop\Spybot - Search & Destroy.lnk
[2012/10/08 16:22:20 | 000,000,881 | ---- | C] () -- C:\Users\Michelle\Desktop\SpywareBlaster.lnk
[2012/10/08 16:19:54 | 000,000,935 | ---- | C] () -- C:\Users\Michelle\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk
[2012/10/08 16:18:42 | 000,000,911 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/10/08 15:48:19 | 000,000,863 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/10/08 15:41:53 | 000,001,729 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/10/08 15:12:17 | 000,001,834 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/09/30 20:01:45 | 000,001,830 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2010/07/24 23:28:31 | 000,009,798 | -HS- | C] () -- C:\Users\Michelle\Folder.jpg
[2010/07/24 23:28:31 | 000,002,137 | -HS- | C] () -- C:\Users\Michelle\AlbumArtSmall.jpg
[2010/04/18 14:26:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/11/07 21:48:14 | 000,000,632 | RHS- | C] () -- C:\Users\Michelle\ntuser.pol
[2009/07/23 12:06:46 | 000,000,680 | ---- | C] () -- C:\Users\Michelle\AppData\Local\d3d9caps.dat
[2008/11/12 20:59:56 | 000,537,828 | ---- | C] () -- C:\Users\Michelle\AppData\Roaming\UserTile.png
[2008/08/11 23:26:14 | 000,196,096 | ---- | C] () -- C:\Users\Michelle\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2011/01/16 17:36:09 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\esri
[2008/11/18 01:32:46 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\GetRightToGo
[2008/11/28 19:44:01 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\InterVideo
[2011/08/29 18:07:03 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Leadertech
[2010/06/19 20:32:51 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\mjusbsp
[2010/09/13 09:55:22 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\mp3rocket
[2011/11/30 23:09:36 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Registry Mechanic
[2009/12/10 21:08:41 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\TaxCut

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

< End of report >
 
Yep, almost forgot;
OTL Extras logfile created on: 10/9/2012 2:17:38 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Michelle\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 0.86 Gb Available Physical Memory | 43.23% Memory free
4.21 Gb Paging File | 2.83 Gb Available in Paging File | 67.08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 104.02 Gb Total Space | 2.99 Gb Free Space | 2.88% Space Free | Partition Type: NTFS
Drive E: | 7.39 Gb Total Space | 2.48 Gb Free Space | 33.59% Space Free | Partition Type: FAT32

Computer Name: PATDU-PC | User Name: Michelle | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15E83FE7-334C-49FD-8D33-C0F6A45B1A86}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{2223A4D2-CE3A-480D-80E9-530D9DC020EB}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2CF5A8D2-F873-429B-91C6-D587F192C263}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{34033DAA-0E01-49C8-AE67-5431DC12E7C7}" = lport=137 | protocol=17 | dir=in | app=system |
"{36643AEA-46C7-4E1B-980B-E29085154B0B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{37AD0B01-CDCC-4E00-A057-D6F0AB2FDA4B}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{39B7DA3B-AFE2-42D2-8237-45F21A117482}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{3C5E2F25-EB07-4CD4-AF15-66CACB9A59D2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{4CACE37C-8CAF-4F43-A18A-30FD3FDC7F8E}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{50E25F0C-BC9C-4E1C-8917-3F8FF99F3E03}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5A3F616D-E6CC-4875-B416-B44152C38C4C}" = lport=138 | protocol=17 | dir=in | app=system |
"{6181F0F5-EDBB-41CE-8D9A-28FD42694F50}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{671B75E9-054F-4D98-9B4B-A92B3C4EC820}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6B44C525-35EB-4659-B661-3BF8EF51989B}" = rport=138 | protocol=17 | dir=out | app=system |
"{767FB1AC-6F75-4D77-A60C-FF6B18073A01}" = lport=139 | protocol=6 | dir=in | app=system |
"{85CDABE5-E9A4-4197-A4D8-6D0584E51500}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{879BF584-6E89-4222-AFAA-1475A1EA473E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{90A15835-857B-45E4-BD18-780AC66197FB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{92983D7D-8B73-4DD8-A1B6-ACC51233B051}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D0D65C83-43E4-48D5-AE3D-96D9E016CE8D}" = rport=445 | protocol=6 | dir=out | app=system |
"{D6D24102-6FAE-4233-BD3B-997B56C806B9}" = rport=137 | protocol=17 | dir=out | app=system |
"{D70AEC10-3F9B-47D2-AF8E-1CAF79D8CD5D}" = rport=139 | protocol=6 | dir=out | app=system |
"{D93BD736-955E-42D2-BD7B-8074EDC1375F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D98E7DD7-45F1-4A83-93A9-483DEFED6A7B}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{E962DC25-932D-467E-A216-5F3B0A67A6CB}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F04FF471-6620-4D7F-9036-929083E79841}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{F60B2F76-E8B8-4C8D-BF7E-0581A9B7BE17}" = lport=445 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009FE825-E348-4960-AEE4-7E879578D648}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{091D5CBE-3D1E-415A-BF65-E859EB2D1450}" = protocol=17 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"{0920CDFC-FE86-4F2F-A399-086116C91A72}" = protocol=17 | dir=in | app=c:\program files\dogpile bundle toolbar\toolbarupdate.exe |
"{282627DA-E379-4FCE-90EF-4062B98053A6}" = dir=in | app=c:\users\michelle\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{28754E0B-55EF-43D9-A023-9E2049BF8A05}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2EFA33AA-7CF2-441A-AC33-3D7DB9EF3443}" = protocol=17 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{2F719E76-D59B-43E9-97F4-6B7583F1D5A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{39AC934D-88ED-4A83-9F2B-13ED4E2AD334}" = dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{49995A0D-47C5-4B00-89A1-E35C43E40F7C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{541CA964-09D2-47EF-A455-511E87E195A8}" = protocol=17 | dir=in | app=c:\program files\dogpile bundle toolbar\troubleshooter.exe |
"{578D73CB-1068-475F-B934-CA7C37E613DC}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{5C95B508-2A25-46A1-9674-7C2F80A71643}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{63FD5CA1-558F-40E7-8D5D-6721793D5BC9}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{81164251-56E5-4161-964C-65A5EF1F207B}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{813C3379-EA71-462F-B320-B9592FBA599E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{86F9EB8B-F594-4B26-AC32-4B8AECC15EB5}" = protocol=6 | dir=in | app=c:\program files\aol\rc\regclient.exe |
"{8E5A0ECB-E7FB-4939-88AB-E646B77317B2}" = protocol=6 | dir=in | app=c:\program files\dogpile bundle toolbar\toolbarupdate.exe |
"{A5A5D75C-0023-4A59-82EA-FE818D2C2631}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{A78A21E6-55A0-4F91-AC7B-1F1D823A9DA3}" = protocol=6 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{AB1A7219-35B8-4C6A-B813-D16DE980B75B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{BD69329D-ECFE-4647-807B-7809E0B46D34}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D25D56CC-6D1B-49C2-98EB-83BB919D788C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D75FD37D-9E4D-44A7-81CC-11C32204BE8A}" = protocol=6 | dir=in | app=c:\program files\dogpile bundle toolbar\troubleshooter.exe |
"{EE0E75C7-9D1B-4C39-A663-CDD0FD6BAC83}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{FCE91588-BB9B-4F4F-92C6-90EB377A769E}" = protocol=17 | dir=in | app=c:\program files\belkin\router setup and monitor\belkinsetup.exe |
"{FF579334-EECD-496B-BE4B-1ED7C4CA57EF}" = protocol=6 | dir=in | app=c:\program files\yahoo!\messenger\yahoomessenger.exe |
"TCP Query User{324CCD5C-2D4A-4A35-9862-6FF9159B23FE}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"TCP Query User{32A8C679-F4F3-4E7D-88D3-BCF52D8B00B7}C:\users\michelle\appdata\roaming\mjusbsp\magicjack.exe" = protocol=6 | dir=in | app=c:\users\michelle\appdata\roaming\mjusbsp\magicjack.exe |
"TCP Query User{39B07FB3-BD0E-4A3A-8FF2-967DD1C22B01}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{72987094-077A-45C3-89F5-59CC0FFAFE1B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{AE3FC9EA-26B0-4E02-B746-3290E515244C}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"UDP Query User{720ACC51-6238-4912-9C2E-3F7E5CC29D25}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"UDP Query User{B86B622E-8BB9-47EB-B99D-2B03E1904A66}C:\program files\java\jre1.6.0\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre1.6.0\bin\javaw.exe |
"UDP Query User{C1524A1D-1062-42FA-8FF5-519D436F581F}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{CC6DD9F7-86AA-41BC-BE71-8781C4AACC36}C:\users\michelle\appdata\roaming\mjusbsp\magicjack.exe" = protocol=17 | dir=in | app=c:\users\michelle\appdata\roaming\mjusbsp\magicjack.exe |
"UDP Query User{D1840333-6EC3-4775-A33B-F3D96251CFE2}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software 6.1.0.2200
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Central Data
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{11B83AD3-7A46-4C2E-A568-9505981D4C6F}" = HP Update
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus
"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{1B500D37-E7CF-480B-8054-8A563594EC4E}" = VAIO OOBE and Welcome Center
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Central Tools
"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting
"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager
"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in
"{2AFFFDD7-ED85-4A90-8C52-5DA9EBDC9B8F}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java(TM) SE Runtime Environment 6
"{34B37A74-125E-4406-87BA-E4BD3D097AE5}" = VAIO Survey
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{353D20CC-719B-4A60-AD33-D03F88C10330}" = Microsoft Office Accounting PayPal Addin
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{46614A49-222A-48EF-87A9-BFD603E608E1}" = Microsoft Office Accounting Fixed Asset Manager
"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"{4F923F90-46D1-4492-9CC6-13FBBA00E7EC}" = C4400
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}" = Microsoft SQL Server Setup Support Files (English)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic
"{5A3F6A80-7913-475E-8B96-477A952CFA43}" = SupportSoft Assisted Service
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =
"{5FA793A6-0071-42C1-9355-8F69A428C44F}" = Microsoft Office Accounting ADP Payroll Addin
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc
"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform
"{6B407945-AE16-4A2A-BAAF-497FE62EDED3}" = PS_AIO_03_C4400_Software_Min
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Central Audio
"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting
"{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}" = Microsoft SQL Server Native Client
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7B18E7E2-AFCA-4CBE-8CD5-3613315AB262}" = ArcGIS Explorer
"{7BB90344-0647-468E-925A-7F69F7983421}" = ArcSoft Magic-I Visual Effects
"{7E6066E6-8B5B-4100-B0FA-1D9E9B663CBA}" = iTunes
"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8C711818-076E-475C-B95B-DF11CD9D8DBE}" = Microsoft Office Accounting Equifax Addin
"{8ECB8220-F419-4BEB-9596-97033C533702}" = QuickBooks Simple Start 2008
"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_PROR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_PROR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}_PROR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}_PROR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_PROR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90A40409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{954B7F64-D1D4-476F-8919-99585D0A6ABF}" = PS_AIO_03_C4400_Software
"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =
"{9973498D-EA29-4A68-BE0B-C88D6E03E928}" = ArcSoft WebCam Companion 2
"{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}" = SmartWi Connection Utility
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A33E457B-5369-481F-8B53-71108AE2EB5B}" = Roxio Easy Media Creator 10 LJ
"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting
"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{B0717D5A-1976-482B-9ADF-F19631A541A4}" = Microsoft Office Accounting 2007
"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story
"{B32C4059-6E7A-41EF-AD20-56DF1872B923}" = Business Contact Manager for Outlook 2007 SP2
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Central Copy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BBB33AD6-BCF7-4002-B6A0-6DC679AE5C18}" = TaxCut Premium + State + Efile 2008
"{BCED773C-99EE-48DD-8915-25733F69F0A8}" = VAIO Wireless Wizard
"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service
"{C9CE9393-B568-428D-AD5B-55452B9748DB}" = PS_AIO_03_C4400_ProductContext
"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc
"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story
"{D2E0F0CC-6BE0-490b-B08B-9267083E34C9}" = MarketResearch
"{D47FE987-EA3D-424B-9886-B752501D7CE7}" = VAIO Help and Support
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents
"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager
"{DFD0E9A9-F24A-492B-8975-8C938E32408F}" = VAIO Startup Assistant
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{E1D25278-B51A-4163-BC3D-20A4D2D09F98}" = VAIO My Memory Center
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E6707034-D7A4-49B1-94D0-F5AACE46F06C}" = Instant Mode
"{E7084B89-69E0-46B3-A118-8F99D06988CD}" = Microsoft SQL Server VSS Writer
"{E8D7B35C-93B1-317E-9403-2BBBA2154ABF}" = Google Talk Plugin
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Central Core
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =
"{F7B72805-2F58-4C04-AE9E-E7AD6A6EF62E}" = C4400_Help
"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library
"{FE51662F-D8F6-43B5-99D9-D4894AF00F83}" = Roxio Easy Media Creator Home
"{FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}" = HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"ArcGIS Explorer" = ArcGIS Explorer
"avast" = avast! Free Antivirus
"Belarc Advisor" = Belarc Advisor 8.2
"Belkin Setup and Router Monitor_is1" = Belkin Setup and Router Monitor
"Business Contact Manager" = Business Contact Manager for Outlook 2007 SP2
"CameraUserGuide-PSSX20IS" = Canon PowerShot SX20 IS Camera User Guide
"CameraWindowDC" = Canon Utilities CameraWindow DC
"CameraWindowDC8" = Canon Utilities CameraWindow DC 8
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP
"DivX Setup" = DivX Setup
"Dogpile Bundle Toolbar" = Dogpile Bundle Toolbar
"FileHippo.com" = FileHippo.com Update Checker
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPExtendedCapabilities" = HP Customer Participation Program 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO
"InstallShield_{231A1A09-FDF2-45F2-B3D1-964CECE372BC}" = Seagate Manager Installer
"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor
"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft Office Accounting 2007" = Microsoft Office Accounting 2007
"Microsoft Office Accounting Equifax Addin" = Microsoft Office Accounting Equifax Addin
"Microsoft Office Accounting PayPal Addin" = Microsoft Office Accounting PayPal Addin
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox 15.0.1 (x86 en-US)" = Mozilla Firefox 15.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyCamera" = Canon Utilities MyCamera
"MyCameraDC" = Canon Utilities MyCamera DC
"OM Explorer for KRM for Excel 2007" = OM Explorer for KRM for Excel 2007
"Personal Printing Guide" = Canon Personal Printing Guide
"PhotoStitch" = Canon Utilities PhotoStitch
"PROR" = Microsoft Office Professional 2007
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"Shop for HP Supplies" = Shop for HP Supplies
"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
"SpywareBlaster_is1" = SpywareBlaster 4.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 1.0.5
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3356219450-332791921-1512930104-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
"Mozilla Firefox 16.0 (x86 en-US)" = Mozilla Firefox 16.0 (x86 en-US)

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10/9/2012 2:56:42 PM | Computer Name = Patdu-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/9/2012 2:56:42 PM | Computer Name = Patdu-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 10/9/2012 3:37:03 PM | Computer Name = Patdu-PC | Source = EventSystem | ID = 4609
Description =

Error - 10/9/2012 3:37:47 PM | Computer Name = Patdu-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/9/2012 3:41:46 PM | Computer Name = Patdu-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 10/9/2012 3:41:47 PM | Computer Name = Patdu-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/9/2012 3:49:56 PM | Computer Name = Patdu-PC | Source = Application Error | ID = 1000
Description = Faulting application FlashPlayerPlugin_11_4_402_287.exe, version 11.4.402.287,
time stamp 0x5066dda3, faulting module ShimEng.dll_unloaded, version 0.0.0.0, time
stamp 0x4549bdb7, exception code 0xc0000005, fault offset 0x6afb4618, process id
0x1574, application start time 0x01cda65740c99180.

Error - 10/9/2012 4:19:40 PM | Computer Name = Patdu-PC | Source = WinMgmt | ID = 10
Description =

Error - 10/9/2012 4:19:40 PM | Computer Name = Patdu-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 10/9/2012 5:05:20 PM | Computer Name = Patdu-PC | Source = VzCdbSvc | ID = 7
Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error
code = 0x80042019)

Error - 10/9/2012 5:05:23 PM | Computer Name = Patdu-PC | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 5/26/2009 1:26:00 PM | Computer Name = Patdu-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/7/2009 5:21:07 PM | Computer Name = Patdu-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

Error - 10/14/2009 7:46:03 PM | Computer Name = Patdu-PC | Source = MCUpdate | ID = 0
Description = DownloadPackgeTask.SubTasksComplete: failed downloading package SportsSchedule.

[ OSession Events ]
Error - 4/27/2010 3:20:52 AM | Computer Name = Patdu-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 43691
seconds with 6660 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 10/9/2012 5:12:27 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:12:31 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:12:35 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:12:39 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:12:44 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:12:48 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:12:52 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:12:56 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:13:04 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.

Error - 10/9/2012 5:13:08 PM | Computer Name = Patdu-PC | Source = disk | ID = 262151
Description = The device, \Device\Harddisk0\DR0, has a bad block.


< End of report >
 
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    Code: 
    :OTL
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 10:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/10 23:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/10 23:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[2011/11/30 23:09:36 | 000,000,000 | ---D | M] -- C:\Users\Michelle\AppData\Roaming\Registry Mechanic
@Alternate Data Stream - 112 bytes -> C:\ProgramData\TEMP:D1B5B4F1

:Commands
[purity]
[emptytemp]
[emptyjava]
[emptyflash]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • You will get a log that shows the results of the fix. Please post it.

NOTE. If for any reason OTL stalls (most likely at "killing processes..." step) run the fix from safe mode.

============================

Last scans...

1. Download Security Check from HERE, and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

    NOTE SecurityCheck may produce some false warning(s), so leave the results reading to me.

2. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

3. Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next...

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.

4. Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

5. Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
All processes killed
========== OTL ==========
Error: No service named SBSDWSCService was found to stop!
Service\Driver key SBSDWSCService not found.
File C:\Program Files\Spybot not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {8FFBE65D-2C9C-4669-84BD-5829DC0B603C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FFBE65D-2C9C-4669-84BD-5829DC0B603C}\ not found.
File C:\Windows\assembly\Desktop.ini not found.
File EY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
File EY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] not found.
File EY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]\ not found.
Folder EY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]\ not found.
Folder C:\Users\Michelle\AppData\Roaming\Registry Mechanic\ not found.
Unable to delete ADS C:\ProgramData\TEMP:D1B5B4F1 .
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Michelle
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 25821978 bytes
->Java cache emptied: 8655150 bytes
->FireFox cache emptied: 56414186 bytes
->Google Chrome cache emptied: 6283429 bytes
->Apple Safari cache emptied: 17138688 bytes
->Flash cache emptied: 5965062 bytes

User: Michelle Patdu
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 328373 bytes
->Flash cache emptied: 405 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 19598 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 115.00 mb


[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Guest

User: Michelle
->Java cache emptied: 0 bytes

User: Michelle Patdu

User: Public

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Guest
->Flash cache emptied: 0 bytes

User: Michelle
->Flash cache emptied: 0 bytes

User: Michelle Patdu
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10092012_151020

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 
You must log in or register to reply here.

Similar threads

E
Solved Svchost.exe launching multiple iexplore.exe - unknown cause
Replies
23
Views
3K
Broni
Broni
NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back