firefox opens a second advertising tab on its own

when im on facebook or other sites somtimes when i click, a random advertising site will open up i have malware bites and it doesnt pick anythying up also my avg antivirus is clear.

Hi there Andrew and welcome to GeekPolice!

I am Gabethebabe and I will be helping you with this issue. Before we start some general remarks/rules:

• Whilst I´m helping you, please follow my instructions carefully and do not experiment on your own or accept help from other persons.
  
• Feel free to ask questions! Especially if my instructions are not clear. I´m here to help, not confuse you.
  
• I will try and respond quickly, but please understand I do have a real life (job, wife, 3 kids, kinky hobbies).
  
• Stick with me till the end. If your computer starts running better, doesn´t mean it is clean yet!

====================

• Download TDSSKiller by Kaspersky from here and save it to your desktop
  
• Doubleclick TDSSKiller.exe to run the tool
  
• Click the Start Scan button
  
• After the scan has finished, click the Close button
  
• Click the Report button and copy/paste the contents of it into your next reply
  
• The report can also be found in the root of your Windows drive (most likely C:\).

====================

Please download OTL by OldTimer from here and save it to your desktop.

• Close all windows and double click OTL.exe.
  
• The Extra Registry setting should be Use Safelist
  
• Copy and paste the following text into the Custom Scans/Fixes box:

• Click the Run Scan button and allow it to run.
  
• It will produce two logs for you, OTL.txt and Extras.txt. Please post both logs in this thread.
  
• You may need multiple posts to get it all.

8:16.0443 1392 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
10:28:16.0604 1392 ============================================================
10:28:16.0604 1392 Current date / time: 2012/05/07 10:28:16.0604
10:28:16.0604 1392 SystemInfo:
10:28:16.0604 1392
10:28:16.0604 1392 OS Version: 6.1.7601 ServicePack: 1.0
10:28:16.0604 1392 Product type: Workstation
10:28:16.0604 1392 ComputerName: BORIS
10:28:16.0605 1392 UserName: andrew
10:28:16.0605 1392 Windows directory: C:\Windows
10:28:16.0605 1392 System windows directory: C:\Windows
10:28:16.0605 1392 Running under WOW64
10:28:16.0605 1392 Processor architecture: Intel x64
10:28:16.0605 1392 Number of processors: 2
10:28:16.0605 1392 Page size: 0x1000
10:28:16.0605 1392 Boot type: Normal boot
10:28:16.0605 1392 ============================================================
10:28:17.0047 1392 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:28:17.0058 1392 ============================================================
10:28:17.0058 1392 \Device\Harddisk0\DR0:
10:28:17.0059 1392 MBR partitions:
10:28:17.0059 1392 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x401000, BlocksNum 0x39F84000
10:28:17.0059 1392 ============================================================
10:28:17.0080 1392 C: <-> \Device\Harddisk0\DR0\Partition0
10:28:17.0080 1392 ============================================================
10:28:17.0080 1392 Initialize success
10:28:17.0080 1392 ============================================================
10:28:44.0958 4224 ============================================================
10:28:44.0958 4224 Scan started
10:28:44.0958 4224 Mode: Manual;
10:28:44.0958 4224 ============================================================
10:28:45.0324 4224 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
10:28:45.0328 4224 1394ohci - ok
10:28:45.0392 4224 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
10:28:45.0397 4224 ACPI - ok
10:28:45.0433 4224 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
10:28:45.0434 4224 AcpiPmi - ok
10:28:45.0569 4224 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:28:45.0571 4224 AdobeFlashPlayerUpdateSvc - ok
10:28:45.0656 4224 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
10:28:45.0659 4224 adp94xx - ok
10:28:45.0730 4224 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
10:28:45.0733 4224 adpahci - ok
10:28:45.0779 4224 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
10:28:45.0781 4224 adpu320 - ok
10:28:45.0828 4224 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
10:28:45.0829 4224 AeLookupSvc - ok
10:28:45.0922 4224 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
10:28:45.0926 4224 AFD - ok
10:28:45.0962 4224 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
10:28:45.0963 4224 agp440 - ok
10:28:46.0019 4224 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
10:28:46.0021 4224 ALG - ok
10:28:46.0065 4224 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
10:28:46.0067 4224 aliide - ok
10:28:46.0106 4224 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
10:28:46.0110 4224 amdide - ok
10:28:46.0155 4224 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
10:28:46.0157 4224 AmdK8 - ok
10:28:46.0176 4224 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
10:28:46.0177 4224 AmdPPM - ok
10:28:46.0213 4224 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
10:28:46.0215 4224 amdsata - ok
10:28:46.0256 4224 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
10:28:46.0258 4224 amdsbs - ok
10:28:46.0291 4224 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
10:28:46.0292 4224 amdxata - ok
10:28:46.0331 4224 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
10:28:46.0332 4224 AppID - ok
10:28:46.0352 4224 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
10:28:46.0353 4224 AppIDSvc - ok
10:28:46.0412 4224 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
10:28:46.0413 4224 Appinfo - ok
10:28:46.0460 4224 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
10:28:46.0461 4224 arc - ok
10:28:46.0493 4224 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
10:28:46.0494 4224 arcsas - ok
10:28:46.0623 4224 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:28:46.0636 4224 aspnet_state - ok
10:28:46.0678 4224 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
10:28:46.0679 4224 AsyncMac - ok
10:28:46.0715 4224 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
10:28:46.0716 4224 atapi - ok
10:28:46.0879 4224 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\Windows\system32\DRIVERS\athrx.sys
10:28:46.0894 4224 athr - ok
10:28:47.0081 4224 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:28:47.0089 4224 AudioEndpointBuilder - ok
10:28:47.0099 4224 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
10:28:47.0104 4224 AudioSrv - ok
10:28:47.0191 4224 Avgfwfd (96b4456f1dca4eda506ed31c7d2d6b05) C:\Windows\system32\DRIVERS\avgfwd6a.sys
10:28:47.0192 4224 Avgfwfd - ok
10:28:47.0440 4224 avgfws (5cd22eb540f82c70e33e530003f3903b) C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
10:28:47.0457 4224 avgfws - ok
10:28:47.0938 4224 AVGIDSAgent (6d440ff3f44ca72edfd6176c6d6a89c0) C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
10:28:47.0965 4224 AVGIDSAgent - ok
10:28:48.0113 4224 AVGIDSDriver (e29ea1a0ec7ab9fa2dc7e75a03f12a4f) C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
10:28:48.0116 4224 AVGIDSDriver - ok
10:28:48.0166 4224 AVGIDSEH (f823d184b8e8ffb8da3ead45dbf5bd6a) C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
10:28:48.0168 4224 AVGIDSEH - ok
10:28:48.0183 4224 AVGIDSFilter (ed2b25bd7fe35d1944211968842d30da) C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
10:28:48.0184 4224 AVGIDSFilter - ok
10:28:48.0267 4224 Avgldx64 (979cf8912449a10b987218bff80a1fa3) C:\Windows\system32\DRIVERS\avgldx64.sys
10:28:48.0269 4224 Avgldx64 - ok
10:28:48.0319 4224 Avgmfx64 (36b1a5843695766eac714daffc5b84d1) C:\Windows\system32\DRIVERS\avgmfx64.sys
10:28:48.0321 4224 Avgmfx64 - ok
10:28:48.0377 4224 Avgrkx64 (1102239fb724527f1febbbbccf6bf313) C:\Windows\system32\DRIVERS\avgrkx64.sys
10:28:48.0379 4224 Avgrkx64 - ok
10:28:48.0458 4224 Avgtdia (11f36d3ea82d9db9aa05a476a210551b) C:\Windows\system32\DRIVERS\avgtdia.sys
10:28:48.0461 4224 Avgtdia - ok
10:28:48.0597 4224 avgwd (6699ece24fe4b3f752a66c66a602ee86) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
10:28:48.0599 4224 avgwd - ok
10:28:48.0664 4224 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
10:28:48.0668 4224 AxInstSV - ok
10:28:48.0744 4224 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
10:28:48.0748 4224 b06bdrv - ok
10:28:48.0816 4224 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
10:28:48.0820 4224 b57nd60a - ok
10:28:48.0876 4224 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
10:28:48.0878 4224 BDESVC - ok
10:28:48.0959 4224 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
10:28:48.0961 4224 Beep - ok
10:28:49.0086 4224 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
10:28:49.0093 4224 BFE - ok
10:28:49.0221 4224 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
10:28:49.0229 4224 BITS - ok
10:28:49.0307 4224 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
10:28:49.0308 4224 blbdrive - ok
10:28:49.0363 4224 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
10:28:49.0364 4224 bowser - ok
10:28:49.0410 4224 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
10:28:49.0411 4224 BrFiltLo - ok
10:28:49.0445 4224 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
10:28:49.0445 4224 BrFiltUp - ok
10:28:49.0489 4224 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
10:28:49.0491 4224 Browser - ok
10:28:49.0537 4224 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
10:28:49.0542 4224 Brserid - ok
10:28:49.0584 4224 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
10:28:49.0586 4224 BrSerWdm - ok
10:28:49.0608 4224 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
10:28:49.0609 4224 BrUsbMdm - ok
10:28:49.0624 4224 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
10:28:49.0625 4224 BrUsbSer - ok
10:28:49.0671 4224 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
10:28:49.0672 4224 BthEnum - ok
10:28:49.0715 4224 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
10:28:49.0716 4224 BTHMODEM - ok
10:28:49.0763 4224 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
10:28:49.0765 4224 BthPan - ok
10:28:49.0857 4224 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
10:28:49.0862 4224 BTHPORT - ok
10:28:49.0919 4224 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
10:28:49.0921 4224 bthserv - ok
10:28:49.0952 4224 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
10:28:49.0953 4224 BTHUSB - ok
10:28:49.0989 4224 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
10:28:49.0990 4224 cdfs - ok
10:28:50.0035 4224 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
10:28:50.0037 4224 cdrom - ok
10:28:50.0068 4224 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:28:50.0069 4224 CertPropSvc - ok
10:28:50.0110 4224 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
10:28:50.0111 4224 circlass - ok
10:28:50.0209 4224 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
10:28:50.0213 4224 CLFS - ok
10:28:50.0276 4224 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:28:50.0278 4224 clr_optimization_v2.0.50727_32 - ok
10:28:50.0330 4224 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:28:50.0332 4224 clr_optimization_v2.0.50727_64 - ok
10:28:50.0430 4224 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:28:50.0462 4224 clr_optimization_v4.0.30319_32 - ok
10:28:50.0540 4224 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:28:50.0570 4224 clr_optimization_v4.0.30319_64 - ok
10:28:50.0606 4224 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
10:28:50.0608 4224 CmBatt - ok
10:28:50.0622 4224 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
10:28:50.0623 4224 cmdide - ok
10:28:50.0699 4224 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
10:28:50.0703 4224 CNG - ok
10:28:50.0760 4224 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
10:28:50.0761 4224 Compbatt - ok
10:28:50.0816 4224 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys
10:28:50.0817 4224 CompositeBus - ok
10:28:50.0829 4224 COMSysApp - ok
10:28:50.0847 4224 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
10:28:50.0848 4224 crcdisk - ok
10:28:50.0902 4224 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
10:28:50.0904 4224 CryptSvc - ok
10:28:50.0998 4224 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:28:51.0004 4224 DcomLaunch - ok
10:28:51.0058 4224 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
10:28:51.0061 4224 defragsvc - ok
10:28:51.0124 4224 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
10:28:51.0125 4224 DfsC - ok
10:28:51.0204 4224 dg_ssudbus (113212d25d0c9bb8901a9833774da97f) C:\Windows\system32\DRIVERS\ssudbus.sys
10:28:51.0208 4224 dg_ssudbus - ok
10:28:51.0277 4224 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
10:28:51.0280 4224 Dhcp - ok
10:28:51.0331 4224 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
10:28:51.0332 4224 discache - ok
10:28:51.0375 4224 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
10:28:51.0376 4224 Disk - ok
10:28:51.0408 4224 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
10:28:51.0410 4224 Dnscache - ok
10:28:51.0477 4224 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
10:28:51.0480 4224 dot3svc - ok
10:28:51.0499 4224 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
10:28:51.0501 4224 DPS - ok
10:28:51.0537 4224 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
10:28:51.0537 4224 drmkaud - ok
10:28:51.0637 4224 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
10:28:51.0648 4224 DXGKrnl - ok
10:28:51.0694 4224 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
10:28:51.0695 4224 EapHost - ok
10:28:51.0950 4224 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
10:28:51.0969 4224 ebdrv - ok
10:28:52.0108 4224 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
10:28:52.0111 4224 EFS - ok
10:28:52.0244 4224 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
10:28:52.0250 4224 ehRecvr - ok
10:28:52.0280 4224 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
10:28:52.0281 4224 ehSched - ok
10:28:52.0388 4224 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
10:28:52.0392 4224 elxstor - ok
10:28:52.0435 4224 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
10:28:52.0436 4224 ErrDev - ok
10:28:52.0505 4224 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
10:28:52.0508 4224 EventSystem - ok
10:28:52.0570 4224 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
10:28:52.0579 4224 exfat - ok
10:28:52.0611 4224 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
10:28:52.0620 4224 fastfat - ok
10:28:52.0694 4224 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
10:28:52.0699 4224 Fax - ok
10:28:52.0748 4224 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
10:28:52.0749 4224 fdc - ok
10:28:52.0793 4224 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
10:28:52.0794 4224 fdPHost - ok
10:28:52.0805 4224 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
10:28:52.0806 4224 FDResPub - ok
10:28:52.0843 4224 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
10:28:52.0844 4224 FileInfo - ok
10:28:52.0853 4224 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
10:28:52.0853 4224 Filetrace - ok
10:28:52.0891 4224 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
10:28:52.0892 4224 flpydisk - ok
10:28:52.0916 4224 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
10:28:52.0918 4224 FltMgr - ok
10:28:53.0032 4224 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
10:28:53.0039 4224 FontCache - ok
10:28:53.0112 4224 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:28:53.0113 4224 FontCache3.0.0.0 - ok
10:28:53.0175 4224 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
10:28:53.0176 4224 FsDepends - ok
10:28:53.0208 4224 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
10:28:53.0212 4224 Fs_Rec - ok
10:28:53.0240 4224 FUJ02B1 (ba0c1ffda496d8bcbcac63f8d98d20e3) C:\Windows\system32\DRIVERS\FUJ02B1.sys
10:28:53.0241 4224 FUJ02B1 - ok
10:28:53.0248 4224 FUJ02E3 (7135030cbf87d724b6037bb023923730) C:\Windows\system32\DRIVERS\FUJ02E3.sys
10:28:53.0249 4224 FUJ02E3 - ok
10:28:53.0323 4224 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
10:28:53.0325 4224 fvevol - ok
10:28:53.0366 4224 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
10:28:53.0368 4224 gagp30kx - ok
10:28:53.0469 4224 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
10:28:53.0479 4224 gpsvc - ok
10:28:53.0559 4224 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:28:53.0561 4224 gupdate - ok
10:28:53.0570 4224 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:28:53.0571 4224 gupdatem - ok
10:28:53.0600 4224 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
10:28:53.0601 4224 hcw85cir - ok
10:28:53.0667 4224 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
10:28:53.0670 4224 HdAudAddService - ok
10:28:53.0733 4224 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys
10:28:53.0738 4224 HDAudBus - ok
10:28:53.0781 4224 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
10:28:53.0782 4224 HECIx64 - ok
10:28:53.0810 4224 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
10:28:53.0811 4224 HidBatt - ok
10:28:53.0834 4224 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
10:28:53.0835 4224 HidBth - ok
10:28:53.0872 4224 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
10:28:53.0873 4224 HidIr - ok
10:28:53.0903 4224 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
10:28:53.0904 4224 hidserv - ok
10:28:53.0961 4224 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
10:28:53.0962 4224 HidUsb - ok
10:28:54.0004 4224 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
10:28:54.0006 4224 hkmsvc - ok
10:28:54.0040 4224 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
10:28:54.0043 4224 HomeGroupListener - ok
10:28:54.0095 4224 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
10:28:54.0098 4224 HomeGroupProvider - ok
10:28:54.0142 4224 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
10:28:54.0144 4224 HpSAMD - ok
10:28:54.0246 4224 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
10:28:54.0251 4224 HTTP - ok
10:28:54.0256 4224 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
10:28:54.0257 4224 hwpolicy - ok
10:28:54.0303 4224 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
10:28:54.0304 4224 i8042prt - ok
10:28:54.0376 4224 iaStor (2064090c9faad92c090d77e50e735b2e) C:\Windows\system32\drivers\iaStor.sys
10:28:54.0381 4224 iaStor - ok
10:28:54.0454 4224 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
10:28:54.0457 4224 iaStorV - ok
10:28:54.0596 4224 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:28:54.0604 4224 idsvc - ok
10:28:55.0170 4224 igfx (8e509de232cfa4f8a5b34f01802f500e) C:\Windows\system32\DRIVERS\igdkmd64.sys
10:28:55.0216 4224 igfx - ok
10:28:55.0397 4224 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
10:28:55.0398 4224 iirsp - ok
10:28:55.0496 4224 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
10:28:55.0508 4224 IKEEXT - ok
10:28:55.0562 4224 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys
10:28:55.0565 4224 Impcd - ok
10:28:55.0798 4224 IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys
10:28:55.0810 4224 IntcAzAudAddService - ok
10:28:56.0008 4224 IntcDAud (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys
10:28:56.0012 4224 IntcDAud - ok
10:28:56.0059 4224 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
10:28:56.0061 4224 intelide - ok
10:28:56.0093 4224 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
10:28:56.0095 4224 intelppm - ok
10:28:56.0125 4224 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
10:28:56.0128 4224 IPBusEnum - ok
10:28:56.0176 4224 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:28:56.0177 4224 IpFilterDriver - ok
10:28:56.0241 4224 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
10:28:56.0247 4224 iphlpsvc - ok
10:28:56.0286 4224 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
10:28:56.0287 4224 IPMIDRV - ok
10:28:56.0342 4224 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
10:28:56.0344 4224 IPNAT - ok
10:28:56.0384 4224 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
10:28:56.0385 4224 IRENUM - ok
10:28:56.0404 4224 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
10:28:56.0405 4224 isapnp - ok
10:28:56.0444 4224 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
10:28:56.0447 4224 iScsiPrt - ok
10:28:56.0511 4224 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
10:28:56.0512 4224 kbdclass - ok
10:28:56.0543 4224 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
10:28:56.0544 4224 kbdhid - ok
10:28:56.0575 4224 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:28:56.0577 4224 KeyIso - ok
10:28:56.0605 4224 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
10:28:56.0606 4224 KSecDD - ok
10:28:56.0631 4224 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
10:28:56.0633 4224 KSecPkg - ok
10:28:56.0668 4224 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
10:28:56.0669 4224 ksthunk - ok
10:28:56.0734 4224 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
10:28:56.0739 4224 KtmRm - ok
10:28:56.0804 4224 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
10:28:56.0808 4224 LanmanServer - ok
10:28:56.0828 4224 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
10:28:56.0832 4224 LanmanWorkstation - ok
10:28:56.0873 4224 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
10:28:56.0874 4224 lltdio - ok
10:28:56.0932 4224 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
10:28:56.0937 4224 lltdsvc - ok
10:28:56.0967 4224 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
10:28:56.0970 4224 lmhosts - ok
10:28:57.0159 4224 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:28:57.0162 4224 LMS - ok
10:28:57.0207 4224 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
10:28:57.0210 4224 LSI_FC - ok
10:28:57.0234 4224 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
10:28:57.0236 4224 LSI_SAS - ok
10:28:57.0255 4224 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
10:28:57.0256 4224 LSI_SAS2 - ok
10:28:57.0280 4224 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
10:28:57.0281 4224 LSI_SCSI - ok
10:28:57.0303 4224 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
10:28:57.0304 4224 luafv - ok
10:28:57.0342 4224 MBAMProtector (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
10:28:57.0343 4224 MBAMProtector - ok
10:28:57.0421 4224 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:28:57.0425 4224 MBAMService - ok
10:28:57.0457 4224 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
10:28:57.0459 4224 Mcx2Svc - ok
10:28:57.0484 4224 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
10:28:57.0485 4224 megasas - ok
10:28:57.0565 4224 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
10:28:57.0568 4224 MegaSR - ok
10:28:57.0616 4224 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:28:57.0618 4224 MMCSS - ok
10:28:57.0630 4224 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
10:28:57.0631 4224 Modem - ok
10:28:57.0651 4224 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
10:28:57.0652 4224 monitor - ok
10:28:57.0696 4224 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
10:28:57.0697 4224 mouclass - ok
10:28:57.0719 4224 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
10:28:57.0720 4224 mouhid - ok
10:28:57.0768 4224 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
10:28:57.0770 4224 mountmgr - ok
10:28:57.0866 4224 MozillaMaintenance (96aa8ba23142cc8e2b30f3cae0c80254) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:28:57.0868 4224 MozillaMaintenance - ok
10:28:57.0926 4224 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
10:28:57.0929 4224 mpio - ok
10:28:57.0959 4224 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
10:28:57.0961 4224 mpsdrv - ok
10:28:58.0065 4224 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
10:28:58.0072 4224 MpsSvc - ok
10:28:58.0094 4224 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
10:28:58.0095 4224 MRxDAV - ok
10:28:58.0143 4224 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
10:28:58.0144 4224 mrxsmb - ok
10:28:58.0182 4224 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:28:58.0185 4224 mrxsmb10 - ok
10:28:58.0207 4224 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:28:58.0208 4224 mrxsmb20 - ok
10:28:58.0240 4224 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
10:28:58.0241 4224 msahci - ok
10:28:58.0288 4224 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
10:28:58.0289 4224 msdsm - ok
10:28:58.0334 4224 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
10:28:58.0337 4224 MSDTC - ok
10:28:58.0355 4224 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
10:28:58.0356 4224 Msfs - ok
10:28:58.0374 4224 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
10:28:58.0375 4224 mshidkmdf - ok
10:28:58.0404 4224 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
10:28:58.0405 4224 msisadrv - ok
10:28:58.0447 4224 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
10:28:58.0450 4224 MSiSCSI - ok
10:28:58.0453 4224 msiserver - ok
10:28:58.0490 4224 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
10:28:58.0491 4224 MSKSSRV - ok
10:28:58.0511 4224 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
10:28:58.0511 4224 MSPCLOCK - ok
10:28:58.0520 4224 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
10:28:58.0521 4224 MSPQM - ok
10:28:58.0549 4224 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
10:28:58.0553 4224 MsRPC - ok
10:28:58.0587 4224 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
10:28:58.0588 4224 mssmbios - ok
10:28:58.0592 4224 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
10:28:58.0593 4224 MSTEE - ok
10:28:58.0602 4224 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
10:28:58.0603 4224 MTConfig - ok
10:28:58.0618 4224 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
10:28:58.0619 4224 Mup - ok
10:28:58.0685 4224 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
10:28:58.0690 4224 napagent - ok
10:28:58.0766 4224 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
10:28:58.0769 4224 NativeWifiP - ok
10:28:58.0890 4224 NAUpdate (1bbbf640bc0e0b750537baece8d66c18) C:\Program Files (x86)\Nero\Update\NASvc.exe
10:28:58.0897 4224 NAUpdate - ok
10:28:59.0001 4224 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
10:28:59.0011 4224 NDIS - ok
10:28:59.0036 4224 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
10:28:59.0037 4224 NdisCap - ok
10:28:59.0057 4224 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
10:28:59.0059 4224 NdisTapi - ok
10:28:59.0074 4224 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
10:28:59.0075 4224 Ndisuio - ok
10:28:59.0099 4224 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
10:28:59.0100 4224 NdisWan - ok
10:28:59.0110 4224 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
10:28:59.0111 4224 NDProxy - ok
10:28:59.0151 4224 Nero BackItUp Scheduler 4.0 - ok
10:28:59.0171 4224 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
10:28:59.0172 4224 NetBIOS - ok
10:28:59.0201 4224 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
10:28:59.0203 4224 NetBT - ok
10:28:59.0230 4224 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:28:59.0232 4224 Netlogon - ok
10:28:59.0317 4224 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
10:28:59.0320 4224 Netman - ok
10:28:59.0437 4224 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:59.0441 4224 NetMsmqActivator - ok
10:28:59.0460 4224 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:59.0462 4224 NetPipeActivator - ok
10:28:59.0516 4224 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
10:28:59.0520 4224 netprofm - ok
10:28:59.0524 4224 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:59.0526 4224 NetTcpActivator - ok
10:28:59.0529 4224 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:28:59.0531 4224 NetTcpPortSharing - ok
10:28:59.0601 4224 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
10:28:59.0602 4224 nfrd960 - ok
10:28:59.0663 4224 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
10:28:59.0666 4224 NlaSvc - ok
10:28:59.0696 4224 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
10:28:59.0698 4224 Npfs - ok
10:28:59.0716 4224 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
10:28:59.0719 4224 nsi - ok
10:28:59.0725 4224 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
10:28:59.0727 4224 nsiproxy - ok
10:28:59.0900 4224 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
10:28:59.0948 4224 Ntfs - ok
10:29:00.0083 4224 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
10:29:00.0085 4224 Null - ok
10:29:00.0121 4224 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
10:29:00.0123 4224 nvraid - ok
10:29:00.0150 4224 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
10:29:00.0153 4224 nvstor - ok
10:29:00.0195 4224 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
10:29:00.0197 4224 nv_agp - ok
10:29:00.0224 4224 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
10:29:00.0226 4224 ohci1394 - ok
10:29:00.0361 4224 OMSI download service (da345de3b450e9e1691e7b9956d8ffc3) C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
10:29:00.0363 4224 OMSI download service - ok
10:29:00.0411 4224 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:29:00.0417 4224 p2pimsvc - ok
10:29:00.0465 4224 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
10:29:00.0469 4224 p2psvc - ok
10:29:00.0507 4224 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
10:29:00.0509 4224 Parport - ok
10:29:00.0533 4224 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
10:29:00.0534 4224 partmgr - ok
10:29:00.0551 4224 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
10:29:00.0553 4224 PcaSvc - ok
10:29:00.0591 4224 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
10:29:00.0593 4224 pci - ok
10:29:00.0603 4224 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
10:29:00.0604 4224 pciide - ok
10:29:00.0644 4224 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
10:29:00.0646 4224 pcmcia - ok
10:29:00.0678 4224 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
10:29:00.0679 4224 pcw - ok
10:29:00.0718 4224 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
10:29:00.0722 4224 PEAUTH - ok
10:29:00.0823 4224 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
10:29:00.0825 4224 PerfHost - ok
10:29:00.0960 4224 PFNService (c0f1cfcee7e8aff3ae0a7f54a7d3d6be) C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe
10:29:00.0964 4224 PFNService - ok
10:29:01.0167 4224 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
10:29:01.0181 4224 pla - ok
10:29:01.0249 4224 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
10:29:01.0253 4224 PlugPlay - ok
10:29:01.0275 4224 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
10:29:01.0277 4224 PNRPAutoReg - ok
10:29:01.0307 4224 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
10:29:01.0310 4224 PNRPsvc - ok
10:29:01.0381 4224 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
10:29:01.0389 4224 PolicyAgent - ok
10:29:01.0425 4224 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
10:29:01.0428 4224 Power - ok
10:29:01.0518 4224 PowerSavingUtilityService (843ba5f09a391d52ac1f8486c5fc3d4f) C:\Program Files\Fujitsu\PSUtility\PSUService.exe
10:29:01.0520 4224 PowerSavingUtilityService - ok
10:29:01.0602 4224 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
10:29:01.0605 4224 PptpMiniport - ok
10:29:01.0635 4224 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
10:29:01.0637 4224 Processor - ok
10:29:01.0681 4224 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
10:29:01.0685 4224 ProfSvc - ok
10:29:01.0730 4224 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:29:01.0732 4224 ProtectedStorage - ok
10:29:01.0788 4224 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
10:29:01.0790 4224 Psched - ok
10:29:01.0955 4224 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
10:29:01.0972 4224 ql2300 - ok
10:29:02.0130 4224 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
10:29:02.0133 4224 ql40xx - ok
10:29:02.0199 4224 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
10:29:02.0205 4224 QWAVE - ok
10:29:02.0221 4224 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
10:29:02.0222 4224 QWAVEdrv - ok
10:29:02.0238 4224 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
10:29:02.0239 4224 RasAcd - ok
10:29:02.0274 4224 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
10:29:02.0275 4224 RasAgileVpn - ok
10:29:02.0304 4224 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
10:29:02.0307 4224 RasAuto - ok
10:29:02.0337 4224 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
10:29:02.0339 4224 Rasl2tp - ok
10:29:02.0382 4224 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
10:29:02.0385 4224 RasMan - ok
10:29:02.0410 4224 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
10:29:02.0411 4224 RasPppoe - ok
10:29:02.0425 4224 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
10:29:02.0427 4224 RasSstp - ok
10:29:02.0450 4224 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
10:29:02.0452 4224 rdbss - ok
10:29:02.0474 4224 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
10:29:02.0475 4224 rdpbus - ok
10:29:02.0508 4224 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
10:29:02.0509 4224 RDPCDD - ok
10:29:02.0518 4224 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
10:29:02.0519 4224 RDPENCDD - ok
10:29:02.0526 4224 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
10:29:02.0527 4224 RDPREFMP - ok
10:29:02.0569 4224 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
10:29:02.0577 4224 RDPWD - ok
10:29:02.0638 4224 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
10:29:02.0641 4224 rdyboost - ok
10:29:02.0678 4224 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
10:29:02.0680 4224 RemoteAccess - ok
10:29:02.0722 4224 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
10:29:02.0726 4224 RemoteRegistry - ok
10:29:02.0764 4224 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
10:29:02.0766 4224 RFCOMM - ok
10:29:02.0776 4224 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
10:29:02.0779 4224 RpcEptMapper - ok
10:29:02.0798 4224 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
10:29:02.0799 4224 RpcLocator - ok
10:29:02.0853 4224 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
10:29:02.0858 4224 RpcSs - ok
10:29:02.0899 4224 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
10:29:02.0901 4224 rspndr - ok
10:29:02.0906 4224 RSUSBSTOR - ok
10:29:02.0966 4224 RTL8167 (7ea8d2eb9bbfd2ab8a3117a1e96d3b3a) C:\Windows\system32\DRIVERS\Rt64win7.sys
10:29:02.0969 4224 RTL8167 - ok
10:29:02.0989 4224 RtsUIR - ok
10:29:03.0053 4224 s1018bus (301fba4594fb5c0a469299a65106b4aa) C:\Windows\system32\DRIVERS\s1018bus.sys
10:29:03.0055 4224 s1018bus - ok
10:29:03.0085 4224 s1018mdfl (d1d7c744f79710357e60fc04d125ed01) C:\Windows\system32\DRIVERS\s1018mdfl.sys
10:29:03.0086 4224 s1018mdfl - ok
10:29:03.0119 4224 s1018mdm (7dbe12cccd837d4266b2ddd80a329c09) C:\Windows\system32\DRIVERS\s1018mdm.sys
10:29:03.0120 4224 s1018mdm - ok
10:29:03.0142 4224 s1018mgmt (065ff5e62d2d18a6d93fd925546cd549) C:\Windows\system32\DRIVERS\s1018mgmt.sys
10:29:03.0143 4224 s1018mgmt - ok
10:29:03.0156 4224 s1018nd5 (5101d815bdf0d667e3d5f0ea727caaee) C:\Windows\system32\DRIVERS\s1018nd5.sys
10:29:03.0157 4224 s1018nd5 - ok
10:29:03.0183 4224 s1018obex (13f220c65b444ac9bda49dacfc3230bb) C:\Windows\system32\DRIVERS\s1018obex.sys
10:29:03.0185 4224 s1018obex - ok
10:29:03.0205 4224 s1018unic (ce7d8bce80211d8a35f6bd7a87791860) C:\Windows\system32\DRIVERS\s1018unic.sys
10:29:03.0206 4224 s1018unic - ok
10:29:03.0241 4224 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:29:03.0242 4224 SamSs - ok
10:29:03.0283 4224 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
10:29:03.0285 4224 sbp2port - ok
10:29:03.0323 4224 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
10:29:03.0326 4224 SCardSvr - ok
10:29:03.0348 4224 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
10:29:03.0349 4224 scfilter - ok
10:29:03.0454 4224 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
10:29:03.0468 4224 Schedule - ok
10:29:03.0501 4224 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
10:29:03.0503 4224 SCPolicySvc - ok
10:29:03.0529 4224 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
10:29:03.0532 4224 SDRSVC - ok
10:29:03.0603 4224 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
10:29:03.0606 4224 secdrv - ok
10:29:03.0642 4224 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
10:29:03.0645 4224 seclogon - ok
10:29:03.0667 4224 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
10:29:03.0670 4224 SENS - ok
10:29:03.0681 4224 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
10:29:03.0684 4224 SensrSvc - ok
10:29:03.0711 4224 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
10:29:03.0712 4224 Serenum - ok
10:29:03.0735 4224 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
10:29:03.0737 4224 Serial - ok
10:29:03.0782 4224 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
10:29:03.0784 4224 sermouse - ok
10:29:03.0826 4224 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
10:29:03.0828 4224 SessionEnv - ok
10:29:03.0858 4224 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
10:29:03.0859 4224 sffdisk - ok
10:29:03.0868 4224 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
10:29:03.0869 4224 sffp_mmc - ok
10:29:03.0873 4224 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
10:29:03.0877 4224 sffp_sd - ok
10:29:03.0921 4224 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
10:29:03.0922 4224 sfloppy - ok
10:29:03.0964 4224 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
10:29:03.0968 4224 SharedAccess - ok
10:29:04.0021 4224 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
10:29:04.0026 4224 ShellHWDetection - ok
10:29:04.0056 4224 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
10:29:04.0058 4224 SiSRaid2 - ok
10:29:04.0090 4224 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
10:29:04.0092 4224 SiSRaid4 - ok
10:29:04.0134 4224 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
10:29:04.0135 4224 Smb - ok
10:29:04.0183 4224 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
10:29:04.0185 4224 SNMPTRAP - ok
10:29:04.0196 4224 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
10:29:04.0197 4224 spldr - ok
10:29:04.0248 4224 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
10:29:04.0254 4224 Spooler - ok
10:29:04.0530 4224 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
10:29:04.0552 4224 sppsvc - ok
10:29:04.0673 4224 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
10:29:04.0677 4224 sppuinotify - ok
10:29:04.0765 4224 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
10:29:04.0770 4224 srv - ok
10:29:04.0807 4224 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
10:29:04.0812 4224 srv2 - ok
10:29:04.0847 4224 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
10:29:04.0849 4224 srvnet - ok
10:29:04.0902 4224 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
10:29:04.0906 4224 SSDPSRV - ok
10:29:04.0916 4224 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
10:29:04.0919 4224 SstpSvc - ok
10:29:04.0971 4224 ssudmdm (78cd64791f8634cf7b582fd085e57c4b) C:\Windows\system32\DRIVERS\ssudmdm.sys
10:29:04.0974 4224 ssudmdm - ok
10:29:05.0000 4224 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
10:29:05.0001 4224 stexstor - ok
10:29:05.0080 4224 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
10:29:05.0089 4224 stisvc - ok
10:29:05.0194 4224 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
10:29:05.0195 4224 swenum - ok
10:29:05.0268 4224 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
10:29:05.0278 4224 swprv - ok
10:29:05.0332 4224 SynTP (2f827bb08cc7f1a17df2ead7b424d731) C:\Windows\system32\DRIVERS\SynTP.sys
10:29:05.0335 4224 SynTP - ok
10:29:05.0492 4224 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
10:29:05.0510 4224 SysMain - ok
10:29:05.0632 4224 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
10:29:05.0637 4224 TabletInputService - ok
10:29:05.0681 4224 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
10:29:05.0685 4224 TapiSrv - ok
10:29:05.0721 4224 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
10:29:05.0724 4224 TBS - ok
10:29:05.0939 4224 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
10:29:05.0953 4224 Tcpip - ok
10:29:06.0241 4224 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
10:29:06.0262 4224 TCPIP6 - ok
10:29:06.0369 4224 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
10:29:06.0370 4224 tcpipreg - ok
10:29:06.0396 4224 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
10:29:06.0397 4224 TDPIPE - ok
10:29:06.0427 4224 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
10:29:06.0428 4224 TDTCP - ok
10:29:06.0476 4224 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
10:29:06.0477 4224 tdx - ok
10:29:06.0508 4224 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys
10:29:06.0509 4224 TermDD - ok
10:29:06.0569 4224 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
10:29:06.0575 4224 TermService - ok
10:29:06.0581 4224 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
10:29:06.0584 4224 Themes - ok
10:29:06.0616 4224 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
10:29:06.0617 4224 THREADORDER - ok
10:29:06.0663 4224 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys
10:29:06.0664 4224 TPM - ok
10:29:06.0712 4224 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
10:29:06.0715 4224 TrkWks - ok
10:29:06.0778 4224 TrojanKillerDriver (9bf9e809fbb2d5d0403b32b15abe5f30) C:\Windows\system32\DRIVERS\gtkdrv.sys
10:29:06.0780 4224 TrojanKillerDriver - ok
10:29:06.0843 4224 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
10:29:06.0846 4224 TrustedInstaller - ok
10:29:06.0874 4224 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
10:29:06.0876 4224 tssecsrv - ok
10:29:06.0913 4224 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
10:29:06.0914 4224 TsUsbFlt - ok
10:29:06.0949 4224 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
10:29:06.0950 4224 TsUsbGD - ok
10:29:06.0985 4224 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
10:29:06.0987 4224 tunnel - ok
10:29:07.0011 4224 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
10:29:07.0012 4224 uagp35 - ok
10:29:07.0048 4224 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
10:29:07.0051 4224 udfs - ok
10:29:07.0089 4224 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
10:29:07.0091 4224 UI0Detect - ok
10:29:07.0131 4224 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
10:29:07.0133 4224 uliagpkx - ok
10:29:07.0175 4224 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
10:29:07.0176 4224 umbus - ok
10:29:07.0187 4224 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
10:29:07.0188 4224 UmPass - ok
10:29:07.0468 4224 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:29:07.0482 4224 UNS - ok
10:29:07.0641 4224 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
10:29:07.0648 4224 upnphost - ok
10:29:07.0695 4224 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
10:29:07.0698 4224 usbccgp - ok
10:29:07.0702 4224 USBCCID - ok
10:29:07.0747 4224 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
10:29:07.0749 4224 usbcir - ok
10:29:07.0783 4224 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
10:29:07.0785 4224 usbehci - ok
10:29:07.0853 4224 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
10:29:07.0857 4224 usbhub - ok
10:29:07.0890 4224 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
10:29:07.0892 4224 usbohci - ok
10:29:07.0925 4224 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
10:29:07.0926 4224 usbprint - ok
10:29:07.0953 4224 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:29:07.0954 4224 USBSTOR - ok
10:29:07.0985 4224 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
10:29:07.0986 4224 usbuhci - ok
10:29:08.0031 4224 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
10:29:08.0033 4224 usbvideo - ok
10:29:08.0059 4224 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
10:29:08.0062 4224 UxSms - ok
10:29:08.0096 4224 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
10:29:08.0098 4224 VaultSvc - ok
10:29:08.0149 4224 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
10:29:08.0150 4224 vdrvroot - ok
10:29:08.0229 4224 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
10:29:08.0236 4224 vds - ok
10:29:08.0324 4224 VFPRadioSupportService (d9656445499625b0ed88c0b203f3c16f) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
10:29:08.0327 4224 VFPRadioSupportService - ok
10:29:08.0363 4224 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
10:29:08.0365 4224 vga - ok
10:29:08.0378 4224 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
10:29:08.0383 4224 VgaSave - ok
10:29:08.0436 4224 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
10:29:08.0438 4224 vhdmp - ok
10:29:08.0448 4224 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
10:29:08.0449 4224 viaide - ok
10:29:08.0491 4224 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
10:29:08.0492 4224 volmgr - ok
10:29:08.0529 4224 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
10:29:08.0532 4224 volmgrx - ok
10:29:08.0580 4224 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
10:29:08.0582 4224 volsnap - ok
10:29:08.0621 4224 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
10:29:08.0622 4224 vsmraid - ok
10:29:08.0775 4224 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
10:29:08.0792 4224 VSS - ok
10:29:08.0985 4224 vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
10:29:08.0995 4224 vToolbarUpdater10.2.0 - ok
10:29:09.0133 4224 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
10:29:09.0134 4224 vwifibus - ok
10:29:09.0165 4224 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
10:29:09.0167 4224 vwififlt - ok
10:29:09.0191 4224 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
10:29:09.0192 4224 vwifimp - ok
10:29:09.0271 4224 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
10:29:09.0279 4224 W32Time - ok
10:29:09.0320 4224 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
10:29:09.0321 4224 WacomPen - ok
10:29:09.0360 4224 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:29:09.0361 4224 WANARP - ok
10:29:09.0381 4224 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
10:29:09.0382 4224 Wanarpv6 - ok
10:29:09.0547 4224 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
10:29:09.0563 4224 WatAdminSvc - ok
10:29:09.0736 4224 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
10:29:09.0753 4224 wbengine - ok
10:29:09.0889 4224 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
10:29:09.0895 4224 WbioSrvc - ok
10:29:09.0934 4224 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
10:29:09.0939 4224 wcncsvc - ok
10:29:09.0960 4224 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
10:29:09.0962 4224 WcsPlugInService - ok
10:29:10.0002 4224 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
10:29:10.0003 4224 Wd - ok
10:29:10.0073 4224 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
10:29:10.0079 4224 Wdf01000 - ok
10:29:10.0103 4224 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:29:10.0106 4224 WdiServiceHost - ok
10:29:10.0111 4224 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
10:29:10.0114 4224 WdiSystemHost - ok
10:29:10.0151 4224 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
10:29:10.0154 4224 WebClient - ok
10:29:10.0175 4224 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
10:29:10.0178 4224 Wecsvc - ok
10:29:10.0193 4224 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
10:29:10.0196 4224 wercplsupport - ok
10:29:10.0228 4224 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
10:29:10.0231 4224 WerSvc - ok
10:29:10.0298 4224 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
10:29:10.0299 4224 WfpLwf - ok
10:29:10.0322 4224 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
10:29:10.0323 4224 WIMMount - ok
10:29:10.0358 4224 WinDefend - ok
10:29:10.0368 4224 WinHttpAutoProxySvc - ok
10:29:10.0461 4224 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
10:29:10.0464 4224 Winmgmt - ok
10:29:10.0650 4224 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
10:29:10.0675 4224 WinRM - ok
10:29:10.0842 4224 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
10:29:10.0844 4224 WinUsb - ok
10:29:10.0944 4224 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
10:29:10.0952 4224 Wlansvc - ok
10:29:11.0036 4224 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:29:11.0037 4224 wlcrasvc - ok
10:29:11.0265 4224 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:29:11.0280 4224 wlidsvc - ok
10:29:11.0428 4224 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
10:29:11.0430 4224 WmiAcpi - ok
10:29:11.0517 4224 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
10:29:11.0519 4224 wmiApSrv - ok
10:29:11.0558 4224 WMPNetworkSvc - ok
10:29:11.0596 4224 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
10:29:11.0599 4224 WPCSvc - ok
10:29:11.0622 4224 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
10:29:11.0625 4224 WPDBusEnum - ok
10:29:11.0654 4224 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
10:29:11.0656 4224 ws2ifsl - ok
10:29:11.0681 4224 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
10:29:11.0685 4224 wscsvc - ok
10:29:11.0689 4224 WSearch - ok
10:29:11.0895 4224 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
10:29:11.0915 4224 wuauserv - ok
10:29:12.0084 4224 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
10:29:12.0086 4224 WudfPf - ok
10:29:12.0133 4224 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
10:29:12.0136 4224 WUDFRd - ok
10:29:12.0182 4224 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
10:29:12.0186 4224 wudfsvc - ok
10:29:12.0210 4224 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
10:29:12.0214 4224 WwanSvc - ok
10:29:12.0379 4224 YahooAUService (dd0042f0c3b606a6a8b92d49afb18ad6) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
10:29:12.0386 4224 YahooAUService - ok
10:29:12.0457 4224 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
10:29:12.0517 4224 \Device\Harddisk0\DR0 - ok
10:29:12.0537 4224 Boot (0x1200) (3516e357ccc4602013555ddf62a4e2db) \Device\Harddisk0\DR0\Partition0
10:29:12.0538 4224 \Device\Harddisk0\DR0\Partition0 - ok
10:29:12.0539 4224 ============================================================
10:29:12.0539 4224 Scan finished
10:29:12.0539 4224 ============================================================
10:29:12.0549 3696 Detected object count: 0
10:29:12.0549 3696 Actual detected object count: 0
10:33:40.0539 2000 Deinitialize success

OK, this log is clean. I'll await the OTL log which should show us the infection.

OTL logfile created on: 5/7/2012 10:50:11 AM - Run 1
OTL by OldTimer - Version 3.2.42.3 Folder = C:\Users\andrew\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.80 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 58.62% Memory free
7.60 Gb Paging File | 5.80 Gb Available in Paging File | 76.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 463.76 Gb Total Space | 376.94 Gb Free Space | 81.28% Space Free | Partition Type: NTFS

Computer Name: BORIS | User Name: andrew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/05/07 10:39:53 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\andrew\Downloads\OTL.exe
PRC - [2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/03/13 18:46:06 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/03/13 18:46:00 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/01/24 18:24:26 | 002,416,480 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe
PRC - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/23 19:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/10/13 13:04:22 | 000,097,560 | ---- | M] (Fujitsu Technology Solutions) -- C:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe
PRC - [2009/12/08 15:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009/11/01 17:04:48 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/11/01 17:04:42 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/10/09 21:06:50 | 000,047,976 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
PRC - [2009/10/08 20:44:54 | 000,036,712 | ---- | M] (FUJITSU LIMITED) -- C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
PRC - [2009/07/08 21:58:26 | 000,162,912 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe
PRC - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe


========== Modules (No Company Name) ==========

MOD - [2012/05/05 08:52:12 | 008,797,856 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012/04/25 22:12:33 | 001,952,696 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2012/04/25 04:18:16 | 000,079,872 | ---- | M] () -- C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\dyyst53d.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}\components\RadioWMPCoreGecko12.dll
MOD - [2012/04/19 12:35:23 | 000,113,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\DeskUpdateNotifier\694ecb601340d3f1ab3ffd54f3630be1\DeskUpdateNotifier.ni.exe
MOD - [2012/04/12 18:02:44 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\262285b3d0afafc5059f3fe9be69bff5\System.Windows.Forms.ni.dll
MOD - [2012/04/12 18:02:37 | 001,590,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8177623eac8f15cf95b587625439eac7\System.Drawing.ni.dll
MOD - [2012/03/13 18:46:00 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2012/02/15 17:28:27 | 000,696,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\log4net\7f0da5178097cca95ea5d1f5beb84a42\log4net.ni.dll
MOD - [2012/02/15 16:57:30 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\74a1075c047edd51ba44cebf5ecf715c\System.Xml.ni.dll
MOD - [2012/02/15 16:57:26 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll
MOD - [2012/02/15 16:57:25 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll
MOD - [2011/10/24 10:25:28 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/06/24 01:14:38 | 000,330,240 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\Plugfree NETWORK\PFNService.exe -- (PFNService)
SRV:64bit: - [2009/12/24 12:43:40 | 000,145,840 | ---- | M] (CSR, plc) [Auto | Running] -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe -- (VFPRadioSupportService)
SRV:64bit: - [2009/07/30 10:43:00 | 000,063,336 | ---- | M] (FUJITSU LIMITED) [Auto | Running] -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe -- (PowerSavingUtilityService)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/05/05 08:52:14 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/25 22:12:34 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/03/13 18:46:06 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2011/11/23 03:36:24 | 002,391,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/10/12 07:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/09/23 19:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011/08/02 07:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/03/18 21:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/11/01 17:04:48 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/11/01 17:04:42 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/11/09 21:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/16 00:24:40 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012/02/16 00:24:38 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2012/01/04 15:28:36 | 000,016,640 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gtkdrv.sys -- (TrojanKillerDriver)
DRV:64bit: - [2011/10/07 07:23:46 | 000,283,728 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/09/13 07:30:08 | 000,037,456 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/08/08 07:08:58 | 000,046,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/07/11 02:14:36 | 000,375,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2011/07/11 02:14:08 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/07/11 02:14:06 | 000,120,400 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/07/11 02:14:06 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV:64bit: - [2011/05/23 02:03:28 | 000,048,992 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/21 04:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 04:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/03/04 21:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/12/18 11:38:56 | 008,038,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/11/27 05:15:00 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/11/06 12:56:06 | 001,550,848 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/11/01 17:04:42 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/10/26 12:39:44 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/10/09 20:16:28 | 000,293,936 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/25 16:48:00 | 000,153,128 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdm.sys -- (s1018mdm)
DRV:64bit: - [2009/03/25 16:48:00 | 000,146,472 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018unic.sys -- (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM)
DRV:64bit: - [2009/03/25 16:48:00 | 000,133,160 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mgmt.sys -- (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM)
DRV:64bit: - [2009/03/25 16:48:00 | 000,128,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018obex.sys -- (s1018obex)
DRV:64bit: - [2009/03/25 16:48:00 | 000,113,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018bus.sys -- (s1018bus) Sony Ericsson Device 1018 driver (WDM)
DRV:64bit: - [2009/03/25 16:48:00 | 000,034,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018nd5.sys -- (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS)
DRV:64bit: - [2009/03/25 16:48:00 | 000,019,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV:64bit: - [2006/11/01 17:59:24 | 000,007,296 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02e3.sys -- (FUJ02E3)
DRV:64bit: - [2006/11/01 17:20:28 | 000,007,808 | ---- | M] (FUJITSU LIMITED) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fuj02b1.sys -- (FUJ02B1)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/01/14 16:11:28 | 000,015,504 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mbam.sys -- (MBAMProtector)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {86A4D27C-B3F2-44BB-81B8-BEA76843BF41}
IE:64bit: - HKLM\..\SearchScopes\{86A4D27C-B3F2-44BB-81B8-BEA76843BF41}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {86A4D27C-B3F2-44BB-81B8-BEA76843BF41}
IE - HKLM\..\SearchScopes\{86A4D27C-B3F2-44BB-81B8-BEA76843BF41}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FTSG
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ts.fujitsu.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.virginmedia.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.virginmedia.com/"
FF - prefs.js..keyword.URL: "http://isearch.avg.com/search?cid=%7Bddd99e1d-29fb-40ed-bdae-82c4dd520b62%7D&mid=53b555ef146447d190203183d2d3106c-663615993e907d93a662c86c0303c6c43168dc27&ds=AVG&v=11.0.0.9&lang=en&pr=pr&d=2011-12-09%2012%3A18%3A46&sap=ku&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\andrew\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/04/25 22:12:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011/10/19 17:07:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andrew\AppData\Roaming\Mozilla\Extensions
[2012/05/02 09:19:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\dyyst53d.default\extensions
[2012/01/25 11:31:19 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\dyyst53d.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012/04/26 08:37:18 | 000,000,000 | ---D | M] (Zynga Community Toolbar) -- C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\dyyst53d.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}
[2012/04/26 08:37:19 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\dyyst53d.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
[2012/03/01 13:21:25 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\dyyst53d.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012/04/29 22:45:59 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\dyyst53d.default\extensions\avg@toolbar
[2012/01/17 12:30:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/04/21 13:55:40 | 000,552,588 | ---- | M] () (No name found) -- C:\USERS\ANDREW\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DYYST53D.DEFAULT\EXTENSIONS\{841468A1-D7F4-4BD3-84E6-BB0F13A06C64}.XPI
[2012/04/25 22:12:33 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/04/25 22:12:33 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012/03/13 18:46:00 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011/12/21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/04/25 22:12:33 | 000,000,935 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012/04/25 22:12:33 | 000,001,166 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012/04/25 22:12:33 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/25 22:12:33 | 000,001,121 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll (Conduit Ltd.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Zynga Toolbar) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Zynga Toolbar) - {7B13EC3E-999A-4B70-B9CB-2617B8323822} - C:\Program Files (x86)\Zynga\prxtbZyn0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [ConMgr] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [CSRSkype] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe (CSR, plc)
O4:64bit: - HKLM..\Run: [FDM7] C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PfNet] C:\Program Files\Fujitsu\Plugfree NETWORK\PfNet.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [PSUTility] C:\Program Files\Fujitsu\PSUtility\TrayManager.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [DeskUpdateNotifier] c:\Fujitsu\Programs\DeskUpdate\DeskUpdateNotifier.exe (Fujitsu Technology Solutions)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe ()
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [YouCam Mirror Tray icon] C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\andrew\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKCU..\Run: [tcactive] C:\Program Files (x86)\The Cleaner\tcap.exe (MooSoft Development LLC)
F3:64bit: - HKCU WinNT: Load - (C:\Users\andrew\LOCALS~1\Temp\mszolppio.exe) - File not found
F3 - HKCU WinNT: Load - (C:\Users\andrew\LOCALS~1\Temp\mszolppio.exe) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AEC75C4D-1C4D-4FE9-9602-114123D950AE}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d86e02f9-1e54-11e1-b06c-e0ca9437f99f}\Shell - "" = AutoRun
O33 - MountPoints2\{d86e02f9-1e54-11e1-b06c-e0ca9437f99f}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2012/05/07 10:16:14 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{150E1CEB-BE26-4800-9A29-036D8F111535}
[2012/05/06 09:05:13 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{B1C17421-765E-43FC-B751-F971CE207370}
[2012/05/06 09:05:01 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{4AFC048E-68AE-4D1C-B124-90F375FB2090}
[2012/05/05 08:29:39 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{F3ACE413-3FCF-4D92-81BB-1F514A9D41BA}
[2012/05/05 08:29:27 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{F6169FFE-F4E6-45BF-969D-5629F9500E32}
[2012/05/05 00:26:12 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{67ADF65A-19A1-429B-918B-A81EDB105CE9}
[2012/05/04 23:43:30 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{FF7730A5-7EEF-4405-8210-87BC632F3330}
[2012/05/04 23:43:18 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{7016AD29-8402-4BFE-9887-C184C395B4BA}
[2012/05/04 20:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools
[2012/05/04 20:38:00 | 000,251,528 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys
[2012/05/04 20:38:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2012/05/04 20:37:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2012/05/04 20:37:38 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Roaming\TestApp
[2012/05/04 08:26:27 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{4312D6F4-D0E5-4477-8649-F2C65C626853}
[2012/05/04 08:26:16 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{77AFBDA9-0FF0-423D-92F8-2DDB151050F9}
[2012/05/03 18:58:46 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{53623862-72EC-46D1-8D97-7622D8F1A11E}
[2012/05/03 18:58:34 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{09C9D6B7-DC2B-4690-832E-310A92BBD56F}
[2012/05/03 13:07:31 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{BE188C62-402A-4085-9492-BC5C8A409306}
[2012/05/02 23:36:27 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{49BA4033-B6C4-4FCF-8EAF-8DC72797C8CB}
[2012/05/02 23:36:15 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{BCDC91F6-D92A-4308-A379-22B9A797A0C7}
[2012/05/02 23:06:09 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{7C6C1BCA-355E-43B2-AE0F-4A7EF575D08A}
[2012/05/02 23:05:57 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{F9B08B83-C800-4415-9A20-220A6069527E}
[2012/05/02 08:56:23 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{A765C8D1-C4AB-4104-BF0C-17A8E05FBF29}
[2012/05/02 08:56:12 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{E5A544B9-4755-4E84-A6C8-80D56CD31BB0}
[2012/05/01 10:39:06 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{AB5A0EFF-5F9A-4691-AF47-5FF69296243D}
[2012/05/01 10:38:55 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{5FA7BB94-52F3-47EF-83F0-28D08D83126E}
[2012/05/01 09:06:14 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{45C8F973-4DD2-4436-B87C-DDB9D0BB8A41}
[2012/05/01 09:06:02 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{6792A530-5886-4610-AE0A-BDF4FBCFF302}
[2012/04/30 23:24:30 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{490FA1B2-9161-4529-9B9B-4BE240CD0E53}
[2012/04/30 11:03:39 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{B39CBAF8-576E-4372-8166-8F4E14694EE2}
[2012/04/30 11:03:27 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{26683890-F0ED-450E-AB15-CE1F623C125F}
[2012/04/29 22:43:28 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{362B435C-F1C9-45BD-AA8E-326DDD5CCA33}
[2012/04/29 22:43:16 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{0F08837B-F1DF-4F3E-8729-50D09A982B2F}
[2012/04/29 21:51:50 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{D70F67E9-1841-42BC-AFAC-9FB74BB6CD45}
[2012/04/29 09:23:57 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{9AD349A3-4941-4A2D-8CF8-608AE418890D}
[2012/04/29 09:23:45 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{5C99A067-0CA9-4347-95FD-58A4F249CE4A}
[2012/04/28 16:59:16 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{CF85ECC3-624A-40E0-9306-0E6CC84EFDAD}
[2012/04/28 16:59:04 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{91A3EB3F-9606-4AF0-9855-FE570CD20A7D}
[2012/04/28 00:18:31 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{CFA11C0E-CA6A-4AF7-812D-CB86124997E9}
[2012/04/28 00:18:19 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{3B383364-C1F3-478A-AA51-E749F493FAC3}
[2012/04/27 23:46:31 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{4DF77754-1F74-457D-AA75-AC669620C733}
[2012/04/27 08:51:09 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{7DF0EEEA-016D-41C7-AA27-1A06FEBBB329}
[2012/04/27 08:50:58 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{2A2C6E17-ACBC-4499-BA5E-FB4F0890EA6D}
[2012/04/26 18:08:53 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{9CBBA1AC-E2B8-4E84-9C9A-B368F7472B5D}
[2012/04/26 18:08:42 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{3107ED85-5194-445A-90B1-FCE027D01060}
[2012/04/25 22:12:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/04/25 22:12:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012/04/25 22:11:47 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{4A6C733D-4AE7-41FC-8FB4-F0FC90C2380A}
[2012/04/25 22:11:36 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{2E2B6B76-7B80-43B3-9AA9-9AB2C1EED3F9}
[2012/04/25 08:38:32 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{35656A42-B583-43B5-BF17-D678AA468049}
[2012/04/25 08:38:21 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{9C5D1E71-7FDC-4566-8D5E-8A9D0BC8BD39}
[2012/04/24 23:46:13 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{4F34042B-5D90-428C-902F-1330C8C9B4A6}
[2012/04/24 23:46:02 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{E19C3149-48B1-44C5-AC24-FF32A8138EE4}
[2012/04/24 22:47:30 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{510C81B7-ECAC-47D8-AE6B-AC1BFDC89969}
[2012/04/24 22:47:19 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{650FD129-C19A-4FD7-9BEC-A1FF205F6D4D}
[2012/04/24 08:01:22 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{493D529C-E2E9-4646-BBBE-5D0DB60A67AD}
[2012/04/24 08:01:10 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{9B73EA82-F50D-4DE5-AB0A-68477A5A0958}
[2012/04/23 12:12:33 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{D08F6E1A-87CD-4D50-9898-1D1C821E4835}
[2012/04/23 12:12:21 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{C13C6CC0-957B-4587-8724-DBAA3D3D77C4}
[2012/04/22 23:42:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install
[2012/04/22 23:00:58 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{5C5D3E50-2771-456A-95DE-2213D0BEF832}
[2012/04/22 23:00:46 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{F772081C-8850-401D-9377-2FB9595B983E}
[2012/04/22 09:10:07 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{ED9790E8-ECBB-4968-B855-80D2478EA8C9}
[2012/04/22 09:09:56 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{B8A2ACFA-BC6C-47BA-9E8B-E99D4A15C863}
[2012/04/21 13:54:48 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{7D8749F8-1D73-41C3-8BBF-5BE114C6E002}
[2012/04/21 13:54:35 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{94757264-7740-4C24-A31C-70F42A4F49B4}
[2012/04/21 00:16:44 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{2FE171D6-0063-4618-8D05-C66A31B80153}
[2012/04/21 00:16:32 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{1B279B17-8A41-46DC-B7BF-B79E045C273B}
[2012/04/20 23:52:10 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{85313129-1F65-41A1-987C-DC3204295823}
[2012/04/20 08:51:10 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{6DFAD165-B7A0-45BB-AF2E-349A1F6DC59A}
[2012/04/20 08:50:58 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{4A0FCD91-5B77-4B1E-B974-0B51958CE916}
[2012/04/19 14:33:56 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{E349078A-2D23-4F39-BF8F-2B83163FA8BF}
[2012/04/19 14:33:44 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{0A315724-7819-47BE-9382-9F0F066E9A8C}
[2012/04/19 14:27:42 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012/04/19 14:18:47 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{0D886BE8-6CF5-4BAC-8B7B-3C38CC3BBCD6}
[2012/04/19 14:18:36 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{802BF5F9-31D2-4916-987E-FBFD12F9286D}
[2012/04/19 12:40:41 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{F4DA760C-AC41-41A5-9BEC-3EEA3C865F34}
[2012/04/19 11:52:23 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{D5FAD626-CA93-4129-B8B7-DA270020702A}
[2012/04/19 11:52:12 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{24B134B4-A6F1-47C9-8F87-A9E192F5A2C3}
[2012/04/19 11:46:03 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{747842D2-4CE5-45F0-997C-A29EA57DA43F}
[2012/04/19 11:35:28 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{B614E6F3-9D6E-449E-A20E-F0C661ACB5E8}
[2012/04/19 11:35:16 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{6E0568B8-2179-4837-ABA3-BF76E916B209}
[2012/04/19 00:00:08 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{EC4AE329-63D1-46C4-B076-EBD366579601}
[2012/04/18 23:59:56 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{DD1715CA-99B8-4C26-A874-7C961D35EACE}
[2012/04/18 09:04:59 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{B7789DB8-565B-4789-AA80-8973125E9BB0}
[2012/04/18 09:04:47 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{E426C70D-45E5-4434-B125-E0E5CDEE2664}
[2012/04/17 14:13:22 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{EEDD682B-C0D5-4B2C-A1F6-282E47EFB7DE}
[2012/04/17 14:13:10 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{8D8AF756-B929-4696-92FC-4502B0B9CE0D}
[2012/04/16 23:10:37 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{086D20D8-E1FD-48AA-871D-B371B5992F65}
[2012/04/16 23:10:25 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{C0FAAA7C-BDA6-418B-98FE-B611238ECCE3}
[2012/04/16 10:52:21 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{0181B256-D1BA-4545-97D6-1B9B235B9B95}
[2012/04/16 10:52:10 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{CF2EB3F6-3304-4A42-BBD2-D77756E6982B}
[2012/04/16 09:10:47 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{E41E175D-CF90-4526-865C-E65EF2BC0880}
[2012/04/15 15:00:23 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{C545F619-41A5-403E-93BA-F09787D126FD}
[2012/04/15 15:00:12 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{49BAD8DD-54FC-4F7E-B97C-6139E1F407F2}
[2012/04/14 23:25:35 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{B2B372BE-9E96-4464-BA5D-14170915E940}
[2012/04/14 23:25:23 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{2BD994BB-C748-43D2-B861-65F328228E72}
[2012/04/14 09:24:31 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{A6A5B96E-EDCD-4982-B04B-C7317BDF11E2}
[2012/04/14 09:24:20 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{FE8AF4B3-C147-4F27-8C51-B624AB43364B}
[2012/04/13 23:38:49 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{051E31F7-6D80-444F-8CAE-7FF3ED72F733}
[2012/04/13 23:38:38 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{0B16C0E1-F535-4893-82CE-811A9922ED69}
[2012/04/13 16:19:52 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{E77E7BA8-A299-43AA-9B3D-60222A139BDD}
[2012/04/13 15:56:31 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{FEEAB7AB-F578-442C-B715-C6C30EC2752D}
[2012/04/13 10:28:49 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{16B8E754-8FE9-4DE3-BD91-5383A06710BD}
[2012/04/13 08:43:03 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{2A6FA065-FC79-4838-96F8-9D99AF9A8EEF}
[2012/04/12 13:05:17 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/04/12 13:05:16 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/04/12 13:05:11 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/04/12 13:05:11 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/04/12 13:05:11 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/04/12 13:05:10 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/04/12 13:05:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/04/12 13:05:09 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/04/12 13:05:08 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/04/12 13:05:08 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/04/12 13:05:08 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/04/12 13:04:48 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/04/12 13:04:47 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/04/12 13:04:46 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/04/12 13:02:12 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2012/04/12 13:02:12 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2012/04/12 13:02:09 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2012/04/12 13:00:09 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{1B4E3CF2-A1EC-4431-914A-DEE5170300DC}
[2012/04/12 10:22:59 | 000,000,000 | ---D | C] -- C:\Users\andrew\Documents\Simply Super Software
[2012/04/12 10:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2012/04/12 10:22:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2012/04/12 10:22:56 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Roaming\Simply Super Software
[2012/04/12 10:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2012/04/12 09:36:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer
[2012/04/12 09:36:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GridinSoft Trojan Killer
[2012/04/11 22:13:37 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Roaming\thecleaner
[2012/04/11 22:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Cleaner
[2012/04/11 22:13:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\The Cleaner
[2012/04/11 19:16:02 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Roaming\gizza
[2012/04/11 17:48:15 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{9438B422-07D5-4E38-8C44-F450EBE538D3}
[2012/04/10 23:09:35 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{226659C5-74D4-443E-863C-C7BCA43A3F94}
[2012/04/10 19:34:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/04/10 09:07:53 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{3360B13B-8D4A-4DEC-9EC7-8C2AD4E48317}
[2012/04/09 13:13:04 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{DB8C1EF4-BB4E-45E8-8D87-2E291F1443E3}
[2012/04/08 22:44:14 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{BD927A4B-F69A-4CE2-8E6C-AB6B3EF3EA64}
[2012/04/07 23:35:53 | 000,000,000 | ---D | C] -- C:\Users\andrew\AppData\Local\{614FC904-C680-4172-931D-3130AFA42B7F}
[2011/12/04 12:47:17 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe225.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/05/07 10:52:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/05/07 10:16:51 | 000,309,358 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/05/07 10:13:48 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2121331011-2378592583-2489391907-1001UA.job
[2012/05/07 10:13:47 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/05/07 10:13:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/05/07 08:35:38 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 08:35:38 | 000,016,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/05/07 08:32:50 | 097,345,664 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/05/07 08:28:32 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/05/07 08:27:42 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2012/05/06 18:57:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2121331011-2378592583-2489391907-1001Core.job
[2012/05/06 16:00:19 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\Malwarebytes' Scheduled Update for andrew.job
[2012/05/05 08:52:13 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/05/05 08:52:13 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/05/05 08:52:08 | 008,744,608 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2012/05/04 20:38:10 | 001,590,181 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/04/27 18:01:05 | 000,624,914 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavifw.avm
[2012/04/12 13:08:08 | 000,784,900 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/12 13:08:08 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/12 13:08:08 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/12 10:22:58 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2012/04/12 09:36:29 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012/04/11 22:13:12 | 000,001,038 | ---- | M] () -- C:\Users\Public\Desktop\The Cleaner 2012.lnk
[2012/04/10 18:01:04 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/05/04 20:38:03 | 001,590,181 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012/04/12 10:22:58 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2012/04/12 10:22:57 | 000,153,088 | ---- | C] () -- C:\Windows\SysWow64\UNRAR3.dll
[2012/04/12 10:22:57 | 000,075,264 | ---- | C] () -- C:\Windows\SysWow64\unacev2.dll
[2012/04/12 09:36:29 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Killer.lnk
[2012/04/11 22:13:12 | 000,001,038 | ---- | C] () -- C:\Users\Public\Desktop\The Cleaner 2012.lnk
[2012/01/17 15:48:09 | 000,000,017 | ---- | C] () -- C:\Users\andrew\AppData\Local\resmon.resmoncfg
[2011/09/22 21:36:40 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011/09/22 21:36:40 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011/09/22 21:36:40 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011/09/22 21:36:39 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011/09/22 21:36:39 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011/04/16 11:56:37 | 000,764,746 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

========== Custom Scans ==========

< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2012/04/25 22:12:33 | 000,125,880 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\crashreporter.exe
[2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
[2012/04/25 22:12:34 | 000,129,976 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice.exe
[2012/04/25 22:12:34 | 000,157,352 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\maintenanceservice_installer.exe
[2012/04/25 22:12:33 | 000,016,824 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
[2012/04/25 22:12:33 | 000,285,624 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2012/05/07 08:28:12 | 000,000,018 | ---- | M] () Unable to obtain MD5 -- C:\Windows\system32\log.txt

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2011/10/19 15:29:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Adobe
[2011/12/04 12:45:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Apple Software Update
[2011/12/15 22:14:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG
[2012/03/13 18:46:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\AVG Secure Search
[2012/02/26 17:37:13 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\BitTorrent
[2012/05/04 20:38:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Common Files
[2011/10/19 16:42:35 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Conduit
[2011/10/19 15:31:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\CyberLink
[2011/10/19 15:28:52 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Fujitsu
[2012/01/17 09:58:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Google
[2012/04/12 09:56:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\GridinSoft Trojan Killer
[2011/10/29 13:58:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\iLivid
[2011/12/04 23:49:00 | 000,000,000 | -H-D | M] -- C:\Program Files (x86)\InstallShield Installation Information
[2011/10/19 15:36:33 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Intel
[2012/04/12 15:28:39 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Internet Explorer
[2012/04/25 08:35:56 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MALWAREBYTES ANTI-MALWARE
[2012/04/10 18:01:05 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/10/19 15:26:54 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Office
[2012/02/16 11:31:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft Silverlight
[2011/10/19 15:35:11 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2011/12/24 14:25:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Microsoft.NET
[2012/04/25 22:12:34 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Firefox
[2012/04/25 22:12:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSBuild
[2011/10/21 12:02:08 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\MSXML 4.0
[2012/01/02 13:18:24 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Nero
[2012/05/04 20:57:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\PC Tools
[2011/10/19 15:29:57 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Realtek
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Reference Assemblies
[2011/12/04 12:46:51 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony
[2011/12/04 23:49:00 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony Ericsson
[2012/04/22 23:42:19 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Sony Media Go Install
[2011/10/19 15:30:14 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Temp
[2012/04/19 12:50:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\The Cleaner
[2012/04/12 10:22:58 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Trojan Remover
[2009/07/14 05:57:06 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Uninstall Information
[2011/12/03 20:18:31 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\VideoLAN
[2011/12/22 10:34:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Defender
[2012/04/19 14:25:37 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Live
[2011/12/22 10:34:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Mail
[2011/12/22 10:34:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Media Player
[2009/07/14 06:32:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows NT
[2011/12/22 10:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Photo Viewer
[2010/11/21 04:31:38 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Portable Devices
[2011/12/22 10:34:12 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Windows Sidebar
[2011/12/09 12:58:10 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\WinRAR
[2012/01/17 09:58:16 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Yahoo!
[2011/10/21 11:40:02 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\Zynga

< MD5 for: AGP440.SYS >
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

< MD5 for: DISK.SYS >
[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\drivers\disk.sys
[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\SysNative\DriverStore\FileRepository\disk.inf_amd64_neutral_10ce25bbc5a9cc43\disk.sys
[2009/07/14 02:47:48 | 000,073,280 | ---- | M] (Microsoft Corporation) MD5=9819EEE8B5EA3784EC4AF3B137A5244C -- C:\Windows\winsxs\amd64_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_55bb738b8ddd8a01\disk.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011/02/25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010/11/21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: IASTOR.SYS >
[2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Fujitsu\Driver Pool\7\iaStor.sys
[2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_b2da0d5f1235b4d6\iaStor.sys
[2010/06/08 09:33:14 | 000,540,696 | ---- | M] (Intel Corporation) MD5=2064090C9FAAD92C090D77E50E735B2E -- C:\Windows\SysNative\DriverStore\FileRepository\iastor.inf_amd64_neutral_1170b46175ba2765\iaStor.sys

< MD5 for: NETLOGON.DLL >
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2011/03/11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

< MD5 for: USERINIT.EXE >
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2012/04/25 22:12:33 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2012/04/25 22:12:33 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2012/04/25 22:12:33 | 000,866,992 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files (x86)\Mozilla Firefox\firefox.exe [2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -preferences [2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -safe-mode [2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2011/04/16 02:42:34 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2011/04/16 02:42:34 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2011/04/16 02:42:34 | 000,074,240 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -extoff [2011/04/16 02:42:34 | 000,748,336 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/04/16 02:42:34 | 000,748,336 | ---- | M] (Microsoft Corporation)

< hklm\software\clients\startmenuinternet|command /64 /rs >
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /HIDESHORTCUTS [2012/04/25 22:12:33 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SHOWSHORTCUTS [2012/04/25 22:12:33 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\UNINSTALL\HELPER.EXE" /SETASDEFAULTAPPGLOBAL [2012/04/25 22:12:33 | 000,866,992 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE [2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -PREFERENCES [2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\FIREFOX.EXE" -SAFE-MODE [2012/04/25 22:12:33 | 000,924,600 | ---- | M] (Mozilla Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -SHOW [2011/04/16 02:42:34 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -REINSTALL [2011/04/16 02:42:34 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\SYSTEM32\IE4UINIT.EXE" -HIDE [2011/04/16 02:42:34 | 000,089,088 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE" -EXTOFF [2011/04/16 02:42:34 | 000,748,336 | ---- | M] (Microsoft Corporation)
64bit-HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IEXPLORE.EXE [2011/04/16 02:42:34 | 000,748,336 | ---- | M] (Microsoft Corporation)

========== Alternate Data Streams ==========

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:0B4227B4
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:CB0AACC9
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84
@Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.80 Gb Total Physical Memory | 2.23 Gb Available Physical Memory | 58.62% Memory free
7.60 Gb Paging File | 5.80 Gb Available in Paging File | 76.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 463.76 Gb Total Space | 376.94 Gb Free Space | 81.28% Space Free | Partition Type: NTFS

Computer Name: BORIS | User Name: andrew | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.html[@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Scan with Trojan Remover] -- C:\Program Files (x86)\Trojan Remover\rmvtrjan.exe /d "%1" (Simply Super Software)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042526BD-4B80-4BF1-8BC8-39332B11D7FF}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0E843D38-C1E4-4B01-A52E-C3F1D42B2679}" = lport=445 | protocol=6 | dir=in | app=system |
"{15EC8CC6-D88B-48C6-A5AC-055D70215BCC}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2378F685-563D-4A91-9735-B4BEBB120267}" = lport=137 | protocol=17 | dir=in | app=system |
"{3B6D33A1-1040-4208-B202-8C6C74745CA2}" = rport=138 | protocol=17 | dir=out | app=system |
"{3CE9AF5C-3184-49E1-A3EB-A4379CFCA824}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{4424B9AC-1159-4453-B015-097BF39277DC}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{64209DF6-965B-4D8C-A1F2-BE4C8F34005A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7EDBF527-0D1E-4E4C-A8AC-0FBC5DAFB52C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{82B48AE0-A127-4B9E-A509-F1529196ADEC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{849C3AA5-4C2D-436A-80A6-6738B8B2A820}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{883F6442-B7C9-40E7-B222-1E0B5452DE53}" = lport=138 | protocol=17 | dir=in | app=system |
"{9317112D-6AA1-46C8-A1DC-57C644B1227B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9698414C-4417-48F1-8BC8-762BC86DA503}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{9ACB0BF8-BAEC-499A-9563-2BB898D6A4F1}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9D4C890C-267C-4D05-BC1D-B4B9DBEBF22A}" = rport=445 | protocol=6 | dir=out | app=system |
"{A057C4FA-9A6C-42FB-9010-3643C83877EC}" = rport=139 | protocol=6 | dir=out | app=system |
"{B006051E-D7C9-4FD7-9D6F-79CA445A162F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BAA9B41C-53CB-4B4F-B25A-28BE631521EE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CAD1ECCB-282D-4AC8-9516-09F729F1166F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DFADFD47-E5D8-44AB-9CB8-0F562CEB6E7C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{E66FE5DE-41D0-4947-8F70-1D2DE473DBAF}" = lport=139 | protocol=6 | dir=in | app=system |
"{F2AF6FEA-51D4-4EA7-A796-C1F606ADED23}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{F88FBC10-4F4B-476B-822C-25D4937095B8}" = rport=137 | protocol=17 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{096E56BF-DAD0-4B8A-90EC-197EDCB1B103}" = dir=in | app=c:\users\andrew\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{09F91235-6961-4622-9880-90C2F88715CF}" = protocol=17 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{19AA8DB0-2C2D-4B7B-A3F1-DB6860EA579F}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{33146FB6-D844-4AC5-8F62-65DBEAA4E1D3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{40F651F4-3187-4E4B-8893-DD57E06B59C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4288ECB4-6651-4E58-8E86-202DF753BF11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4C40A9E5-7ED4-4863-8817-8A69763F6323}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{4FE00EB9-9FE8-4350-AC5A-FD1D65EDAD6F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{54680183-8B7D-4126-A2EA-29B1EBC6B376}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{56A883FB-70A5-4159-8105-8F6861FBC789}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{59E1423D-9866-4BF6-B19F-C826A1B18F28}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{5F9083B6-1F72-45AF-A962-F85029B870A2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{63B9AA9A-FC09-43DC-881E-0066B005AE03}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6850C96D-BCC8-48E3-BC0D-33E37CE22793}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{6CC60336-8F37-4B30-9AB8-F58FF407E8F9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{767B5D77-570D-41CF-AB78-7C5DF132212B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgdiagex.exe |
"{7A196F12-D51D-40AE-B61C-A034C0403120}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D6AC028-6320-4134-BA9D-0B8A1F5D57A7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{834B2FD1-92C8-41AF-83AB-AC6DBCE8551D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{8B4F027A-EEFD-4369-BFCE-0C92BE35FDE3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9CB4C047-5552-42CF-9493-82E61028475E}" = protocol=6 | dir=in | app=c:\program files (x86)\bittorrent\bittorrent.exe |
"{A7C9B10A-A747-439C-9186-72DF6EA80C58}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A9BAA321-0C55-4A45-B944-C381E8F2C2D6}" = protocol=6 | dir=out | app=system |
"{B1913940-798F-4A07-B54E-B20E3443BF79}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5D457C4-4177-49E5-95DD-344BC56D8F7F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B8F8EA98-D2ED-4D82-941B-A33917551C11}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgemca.exe |
"{C2BEE41F-6FAC-441E-AE29-930C05DFFA55}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C4B56414-B341-40DD-9B10-D3D630E9D5C4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C7B62765-A836-4D21-B15E-059D92AA580A}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe |
"{CA9642CA-14DD-4E35-A71A-846350A12F2C}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgnsa.exe |
"{F1C10A9C-EEF5-4A57-817E-3BC890ECD3F8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{FB6021E6-8B6E-42CF-8A4F-E19B183290BE}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2CDD9D22-AD67-4588-93AD-147C979F6E7C}" = AVG 2012
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"{7BA64D21-EE46-4a9a-8145-52B0175C3F86}" = Plugfree NETWORK
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B2F4C332-2359-4ADE-AF0C-C631768BBB89}" = Bluetooth Feature Pack 5.0
"{B7C6A943-83E0-4E7F-A79A-C5CBAA60B0F5}" = Plugfree NETWORK
"{D050583D-5CEC-47B1-88AA-8B328CAA8621}" = AVG 2012
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"AVG" = AVG 2012
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{380e1103-ba9d-4142-b917-73cd5f78cd64}" = Nero 9 Essentials
"{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}" = Media Go
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-1033-7B44-A91000000001}" = Adobe Reader 9.1.3
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D95CD7BE-A894-4F6C-B9DF-578C3CB411D4}" = VLC
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E656D89A-8CBB-497F-918F-8361A4071C26}" = Nero Burning ROM 11
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.13
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"AVG PC Tuneup 2011_is1" = AVG PC Tuneup 2011 10.0.0.24
"BitTorrent" = BitTorrent
"DeskUpdate_is1" = DeskUpdate 4.11
"GridinSoft Trojan Killer" = Trojan Killer
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{7254349B-460B-488F-B4DB-A96100C5C48B}" = Power Saving Utility
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
"Mozilla Firefox 12.0 (x86 en-GB)" = Mozilla Firefox 12.0 (x86 en-GB)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"The Cleaner_is1" = The Cleaner 2012
"Trojan Remover_is1" = Trojan Remover 6.8.3
"VLC media player" = VLC media player 1.1.5
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Yahoo! Software Update" = Yahoo! Software Update
"Zynga Toolbar" = Zynga Toolbar

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 4/27/2012 6:34:10 PM | Computer Name = boris | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Sony\Media
Go\MediaGo.exe".Error in manifest or policy file "C:\Program Files (x86)\Sony\Media
Go\Sony.Mrs.MANIFEST" on line 3. Component identity found in manifest does not match
the identity of the component requested. Reference is Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition
is Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0". Please use
sxstrace.exe for detailed diagnosis.

Error - 4/27/2012 6:34:56 PM | Computer Name = boris | Source = WinMgmt | ID = 10
Description =

Error - 4/28/2012 3:56:03 AM | Computer Name = boris | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Sony\Media
Go\MediaGo.exe".Error in manifest or policy file "C:\Program Files (x86)\Sony\Media
Go\Sony.Mrs.MANIFEST" on line 3. Component identity found in manifest does not match
the identity of the component requested. Reference is Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition
is Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0". Please use
sxstrace.exe for detailed diagnosis.

Error - 4/28/2012 3:56:32 AM | Computer Name = boris | Source = WinMgmt | ID = 10
Description =

Error - 4/28/2012 11:58:01 AM | Computer Name = boris | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Sony\Media
Go\MediaGo.exe".Error in manifest or policy file "C:\Program Files (x86)\Sony\Media
Go\Sony.Mrs.MANIFEST" on line 3. Component identity found in manifest does not match
the identity of the component requested. Reference is Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition
is Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0". Please use
sxstrace.exe for detailed diagnosis.

Error - 4/28/2012 11:58:49 AM | Computer Name = boris | Source = WinMgmt | ID = 10
Description =

Error - 4/28/2012 6:05:10 PM | Computer Name = boris | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Sony\Media
Go\MediaGo.exe".Error in manifest or policy file "C:\Program Files (x86)\Sony\Media
Go\Sony.Mrs.MANIFEST" on line 3. Component identity found in manifest does not match
the identity of the component requested. Reference is Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition
is Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0". Please use
sxstrace.exe for detailed diagnosis.

Error - 4/28/2012 6:05:47 PM | Computer Name = boris | Source = WinMgmt | ID = 10
Description =

Error - 4/29/2012 4:17:33 AM | Computer Name = boris | Source = SideBySide | ID = 16842787
Description = Activation context generation failed for "C:\Program Files (x86)\Sony\Media
Go\MediaGo.exe".Error in manifest or policy file "C:\Program Files (x86)\Sony\Media
Go\Sony.Mrs.MANIFEST" on line 3. Component identity found in manifest does not match
the identity of the component requested. Reference is Sony.Mrs,processorArchitecture="AMD64",type="win32",version="2.2.0.0".
Definition
is Sony.Mrs,processorArchitecture="x86",type="win32",version="2.2.0.0". Please use
sxstrace.exe for detailed diagnosis.

Error - 4/29/2012 4:18:04 AM | Computer Name = boris | Source = WinMgmt | ID = 10
Description =

[ Media Center Events ]
Error - 12/14/2011 5:04:11 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 21:04:11 - Error connecting to the internet. 21:04:11 - Unable
to contact server..

Error - 12/14/2011 5:04:17 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 21:04:16 - Error connecting to the internet. 21:04:16 - Unable
to contact server..

Error - 12/14/2011 6:04:22 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 22:04:22 - Error connecting to the internet. 22:04:22 - Unable
to contact server..

Error - 12/14/2011 6:04:28 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 22:04:27 - Error connecting to the internet. 22:04:27 - Unable
to contact server..

Error - 1/8/2012 3:20:55 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 19:20:55 - Error connecting to the internet. 19:20:55 - Unable
to contact server..

Error - 1/8/2012 3:21:05 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 19:21:00 - Error connecting to the internet. 19:21:00 - Unable
to contact server..

Error - 1/22/2012 4:28:36 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 20:28:36 - Error connecting to the internet. 20:28:36 - Unable
to contact server..

Error - 1/22/2012 4:28:46 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 20:28:41 - Error connecting to the internet. 20:28:41 - Unable
to contact server..

Error - 1/22/2012 5:28:51 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 21:28:51 - Error connecting to the internet. 21:28:51 - Unable
to contact server..

Error - 1/22/2012 5:28:57 PM | Computer Name = boris | Source = MCUpdate | ID = 0
Description = 21:28:56 - Error connecting to the internet. 21:28:56 - Unable
to contact server..

[ System Events ]
Error - 2/14/2012 6:17:41 PM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2

Error - 2/14/2012 7:28:18 PM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2

Error - 2/15/2012 4:41:45 AM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2

Error - 2/15/2012 11:51:51 AM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2

Error - 2/15/2012 3:00:20 PM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2

Error - 2/15/2012 6:20:13 PM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2

Error - 2/16/2012 6:31:27 AM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2

Error - 2/16/2012 6:32:13 AM | Computer Name = boris | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the Yahoo!
Updater service to connect.

Error - 2/16/2012 6:32:13 AM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Yahoo! Updater service failed to start due to the following error:
%%1053

Error - 2/16/2012 2:21:26 PM | Computer Name = boris | Source = Service Control Manager | ID = 7000
Description = The Nero BackItUp Scheduler 4.0 service failed to start due to the
following error: %%2


< End of report >

I see you have some additional security software installed besides AVG:

trojan remover
the cleaner
trojankiller

In my opinion, AVG real time protection is all you need + additional on-demand scans (say, 1/month) by Malwarebytes.

The software trojan killer is rogue. You should proceed to uninstall that ASAP. The manufacturer Gridinsoft has a bad name.

====================

• Please run OTL.exe again
  
• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

• CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
  
• If it asks to reboot the computer, please allow that.
  
• Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

====================

In the previous step I have removed some stuff, including a Firefox toolbar called "Nectar Search", which has been recently installed. I´m not sure of the nature of this toolbar.

Let me know if these steps have solved your problem. If they have not, feel free to reinstall Nectar Toolbar again later (I´m not a big fan of toolbars, but other users may be).

Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret in the current context!
Error: Unable to interpret <@C:\ProgramData\Temp:0B4227B4> in the current context!
Error: Unable to interpret <@C:\ProgramData\Temp:CB0AACC9> in the current context!
Error: Unable to interpret <@C:\ProgramData\Temp:430C6D84> in the current context!
Error: Unable to interpret <@C:\ProgramData\Temp:DFC5A2B2> in the current context!
Error: Unable to interpret in the current context!
========== OTL ==========
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry delete failed. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\andrew\LOCALS~1\Temp\mszolppio.exe scheduled to be deleted on reboot.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\andrew\LOCALS~1\Temp\mszolppio.exe deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d86e02f9-1e54-11e1-b06c-e0ca9437f99f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d86e02f9-1e54-11e1-b06c-e0ca9437f99f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d86e02f9-1e54-11e1-b06c-e0ca9437f99f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d86e02f9-1e54-11e1-b06c-e0ca9437f99f}\ not found.
File E:\Startme.exe not found.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.42.3 log created on 05072012_144549

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
64bit-Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\andrew\LOCALS~1\Temp\mszolppio.exe deleted successfully.

oops something went wrong there.

It looks to me you did not copy the first line into the script (":files").

Could you please try and run the OTL script again?

should i just run the scan or do i need to cut and paste something in the custom scans file box

Full instructions below. make sure you copy everything from the code box.

• Please run OTL.exe again
  
• Under the Custom Scans/Fixes box at the bottom, copy and paste in the following:

• CAREFUL NOW! You must click the Run Fix button, NOT the Run Scan!
  
• If it asks to reboot the computer, please allow that.
  
• Finally, post the contents of the log. (Located at C:\_OTL\Moved Files)

Everytime I open firefox somehow while online firefox opens another tab with advertisement on it. I searched for an answer and this guy said to come here and ask for help or download tdsskiller and it will solve everything. I hope I can download this asap to fix my computer. Thanks! HELP!

12:44:23.0340 6112  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:44:25.0045 6112  ============================================================
12:44:25.0045 6112  Current date / time: 2013/07/25 12:44:25.0045
12:44:25.0045 6112  SystemInfo:
12:44:25.0045 6112  
12:44:25.0046 6112  OS Version: 6.1.7601 ServicePack: 1.0
12:44:25.0046 6112  Product type: Workstation
12:44:25.0046 6112  ComputerName: BQ-PC
12:44:25.0046 6112  UserName: BQ
12:44:25.0046 6112  Windows directory: C:\Windows
12:44:25.0046 6112  System windows directory: C:\Windows
12:44:25.0046 6112  Processor architecture: Intel x86
12:44:25.0046 6112  Number of processors: 4
12:44:25.0046 6112  Page size: 0x1000
12:44:25.0046 6112  Boot type: Normal boot

12:44:25.0046 6112  ============================================================
12:44:26.0412 6112  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:44:26.0415 6112  ============================================================
12:44:26.0415 6112  \Device\Harddisk0\DR0:
12:44:26.0416 6112  MBR partitions:
12:44:26.0416 6112  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xBEA0000
12:44:26.0416 6112  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xBED2800, BlocksNum 0xBD74000
12:44:26.0416 6112  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x17C46800, BlocksNum 0xD7E7800
12:44:26.0416 6112  ============================================================
12:44:26.0500 6112  C: <-> \Device\Harddisk0\DR0\Partition3
12:44:26.0737 6112  D: <-> \Device\Harddisk0\DR0\Partition1
12:44:26.0918 6112  E: <-> \Device\Harddisk0\DR0\Partition2
12:44:26.0918 6112  ============================================================
12:44:26.0919 6112  Initialize success
12:44:26.0919 6112  ============================================================
12:44:46.0208 4052  ============================================================
12:44:46.0208 4052  Scan started
12:44:46.0208 4052  Mode: Manual;
12:44:46.0208 4052  ============================================================
12:44:47.0513 4052  ================ Scan system memory ========================
12:44:47.0513 4052  System memory - ok
12:44:47.0514 4052  ================ Scan services =============================
12:44:47.0700 4052  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:44:47.0704 4052  1394ohci - ok
12:44:47.0761 4052  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:44:47.0765 4052  ACPI - ok
12:44:47.0811 4052  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:44:47.0812 4052  AcpiPmi - ok
12:44:47.0886 4052  [ 6D7F09CD92A9FEF3A8EFCE66231FDD79 ] adfs            C:\Windows\system32\drivers\adfs.sys
12:44:47.0888 4052  adfs - ok
12:44:48.0027 4052  [ 57A3B9A69F14414ACE12AFD6BA701773 ] Adobe Version Cue CS4 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
12:44:48.0040 4052  Adobe Version Cue CS4 - ok
12:44:48.0141 4052  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
12:44:48.0143 4052  AdobeARMservice - ok
12:44:48.0229 4052  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:44:48.0233 4052  AdobeFlashPlayerUpdateSvc - ok
12:44:48.0268 4052  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:44:48.0273 4052  adp94xx - ok
12:44:48.0288 4052  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:44:48.0292 4052  adpahci - ok
12:44:48.0308 4052  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:44:48.0311 4052  adpu320 - ok
12:44:48.0345 4052  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:44:48.0347 4052  AeLookupSvc - ok
12:44:48.0397 4052  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
12:44:48.0401 4052  AFD - ok
12:44:48.0441 4052  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
12:44:48.0443 4052  agp440 - ok
12:44:48.0467 4052  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
12:44:48.0470 4052  aic78xx - ok
12:44:48.0496 4052  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
12:44:48.0498 4052  ALG - ok
12:44:48.0520 4052  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:44:48.0522 4052  aliide - ok
12:44:48.0564 4052  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
12:44:48.0566 4052  amdagp - ok
12:44:48.0606 4052  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:44:48.0608 4052  amdide - ok
12:44:48.0625 4052  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:44:48.0627 4052  AmdK8 - ok
12:44:48.0643 4052  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:44:48.0644 4052  AmdPPM - ok
12:44:48.0690 4052  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:44:48.0693 4052  amdsata - ok
12:44:48.0723 4052  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:44:48.0726 4052  amdsbs - ok
12:44:48.0739 4052  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:44:48.0741 4052  amdxata - ok
12:44:48.0794 4052  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
12:44:48.0796 4052  AppID - ok
12:44:48.0836 4052  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:44:48.0838 4052  AppIDSvc - ok
12:44:48.0878 4052  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
12:44:48.0880 4052  Appinfo - ok
12:44:48.0997 4052  [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:44:48.0999 4052  Apple Mobile Device - ok
12:44:49.0031 4052  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:44:49.0034 4052  AppMgmt - ok
12:44:49.0053 4052  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:44:49.0055 4052  arc - ok
12:44:49.0075 4052  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:44:49.0078 4052  arcsas - ok
12:44:49.0195 4052  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
12:44:49.0214 4052  aspnet_state - ok
12:44:49.0279 4052  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
12:44:49.0280 4052  aswFsBlk - ok
12:44:49.0317 4052  [ E2FEE0486D68BF85355D3EDA1A24FF68 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
12:44:49.0318 4052  aswKbd - ok
12:44:49.0380 4052  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:44:49.0382 4052  aswMonFlt - ok
12:44:49.0432 4052  [ FFE9A993B3EC2908FECB1DF2C39148BB ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
12:44:49.0434 4052  aswRdr - ok
12:44:49.0496 4052  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:44:49.0498 4052  aswRvrt - ok
12:44:49.0532 4052  [ CCD565A8A72AF7D45F9A242013870926 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:44:49.0548 4052  aswSnx - ok
12:44:49.0579 4052  [ 937300BC7C4CDF7576BCCE44E19BBB9D ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:44:49.0584 4052  aswSP - ok
12:44:49.0605 4052  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
12:44:49.0607 4052  aswTdi - ok
12:44:49.0627 4052  [ 8CFAA2B965773A653F48F1207A9CB9C4 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:44:49.0630 4052  aswVmm - ok
12:44:49.0656 4052  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:44:49.0657 4052  AsyncMac - ok
12:44:49.0701 4052  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
12:44:49.0702 4052  atapi - ok
12:44:49.0757 4052  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:44:49.0772 4052  AudioEndpointBuilder - ok
12:44:49.0780 4052  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
12:44:49.0783 4052  Audiosrv - ok
12:44:49.0854 4052  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:44:49.0855 4052  avast! Antivirus - ok
12:44:49.0902 4052  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:44:49.0904 4052  AxInstSV - ok
12:44:49.0936 4052  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
12:44:49.0943 4052  b06bdrv - ok
12:44:49.0972 4052  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
12:44:49.0975 4052  b57nd60x - ok
12:44:50.0004 4052  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:44:50.0007 4052  BDESVC - ok
12:44:50.0031 4052  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:44:50.0033 4052  Beep - ok
12:44:50.0088 4052  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
12:44:50.0103 4052  BFE - ok
12:44:50.0156 4052  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
12:44:50.0173 4052  BITS - ok
12:44:50.0190 4052  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:44:50.0192 4052  blbdrive - ok
12:44:50.0281 4052  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:44:50.0286 4052  Bonjour Service - ok
12:44:50.0327 4052  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:44:50.0329 4052  bowser - ok
12:44:50.0344 4052  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:44:50.0346 4052  BrFiltLo - ok
12:44:50.0361 4052  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:44:50.0364 4052  BrFiltUp - ok
12:44:50.0402 4052  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
12:44:50.0404 4052  Browser - ok
12:44:50.0419 4052  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:44:50.0424 4052  Brserid - ok
12:44:50.0438 4052  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:44:50.0440 4052  BrSerWdm - ok
12:44:50.0454 4052  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:44:50.0456 4052  BrUsbMdm - ok
12:44:50.0473 4052  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:44:50.0475 4052  BrUsbSer - ok
12:44:50.0493 4052  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:44:50.0495 4052  BTHMODEM - ok
12:44:50.0538 4052  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
12:44:50.0540 4052  bthserv - ok
12:44:50.0564 4052  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:44:50.0566 4052  cdfs - ok
12:44:50.0622 4052  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
12:44:50.0625 4052  cdrom - ok
12:44:50.0671 4052  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
12:44:50.0673 4052  CertPropSvc - ok
12:44:50.0687 4052  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:44:50.0689 4052  circlass - ok
12:44:50.0719 4052  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
12:44:50.0722 4052  CLFS - ok
12:44:50.0781 4052  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:44:50.0785 4052  clr_optimization_v2.0.50727_32 - ok
12:44:50.0852 4052  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:44:50.0901 4052  clr_optimization_v4.0.30319_32 - ok
12:44:50.0916 4052  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:44:50.0918 4052  CmBatt - ok
12:44:50.0952 4052  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:44:50.0954 4052  cmdide - ok
12:44:50.0999 4052  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
12:44:51.0005 4052  CNG - ok
12:44:51.0022 4052  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:44:51.0023 4052  Compbatt - ok
12:44:51.0065 4052  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:44:51.0068 4052  CompositeBus - ok
12:44:51.0079 4052  COMSysApp - ok
12:44:51.0089 4052  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:44:51.0091 4052  crcdisk - ok
12:44:51.0141 4052  [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:44:51.0144 4052  CryptSvc - ok
12:44:51.0195 4052  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
12:44:51.0200 4052  CSC - ok
12:44:51.0253 4052  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
12:44:51.0268 4052  CscService - ok
12:44:51.0288 4052  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:44:51.0305 4052  DcomLaunch - ok
12:44:51.0414 4052  [ 2D7C1661961CE19085B6A968B1B293D4 ] DefaultTabSearch C:\Program Files\DefaultTab\DefaultTabSearch.exe
12:44:51.0431 4052  DefaultTabSearch - ok
12:44:51.0552 4052  [ 34AE0DFA3EE3B5B9975042D87332D0B7 ] DefaultTabUpdate C:\Users\BQ\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
12:44:51.0555 4052  DefaultTabUpdate - ok
12:44:51.0585 4052  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:44:51.0589 4052  defragsvc - ok
12:44:51.0634 4052  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:44:51.0637 4052  DfsC - ok
12:44:51.0694 4052  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:44:51.0699 4052  Dhcp - ok
12:44:51.0708 4052  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
12:44:51.0710 4052  discache - ok
12:44:51.0764 4052  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:44:51.0766 4052  Disk - ok
12:44:51.0812 4052  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:44:51.0815 4052  Dnscache - ok
12:44:51.0860 4052  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:44:51.0864 4052  dot3svc - ok
12:44:51.0905 4052  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
12:44:51.0908 4052  DPS - ok
12:44:51.0930 4052  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:44:51.0932 4052  drmkaud - ok
12:44:52.0030 4052  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:44:52.0048 4052  DXGKrnl - ok
12:44:52.0081 4052  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
12:44:52.0084 4052  EapHost - ok
12:44:52.0182 4052  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
12:44:52.0267 4052  ebdrv - ok
12:44:52.0315 4052  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
12:44:52.0318 4052  EFS - ok
12:44:52.0379 4052  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:44:52.0396 4052  ehRecvr - ok
12:44:52.0415 4052  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
12:44:52.0417 4052  ehSched - ok
12:44:52.0456 4052  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:44:52.0462 4052  elxstor - ok
12:44:52.0496 4052  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:44:52.0497 4052  ErrDev - ok
12:44:52.0540 4052  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
12:44:52.0545 4052  EventSystem - ok
12:44:52.0610 4052  [ 58C54CF72D1B8518A14695B46CA26C90 ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
12:44:52.0615 4052  ewusbmbb - ok
12:44:52.0639 4052  ewusbnet - ok
12:44:52.0668 4052  [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
12:44:52.0670 4052  ew_hwusbdev - ok
12:44:52.0704 4052  [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
12:44:52.0706 4052  ew_usbenumfilter - ok
12:44:52.0720 4052  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
12:44:52.0723 4052  exfat - ok
12:44:52.0734 4052  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:44:52.0737 4052  fastfat - ok
12:44:52.0784 4052  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
12:44:52.0801 4052  Fax - ok
12:44:52.0824 4052  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:44:52.0826 4052  fdc - ok
12:44:52.0853 4052  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
12:44:52.0856 4052  fdPHost - ok
12:44:52.0865 4052  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
12:44:52.0868 4052  FDResPub - ok
12:44:52.0883 4052  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:44:52.0885 4052  FileInfo - ok
12:44:52.0894 4052  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:44:52.0896 4052  Filetrace - ok
12:44:52.0967 4052  [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
12:44:52.0983 4052  FLEXnet Licensing Service - ok
12:44:52.0998 4052  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:44:53.0000 4052  flpydisk - ok
12:44:53.0027 4052  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:44:53.0031 4052  FltMgr - ok
12:44:53.0097 4052  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
12:44:53.0123 4052  FontCache - ok
12:44:53.0175 4052  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
12:44:53.0177 4052  FontCache3.0.0.0 - ok
12:44:53.0196 4052  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:44:53.0199 4052  FsDepends - ok
12:44:53.0244 4052  [ B0082808A6856A252F7CDD939892CE50 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
12:44:53.0246 4052  fssfltr - ok
12:44:53.0354 4052  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:44:53.0388 4052  fsssvc - ok
12:44:53.0428 4052  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:44:53.0430 4052  Fs_Rec - ok
12:44:53.0476 4052  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:44:53.0479 4052  fvevol - ok
12:44:53.0504 4052  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:44:53.0506 4052  gagp30kx - ok
12:44:53.0544 4052  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:44:53.0546 4052  GEARAspiWDM - ok
12:44:53.0597 4052  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:44:53.0614 4052  gpsvc - ok
12:44:53.0681 4052  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:44:53.0683 4052  gupdate - ok
12:44:53.0706 4052  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:44:53.0707 4052  gupdatem - ok
12:44:53.0724 4052  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:44:53.0726 4052  hcw85cir - ok
12:44:53.0781 4052  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:44:53.0786 4052  HdAudAddService - ok
12:44:53.0808 4052  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:44:53.0810 4052  HDAudBus - ok
12:44:53.0825 4052  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:44:53.0827 4052  HidBatt - ok
12:44:53.0843 4052  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:44:53.0845 4052  HidBth - ok
12:44:53.0866 4052  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:44:53.0868 4052  HidIr - ok
12:44:53.0898 4052  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
12:44:53.0901 4052  hidserv - ok
12:44:53.0947 4052  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:44:53.0949 4052  HidUsb - ok
12:44:53.0986 4052  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:44:53.0990 4052  hkmsvc - ok
12:44:54.0034 4052  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:44:54.0040 4052  HomeGroupListener - ok