Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Member
    Join Date
    Jun 2012
    Posts
    8
    Points
    0

    Default Very slow computer/internet access. Had Nginx virus but must not have removed it all.

    I have a dell inspirion 1525 running vista with 399 GB of 465 GB free space left. A couple days ago I had the Nginx virus. I thought I removed it all and did a system restore. But after a day, the computer is very slow and internet barely works. I am running the free version of AVG and AdAware. Thanks for any help!


    Here is my malware log...
    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 196936
    Time elapsed: 20 minute(s), 4 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 1
    C:\Users\owner1\Downloads\WmvConverterSetup.exe (Adware.InstallCore) -> Quarantined and deleted successfully.

    (end)



    Here is my HijackThis log....
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 9:32:37 PM, on 6/6/2012
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
    C:\Program Files\Real\RealPlayer\Update\realsched.exe
    C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\PROGRA~1\AD-AWA~1\AdAware.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\wuauclt.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\rundll32.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxy.kodak.com:81/proxy.pac
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: StartNow Toolbar - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll (file missing)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe
    O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher" --windows-run
    O4 - HKLM\..\Run: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript
    O4 - HKCU\..\Run: [Google Update] "C:\Users\owner1\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [Spotify] "C:\Users\owner1\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
    O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: CarboniteService - Carbonite, Inc. (Online Backup) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

    --
    End of file - 9714 bytes

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hi Rw37601,

    Welcome to Help2Go!

    We need to see some information about what is happening in your machine. Please perform the following scan:
    • Download DDS by sUBs from one of the following links. Save it to your desktop.
    • Double click on the DDS icon, allow it to run.
    • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
    • Notepad will open with the results.
    • Follow the instructions that pop up for posting the results.
    • Close the program window, and delete the program from your desktop.
    Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

    Information on A/V control HERE

    Joe

  3. #3
    Member
    Join Date
    Jun 2012
    Posts
    8
    Points
    0

    Default

    Hi, thanks so much for helping me. I hope I'm doing this correctly.

    .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
    Run by owner1 at 21:14:53 on 2012-06-07
    Microsoft® Windows Vista™ Home Basic 6.0.6002.2.1252.1.1033.18.3061.1270 [GMT -4:00]
    .
    AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
    AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
    SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
    SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
    .
    ============== Running Processes ===============
    .
    C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
    C:\Program Files\AVG\AVG2012\avgcsrvx.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    C:\Program Files\AVG\AVG2012\avgnsx.exe
    C:\Program Files\AVG\AVG2012\avgemcx.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Kodak\KODAK Share Button App\Listener.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\hkcmd.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    C:\Program Files\AVG\AVG2012\avgtray.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe
    C:\Program Files\Real\RealPlayer\Update\realsched.exe
    C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
    C:\PROGRA~1\AD-AWA~1\AdAware.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wuauclt.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\msiexec.exe
    C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Users\owner1\AppData\Local\Google\Chrome\Application\chrome.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://yahoo.com/
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - c:\program files\startnow toolbar\Toolbar32.dll
    uRun: [Google Update] "c:\users\owner1\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [Spotify] "c:\users\owner1\appdata\roaming\spotify\spotify.exe" /uri spotify:autostart
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
    mRun: [StartNowToolbarHelper] "c:\program files\startnow toolbar\ToolbarHelper.exe"
    mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
    mRun: [Carbonite Backup] c:\program files\carbonite\carbonite backup\CarboniteUI.exe
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [ArcSoft MediaImpression Monitor] c:\program files\kodak\mediaimpression\ArcMonitor.exe
    mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
    mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
    mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
    mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
    TCP: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
    TCP: Interfaces\{7D7C6441-F161-464D-B9BB-FC87FD136C92} : DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
    Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL
    Notify: igfxcui - igfxdev.dll
    SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\owner1\appdata\roaming\mozilla\firefox\profiles\xyk4kv32.default\
    FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
    FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?AF=100486&babsrc=HP_ss&mntrId=860a037800000000000000219be35bf8
    FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?AF=100486&babsrc=adbartrp&mntrId=860a037800000000000000219be35bf8&q=
    FF - prefs.js: network.proxy.type - 0
    FF - component: c:\program files\avg\avg10\firefox4\components\avgssff4.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
    FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
    FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.79\npGoogleUpdate3.dll
    FF - plugin: c:\program files\google\update\1.3.21.99\npGoogleUpdate3.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
    FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\users\owner1\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=100486
    FF - user.js: extensions.BabylonToolbar_i.babExt -
    FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
    FF - user.js: extensions.BabylonToolbar_i.id - 860a037800000000000000219be35bf8
    FF - user.js: extensions.BabylonToolbar_i.hardId - 860a037800000000000000219be35bf8
    FF - user.js: extensions.BabylonToolbar_i.instlDay - 15374
    FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
    FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:35:43
    FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
    FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
    FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
    FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
    FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
    FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2012-1-31 31952]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2012-2-22 235216]
    R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-12-23 41040]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
    R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-5-25 223864]
    R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-11 116608]
    R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-5-3 1226096]
    R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2012\avgidsagent.exe [2012-4-30 5106744]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
    R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 21504]
    R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-6-6 654408]
    R2 SBAMSvc;Ad-Aware;c:\program files\ad-aware antivirus\SBAMSvc.exe [2011-12-19 3289032]
    R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-11-29 77816]
    R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]
    R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]
    R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]
    R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-6-6 22344]
    R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-5-25 94584]
    R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-5-25 93816]
    R3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-12-19 72312]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-1-12 136176]
    S2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;c:\program files\startnow toolbar\toolbarupdaterservice.exe --> c:\program files\startnow toolbar\ToolbarUpdaterService.exe [?]
    S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-26 257696]
    S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-1-12 136176]
    S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-5-25 94584]
    S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
    .
    =============== Created Last 30 ================
    .
    2012-06-07 01:32:00 388096 ----a-r- c:\users\owner1\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
    2012-06-07 01:31:57 -------- d-----w- c:\program files\Trend Micro
    2012-06-07 01:05:46 -------- d-----w- c:\users\owner1\appdata\roaming\Malwarebytes
    2012-06-07 01:05:31 -------- d-----w- c:\programdata\Malwarebytes
    2012-06-07 01:05:30 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-06-07 01:05:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2012-06-07 01:02:37 -------- d-----w- c:\users\owner1\appdata\roaming\SUPERAntiSpyware.com
    2012-06-07 01:02:11 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
    2012-06-07 01:02:11 -------- d-----w- c:\program files\SUPERAntiSpyware
    2012-05-27 13:05:40 -------- d-----w- c:\program files\MSXML 4.0
    2012-05-26 03:39:12 -------- d-----w- c:\users\owner1\appdata\local\adaware
    2012-05-26 03:39:08 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection
    2012-05-26 03:38:19 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
    2012-05-26 03:37:29 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
    2012-05-26 03:37:29 223864 ----a-w- c:\windows\system32\drivers\SbFw.sys
    2012-05-26 03:37:26 -------- d-----w- c:\windows\system32\drivers\VDD
    2012-05-26 03:37:25 -------- d-----w- c:\program files\Ad-Aware Antivirus
    2012-05-26 03:35:53 -------- d-----w- c:\users\owner1\appdata\roaming\Ad-Aware Antivirus
    2012-05-11 23:31:59 2044928 ----a-w- c:\windows\system32\win32k.sys
    2012-05-11 23:31:55 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2012-05-11 23:31:55 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
    .
    ==================== Find3M ====================
    .
    2012-05-05 02:20:06 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-05-05 02:20:06 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-04-19 08:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
    2012-03-30 12:39:11 905600 ----a-w- c:\windows\system32\drivers\tcpip.sys
    2012-03-22 19:12:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr
    2012-03-20 23:28:50 53120 ----a-w- c:\windows\system32\drivers\partmgr.sys
    2012-03-19 09:17:28 301248 ----a-w- c:\windows\system32\drivers\avgtdix.sys
    .
    ============= FINISH: 21:16:04.80 ===============

  4. #4
    Member
    Join Date
    Jun 2012
    Posts
    8
    Points
    0

    Default

    forgot the attachment...
    Attached Files

  5. #5
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hi Rw37601,

    Let me look it over, also I'm just going to paste the attachment in makes it easier.

    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft® Windows Vista™ Home Basic
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/1/2011 6:13:05 PM
    System Uptime: 6/7/2012 8:13:06 PM (1 hours ago)
    .
    Motherboard: Dell Inc. | | 0U990C
    Processor: Intel(R) Core(TM)2 Duo CPU T5850 @ 2.16GHz | Microprocessor | 2167/166mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 466 GiB total, 397.745 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
    Description: Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
    Device ID: PCI\VEN_11AB&DEV_4354&SUBSYS_022F1028&REV_12\4&34876A5F&0&00E0
    Manufacturer: Marvell
    Name: Marvell Yukon 88E8040 PCI-E Fast Ethernet Controller
    PNP Device ID: PCI\VEN_11AB&DEV_4354&SUBSYS_022F1028&REV_12\4&34876A5F&0&00E0
    Service: yukonwlh
    .
    ==== System Restore Points ===================
    .
    .
    ==== Installed Programs ======================
    .
    Update for Microsoft Office 2007 (KB2508958)
    Ad-Aware Antivirus
    Ad-Aware Browsing Protection
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.2)
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    ArcSoft MediaImpression for Kodak
    AVG 2012
    Bonjour
    Carbonite
    Combined Community Codec Pack 2011-11-11
    FoxTab FLV Player
    GIMP 2.6.11
    Google Chrome
    Google Earth
    Google Update Helper
    HiJackThis
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    Intel(R) Graphics Media Accelerator Driver
    Intel(R) TV Wizard
    iTunes
    Java Auto Updater
    Java(TM) 6 Update 29
    K-Lite Codec Pack 8.0.0 (Full)
    KODAK Share Button App
    Malwarebytes Anti-Malware version 1.61.0.1400
    Media Player Codec Pack 4.1.4
    MediaLooks DirectShow MultiGtaph Toolkit 4.0.2.3
    Microsoft .NET Framework 3.5 SP1
    Microsoft .NET Framework 4 Client Profile
    Microsoft .NET Framework 4 Extended
    Microsoft Office 2007 Service Pack 3 (SP3)
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Silverlight
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 8.0.1 (x86 en-US)
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    PhotoScape
    Picasa 3
    QuickTime
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    RealUpgrade 1.1
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
    Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
    Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
    Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
    Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
    Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
    Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
    Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
    Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
    Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition
    SUPERAntiSpyware
    Update for 2007 Microsoft Office System (KB967642)
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Extended (KB2468871)
    Update for Microsoft .NET Framework 4 Extended (KB2533523)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2598290) 32-Bit Edition
    .
    ==== Event Viewer Messages From Past Week ========
    .
    6/7/2012 9:07:57 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the CarboniteService service, but this action failed with the following error: An instance of the service is already running.
    6/7/2012 9:06:57 PM, Error: Service Control Manager [7031] - The CarboniteService service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    6/6/2012 8:51:00 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
    6/6/2012 8:50:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Media Player Network Sharing Service service to connect.
    6/6/2012 8:50:26 PM, Error: Service Control Manager [7000] - The Windows Media Player Network Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/6/2012 8:50:25 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Installer service to connect.
    6/6/2012 8:50:25 AM, Error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/6/2012 8:49:46 AM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
    6/6/2012 8:36:45 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
    6/6/2012 8:34:13 AM, Error: EventLog [6008] - The previous system shutdown at 8:33:13 AM on 6/6/2012 was unexpected.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Avgtdix DfsC NetBIOS netbt nsiproxy PSched RasAcd rdbss SbFw Smb spldr tdx Wanarpv6
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The WebDav Client Redirector Driver service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The WebClient service depends on the WebDav Client Redirector Driver service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service service which failed to start because of the following error: A device attached to the system is not functioning.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancilliary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
    6/6/2012 8:30:51 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
    6/6/2012 8:30:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
    6/6/2012 8:30:13 AM, Error: Service Control Manager [7022] - The KtmRm for Distributed Transaction Coordinator service hung on starting.
    6/6/2012 8:29:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
    6/6/2012 8:29:55 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
    6/6/2012 8:29:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
    6/6/2012 8:29:53 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service CarboniteService with arguments "" in order to run the server: {36471C67-6A93-4434-92CC-4C614CD06666}
    6/6/2012 8:29:45 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
    6/6/2012 8:29:29 AM, Error: Service Control Manager [7000] - The Windows Font Cache Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/6/2012 8:29:27 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Font Cache Service service to connect.
    6/6/2012 8:29:22 PM, Error: EventLog [6008] - The previous system shutdown at 8:27:45 PM on 6/6/2012 was unexpected.
    6/6/2012 8:27:53 AM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/6/2012 8:27:43 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
    6/6/2012 8:23:21 PM, Error: Service Control Manager [7034] - The Updater Service for StartNow Toolbar service terminated unexpectedly. It has done this 1 time(s).
    6/6/2012 10:16:21 PM, Error: Service Control Manager [7000] - The Parallel port driver service failed to start due to the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
    6/5/2012 10:36:49 PM, Error: EventLog [6008] - The previous system shutdown at 10:32:27 PM on 6/5/2012 was unexpected.
    6/5/2012 10:23:19 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
    6/2/2012 4:00:53 PM, Error: EventLog [6008] - The previous system shutdown at 3:58:33 PM on 6/2/2012 was unexpected.
    6/1/2012 7:09:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
    6/1/2012 7:09:40 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    6/1/2012 7:08:07 PM, Error: EventLog [6008] - The previous system shutdown at 10:20:40 PM on 5/31/2012 was unexpected.
    .
    ==== End Of File ===========================

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    You have 2 Anti Virus programs running,

    The real-time protection of two antivirus programs may conflict with each other and cause the following:

    * False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
    * Conflicts: Your system may lock up due to both products attempting to access the same file at the same time.
    * Performance: More that one antivirus will cause your PC to become slow and it may even crash or blue screen.
    * Less protection: Two antivirus trying to scan the same file may interfere with the process and allow a malicious file onto the computer without notice to you.
    Programs to remove

    Ad-Aware Antivirus

    Please use the program AppRemover below to remove Ad-Aware Antivirus.

    The free AppRemover utility enables the thorough uninstallation of security applications like antivirus and antispyware from your computer. Remove computer stress. Simply, cleanly and effectively.

    Get AppRemover from here----> Uninstall & Remove McAfee, Symantec, Norton, AVG, Avast & More Antivirus and Security Applications and Programs | OPSWAT AppRemover


    Next

    • Download OTL to your desktop.
    • Double click on the icon to run it. Make sure all other windows are closed to let it run uninterrupted.
    • When the window appears, underneath Output at the top change it to Minimal Output.
    • Under the Standard Registry box change it to All.
    • Check the boxes beside LOP Check and Purity Check.
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply.

  7. #7
    Member
    Join Date
    Jun 2012
    Posts
    8
    Points
    0

    Default

    Here you go...


    OTL logfile created on: 6/7/2012 10:26:36 PM - Run 1
    OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\owner1\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 46.06% Memory free
    6.17 Gb Paging File | 4.45 Gb Available in Paging File | 72.13% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 465.76 Gb Total Space | 397.72 Gb Free Space | 85.39% Space Free | Partition Type: NTFS

    Computer Name: OWNER1-PC | User Name: owner1 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\owner1\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    PRC - C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (Online Backup))
    PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
    PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    PRC - C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
    PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
    PRC - C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (Updater Service for StartNow Toolbar) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe File not found
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (Online Backup))
    SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
    SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
    DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
    DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C5 AA 44 8C 0C B1 CC 01 [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = Google
    IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100486&babsrc=SP_ss&mntrId=860a037800000000000000219be35bf8
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxy.kodak.com:81/proxy.pac

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100486&babsrc=HP_ss&mntrId=860a037800000000000000219be35bf8"
    FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=100486&babsrc=adbartrp&mntrId=860a037800000000000000219be35bf8&q="
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\owner1\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\owner1\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/29 22:06:14 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/06 08:41:04 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/15 21:58:49 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/19 22:45:30 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2011/12/03 16:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner1\AppData\Roaming\mozilla\Extensions
    [2012/02/18 23:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions
    [2011/12/03 16:56:04 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
    [2012/02/18 23:51:13 | 000,000,000 | ---D | M] (SmileBox EN Community Toolbar) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions\{f897eb0e-a3a4-46c3-80eb-2729699d8892}
    [2011/12/02 15:07:42 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions\textlinks@epicplay.com
    [2011/12/03 16:56:02 | 000,001,945 | ---- | M] () -- C:\Users\owner1\AppData\Roaming\Mozilla\Firefox\Profiles\xyk4kv32.default\searchplugins\bing-zugo.xml
    [2011/12/02 12:50:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/12/02 12:50:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
    [2011/11/21 00:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/02/03 22:35:37 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2011/11/20 21:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
    [2011/11/20 21:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
    CHR - plugin: AVG Internet Security (Enabled) = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
    CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
    CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - Extension: YouTube = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Adblock Plus (Beta) = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
    CHR - Extension: Google Search = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Hide Google Options = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcacnmibccjjonfihgnieefkingolocb\1.0.3_0\
    CHR - Extension: AVG Safe Search = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
    CHR - Extension: AVG Do Not Track = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
    CHR - Extension: Gmail = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
    O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe" File not found
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Spotify] "C:\Users\owner1\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart File not found
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D7C6441-F161-464D-B9BB-FC87FD136C92}: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O24 - Desktop WallPaper: C:\Users\owner1\Pictures\Picasa\Backgrounds\picasabackground-2.bmp
    O24 - Desktop BackupWallPaper: C:\Users\owner1\Pictures\Picasa\Backgrounds\picasabackground-2.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{2e24781c-1df1-11e1-a3f1-00219be35bf8}\Shell - "" = AutoRun
    O33 - MountPoints2\{2e24781c-1df1-11e1-a3f1-00219be35bf8}\Shell\AutoRun\command - "" = E:\KODAK_Camera_Setup_App.exe
    O33 - MountPoints2\{8a95ca4d-2e43-11e1-833e-00219be35bf8}\Shell - "" = AutoRun
    O33 - MountPoints2\{8a95ca4d-2e43-11e1-833e-00219be35bf8}\Shell\AutoRun\command - "" = E:\KODAK_Software_Downloader.exe
    O33 - MountPoints2\{9d1433ad-1d08-11e1-91c7-00219be35bf8}\Shell - "" = AutoRun
    O33 - MountPoints2\{9d1433ad-1d08-11e1-91c7-00219be35bf8}\Shell\AutoRun\command - "" = F:\HPLauncher.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/06/07 21:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
    [2012/06/07 21:57:50 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\owner1\Desktop\OTL.exe
    [2012/06/07 21:55:48 | 009,989,040 | ---- | C] (OPSWAT, Inc.) -- C:\Users\owner1\Desktop\AppRemover.exe
    [2012/06/06 21:31:59 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2012/06/06 21:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2012/06/06 21:05:46 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Roaming\Malwarebytes
    [2012/06/06 21:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/06/06 21:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012/06/06 21:05:30 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2012/06/06 21:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2012/06/06 21:02:37 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Roaming\SUPERAntiSpyware.com
    [2012/06/06 21:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2012/06/06 21:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2012/06/06 21:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2012/06/05 22:51:03 | 000,000,000 | ---D | C] -- C:\Users\owner1\Desktop\New Folder
    [2012/05/29 22:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    [2012/05/27 09:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2012/05/25 23:39:12 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Local\adaware
    [2012/05/25 23:39:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/06/07 22:22:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/06/07 22:22:13 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/06/07 22:22:13 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/06/07 22:22:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/06/07 22:22:08 | 3208,699,904 | -HS- | M] () -- C:\hiberfil.sys
    [2012/06/07 22:20:53 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/06/07 22:05:19 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1681428665-713355246-3624979747-1000UA.job
    [2012/06/07 21:57:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\owner1\Desktop\OTL.exe
    [2012/06/07 21:55:57 | 009,989,040 | ---- | M] (OPSWAT, Inc.) -- C:\Users\owner1\Desktop\AppRemover.exe
    [2012/06/07 21:40:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/06/07 21:06:31 | 100,013,892 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
    [2012/06/07 21:05:06 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1681428665-713355246-3624979747-1000Core.job
    [2012/06/06 20:43:11 | 000,000,680 | ---- | M] () -- C:\Users\owner1\AppData\Local\d3d9caps.dat
    [2012/06/06 18:20:41 | 000,403,879 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
    [2012/06/05 22:52:12 | 000,024,576 | -H-- | M] () -- C:\Users\owner1\Desktop\photothumb.db
    [2012/05/31 20:40:41 | 000,643,374 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/05/31 20:40:41 | 000,119,534 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/05/24 19:54:55 | 000,017,408 | ---- | M] () -- C:\Users\owner1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/05/23 22:58:55 | 000,002,047 | ---- | M] () -- C:\Users\owner1\Desktop\Google Chrome.lnk
    [2012/05/23 22:58:55 | 000,002,009 | ---- | M] () -- C:\Users\owner1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2012/05/23 16:36:14 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
    [2012/05/23 16:36:14 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
    [2012/05/21 22:03:50 | 000,635,029 | ---- | M] () -- C:\Users\owner1\Desktop\me and my little guy.jpg
    [2012/05/20 18:33:17 | 000,108,373 | ---- | M] () -- C:\Users\owner1\Desktop\faith.jpg
    [2012/05/12 22:20:37 | 000,386,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/06/06 20:48:11 | 3208,699,904 | -HS- | C] () -- C:\hiberfil.sys
    [2012/06/03 15:59:27 | 017,839,318 | ---- | C] () -- C:\Users\owner1\Desktop\waiting on 1st.MP4
    [2012/05/21 22:03:48 | 000,635,029 | ---- | C] () -- C:\Users\owner1\Desktop\me and my little guy.jpg
    [2012/05/20 18:33:26 | 000,108,373 | ---- | C] () -- C:\Users\owner1\Desktop\faith.jpg
    [2012/02/12 23:09:39 | 000,176,780 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2012/01/22 17:50:55 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
    [2012/01/22 17:50:55 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
    [2012/01/09 16:00:48 | 004,346,880 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
    [2012/01/07 18:22:00 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libbluray.dll
    [2012/01/07 18:21:50 | 006,366,094 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll
    [2012/01/07 18:21:50 | 001,007,151 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll
    [2012/01/07 18:21:50 | 000,354,979 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
    [2012/01/07 18:21:50 | 000,203,306 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll
    [2012/01/07 18:21:50 | 000,138,727 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll
    [2011/12/27 01:59:12 | 000,014,798 | ---- | C] () -- C:\Users\owner1\AppData\Roaming\UserTile.png
    [2011/12/20 14:50:04 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
    [2011/12/20 14:49:56 | 000,099,328 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
    [2011/12/20 14:49:54 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
    [2011/12/20 14:49:54 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
    [2011/12/20 14:49:52 | 001,525,248 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
    [2011/12/20 14:49:52 | 000,212,480 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
    [2011/12/20 14:49:52 | 000,115,200 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
    [2011/12/20 14:49:50 | 000,328,704 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
    [2011/12/20 14:49:50 | 000,260,608 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
    [2011/12/20 14:49:50 | 000,137,728 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
    [2011/12/07 15:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
    [2011/12/03 16:45:10 | 000,017,408 | ---- | C] () -- C:\Users\owner1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/12/02 12:51:00 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
    [2011/12/01 18:26:37 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
    [2011/12/01 18:19:04 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
    [2011/12/01 16:30:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2011/12/01 16:29:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2011/12/01 16:29:45 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2011/12/01 16:26:12 | 000,000,680 | ---- | C] () -- C:\Users\owner1\AppData\Local\d3d9caps.dat
    [2011/09/08 10:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
    [2011/09/08 10:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll
    [2011/09/08 10:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
    [2011/09/08 10:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
    [2011/09/08 10:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
    [2011/09/08 10:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll
    [2011/09/08 10:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
    [2011/09/08 10:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
    [2011/09/08 09:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
    [2011/09/08 09:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
    [2011/05/30 09:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2011/05/23 03:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2011/03/03 07:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
    [2011/03/03 07:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
    [2011/03/03 07:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
    [2010/08/18 15:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini

    ========== LOP Check ==========

    [2011/12/02 12:55:19 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\AVG2012
    [2012/02/03 22:35:32 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\Babylon
    [2012/04/12 21:59:19 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\gtk-2.0
    [2012/06/06 08:41:05 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\PhotoScape
    [2012/06/07 22:20:59 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    < End of report >



    OTL Extras logfile created on: 6/7/2012 10:26:36 PM - Run 1
    OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\owner1\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 46.06% Memory free
    6.17 Gb Paging File | 4.45 Gb Available in Paging File | 72.13% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 465.76 Gb Total Space | 397.72 Gb Free Space | 85.39% Space Free | Partition Type: NTFS

    Computer Name: OWNER1-PC | User Name: owner1 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1681428665-713355246-3624979747-1000]
    "EnableNotifications" = 0
    "EnableNotificationsRef" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{8CAE9415-30F2-41B7-88D1-8800C2BF434A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
    "{96E79A72-C26D-4F80-AE68-2ABD59592BE1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{06A4EEA2-0DA9-4DF3-B833-A5F6310E8E90}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{16BA1C86-9931-44E4-8936-85F67449B690}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{1870A8F7-45CB-40CE-9B01-CCAD987B2315}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{19EA8750-179F-4A42-A516-61588F783778}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{200D2C73-5267-41DA-85E2-46D14A81DC78}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{2D2172D4-595D-4485-9FCF-C76594AF4470}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{3570EA98-3F0A-4EAD-B7D5-AA9FB4294131}" = protocol=17 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{3D3013D7-876A-4A31-9EDF-2AD3D5A8914A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{4937D807-1D3E-4BD7-9EB1-1127438E15AE}" = protocol=6 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{4D65D23C-8786-4A0D-A585-4D2DF98E6B5D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{5EAD543E-5D61-41ED-AE95-76508CF4F667}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{9AB7EE77-ED0B-4B98-A906-2F5B45B91602}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{9E01D930-1F6A-47CB-AE6A-242B66A5E3F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{9F5ECC36-69EB-4A54-BA8F-03225D3CA453}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{B441F80A-23E2-4EB0-902C-7BB9B10795F8}" = protocol=17 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{B63B5442-7D6D-45C2-AC9B-A7909D11AB13}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{C493FB57-579F-4C44-A85D-D1427606218D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
    "{C61D346F-8B03-4597-A3AD-475EAE32370E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{D9001876-40BF-4082-A6AA-A00F4D298EF3}" = protocol=6 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{DEE6A6A9-3D00-4545-A58F-D3DA68B7B246}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{E1595281-A2F7-4C43-9531-2BBAEC7DA7C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E56A3317-6A25-4E42-A357-7D23A2935413}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{19F1A99A-196F-4D18-BC36-C1DAD6ABCCF3}" = KODAK Share Button App
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
    "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{4073AAEC-B01B-4000-BC9B-1447E3A7BD87}" = AVG 2012
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
    "{BCF75973-29C2-4245-80E3-B3C2B7E7548B}" = AVG 2012
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D5353ED4-8052-40BE-8791-15DEECCA831A}" = ArcSoft MediaImpression for Kodak
    "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    "{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
    "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "AVG" = AVG 2012
    "Carbonite Backup" = Carbonite
    "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
    "Media Player - Codec Pack" = Media Player Codec Pack 4.1.4
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
    "PhotoScape" = PhotoScape
    "Picasa 3" = Picasa 3
    "PROPLUS" = Microsoft Office Professional Plus 2007
    "RealPlayer 15.0" = RealPlayer
    "TVWiz" = Intel(R) TV Wizard
    "WinGimp-2.0_is1" = GIMP 2.6.11

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "FoxTab FLV Player" = FoxTab FLV Player
    "Google Chrome" = Google Chrome
    "MLMultiGraph_Toolkit" = MediaLooks DirectShow MultiGtaph Toolkit 4.0.2.3

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 6/6/2012 11:01:54 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 11528

    Error - 6/6/2012 11:01:55 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 6/6/2012 11:01:55 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 12542

    Error - 6/6/2012 11:01:55 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 12542

    Error - 6/6/2012 11:01:56 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 6/6/2012 11:01:56 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 13556

    Error - 6/6/2012 11:01:56 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 13556

    Error - 6/7/2012 9:06:39 PM | Computer Name = owner1-PC | Source = Application Error | ID = 1000
    Description = Faulting application carboniteservice.exe, version 5.0.1.702, time
    stamp 0x4eac403b, faulting module ntdll.dll, version 6.0.6002.18541, time stamp
    0x4ec3e3d5, exception code 0xc0000374, fault offset 0x000b06b7, process id 0x55c,
    application start time 0x01cd44535133571c.

    Error - 6/7/2012 9:59:46 PM | Computer Name = owner1-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
    Description =

    Error - 6/7/2012 10:23:40 PM | Computer Name = owner1-PC | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 5/19/2012 2:45:45 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/20/2012 12:40:55 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/20/2012 8:52:15 PM | Computer Name = owner1-PC | Source = Dhcp | ID = 1001
    Description = Your computer was not assigned an address from the network (by the
    DHCP Server) for the Network Card with network address 00226954E2B0. The following
    error occurred: %%1223. Your computer will continue to try and obtain an address
    on its own from the network address (DHCP) server.

    Error - 5/20/2012 10:07:58 PM | Computer Name = owner1-PC | Source = DCOM | ID = 10010
    Description =

    Error - 5/21/2012 4:08:08 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7011
    Description =

    Error - 5/21/2012 6:26:51 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/21/2012 6:29:15 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7034
    Description =

    Error - 5/21/2012 7:52:49 PM | Computer Name = owner1-PC | Source = DCOM | ID = 10010
    Description =

    Error - 5/22/2012 7:07:36 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/23/2012 4:35:03 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >

  8. #8
    Member
    Join Date
    Jun 2012
    Posts
    8
    Points
    0

    Default

    Here you go...


    OTL logfile created on: 6/7/2012 10:26:36 PM - Run 1
    OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\owner1\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 46.06% Memory free
    6.17 Gb Paging File | 4.45 Gb Available in Paging File | 72.13% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 465.76 Gb Total Space | 397.72 Gb Free Space | 85.39% Space Free | Partition Type: NTFS

    Computer Name: OWNER1-PC | User Name: owner1 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\owner1\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    PRC - C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgnsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    PRC - C:\Program Files\AVG\AVG2012\avgemcx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgrsx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\AVG\AVG2012\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
    PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
    PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (Online Backup))
    PRC - C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
    PRC - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    PRC - C:\Program Files\Kodak\KODAK Share Button App\Listener.exe (Eastman Kodak Company)
    PRC - C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.)
    PRC - C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
    PRC - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll ()
    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll ()
    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL ()
    MOD - C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\libglesv2.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\libegl.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\avutil-51.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\avformat-54.dll ()
    MOD - C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\avcodec-54.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ()
    MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll ()


    ========== Win32 Services (SafeList) ==========

    SRV - (Updater Service for StartNow Toolbar) -- C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe File not found
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (AVGIDSAgent) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
    SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
    SRV - (avgwd) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
    SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (CarboniteService) -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe (Carbonite, Inc. (Online Backup))
    SRV - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe (SUPERAntiSpyware.com)
    SRV - (ACDaemon) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
    DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
    DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
    DRV - (AVGIDSHX) -- C:\Windows\System32\drivers\avgidshx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
    DRV - (Avgtdix) -- C:\Windows\System32\drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgldx86) -- C:\Windows\System32\drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgrkx86) -- C:\Windows\System32\drivers\avgrkx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (Avgmfx86) -- C:\Windows\System32\drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
    DRV - (AVGIDSShim) -- C:\Windows\System32\drivers\avgidsshimx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSFilter) -- C:\Windows\System32\drivers\avgidsfilterx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (AVGIDSDriver) -- C:\Windows\System32\drivers\avgidsdriverx.sys (AVG Technologies CZ, s.r.o. )
    DRV - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
    DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
    DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
    DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Yahoo!
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN.com
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C5 AA 44 8C 0C B1 CC 01 [binary data]
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = Google
    IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
    IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&AF=100486&babsrc=SP_ss&mntrId=860a037800000000000000219be35bf8
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://proxy.kodak.com:81/proxy.pac

    ========== FireFox ==========

    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?AF=100486&babsrc=HP_ss&mntrId=860a037800000000000000219be35bf8"
    FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1374
    FF - prefs.js..keyword.URL: "http://search.babylon.com/?AF=100486&babsrc=adbartrp&mntrId=860a037800000000000000219be35bf8&q="
    FF - prefs.js..network.proxy.no_proxies_on: "*.local"
    FF - prefs.js..network.proxy.type: 0


    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
    FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
    FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
    FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\owner1\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
    FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\owner1\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/05/29 22:06:14 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/06 08:41:04 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/05/15 21:58:49 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/12/19 22:45:30 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

    [2011/12/03 16:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner1\AppData\Roaming\mozilla\Extensions
    [2012/02/18 23:51:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions
    [2011/12/03 16:56:04 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
    [2012/02/18 23:51:13 | 000,000,000 | ---D | M] (SmileBox EN Community Toolbar) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions\{f897eb0e-a3a4-46c3-80eb-2729699d8892}
    [2011/12/02 15:07:42 | 000,000,000 | ---D | M] (EpicPlay Games) -- C:\Users\owner1\AppData\Roaming\mozilla\Firefox\Profiles\xyk4kv32.default\extensions\textlinks@epicplay.com
    [2011/12/03 16:56:02 | 000,001,945 | ---- | M] () -- C:\Users\owner1\AppData\Roaming\Mozilla\Firefox\Profiles\xyk4kv32.default\searchplugins\bing-zugo.xml
    [2011/12/02 12:50:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2011/12/02 12:50:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
    [2011/11/21 00:04:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
    [2012/02/03 22:35:37 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
    [2011/11/20 21:04:05 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml.old
    [2011/11/20 21:04:05 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
    CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\pdf.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Users\owner1\AppData\Local\Google\Chrome\Application\19.0.1084.52\gcswf32.dll
    CHR - plugin: Shockwave Flash (Disabled) = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
    CHR - plugin: AVG Internet Security (Enabled) = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
    CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
    CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
    CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
    CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
    CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
    CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll
    CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll
    CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
    CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll
    CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
    CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
    CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
    CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
    CHR - Extension: YouTube = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: Adblock Plus (Beta) = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
    CHR - Extension: Google Search = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Hide Google Options = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcacnmibccjjonfihgnieefkingolocb\1.0.3_0\
    CHR - Extension: AVG Safe Search = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\
    CHR - Extension: AVG Do Not Track = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
    CHR - Extension: Gmail = C:\Users\owner1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2006/09/18 17:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O1 - Hosts: ::1 localhost
    O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
    O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
    O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
    O3 - HKLM\..\Toolbar: (StartNow Toolbar) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files\StartNow Toolbar\Toolbar32.dll File not found
    O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
    O4 - HKLM..\Run: [ArcSoft MediaImpression Monitor] C:\Program Files\Kodak\MediaImpression\ArcMonitor.exe (ArcSoft, Inc.)
    O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
    O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
    O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
    O4 - HKLM..\Run: [StartNowToolbarHelper] "C:\Program Files\StartNow Toolbar\ToolbarHelper.exe" File not found
    O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
    O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
    O4 - HKCU..\Run: [Spotify] "C:\Users\owner1\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart File not found
    O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
    O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
    O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
    O13 - gopher Prefix: missing
    O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jin...ndows-i586.cab (Java Plug-in 1.6.0_29)
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7D7C6441-F161-464D-B9BB-FC87FD136C92}: DhcpNameServer = 24.159.64.23 24.217.201.67 66.189.0.100
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
    O24 - Desktop WallPaper: C:\Users\owner1\Pictures\Picasa\Backgrounds\picasabackground-2.bmp
    O24 - Desktop BackupWallPaper: C:\Users\owner1\Pictures\Picasa\Backgrounds\picasabackground-2.bmp
    O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2006/09/18 17:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{2e24781c-1df1-11e1-a3f1-00219be35bf8}\Shell - "" = AutoRun
    O33 - MountPoints2\{2e24781c-1df1-11e1-a3f1-00219be35bf8}\Shell\AutoRun\command - "" = E:\KODAK_Camera_Setup_App.exe
    O33 - MountPoints2\{8a95ca4d-2e43-11e1-833e-00219be35bf8}\Shell - "" = AutoRun
    O33 - MountPoints2\{8a95ca4d-2e43-11e1-833e-00219be35bf8}\Shell\AutoRun\command - "" = E:\KODAK_Software_Downloader.exe
    O33 - MountPoints2\{9d1433ad-1d08-11e1-91c7-00219be35bf8}\Shell - "" = AutoRun
    O33 - MountPoints2\{9d1433ad-1d08-11e1-91c7-00219be35bf8}\Shell\AutoRun\command - "" = F:\HPLauncher.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

    ========== Files/Folders - Created Within 30 Days ==========

    [2012/06/07 21:59:27 | 000,000,000 | ---D | C] -- C:\ProgramData\GFI Software
    [2012/06/07 21:57:50 | 000,595,456 | ---- | C] (OldTimer Tools) -- C:\Users\owner1\Desktop\OTL.exe
    [2012/06/07 21:55:48 | 009,989,040 | ---- | C] (OPSWAT, Inc.) -- C:\Users\owner1\Desktop\AppRemover.exe
    [2012/06/06 21:31:59 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
    [2012/06/06 21:31:57 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
    [2012/06/06 21:05:46 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Roaming\Malwarebytes
    [2012/06/06 21:05:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2012/06/06 21:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2012/06/06 21:05:30 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2012/06/06 21:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2012/06/06 21:02:37 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Roaming\SUPERAntiSpyware.com
    [2012/06/06 21:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2012/06/06 21:02:11 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2012/06/06 21:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2012/06/05 22:51:03 | 000,000,000 | ---D | C] -- C:\Users\owner1\Desktop\New Folder
    [2012/05/29 22:06:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    [2012/05/27 09:05:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
    [2012/05/25 23:39:12 | 000,000,000 | ---D | C] -- C:\Users\owner1\AppData\Local\adaware
    [2012/05/25 23:39:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2012/06/07 22:22:26 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2012/06/07 22:22:13 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
    [2012/06/07 22:22:13 | 000,004,576 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
    [2012/06/07 22:22:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2012/06/07 22:22:08 | 3208,699,904 | -HS- | M] () -- C:\hiberfil.sys
    [2012/06/07 22:20:53 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2012/06/07 22:05:19 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1681428665-713355246-3624979747-1000UA.job
    [2012/06/07 21:57:46 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\owner1\Desktop\OTL.exe
    [2012/06/07 21:55:57 | 009,989,040 | ---- | M] (OPSWAT, Inc.) -- C:\Users\owner1\Desktop\AppRemover.exe
    [2012/06/07 21:40:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2012/06/07 21:06:31 | 100,013,892 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
    [2012/06/07 21:05:06 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1681428665-713355246-3624979747-1000Core.job
    [2012/06/06 20:43:11 | 000,000,680 | ---- | M] () -- C:\Users\owner1\AppData\Local\d3d9caps.dat
    [2012/06/06 18:20:41 | 000,403,879 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
    [2012/06/05 22:52:12 | 000,024,576 | -H-- | M] () -- C:\Users\owner1\Desktop\photothumb.db
    [2012/05/31 20:40:41 | 000,643,374 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2012/05/31 20:40:41 | 000,119,534 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2012/05/24 19:54:55 | 000,017,408 | ---- | M] () -- C:\Users\owner1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2012/05/23 22:58:55 | 000,002,047 | ---- | M] () -- C:\Users\owner1\Desktop\Google Chrome.lnk
    [2012/05/23 22:58:55 | 000,002,009 | ---- | M] () -- C:\Users\owner1\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
    [2012/05/23 16:36:14 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
    [2012/05/23 16:36:14 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
    [2012/05/21 22:03:50 | 000,635,029 | ---- | M] () -- C:\Users\owner1\Desktop\me and my little guy.jpg
    [2012/05/20 18:33:17 | 000,108,373 | ---- | M] () -- C:\Users\owner1\Desktop\faith.jpg
    [2012/05/12 22:20:37 | 000,386,360 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2012/06/06 20:48:11 | 3208,699,904 | -HS- | C] () -- C:\hiberfil.sys
    [2012/06/03 15:59:27 | 017,839,318 | ---- | C] () -- C:\Users\owner1\Desktop\waiting on 1st.MP4
    [2012/05/21 22:03:48 | 000,635,029 | ---- | C] () -- C:\Users\owner1\Desktop\me and my little guy.jpg
    [2012/05/20 18:33:26 | 000,108,373 | ---- | C] () -- C:\Users\owner1\Desktop\faith.jpg
    [2012/02/12 23:09:39 | 000,176,780 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
    [2012/01/22 17:50:55 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
    [2012/01/22 17:50:55 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
    [2012/01/09 16:00:48 | 004,346,880 | ---- | C] () -- C:\Windows\System32\ffmpeg.dll
    [2012/01/07 18:22:00 | 000,172,032 | ---- | C] () -- C:\Windows\System32\libbluray.dll
    [2012/01/07 18:21:50 | 006,366,094 | ---- | C] () -- C:\Windows\System32\avcodec-lav-53.dll
    [2012/01/07 18:21:50 | 001,007,151 | ---- | C] () -- C:\Windows\System32\avformat-lav-53.dll
    [2012/01/07 18:21:50 | 000,354,979 | ---- | C] () -- C:\Windows\System32\swscale-lav-2.dll
    [2012/01/07 18:21:50 | 000,203,306 | ---- | C] () -- C:\Windows\System32\avutil-lav-51.dll
    [2012/01/07 18:21:50 | 000,138,727 | ---- | C] () -- C:\Windows\System32\avfilter-lav-2.dll
    [2011/12/27 01:59:12 | 000,014,798 | ---- | C] () -- C:\Users\owner1\AppData\Roaming\UserTile.png
    [2011/12/20 14:50:04 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
    [2011/12/20 14:49:56 | 000,099,328 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
    [2011/12/20 14:49:54 | 000,158,720 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
    [2011/12/20 14:49:54 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
    [2011/12/20 14:49:52 | 001,525,248 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
    [2011/12/20 14:49:52 | 000,212,480 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
    [2011/12/20 14:49:52 | 000,115,200 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
    [2011/12/20 14:49:50 | 000,328,704 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
    [2011/12/20 14:49:50 | 000,260,608 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
    [2011/12/20 14:49:50 | 000,137,728 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
    [2011/12/07 15:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
    [2011/12/03 16:45:10 | 000,017,408 | ---- | C] () -- C:\Users\owner1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    [2011/12/02 12:51:00 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
    [2011/12/01 18:26:37 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
    [2011/12/01 18:19:04 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
    [2011/12/01 16:30:05 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
    [2011/12/01 16:29:45 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
    [2011/12/01 16:29:45 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
    [2011/12/01 16:26:12 | 000,000,680 | ---- | C] () -- C:\Users\owner1\AppData\Local\d3d9caps.dat
    [2011/09/08 10:00:52 | 000,150,528 | ---- | C] () -- C:\Windows\System32\mkx.dll
    [2011/09/08 10:00:48 | 000,142,336 | ---- | C] () -- C:\Windows\System32\mp4.dll
    [2011/09/08 10:00:42 | 000,123,392 | ---- | C] () -- C:\Windows\System32\ogm.dll
    [2011/09/08 10:00:38 | 000,249,856 | ---- | C] () -- C:\Windows\System32\dxr.dll
    [2011/09/08 10:00:34 | 000,113,152 | ---- | C] () -- C:\Windows\System32\dsmux.exe
    [2011/09/08 10:00:24 | 000,154,624 | ---- | C] () -- C:\Windows\System32\ts.dll
    [2011/09/08 10:00:10 | 000,137,728 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
    [2011/09/08 10:00:06 | 000,358,400 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
    [2011/09/08 09:59:54 | 000,080,384 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
    [2011/09/08 09:59:52 | 000,024,576 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
    [2011/05/30 09:42:50 | 000,240,640 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2011/05/23 03:46:30 | 000,645,632 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2011/03/03 07:39:56 | 000,109,568 | ---- | C] () -- C:\Windows\System32\avi.dll
    [2011/03/03 07:38:10 | 000,097,792 | ---- | C] () -- C:\Windows\System32\avs.dll
    [2011/03/03 07:37:50 | 000,093,184 | ---- | C] () -- C:\Windows\System32\avss.dll
    [2010/08/18 15:56:38 | 000,000,151 | ---- | C] () -- C:\Windows\System32\Registration.ini

    ========== LOP Check ==========

    [2011/12/02 12:55:19 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\AVG2012
    [2012/02/03 22:35:32 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\Babylon
    [2012/04/12 21:59:19 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\gtk-2.0
    [2012/06/06 08:41:05 | 000,000,000 | ---D | M] -- C:\Users\owner1\AppData\Roaming\PhotoScape
    [2012/06/07 22:20:59 | 000,032,650 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

    ========== Purity Check ==========



    < End of report >



    OTL Extras logfile created on: 6/7/2012 10:26:36 PM - Run 1
    OTL by OldTimer - Version 3.2.47.0 Folder = C:\Users\owner1\Desktop
    Windows Vista Home Basic Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
    Internet Explorer (Version = 9.0.8112.16421)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    2.99 Gb Total Physical Memory | 1.38 Gb Available Physical Memory | 46.06% Memory free
    6.17 Gb Paging File | 4.45 Gb Available in Paging File | 72.13% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 465.76 Gb Total Space | 397.72 Gb Free Space | 85.39% Space Free | Partition Type: NTFS

    Computer Name: OWNER1-PC | User Name: owner1 | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (SafeList) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

    [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [open] -- "%1" %*
    cmdfile [open] -- "%1" %*
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [merge] -- Reg Error: Key error.
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
    Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "VistaSp2" = Reg Error: Unknown registry data type -- File not found

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-1681428665-713355246-3624979747-1000]
    "EnableNotifications" = 0
    "EnableNotificationsRef" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{8CAE9415-30F2-41B7-88D1-8800C2BF434A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework\v4.0.30319\smsvchost.exe |
    "{96E79A72-C26D-4F80-AE68-2ABD59592BE1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{06A4EEA2-0DA9-4DF3-B833-A5F6310E8E90}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{16BA1C86-9931-44E4-8936-85F67449B690}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{1870A8F7-45CB-40CE-9B01-CCAD987B2315}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{19EA8750-179F-4A42-A516-61588F783778}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{200D2C73-5267-41DA-85E2-46D14A81DC78}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{2D2172D4-595D-4485-9FCF-C76594AF4470}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{3570EA98-3F0A-4EAD-B7D5-AA9FB4294131}" = protocol=17 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{3D3013D7-876A-4A31-9EDF-2AD3D5A8914A}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{4937D807-1D3E-4BD7-9EB1-1127438E15AE}" = protocol=6 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{4D65D23C-8786-4A0D-A585-4D2DF98E6B5D}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{5EAD543E-5D61-41ED-AE95-76508CF4F667}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{9AB7EE77-ED0B-4B98-A906-2F5B45B91602}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |
    "{9E01D930-1F6A-47CB-AE6A-242B66A5E3F8}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{9F5ECC36-69EB-4A54-BA8F-03225D3CA453}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgmfapx.exe |
    "{B441F80A-23E2-4EB0-902C-7BB9B10795F8}" = protocol=17 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{B63B5442-7D6D-45C2-AC9B-A7909D11AB13}" = protocol=6 | dir=in | app=c:\program files\avg\avg2012\avgnsx.exe |
    "{C493FB57-579F-4C44-A85D-D1427606218D}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
    "{C61D346F-8B03-4597-A3AD-475EAE32370E}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgdiagex.exe |
    "{D9001876-40BF-4082-A6AA-A00F4D298EF3}" = protocol=6 | dir=in | app=c:\users\owner1\appdata\roaming\spotify\spotify.exe |
    "{DEE6A6A9-3D00-4545-A58F-D3DA68B7B246}" = dir=in | app=c:\program files\itunes\itunes.exe |
    "{E1595281-A2F7-4C43-9531-2BBAEC7DA7C8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
    "{E56A3317-6A25-4E42-A357-7D23A2935413}" = protocol=17 | dir=in | app=c:\program files\avg\avg2012\avgemcx.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
    "{19F1A99A-196F-4D18-BC36-C1DAD6ABCCF3}" = KODAK Share Button App
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
    "{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
    "{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
    "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{4073AAEC-B01B-4000-BC9B-1447E3A7BD87}" = AVG 2012
    "{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
    "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    "{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
    "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
    "{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
    "{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
    "{8153ED9A-C94A-426E-9880-5E6775C08B62}" = Apple Mobile Device Support
    "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
    "{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
    "{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
    "{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
    "{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
    "{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
    "{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
    "{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
    "{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
    "{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
    "{90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
    "{90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
    "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
    "{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
    "{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
    "{90120000-0115-0409-0000-0000000FF1CE}_PROPLUS_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
    "{90120000-0117-0409-0000-0000000FF1CE}_PROPLUS_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
    "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.2)
    "{BCF75973-29C2-4245-80E3-B3C2B7E7548B}" = AVG 2012
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
    "{D5353ED4-8052-40BE-8791-15DEECCA831A}" = ArcSoft MediaImpression for Kodak
    "{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    "{F6D6B258-E3CA-4AAC-965A-68D3E3140A8C}" = iTunes
    "Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
    "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "AVG" = AVG 2012
    "Carbonite Backup" = Carbonite
    "Combined Community Codec Pack_is1" = Combined Community Codec Pack 2011-11-11
    "HDMI" = Intel(R) Graphics Media Accelerator Driver
    "KLiteCodecPack_is1" = K-Lite Codec Pack 8.0.0 (Full)
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.61.0.1400
    "Media Player - Codec Pack" = Media Player Codec Pack 4.1.4
    "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
    "Mozilla Firefox 8.0.1 (x86 en-US)" = Mozilla Firefox 8.0.1 (x86 en-US)
    "PhotoScape" = PhotoScape
    "Picasa 3" = Picasa 3
    "PROPLUS" = Microsoft Office Professional Plus 2007
    "RealPlayer 15.0" = RealPlayer
    "TVWiz" = Intel(R) TV Wizard
    "WinGimp-2.0_is1" = GIMP 2.6.11

    ========== HKEY_CURRENT_USER Uninstall List ==========

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "FoxTab FLV Player" = FoxTab FLV Player
    "Google Chrome" = Google Chrome
    "MLMultiGraph_Toolkit" = MediaLooks DirectShow MultiGtaph Toolkit 4.0.2.3

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 6/6/2012 11:01:54 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 11528

    Error - 6/6/2012 11:01:55 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 6/6/2012 11:01:55 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 12542

    Error - 6/6/2012 11:01:55 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 12542

    Error - 6/6/2012 11:01:56 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: Continuously busy for more than a second

    Error - 6/6/2012 11:01:56 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledEvent 13556

    Error - 6/6/2012 11:01:56 PM | Computer Name = owner1-PC | Source = Bonjour Service | ID = 100
    Description = Task Scheduling Error: m->NextScheduledSPRetry 13556

    Error - 6/7/2012 9:06:39 PM | Computer Name = owner1-PC | Source = Application Error | ID = 1000
    Description = Faulting application carboniteservice.exe, version 5.0.1.702, time
    stamp 0x4eac403b, faulting module ntdll.dll, version 6.0.6002.18541, time stamp
    0x4ec3e3d5, exception code 0xc0000374, fault offset 0x000b06b7, process id 0x55c,
    application start time 0x01cd44535133571c.

    Error - 6/7/2012 9:59:46 PM | Computer Name = owner1-PC | Source = Microsoft-Windows-RestartManager | ID = 10007
    Description =

    Error - 6/7/2012 10:23:40 PM | Computer Name = owner1-PC | Source = WinMgmt | ID = 10
    Description =

    [ System Events ]
    Error - 5/19/2012 2:45:45 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/20/2012 12:40:55 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/20/2012 8:52:15 PM | Computer Name = owner1-PC | Source = Dhcp | ID = 1001
    Description = Your computer was not assigned an address from the network (by the
    DHCP Server) for the Network Card with network address 00226954E2B0. The following
    error occurred: %%1223. Your computer will continue to try and obtain an address
    on its own from the network address (DHCP) server.

    Error - 5/20/2012 10:07:58 PM | Computer Name = owner1-PC | Source = DCOM | ID = 10010
    Description =

    Error - 5/21/2012 4:08:08 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7011
    Description =

    Error - 5/21/2012 6:26:51 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/21/2012 6:29:15 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7034
    Description =

    Error - 5/21/2012 7:52:49 PM | Computer Name = owner1-PC | Source = DCOM | ID = 10010
    Description =

    Error - 5/22/2012 7:07:36 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =

    Error - 5/23/2012 4:35:03 PM | Computer Name = owner1-PC | Source = Service Control Manager | ID = 7000
    Description =


    < End of report >

  9. #9
    Member Spyware Fighter
    Join Date
    Jun 2010
    Location
    Bement,Ill USA
    Posts
    1,340
    Points
    146

    Default

    Hello,

    Please run the following tools and post there logs.

    1.
    Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.
    • If TDSSKiller does not run, try renaming it.
    • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
    • Click the Start Scan button.
    • Do not use the computer during the scan
    • If the scan completes with nothing found, click Close to exit.
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
    • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.
    • Copy and paste the contents of that file in your next reply.


    2.
    Install Recovery Console and Run ComboFix

    This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

    Download Combofix from any of the links below, and save it to your desktop.

    Link 1
    Link 2
    • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
    • Close any open windows, including this one.
    • Double click on ComboFix.exe & follow the prompts.
    • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
    • If you did not have it installed, you will see the prompt below. Choose YES.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

    **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

    Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
    should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    • Click on Yes, to continue scanning for malware.
    • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
    Leave your computer alone while ComboFix is running.
    ComboFix will restart your computer if malware is found; allow it to do so.


    Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.


    Things to include in your next reply::
    TdssKiller log
    Combofix.txt
    How is your machine running now?
    " Extinguishing Malware from the world"

    The Spware Help forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.
    HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
    Thanks-




  10. #10
    Member
    Join Date
    Jun 2012
    Posts
    8
    Points
    0

    Default

    ComboFix log...


    scanning hidden autostart entries ...
    .
    scanning hidden files ...
    .
    scan completed successfully
    hidden files:
    .
    **************************************************************************
    .
    --------------------- LOCKED REGISTRY KEYS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    --------------------- DLLs Loaded Under Running Processes ---------------------
    .
    - - - - - - - > 'Explorer.exe'(4544)
    c:\programdata\Ad-Aware Browsing Protection\adawarebp.dll
    c:\program files\Carbonite\Carbonite Backup\CarboniteNSE.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    c:\progra~1\AVG\AVG2012\avgrsx.exe
    c:\program files\AVG\AVG2012\avgcsrvx.exe
    c:\windows\system32\WLANExt.exe
    c:\program files\SUPERAntiSpyware\SASCORE.EXE
    c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\AVG\AVG2012\avgwdsvc.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\program files\Carbonite\Carbonite Backup\carboniteservice.exe
    c:\program files\AVG\AVG2012\avgnsx.exe
    c:\program files\AVG\AVG2012\avgemcx.exe
    c:\program files\Kodak\KODAK Share Button App\Listener.exe
    c:\windows\System32\igfxtray.exe
    c:\windows\System32\hkcmd.exe
    c:\windows\System32\igfxpers.exe
    c:\windows\system32\igfxsrvc.exe
    c:\program files\Common Files\Java\Java Update\jusched.exe
    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    c:\program files\AVG\AVG2012\avgtray.exe
    c:\program files\Carbonite\Carbonite Backup\CarboniteUI.exe
    c:\program files\Real\RealPlayer\Update\realsched.exe
    c:\program files\Kodak\MediaImpression\ArcMonitor.exe
    c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
    c:\program files\iTunes\iTunesHelper.exe
    c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe
    c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
    c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    c:\program files\Windows Media Player\wmpnscfg.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\program files\iPod\bin\iPodService.exe
    c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
    .
    **************************************************************************
    .
    Completion time: 2012-06-11 21:51:18 - machine was rebooted
    ComboFix-quarantined-files.txt 2012-06-12 01:50
    .
    Pre-Run: 424,210,817,024 bytes free
    Post-Run: 425,199,771,648 bytes free
    .
    - - End Of File - - BB52E62013561FCBADF38FA62778588A


    TDSSKiller Log...


    21:19:10.0511 4680 TDSS rootkit removing tool 2.7.36.0 May 21 2012 16:40:16
    21:19:10.0871 4680 ============================================================
    21:19:10.0871 4680 Current date / time: 2012/06/11 21:19:10.0871
    21:19:10.0871 4680 SystemInfo:
    21:19:10.0871 4680
    21:19:10.0871 4680 OS Version: 6.0.6002 ServicePack: 2.0
    21:19:10.0871 4680 Product type: Workstation
    21:19:10.0872 4680 ComputerName: OWNER1-PC
    21:19:10.0872 4680 UserName: owner1
    21:19:10.0872 4680 Windows directory: C:\Windows
    21:19:10.0872 4680 System windows directory: C:\Windows
    21:19:10.0872 4680 Processor architecture: Intel x86
    21:19:10.0872 4680 Number of processors: 2
    21:19:10.0872 4680 Page size: 0x1000
    21:19:10.0872 4680 Boot type: Normal boot
    21:19:10.0872 4680 ============================================================
    21:19:17.0463 4680 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
    21:19:17.0534 4680 ============================================================
    21:19:17.0534 4680 \Device\Harddisk0\DR0:
    21:19:17.0553 4680 MBR partitions:
    21:19:17.0553 4680 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
    21:19:17.0553 4680 ============================================================
    21:19:17.0907 4680 C: <-> \Device\Harddisk0\DR0\Partition0
    21:19:17.0907 4680 ============================================================
    21:19:17.0907 4680 Initialize success
    21:19:17.0907 4680 ============================================================
    21:19:21.0253 5756 ============================================================
    21:19:21.0253 5756 Scan started
    21:19:21.0253 5756 Mode: Manual;
    21:19:21.0253 5756 ============================================================
    21:19:28.0539 5756 !SASCORE (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    21:19:28.0541 5756 !SASCORE - ok
    21:19:29.0490 5756 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    21:19:29.0490 5756 ACDaemon - ok
    21:19:30.0308 5756 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
    21:19:30.0310 5756 ACPI - ok
    21:19:30.0369 5756 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    21:19:30.0370 5756 AdobeARMservice - ok
    21:19:30.0804 5756 AdobeFlashPlayerUpdateSvc (76d5a3d2a50402a0b9b6ed13c4371e79) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    21:19:30.0809 5756 AdobeFlashPlayerUpdateSvc - ok
    21:19:31.0525 5756 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys
    21:19:31.0556 5756 adp94xx - ok
    21:19:31.0923 5756 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys
    21:19:31.0929 5756 adpahci - ok
    21:19:32.0117 5756 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys
    21:19:32.0121 5756 adpu160m - ok
    21:19:32.0367 5756 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys
    21:19:32.0373 5756 adpu320 - ok
    21:19:32.0555 5756 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll
    21:19:32.0557 5756 AeLookupSvc - ok
    21:19:32.0851 5756 Afc (fe3ea6e9afc1a78e6edca121e006afb7) C:\Windows\system32\drivers\Afc.sys
    21:19:32.0961 5756 Afc - ok
    21:19:36.0523 5756 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys
    21:19:36.0694 5756 AFD - ok
    21:19:37.0256 5756 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys
    21:19:37.0287 5756 agp440 - ok
    21:19:37.0951 5756 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
    21:19:38.0044 5756 aic78xx - ok
    21:19:38.0361 5756 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe
    21:19:38.0365 5756 ALG - ok
    21:19:38.0684 5756 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys
    21:19:38.0699 5756 aliide - ok
    21:19:39.0246 5756 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys
    21:19:39.0273 5756 amdagp - ok
    21:19:39.0657 5756 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys
    21:19:39.0803 5756 amdide - ok
    21:19:41.0138 5756 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys
    21:19:41.0201 5756 AmdK7 - ok
    21:19:41.0731 5756 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\drivers\amdk8.sys
    21:19:41.0794 5756 AmdK8 - ok
    21:19:42.0195 5756 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll
    21:19:42.0271 5756 Appinfo - ok
    21:19:43.0860 5756 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    21:19:43.0974 5756 Apple Mobile Device - ok
    21:19:44.0742 5756 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys
    21:19:44.0876 5756 arc - ok
    21:19:45.0938 5756 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys
    21:19:46.0016 5756 arcsas - ok
    21:19:48.0503 5756 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
    21:19:48.0921 5756 aspnet_state - ok
    21:19:49.0018 5756 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
    21:19:49.0128 5756 AsyncMac - ok
    21:19:49.0408 5756 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys
    21:19:49.0471 5756 atapi - ok
    21:19:51.0145 5756 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    21:19:51.0145 5756 AudioEndpointBuilder - ok
    21:19:51.0145 5756 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll
    21:19:51.0176 5756 Audiosrv - ok
    21:20:00.0521 5756 AVGIDSAgent (ba60fd7a64b9759a14c0fba4a9ed4c7b) C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
    21:20:00.0552 5756 AVGIDSAgent - ok
    21:20:01.0931 5756 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\Windows\system32\DRIVERS\avgidsdriverx.sys
    21:20:02.0788 5756 AVGIDSDriver - ok
    21:20:03.0058 5756 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\Windows\system32\DRIVERS\avgidsfilterx.sys
    21:20:03.0073 5756 AVGIDSFilter - ok
    21:20:03.0385 5756 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\Windows\system32\DRIVERS\avgidshx.sys
    21:20:03.0385 5756 AVGIDSHX - ok
    21:20:03.0432 5756 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\Windows\system32\DRIVERS\avgidsshimx.sys
    21:20:03.0432 5756 AVGIDSShim - ok
    21:20:03.0619 5756 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\Windows\system32\DRIVERS\avgldx86.sys
    21:20:03.0682 5756 Avgldx86 - ok
    21:20:03.0885 5756 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\Windows\system32\DRIVERS\avgmfx86.sys
    21:20:03.0947 5756 Avgmfx86 - ok
    21:20:04.0116 5756 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\Windows\system32\DRIVERS\avgrkx86.sys
    21:20:04.0118 5756 Avgrkx86 - ok
    21:20:04.0413 5756 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\Windows\system32\DRIVERS\avgtdix.sys
    21:20:04.0439 5756 Avgtdix - ok
    21:20:04.0955 5756 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
    21:20:04.0957 5756 avgwd - ok
    21:20:06.0287 5756 BCM43XX (9e91d8d6b1e60dcfbefd5afba3e7a108) C:\Windows\system32\DRIVERS\bcmwl6.sys
    21:20:06.0396 5756 BCM43XX - ok
    21:20:06.0599 5756 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
    21:20:06.0614 5756 Beep - ok
    21:20:06.0692 5756 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll
    21:20:06.0692 5756 BFE - ok
    21:20:07.0933 5756 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\System32\qmgr.dll
    21:20:08.0779 5756 BITS - ok
    21:20:08.0826 5756 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys
    21:20:08.0872 5756 blbdrive - ok
    21:20:09.0933 5756 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe
    21:20:09.0933 5756 Bonjour Service - ok
    21:20:10.0073 5756 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys
    21:20:10.0102 5756 bowser - ok
    21:20:10.0310 5756 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
    21:20:10.0326 5756 BrFiltLo - ok
    21:20:10.0431 5756 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
    21:20:10.0433 5756 BrFiltUp - ok
    21:20:10.0769 5756 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll
    21:20:10.0771 5756 Browser - ok
    21:20:11.0020 5756 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
    21:20:11.0025 5756 Brserid - ok
    21:20:11.0088 5756 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
    21:20:11.0096 5756 BrSerWdm - ok
    21:20:11.0283 5756 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
    21:20:11.0314 5756 BrUsbMdm - ok
    21:20:11.0361 5756 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
    21:20:11.0392 5756 BrUsbSer - ok
    21:20:11.0657 5756 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
    21:20:11.0756 5756 BTHMODEM - ok
    21:20:13.0042 5756 CarboniteService (a77a9bc4c99de1698e1bb3f3d6df4f90) C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
    21:20:13.0070 5756 CarboniteService - ok
    21:20:13.0382 5756 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
    21:20:13.0390 5756 cdfs - ok
    21:20:13.0491 5756 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
    21:20:13.0494 5756 cdrom - ok
    21:20:13.0606 5756 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    21:20:13.0608 5756 CertPropSvc - ok
    21:20:13.0736 5756 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys
    21:20:13.0737 5756 circlass - ok
    21:20:13.0804 5756 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
    21:20:13.0809 5756 CLFS - ok
    21:20:13.0910 5756 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    21:20:13.0923 5756 clr_optimization_v2.0.50727_32 - ok
    21:20:14.0094 5756 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    21:20:14.0145 5756 clr_optimization_v4.0.30319_32 - ok
    21:20:14.0202 5756 CmBatt (99afc3795b58cc478fbbbcdc658fcb56) C:\Windows\system32\DRIVERS\CmBatt.sys
    21:20:14.0218 5756 CmBatt - ok
    21:20:14.0249 5756 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys
    21:20:14.0265 5756 cmdide - ok
    21:20:14.0296 5756 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\DRIVERS\compbatt.sys
    21:20:14.0311 5756 Compbatt - ok
    21:20:14.0327 5756 COMSysApp - ok
    21:20:14.0327 5756 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys
    21:20:14.0343 5756 crcdisk - ok
    21:20:14.0374 5756 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys
    21:20:14.0405 5756 Crusoe - ok
    21:20:14.0452 5756 CryptSvc (fb27772beaf8e1d28ccd825c09da939b) C:\Windows\system32\cryptsvc.dll
    21:20:14.0452 5756 CryptSvc - ok
    21:20:15.0341 5756 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    21:20:15.0544 5756 DcomLaunch - ok
    21:20:16.0846 5756 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys
    21:20:16.0863 5756 DfsC - ok
    21:20:19.0171 5756 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe
    21:20:19.0245 5756 DFSR - ok
    21:20:19.0426 5756 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll
    21:20:19.0429 5756 Dhcp - ok
    21:20:19.0495 5756 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
    21:20:19.0499 5756 disk - ok
    21:20:19.0541 5756 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll
    21:20:19.0543 5756 Dnscache - ok
    21:20:19.0742 5756 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll
    21:20:19.0742 5756 dot3svc - ok
    21:20:19.0804 5756 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll
    21:20:19.0804 5756 DPS - ok
    21:20:19.0851 5756 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
    21:20:19.0898 5756 drmkaud - ok
    21:20:20.0272 5756 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys
    21:20:20.0288 5756 DXGKrnl - ok
    21:20:20.0444 5756 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys
    21:20:20.0459 5756 E1G60 - ok
    21:20:20.0506 5756 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll
    21:20:20.0506 5756 EapHost - ok
    21:20:20.0553 5756 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
    21:20:20.0568 5756 Ecache - ok
    21:20:20.0709 5756 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys
    21:20:20.0771 5756 elxstor - ok
    21:20:20.0865 5756 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll
    21:20:20.0880 5756 EMDMgmt - ok
    21:20:20.0912 5756 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys
    21:20:20.0958 5756 ErrDev - ok
    21:20:21.0052 5756 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll
    21:20:21.0052 5756 EventSystem - ok
    21:20:21.0099 5756 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
    21:20:21.0114 5756 exfat - ok
    21:20:21.0161 5756 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
    21:20:21.0224 5756 fastfat - ok
    21:20:21.0286 5756 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys
    21:20:21.0286 5756 fdc - ok
    21:20:21.0317 5756 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll
    21:20:21.0333 5756 fdPHost - ok
    21:20:21.0426 5756 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll
    21:20:21.0426 5756 FDResPub - ok
    21:20:21.0582 5756 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
    21:20:21.0598 5756 FileInfo - ok
    21:20:21.0849 5756 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
    21:20:21.0942 5756 Filetrace - ok
    21:20:21.0989 5756 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
    21:20:22.0005 5756 flpydisk - ok
    21:20:22.0395 5756 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
    21:20:22.0410 5756 FltMgr - ok
    21:20:22.0629 5756 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll
    21:20:22.0644 5756 FontCache - ok
    21:20:22.0738 5756 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    21:20:22.0753 5756 FontCache3.0.0.0 - ok
    21:20:22.0769 5756 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys
    21:20:22.0816 5756 Fs_Rec - ok
    21:20:22.0925 5756 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys
    21:20:22.0956 5756 gagp30kx - ok
    21:20:22.0987 5756 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
    21:20:23.0003 5756 GEARAspiWDM - ok
    21:20:23.0143 5756 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll
    21:20:23.0159 5756 gpsvc - ok
    21:20:23.0409 5756 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    21:20:23.0455 5756 gupdate - ok
    21:20:23.0455 5756 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe
    21:20:23.0455 5756 gupdatem - ok
    21:20:23.0502 5756 gusvc (c1b577b2169900f4cf7190c39f085794) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    21:20:23.0533 5756 gusvc - ok
    21:20:23.0627 5756 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
    21:20:23.0643 5756 HdAudAddService - ok
    21:20:23.0721 5756 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
    21:20:23.0767 5756 HDAudBus - ok
    21:20:23.0814 5756 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
    21:20:23.0830 5756 HidBth - ok
    21:20:23.0845 5756 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
    21:20:23.0908 5756 HidIr - ok
    21:20:23.0939 5756 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\system32\hidserv.dll
    21:20:23.0939 5756 hidserv - ok
    21:20:23.0970 5756 HidUsb (854ca287ab7faf949617a788306d967e) C:\Windows\system32\DRIVERS\hidusb.sys
    21:20:23.0986 5756 HidUsb - ok
    21:20:24.0017 5756 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll
    21:20:24.0017 5756 hkmsvc - ok
    21:20:24.0111 5756 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys
    21:20:24.0142 5756 HpCISSs - ok
    21:20:24.0173 5756 HSFHWAZL (46d67209550973257601a533e2ac5785) C:\Windows\system32\DRIVERS\VSTAZL3.SYS
    21:20:24.0189 5756 HSFHWAZL - ok
    21:20:24.0391 5756 HSF_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
    21:20:24.0407 5756 HSF_DPV - ok
    21:20:24.0469 5756 HTTP (0eeeca26c8d4bde2a4664db058a81937) C:\Windows\system32\drivers\HTTP.sys
    21:20:24.0469 5756 HTTP - ok
    21:20:24.0501 5756 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys
    21:20:24.0516 5756 i2omp - ok
    21:20:24.0563 5756 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
    21:20:24.0594 5756 i8042prt - ok
    21:20:24.0657 5756 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
    21:20:24.0672 5756 iaStorV - ok
    21:20:24.0859 5756 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
    21:20:24.0891 5756 idsvc - ok
    21:20:25.0530 5756 igfx (9467514ea189475a6e7fdc5d7bde9d3f) C:\Windows\system32\DRIVERS\igdkmd32.sys
    21:20:25.0624 5756 igfx - ok
    21:20:26.0264 5756 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
    21:20:26.0280 5756 iirsp - ok
    21:20:26.0561 5756 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll
    21:20:26.0576 5756 IKEEXT - ok
    21:20:26.0623 5756 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys
    21:20:26.0639 5756 intelide - ok
    21:20:26.0873 5756 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
    21:20:26.0935 5756 intelppm - ok
    21:20:27.0461 5756 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll
    21:20:27.0493 5756 IPBusEnum - ok
    21:20:27.0709 5756 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
    21:20:27.0815 5756 IpFilterDriver - ok
    21:20:27.0888 5756 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll
    21:20:27.0891 5756 iphlpsvc - ok
    21:20:27.0895 5756 IpInIp - ok
    21:20:28.0141 5756 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys
    21:20:28.0156 5756 IPMIDRV - ok
    21:20:28.0191 5756 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
    21:20:28.0196 5756 IPNAT - ok
    21:20:28.0408 5756 iPod Service (49918803b661367023bf325cf602afdc) C:\Program Files\iPod\bin\iPodService.exe
    21:20:28.0459 5756 iPod Service - ok
    21:20:28.0471 5756 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
    21:20:28.0506 5756 IRENUM - ok
    21:20:28.0568 5756 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys
    21:20:28.0599 5756 isapnp - ok
    21:20:28.0646 5756 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
    21:20:28.0693 5756 iScsiPrt - ok
    21:20:28.0786 5756 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
    21:20:28.0802 5756 iteatapi - ok
    21:20:28.0833 5756 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
    21:20:28.0833 5756 iteraid - ok
    21:20:28.0849 5756 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
    21:20:28.0896 5756 kbdclass - ok
    21:20:28.0974 5756 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\DRIVERS\kbdhid.sys
    21:20:28.0974 5756 kbdhid - ok
    21:20:29.0114 5756 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    21:20:29.0161 5756 KeyIso - ok
    21:20:29.0270 5756 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys
    21:20:29.0286 5756 KSecDD - ok
    21:20:29.0477 5756 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll
    21:20:29.0481 5756 KtmRm - ok
    21:20:29.0525 5756 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\system32\srvsvc.dll
    21:20:29.0530 5756 LanmanServer - ok
    21:20:29.0583 5756 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll
    21:20:29.0587 5756 LanmanWorkstation - ok
    21:20:29.0736 5756 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
    21:20:29.0773 5756 lltdio - ok
    21:20:29.0851 5756 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll
    21:20:29.0919 5756 lltdsvc - ok
    21:20:29.0953 5756 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll
    21:20:29.0955 5756 lmhosts - ok
    21:20:30.0044 5756 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys
    21:20:30.0081 5756 LSI_FC - ok
    21:20:30.0207 5756 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys
    21:20:30.0224 5756 LSI_SAS - ok
    21:20:30.0257 5756 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys
    21:20:30.0297 5756 LSI_SCSI - ok
    21:20:30.0351 5756 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
    21:20:30.0373 5756 luafv - ok
    21:20:30.0448 5756 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\Windows\system32\drivers\mbam.sys
    21:20:30.0467 5756 MBAMProtector - ok
    21:20:30.0779 5756 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    21:20:30.0842 5756 MBAMService - ok
    21:20:30.0888 5756 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys
    21:20:30.0888 5756 megasas - ok
    21:20:30.0935 5756 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys
    21:20:30.0951 5756 MegaSR - ok
    21:20:31.0060 5756 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    21:20:31.0060 5756 MMCSS - ok
    21:20:31.0091 5756 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
    21:20:31.0107 5756 Modem - ok
    21:20:31.0419 5756 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
    21:20:31.0434 5756 monitor - ok
    21:20:31.0528 5756 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
    21:20:31.0544 5756 mouclass - ok
    21:20:31.0653 5756 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
    21:20:31.0684 5756 mouhid - ok
    21:20:31.0731 5756 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
    21:20:31.0762 5756 MountMgr - ok
    21:20:31.0949 5756 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys
    21:20:31.0980 5756 mpio - ok
    21:20:32.0012 5756 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
    21:20:32.0043 5756 mpsdrv - ok
    21:20:32.0246 5756 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll
    21:20:32.0261 5756 MpsSvc - ok
    21:20:32.0292 5756 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
    21:20:32.0324 5756 Mraid35x - ok
    21:20:32.0386 5756 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
    21:20:32.0402 5756 MRxDAV - ok
    21:20:32.0526 5756 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys
    21:20:32.0558 5756 mrxsmb - ok
    21:20:32.0901 5756 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys
    21:20:32.0932 5756 mrxsmb10 - ok
    21:20:32.0948 5756 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
    21:20:32.0979 5756 mrxsmb20 - ok
    21:20:33.0197 5756 msahci (5457dcfa7c0da43522f4d9d4049c1472) C:\Windows\system32\drivers\msahci.sys
    21:20:33.0291 5756 msahci - ok
    21:20:33.0353 5756 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys
    21:20:33.0447 5756 msdsm - ok
    21:20:34.0165 5756 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe
    21:20:34.0243 5756 MSDTC - ok
    21:20:34.0290 5756 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
    21:20:34.0290 5756 Msfs - ok
    21:20:34.0321 5756 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
    21:20:34.0384 5756 msisadrv - ok
    21:20:34.0415 5756 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll
    21:20:34.0477 5756 MSiSCSI - ok
    21:20:34.0477 5756 msiserver - ok
    21:20:34.0524 5756 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
    21:20:34.0587 5756 MSKSSRV - ok
    21:20:34.0602 5756 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
    21:20:34.0618 5756 MSPCLOCK - ok
    21:20:34.0711 5756 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
    21:20:34.0743 5756 MSPQM - ok
    21:20:34.0821 5756 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
    21:20:34.0836 5756 MsRPC - ok
    21:20:34.0867 5756 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
    21:20:34.0883 5756 mssmbios - ok
    21:20:34.0930 5756 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
    21:20:34.0961 5756 MSTEE - ok
    21:20:35.0008 5756 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
    21:20:35.0039 5756 Mup - ok
    21:20:35.0101 5756 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll
    21:20:35.0101 5756 napagent - ok
    21:20:35.0273 5756 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
    21:20:35.0304 5756 NativeWifiP - ok
    21:20:35.0507 5756 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
    21:20:35.0585 5756 NDIS - ok
    21:20:35.0616 5756 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
    21:20:35.0647 5756 NdisTapi - ok
    21:20:35.0694 5756 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
    21:20:35.0725 5756 Ndisuio - ok
    21:20:35.0772 5756 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
    21:20:35.0819 5756 NdisWan - ok
    21:20:35.0881 5756 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
    21:20:35.0928 5756 NDProxy - ok
    21:20:35.0959 5756 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
    21:20:36.0022 5756 NetBIOS - ok
    21:20:36.0100 5756 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
    21:20:36.0162 5756 netbt - ok
    21:20:36.0209 5756 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    21:20:36.0225 5756 Netlogon - ok
    21:20:36.0287 5756 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll
    21:20:36.0287 5756 Netman - ok
    21:20:36.0459 5756 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    21:20:36.0505 5756 NetMsmqActivator - ok
    21:20:36.0505 5756 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    21:20:36.0505 5756 NetPipeActivator - ok
    21:20:36.0599 5756 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll
    21:20:36.0615 5756 netprofm - ok
    21:20:36.0615 5756 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    21:20:36.0615 5756 NetTcpActivator - ok
    21:20:36.0615 5756 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    21:20:36.0630 5756 NetTcpPortSharing - ok
    21:20:36.0693 5756 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
    21:20:36.0724 5756 nfrd960 - ok
    21:20:36.0771 5756 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll
    21:20:36.0786 5756 NlaSvc - ok
    21:20:36.0833 5756 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
    21:20:36.0849 5756 Npfs - ok
    21:20:36.0880 5756 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll
    21:20:36.0895 5756 nsi - ok
    21:20:36.0927 5756 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
    21:20:36.0927 5756 nsiproxy - ok
    21:20:37.0137 5756 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
    21:20:37.0187 5756 Ntfs - ok
    21:20:37.0217 5756 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
    21:20:37.0229 5756 ntrigdigi - ok
    21:20:37.0260 5756 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
    21:20:37.0276 5756 Null - ok
    21:20:37.0307 5756 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys
    21:20:37.0326 5756 nvraid - ok
    21:20:37.0356 5756 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys
    21:20:37.0359 5756 nvstor - ok
    21:20:37.0515 5756 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys
    21:20:37.0551 5756 nv_agp - ok
    21:20:37.0555 5756 NwlnkFlt - ok
    21:20:37.0562 5756 NwlnkFwd - ok
    21:20:38.0692 5756 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
    21:20:38.0708 5756 odserv - ok
    21:20:38.0832 5756 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys
    21:20:38.0848 5756 ohci1394 - ok
    21:20:38.0988 5756 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    21:20:39.0020 5756 ose - ok
    21:20:39.0144 5756 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    21:20:39.0176 5756 p2pimsvc - ok
    21:20:39.0191 5756 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    21:20:39.0191 5756 p2psvc - ok
    21:20:39.0238 5756 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
    21:20:39.0285 5756 Parport - ok
    21:20:39.0425 5756 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys
    21:20:39.0425 5756 partmgr - ok
    21:20:39.0472 5756 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
    21:20:39.0488 5756 Parvdm - ok
    21:20:39.0519 5756 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll
    21:20:39.0534 5756 PcaSvc - ok
    21:20:39.0612 5756 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
    21:20:39.0612 5756 pci - ok
    21:20:39.0675 5756 pciide (fc175f5ddab666d7f4d17449a547626f) C:\Windows\system32\drivers\pciide.sys
    21:20:39.0690 5756 pciide - ok
    21:20:39.0909 5756 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
    21:20:39.0940 5756 pcmcia - ok
    21:20:40.0096 5756 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
    21:20:40.0143 5756 PEAUTH - ok
    21:20:40.0673 5756 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll
    21:20:40.0689 5756 pla - ok
    21:20:40.0923 5756 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll
    21:20:40.0938 5756 PlugPlay - ok
    21:20:41.0048 5756 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    21:20:41.0063 5756 PNRPAutoReg - ok
    21:20:41.0063 5756 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll
    21:20:41.0079 5756 PNRPsvc - ok
    21:20:41.0172 5756 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll
    21:20:41.0266 5756 PolicyAgent - ok
    21:20:41.0360 5756 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
    21:20:41.0375 5756 PptpMiniport - ok
    21:20:41.0406 5756 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys
    21:20:41.0438 5756 Processor - ok
    21:20:41.0516 5756 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll
    21:20:41.0531 5756 ProfSvc - ok
    21:20:41.0562 5756 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    21:20:41.0562 5756 ProtectedStorage - ok
    21:20:41.0640 5756 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
    21:20:41.0656 5756 PSched - ok
    21:20:41.0796 5756 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys
    21:20:41.0843 5756 ql2300 - ok
    21:20:41.0874 5756 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
    21:20:41.0906 5756 ql40xx - ok
    21:20:42.0046 5756 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll
    21:20:42.0046 5756 QWAVE - ok
    21:20:42.0093 5756 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
    21:20:42.0093 5756 QWAVEdrv - ok
    21:20:42.0093 5756 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
    21:20:42.0108 5756 RasAcd - ok
    21:20:42.0140 5756 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll
    21:20:42.0140 5756 RasAuto - ok
    21:20:42.0171 5756 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
    21:20:42.0171 5756 Rasl2tp - ok
    21:20:42.0233 5756 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll
    21:20:42.0249 5756 RasMan - ok
    21:20:42.0280 5756 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
    21:20:42.0327 5756 RasPppoe - ok
    21:20:42.0374 5756 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
    21:20:42.0374 5756 RasSstp - ok
    21:20:42.0561 5756 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
    21:20:42.0592 5756 rdbss - ok
    21:20:42.0623 5756 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
    21:20:42.0639 5756 RDPCDD - ok
    21:20:42.0686 5756 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys
    21:20:42.0732 5756 rdpdr - ok
    21:20:42.0764 5756 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
    21:20:42.0779 5756 RDPENCDD - ok
    21:20:42.0951 5756 RDPWD (79c6df8477250f5c54f7c5ae1d6b814e) C:\Windows\system32\drivers\RDPWD.sys
    21:20:43.0013 5756 RDPWD - ok
    21:20:43.0060 5756 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll
    21:20:43.0076 5756 RemoteAccess - ok
    21:20:43.0107 5756 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll
    21:20:43.0122 5756 RemoteRegistry - ok
    21:20:43.0154 5756 rimmptsk (df672613fbbcd58c38bb0bc2694bcfb0) C:\Windows\system32\DRIVERS\rimmptsk.sys
    21:20:43.0200 5756 rimmptsk - ok
    21:20:43.0232 5756 rimsptsk (9bfb54d3559f2ff7301271d29d383564) C:\Windows\system32\DRIVERS\rimsptsk.sys
    21:20:43.0325 5756 rimsptsk - ok
    21:20:43.0544 5756 rismxdp (dcb87da83cc1010cbc9fc4dc9e395bbc) C:\Windows\system32\DRIVERS\rixdptsk.sys
    21:20:43.0856 5756 rismxdp - ok
    21:20:43.0996 5756 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe
    21:20:44.0012 5756 RpcLocator - ok
    21:20:44.0214 5756 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll
    21:20:44.0214 5756 RpcSs - ok
    21:20:44.0246 5756 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
    21:20:44.0277 5756 rspndr - ok
    21:20:44.0324 5756 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe
    21:20:44.0324 5756 SamSs - ok
    21:20:44.0480 5756 SASDIFSV (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
    21:20:44.0558 5756 SASDIFSV - ok
    21:20:44.0604 5756 SASKUTIL (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
    21:20:44.0651 5756 SASKUTIL - ok
    21:20:44.0760 5756 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
    21:20:44.0776 5756 sbp2port - ok
    21:20:44.0807 5756 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll
    21:20:44.0823 5756 SCardSvr - ok
    21:20:44.0994 5756 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll
    21:20:45.0010 5756 Schedule - ok
    21:20:45.0104 5756 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll
    21:20:45.0104 5756 SCPolicySvc - ok
    21:20:45.0182 5756 sdbus (8f36b54688c31eed4580129040c6a3d3) C:\Windows\system32\DRIVERS\sdbus.sys
    21:20:45.0197 5756 sdbus - ok
    21:20:45.0228 5756 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll
    21:20:45.0244 5756 SDRSVC - ok
    21:20:45.0353 5756 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
    21:20:45.0416 5756 secdrv - ok
    21:20:45.0447 5756 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll
    21:20:45.0447 5756 seclogon - ok
    21:20:45.0525 5756 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\System32\sens.dll
    21:20:45.0525 5756 SENS - ok
    21:20:45.0556 5756 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
    21:20:45.0572 5756 Serenum - ok
    21:20:45.0650 5756 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
    21:20:45.0665 5756 Serial - ok
    21:20:45.0681 5756 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
    21:20:45.0696 5756 sermouse - ok
    21:20:45.0759 5756 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll
    21:20:45.0774 5756 SessionEnv - ok
    21:20:45.0790 5756 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\DRIVERS\sffdisk.sys
    21:20:45.0821 5756 sffdisk - ok
    21:20:45.0852 5756 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys
    21:20:45.0899 5756 sffp_mmc - ok
    21:20:45.0946 5756 sffp_sd (9f66a46c55d6f1ccabc79bb7afccc545) C:\Windows\system32\DRIVERS\sffp_sd.sys
    21:20:45.0977 5756 sffp_sd - ok
    21:20:45.0993 5756 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
    21:20:46.0008 5756 sfloppy - ok
    21:20:46.0102 5756 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll
    21:20:46.0102 5756 SharedAccess - ok
    21:20:46.0196 5756 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll
    21:20:46.0211 5756 ShellHWDetection - ok
    21:20:46.0227 5756 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys
    21:20:46.0289 5756 sisagp - ok
    21:20:46.0352 5756 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys
    21:20:46.0352 5756 SiSRaid2 - ok
    21:20:46.0383 5756 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys
    21:20:46.0492 5756 SiSRaid4 - ok
    21:20:47.0178 5756 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe
    21:20:47.0194 5756 slsvc - ok
    21:20:47.0428 5756 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll
    21:20:47.0444 5756 SLUINotify - ok
    21:20:47.0490 5756 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
    21:20:47.0490 5756 Smb - ok
    21:20:47.0522 5756 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe
    21:20:47.0537 5756 SNMPTRAP - ok
    21:20:47.0646 5756 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
    21:20:47.0678 5756 spldr - ok
    21:20:47.0724 5756 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe
    21:20:47.0724 5756 Spooler - ok
    21:20:47.0787 5756 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys
    21:20:47.0787 5756 srv - ok
    21:20:47.0880 5756 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys
    21:20:47.0896 5756 srv2 - ok
    21:20:47.0912 5756 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys
    21:20:47.0912 5756 srvnet - ok
    21:20:48.0177 5756 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll
    21:20:48.0177 5756 SSDPSRV - ok
    21:20:48.0224 5756 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll
    21:20:48.0239 5756 SstpSvc - ok
    21:20:48.0364 5756 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll
    21:20:48.0380 5756 stisvc - ok
    21:20:48.0411 5756 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
    21:20:48.0442 5756 swenum - ok
    21:20:48.0598 5756 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll
    21:20:48.0645 5756 swprv - ok
    21:20:49.0238 5756 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
    21:20:49.0269 5756 Symc8xx - ok
    21:20:49.0394 5756 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
    21:20:49.0456 5756 Sym_hi - ok
    21:20:49.0613 5756 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
    21:20:49.0629 5756 Sym_u3 - ok
    21:20:50.0800 5756 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll
    21:20:50.0956 5756 SysMain - ok
    21:20:51.0143 5756 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll
    21:20:51.0143 5756 TabletInputService - ok
    21:20:51.0268 5756 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll
    21:20:51.0268 5756 TapiSrv - ok
    21:20:51.0299 5756 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll
    21:20:51.0299 5756 TBS - ok
    21:20:51.0720 5756 Tcpip (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\drivers\tcpip.sys
    21:20:51.0720 5756 Tcpip - ok
    21:20:51.0736 5756 Tcpip6 (27d470dabc77bc60d0a3b0e4deb6cb91) C:\Windows\system32\DRIVERS\tcpip.sys
    21:20:51.0751 5756 Tcpip6 - ok
    21:20:51.0876 5756 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
    21:20:51.0923 5756 tcpipreg - ok
    21:20:51.0985 5756 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
    21:20:51.0985 5756 TDPIPE - ok
    21:20:52.0016 5756 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
    21:20:52.0079 5756 TDTCP - ok
    21:20:52.0297 5756 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
    21:20:52.0297 5756 tdx - ok
    21:20:52.0391 5756 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
    21:20:52.0453 5756 TermDD - ok
    21:20:52.0656 5756 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll
    21:20:52.0672 5756 TermService - ok
    21:20:52.0812 5756 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll
    21:20:52.0828 5756 Themes - ok
    21:20:53.0062 5756 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll
    21:20:53.0062 5756 THREADORDER - ok
    21:20:53.0093 5756 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll
    21:20:53.0093 5756 TrkWks - ok
    21:20:53.0296 5756 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe
    21:20:53.0296 5756 TrustedInstaller - ok
    21:20:53.0327 5756 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
    21:20:53.0389 5756 tssecsrv - ok
    21:20:53.0405 5756 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
    21:20:53.0436 5756 tunmp - ok
    21:20:53.0483 5756 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
    21:20:53.0483 5756 tunnel - ok
    21:20:53.0514 5756 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys
    21:20:53.0530 5756 uagp35 - ok
    21:20:53.0686 5756 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
    21:20:53.0686 5756 udfs - ok
    21:20:53.0732 5756 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe
    21:20:53.0732 5756 UI0Detect - ok
    21:20:53.0748 5756 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys
    21:20:53.0764 5756 uliagpkx - ok
    21:20:53.0857 5756 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys
    21:20:53.0873 5756 uliahci - ok
    21:20:53.0904 5756 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
    21:20:53.0935 5756 UlSata - ok
    21:20:53.0966 5756 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
    21:20:53.0966 5756 ulsata2 - ok
    21:20:53.0998 5756 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
    21:20:54.0013 5756 umbus - ok
    21:20:54.0029 5756 Updater Service for StartNow Toolbar - ok
    21:20:54.0216 5756 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll
    21:20:54.0216 5756 upnphost - ok
    21:20:54.0450 5756 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
    21:20:54.0497 5756 usbccgp - ok
    21:20:54.0715 5756 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
    21:20:54.0746 5756 usbcir - ok
    21:20:54.0809 5756 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
    21:20:54.0809 5756 usbehci - ok
    21:20:54.0840 5756 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
    21:20:54.0871 5756 usbhub - ok
    21:20:54.0996 5756 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
    21:20:55.0183 5756 usbohci - ok
    21:20:55.0214 5756 usbprint (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\drivers\usbprint.sys
    21:20:55.0230 5756 usbprint - ok
    21:20:55.0355 5756 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
    21:20:55.0386 5756 USBSTOR - ok
    21:20:55.0417 5756 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
    21:20:55.0464 5756 usbuhci - ok
    21:20:55.0495 5756 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll
    21:20:55.0495 5756 UxSms - ok
    21:20:56.0026 5756 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe
    21:20:56.0041 5756 vds - ok
    21:20:56.0072 5756 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys
    21:20:56.0104 5756 vga - ok
    21:20:56.0135 5756 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
    21:20:56.0244 5756 VgaSave - ok
    21:20:56.0275 5756 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys
    21:20:56.0306 5756 viaagp - ok
    21:20:56.0338 5756 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys
    21:20:56.0338 5756 ViaC7 - ok
    21:20:56.0353 5756 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys
    21:20:56.0353 5756 viaide - ok
    21:20:56.0400 5756 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
    21:20:56.0447 5756 volmgr - ok
    21:20:56.0494 5756 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
    21:20:56.0618 5756 volmgrx - ok
    21:20:56.0665 5756 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
    21:20:56.0696 5756 volsnap - ok
    21:20:56.0852 5756 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys
    21:20:56.0946 5756 vsmraid - ok
    21:20:57.0055 5756 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe
    21:20:57.0071 5756 VSS - ok
    21:20:57.0133 5756 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll
    21:20:57.0133 5756 W32Time - ok
    21:20:57.0508 5756 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
    21:20:57.0523 5756 WacomPen - ok
    21:20:57.0539 5756 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    21:20:57.0539 5756 Wanarp - ok
    21:20:57.0554 5756 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
    21:20:57.0554 5756 Wanarpv6 - ok
    21:20:57.0695 5756 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll
    21:20:57.0695 5756 wcncsvc - ok
    21:20:57.0742 5756 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll
    21:20:57.0742 5756 WcsPlugInService - ok
    21:20:57.0773 5756 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys
    21:20:57.0804 5756 Wd - ok
    21:20:57.0944 5756 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
    21:20:57.0960 5756 Wdf01000 - ok
    21:20:58.0022 5756 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    21:20:58.0038 5756 WdiServiceHost - ok
    21:20:58.0038 5756 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll
    21:20:58.0038 5756 WdiSystemHost - ok
    21:20:58.0178 5756 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll
    21:20:58.0178 5756 WebClient - ok
    21:20:58.0210 5756 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll
    21:20:58.0225 5756 Wecsvc - ok
    21:20:58.0241 5756 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll
    21:20:58.0241 5756 wercplsupport - ok
    21:20:58.0256 5756 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll
    21:20:58.0272 5756 WerSvc - ok
    21:20:58.0459 5756 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
    21:20:58.0475 5756 winachsf - ok
    21:20:58.0818 5756 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll
    21:20:58.0849 5756 WinDefend - ok
    21:20:58.0849 5756 WinHttpAutoProxySvc - ok
    21:20:58.0990 5756 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll
    21:20:58.0990 5756 Winmgmt - ok
    21:20:59.0239 5756 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll
    21:20:59.0302 5756 WinRM - ok
    21:20:59.0473 5756 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll
    21:20:59.0473 5756 Wlansvc - ok
    21:20:59.0536 5756 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\DRIVERS\wmiacpi.sys
    21:20:59.0536 5756 WmiAcpi - ok
    21:20:59.0676 5756 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe
    21:20:59.0676 5756 wmiApSrv - ok
    21:20:59.0894 5756 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe
    21:20:59.0894 5756 WMPNetworkSvc - ok
    21:20:59.0957 5756 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll
    21:20:59.0957 5756 WPCSvc - ok
    21:20:59.0988 5756 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll
    21:21:00.0004 5756 WPDBusEnum - ok
    21:21:00.0097 5756 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
    21:21:00.0113 5756 WpdUsb - ok
    21:21:00.0862 5756 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
    21:21:00.0877 5756 WPFFontCache_v0400 - ok
    21:21:00.0908 5756 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
    21:21:00.0908 5756 ws2ifsl - ok
    21:21:00.0955 5756 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\System32\wscsvc.dll
    21:21:00.0955 5756 wscsvc - ok
    21:21:00.0971 5756 WSearch - ok
    21:21:01.0189 5756 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll
    21:21:01.0236 5756 wuauserv - ok
    21:21:01.0423 5756 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
    21:21:01.0439 5756 WUDFRd - ok
    21:21:01.0470 5756 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll
    21:21:01.0470 5756 wudfsvc - ok
    21:21:01.0532 5756 yukonwlh (04e268adfc81964c49dc0c082d520f7e) C:\Windows\system32\DRIVERS\yk60x86.sys
    21:21:01.0564 5756 yukonwlh - ok
    21:21:01.0610 5756 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
    21:21:02.0375 5756 \Device\Harddisk0\DR0 - ok
    21:21:02.0390 5756 Boot (0x1200) (6d8c5f0fae6827aa94b20f83cd5377b9) \Device\Harddisk0\DR0\Partition0
    21:21:02.0390 5756 \Device\Harddisk0\DR0\Partition0 - ok
    21:21:02.0390 5756 ============================================================
    21:21:02.0390 5756 Scan finished
    21:21:02.0390 5756 ============================================================
    21:21:02.0406 4304 Detected object count: 0
    21:21:02.0406 4304 Actual detected object count: 0
    21:21:41.0951 2644 Deinitialize success


    ++++++++++++++++++++++++++++++++++++++++

    My computer is running great now! Internet pages load so much faster. It's amazing the difference. What spyware/malware/virus programs do you suggest that I use?

    I can't thank you enough for your help

Page 1 of 2 12 LastLast