Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Member
    Join Date
    Oct 2013
    Posts
    9
    Points
    0

    Default cpu usage reach 100%

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 10/13/2013 at 07:37 AM

    Application Version : 5.6.1040

    Core Rules Database Version : 10828
    Trace Rules Database Version: 8640

    Scan type : Complete Scan
    Total Scan Time : 04:44:53

    Operating System Information
    Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 809
    Memory threats detected : 1
    Registry items scanned : 38537
    Registry threats detected : 0
    File items scanned : 10476
    File threats detected : 3

    Trojan.Agent/Gen
    C:\WINDOWS\KMSERVICE.EXE
    C:\WINDOWS\KMSERVICE.EXE

    Trojan.Agent/Gen-Keygen
    C:\USERS\IKA\DESKTOP\DEKSTOP BACKUP 25.8.2013\STORY\PROGRAMS\INTERNET DOWNLOAD MANAGER 6.07 BUILD 16\PATCH\KEYGEN.EXE

    Trojan.Agent/Gen-HackPatch
    C:\USERS\IKA\DESKTOP\DEKSTOP BACKUP 25.8.2013\STORY\PROGRAMS\INTERNET DOWNLOAD MANAGER 6.07 BUILD 16\PATCH\PATCH.EXE

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 10/17/2013 at 01:46 AM

    Application Version : 5.6.1040

    Core Rules Database Version : 10835
    Trace Rules Database Version: 8647

    Scan type : Complete Scan
    Total Scan Time : 04:21:13

    Operating System Information
    Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 858
    Memory threats detected : 0
    Registry items scanned : 38656
    Registry threats detected : 0
    File items scanned : 30845
    File threats detected : 4

    Adware.Tracking Cookie
    .doubleclick.net [ C:\USERS\IKA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtechus.com [ C:\USERS\IKA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtechus.com [ C:\USERS\IKA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\IKA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    Malwarebytes Anti-Malware (Trial) 1.75.0.1300
    Malwarebytes : Free anti-malware download

    Database version: v2013.10.16.07

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 10.0.9200.16686
    ika :: IKA-PC [administrator]

    Protection: Enabled

    16/10/2013 11:03:36 PM
    mbam-log-2013-10-16 (23-03-36).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 194654
    Time elapsed: 1 hour(s), 32 minute(s), 10 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 2
    C:\Users\ika\Downloads\bitdefender_antivirus.exe (PUP.Optional.DownloadSponsor.A) -> Quarantined and deleted successfully.
    C:\Program Files\Win32\Setup.exe (Backdoor.Bifrose) -> Quarantined and deleted successfully.

    (end)

    Logfile of Trend Micro HijackThis v2.0.5
    Scan saved at 1:50:47 PM, on 17/10/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v10.0 (10.00.9200.16686)

    FIREFOX: 24.0 (en-US)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskhost.exe
    C:\ProgramData\DatacardService\DCSHelper.exe
    C:\Program Files\IDT\WDM\sttray.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    C:\Program Files\CyberLink\YouCam\YouCamService.exe
    C:\Program Files\AVAST Software\Avast\AvastUI.exe
    C:\Program Files\Internet Download Manager\IDMan.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Users\ika\AppData\Roaming\Maxis Broadband\ouc.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Internet Download Manager\IEMonitor.exe
    C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
    C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
    C:\ProgramData\DatacardService\DCSHelper.exe
    C:\Program Files\Globe Broadband\Globe Broadband.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe
    C:\Users\ika\Desktop\New folder (2)\HijackThis.exe
    C:\Program Files\Google\Chrome\Application\chrome.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
    O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe
    O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
    O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files\CyberLink\YouCam\YouCamService.exe" /s
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
    O4 - HKCU\..\Run: [EPSON TX121 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGGI.EXE /FU "C:\Windows\TEMP\E_S588B.tmp" /EF "HKCU"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [HW_OPENEYE_OUC_Maxis Broadband] "C:\Program Files\Maxis Broadband\UpdateDog\ouc.exe"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: Bluetooth.lnk = ?
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O17 - HKLM\System\CCS\Services\Tcpip\..\{CCF07BEC-63F4-4257-AB20-FB8A5CCBEB39}: NameServer = 58.71.136.10 58.71.132.10
    O17 - HKLM\System\CCS\Services\Tcpip\..\{EBAAE6FB-9DC7-45B3-859A-04EE7533718C}: NameServer = 58.71.136.10 58.71.132.10
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\aestsrv.exe
    O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bluetooth Driver Management Service (BcmBtRSupport) - Broadcom Corporation. - C:\Windows\system32\BtwRSupportService.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
    O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Bitdefender Antivirus Free Edition (gzserv) - Bitdefender - C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
    O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: KMService - Unknown owner - C:\Windows\system32\srvany.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\STacSV.exe
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

    --
    End of file - 11310 bytes

  2. #2
    Member
    Join Date
    Oct 2013
    Posts
    9
    Points
    0

    Default

    where should i download hijackthis????

  3. #3
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi kaka,

    Welcome to Help2Go!

    I do apologize for the delay. Could you please elaborate upon what troubles you are experiencing?

    Not to worry about the HJT. The one you posted above is just fine. At this time I would like for you to provide logs from an OTL scan. It will take a bit of time to review the 2 logs requested.

    We are all volunteers that have full time careers, families, etc., so your patience will be necessary. I will do the best I can to provide a solution for your troubles as readily as possible.

    Please download OTL to your Desktop
    • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
    • Make sure all other windows are closed and to let it run uninterrupted.
    • Click the Scan All Users checkbox
      and
    • Check the option for All under the Extra Registry section
    • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic

    • OTL.txt <-- Will be opened, maximized
    • Extras.txt <-- Will be minimized on task bar.

    Please post the contents of both OTL.txt and Extras.txt files in your next reply.

    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  4. #4
    Member
    Join Date
    Oct 2013
    Posts
    9
    Points
    0

    Default

    hello Donna,
    its okay. .btw,thanks for replying. .

    my brother-in-law already format my laptop. .but right after few days(right after my sister used it and updated windows,install some programs and so on),my cpu usage always reach 100% slow down the laptop. .i feel glad you can help me. .

    OTL logfile created on: 23/10/2013 9:29:41 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ika\Desktop
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16686)
    Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

    1.93 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.95% Memory free
    3.86 Gb Paging File | 2.49 Gb Available in Paging File | 64.45% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 280.96 Gb Total Space | 64.29 Gb Free Space | 22.88% Space Free | Partition Type: NTFS
    Drive D: | 16.93 Gb Total Space | 2.70 Gb Free Space | 15.94% Space Free | Partition Type: NTFS
    Drive E: | 99.34 Mb Total Space | 95.23 Mb Free Space | 95.87% Space Free | Partition Type: FAT32

    Computer Name: IKA-PC | User Name: ika | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - [2013/10/23 09:15:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ika\Desktop\OTL.exe
    PRC - [2013/10/20 10:53:19 | 003,567,800 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
    PRC - [2013/10/17 09:00:52 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    PRC - [2013/10/13 02:22:00 | 000,237,960 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe
    PRC - [2013/10/11 06:54:56 | 005,707,544 | ---- | M] (SUPERAntiSpyware) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    PRC - [2013/10/11 06:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
    PRC - [2013/08/26 14:00:22 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
    PRC - [2013/08/09 20:02:12 | 001,678,040 | ---- | M] (Broadcom Corporation.) -- C:\Windows\System32\BtwRSupportService.exe
    PRC - [2013/08/06 20:05:44 | 003,665,488 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IDMan.exe
    PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
    PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    PRC - [2012/12/12 21:44:48 | 000,268,248 | ---- | M] (Tonec Inc.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe
    PRC - [2012/11/30 10:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
    PRC - [2012/06/28 23:40:52 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
    PRC - [2011/11/29 09:53:03 | 000,255,208 | ---- | M] (CyberLink Corp.) -- C:\Program Files\CyberLink\YouCam\YouCamService.exe
    PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    PRC - [2011/03/28 17:06:24 | 000,311,352 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe
    PRC - [2011/02/25 13:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
    PRC - [2010/11/16 21:37:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
    PRC - [2010/11/16 21:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
    PRC - [2010/03/09 23:54:30 | 000,372,736 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
    PRC - [2010/03/09 23:53:58 | 000,172,032 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
    PRC - [2010/03/09 12:05:58 | 000,828,704 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    PRC - [2010/03/09 12:05:58 | 000,628,000 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
    PRC - [2009/10/20 23:35:26 | 000,495,708 | ---- | M] (IDT, Inc.) -- C:\Program Files\IDT\WDM\sttray.exe
    PRC - [2009/10/20 23:35:26 | 000,221,266 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\stacsv.exe
    PRC - [2009/09/30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    PRC - [2009/09/30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    PRC - [2009/08/07 05:29:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    PRC - [2009/08/07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    PRC - [2009/07/27 16:54:14 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\ika\AppData\Roaming\Maxis Broadband\ouc.exe
    PRC - [2009/03/03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\AEstSrv.exe


    ========== Modules (No Company Name) ==========

    MOD - [2013/10/17 09:01:01 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
    MOD - [2013/08/28 22:14:35 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9e2a2e59a234dbd1dac0d34eed135b8b\System.Management.ni.dll
    MOD - [2013/08/28 22:13:02 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\869523b43080bd707966444972bc8eef\System.Windows.Forms.ni.dll
    MOD - [2013/08/28 22:12:45 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ef9c62e7806b5f461a762709e3f531e\System.Drawing.ni.dll
    MOD - [2013/08/28 22:12:19 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\20e3bd99d0fc9364e2a3a091d48786cd\System.Xml.ni.dll
    MOD - [2013/08/28 22:12:16 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5ff08b75e9d6b5a898c6fe35bba608fb\System.Configuration.ni.dll
    MOD - [2013/08/28 22:12:13 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\98707c4b7b8ecf87ae85618de04564c9\System.ni.dll
    MOD - [2013/08/28 22:12:04 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\bb95b73d99bc2f61c750b3fa46f4f5a1\mscorlib.ni.dll
    MOD - [2011/10/26 17:41:20 | 000,305,664 | ---- | M] () -- C:\Program Files\TeraCopy\TeraCopyExt.dll
    MOD - [2010/08/16 13:21:30 | 007,745,536 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
    MOD - [2010/08/16 13:21:30 | 002,121,728 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
    MOD - [2010/08/16 13:21:30 | 000,135,168 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
    MOD - [2010/03/09 12:06:06 | 000,132,384 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
    MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll


    ========== Services (SafeList) ==========

    SRV - [2013/10/17 09:00:52 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
    SRV - [2013/10/12 16:50:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
    SRV - [2013/10/11 06:54:44 | 000,120,088 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
    SRV - [2013/10/09 00:58:42 | 000,118,680 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
    SRV - [2013/08/30 20:12:25 | 000,054,424 | ---- | M] (Bitdefender) [Auto | Stopped] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
    SRV - [2013/08/26 14:06:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
    SRV - [2013/08/25 22:23:43 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
    SRV - [2013/08/09 20:02:12 | 001,678,040 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Windows\System32\BtwRSupportService.exe -- (BcmBtRSupport)
    SRV - [2013/05/27 12:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
    SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
    SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
    SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
    SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
    SRV - [2010/11/16 21:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
    SRV - [2010/03/09 23:53:58 | 000,172,032 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
    SRV - [2010/03/09 12:05:58 | 000,628,000 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
    SRV - [2010/01/21 17:51:12 | 030,963,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
    SRV - [2009/10/20 23:35:26 | 000,221,266 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\stacsv.exe -- (STacSV)
    SRV - [2009/09/30 20:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
    SRV - [2009/09/30 20:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
    SRV - [2009/08/07 05:29:36 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
    SRV - [2009/07/14 09:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
    SRV - [2009/07/14 09:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
    SRV - [2009/03/03 02:43:08 | 000,081,920 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_94cb740f1febe83e\AEstSrv.exe -- (AESTFilters)


    ========== Driver Services (SafeList) ==========

    DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\RTSTOR.SYS -- (RTSTOR)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\rtl8187.sys -- (RTL8187)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbfake.sys -- (hwusbfake)
    DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbnet.sys -- (ewusbnet)
    DRV - [2013/10/17 09:01:11 | 000,774,392 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
    DRV - [2013/10/17 09:01:11 | 000,403,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
    DRV - [2013/10/17 09:01:11 | 000,178,304 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
    DRV - [2013/10/17 09:01:11 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
    DRV - [2013/10/17 09:01:11 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
    DRV - [2013/10/17 09:01:11 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
    DRV - [2013/10/17 09:01:11 | 000,035,656 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
    DRV - [2013/10/17 09:01:10 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
    DRV - [2013/08/09 20:02:12 | 000,174,936 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcbtums.sys -- (bcbtums)
    DRV - [2013/06/27 17:57:42 | 000,104,928 | ---- | M] (Tonec Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\idmwfp.sys -- (IDMWFP)
    DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
    DRV - [2013/04/22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
    DRV - [2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
    DRV - [2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
    DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
    DRV - [2012/08/23 22:46:55 | 000,024,064 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)
    DRV - [2012/08/23 22:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
    DRV - [2012/08/23 22:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
    DRV - [2012/08/23 22:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
    DRV - [2012/06/20 09:43:02 | 002,957,312 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
    DRV - [2011/07/23 00:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
    DRV - [2011/07/13 05:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
    DRV - [2011/04/14 11:47:40 | 000,027,760 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
    DRV - [2011/01/30 18:19:02 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
    DRV - [2010/12/24 11:48:26 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
    DRV - [2010/12/23 09:46:46 | 000,353,280 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbwwan.sys -- (ewusbmbb)
    DRV - [2010/11/21 05:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
    DRV - [2010/11/21 05:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
    DRV - [2010/11/21 05:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
    DRV - [2010/11/21 05:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)
    DRV - [2010/11/21 05:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
    DRV - [2010/11/21 05:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
    DRV - [2010/11/21 05:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
    DRV - [2010/11/21 05:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
    DRV - [2010/11/21 05:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
    DRV - [2010/07/27 09:52:02 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
    DRV - [2010/03/10 00:03:24 | 005,341,696 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
    DRV - [2010/03/09 22:38:04 | 000,152,064 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
    DRV - [2010/02/25 15:18:58 | 000,015,872 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
    DRV - [2010/01/28 10:33:30 | 000,100,352 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
    DRV - [2009/12/30 11:21:18 | 000,027,192 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\revoflt.sys -- (Revoflt)
    DRV - [2009/11/12 12:06:48 | 000,150,048 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsPStor.sys -- (RSPCIESTOR)
    DRV - [2009/11/12 12:06:34 | 000,181,792 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
    DRV - [2009/10/20 23:35:26 | 000,420,352 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
    DRV - [2009/10/12 19:00:00 | 000,125,056 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
    DRV - [2009/09/17 12:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI)
    DRV - [2009/07/14 07:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
    DRV - [2009/05/12 18:35:40 | 000,203,824 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


    IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



    IE - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
    IE - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: mozilla_cc%40internetdownloadmanager.com:7.3.57
    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
    FF - user.js - File not found

    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2013/10/17 09:01:21 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\ika\AppData\Roaming\IDM\idmmzcc5 [2013/08/25 23:16:30 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
    FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\ika\AppData\Roaming\IDM\idmmzcc5 [2013/08/25 23:16:30 | 000,000,000 | ---D | M]

    [2013/08/25 23:23:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ika\AppData\Roaming\mozilla\Extensions
    [2013/10/01 01:19:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ika\AppData\Roaming\mozilla\Firefox\Profiles\xhnc8din.default\extensions
    [2013/10/09 00:57:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
    [2013/10/09 00:59:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
    [2013/10/09 00:59:06 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2013/08/25 23:16:30 | 000,000,000 | ---D | M] (IDM CC) -- C:\USERS\IKA\APPDATA\ROAMING\IDM\IDMMZCC5

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{googlemniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{googleageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
    CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
    CHR - Extension: HP Product Detection Plugin = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.28.1_0\
    CHR - Extension: Google Docs = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: avast! Online Security = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
    CHR - Extension: IDM Integration Module = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
    CHR - Extension: Chrome In-App Payments service = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
    CHR - Extension: Gmail = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2009/06/11 05:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
    O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
    O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
    O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
    O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
    O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
    O4 - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray.exe (IDT, Inc.)
    O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
    O4 - HKLM..\Run: [YouCam Service] C:\Program Files\CyberLink\YouCam\YouCamService.exe (CyberLink Corp.)
    O4 - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000..\Run: [EPSON TX121 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIGGI.EXE (SEIKO EPSON CORPORATION)
    O4 - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000..\Run: [HW_OPENEYE_OUC_Maxis Broadband] C:\Program Files\Maxis Broadband\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)
    O4 - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
    O4 - HKU\S-1-5-21-1207086668-3793566029-2513089660-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
    O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
    O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
    O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
    O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.7.12
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCF07BEC-63F4-4257-AB20-FB8A5CCBEB39}: NameServer = 58.71.136.10 58.71.132.10
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FFACDA4E-85E7-4AC8-8967-788487EAE616}: DhcpNameServer = 10.0.7.12
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
    O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O32 - AutoRun File - [2009/06/11 05:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
    O33 - MountPoints2\{19f09c27-3491-11e3-be37-0027137457f0}\Shell - "" = AutoRun
    O33 - MountPoints2\{19f09c27-3491-11e3-be37-0027137457f0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{19f09c54-3491-11e3-be37-0027137457f0}\Shell - "" = AutoRun
    O33 - MountPoints2\{19f09c54-3491-11e3-be37-0027137457f0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{2a09a685-365e-11e3-a1f9-0027137457f0}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a09a685-365e-11e3-a1f9-0027137457f0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{2a09a690-365e-11e3-a1f9-0027137457f0}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a09a690-365e-11e3-a1f9-0027137457f0}\Shell\AutoRun\command - "" = I:\AutoRun.exe
    O33 - MountPoints2\{2a09a6a6-365e-11e3-a1f9-001e101f3315}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a09a6a6-365e-11e3-a1f9-001e101f3315}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{2a09a6ac-365e-11e3-a1f9-001e101f3315}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a09a6ac-365e-11e3-a1f9-001e101f3315}\Shell\AutoRun\command - "" = I:\AutoRun.exe
    O33 - MountPoints2\{2a09a6d1-365e-11e3-a1f9-001e101f3315}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a09a6d1-365e-11e3-a1f9-001e101f3315}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{2a09a6fc-365e-11e3-a1f9-001e101f3315}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a09a6fc-365e-11e3-a1f9-001e101f3315}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\{2a09a721-365e-11e3-a1f9-001e101f3315}\Shell - "" = AutoRun
    O33 - MountPoints2\{2a09a721-365e-11e3-a1f9-001e101f3315}\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O33 - MountPoints2\G\Shell - "" = AutoRun
    O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37 - HKLM\...com [@ = comfile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/10/23 09:28:16 | 000,000,000 | ---D | C] -- C:\Users\ika\Desktop\cpu usage reach 100%_files
    [2013/10/23 09:15:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\ika\Desktop\OTL.exe
    [2013/10/17 16:25:08 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\ika\Desktop\HijackThis.exe
    [2013/10/17 10:17:26 | 000,000,000 | ---D | C] -- C:\Users\ika\Desktop\New folder (2)
    [2013/10/17 09:10:19 | 000,000,000 | ---D | C] -- C:\Users\ika\AppData\Roaming\AVAST Software
    [2013/10/17 09:04:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
    [2013/10/17 09:01:34 | 000,403,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2013/10/17 09:01:34 | 000,057,672 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/10/17 09:01:33 | 000,774,392 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/10/17 09:01:33 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
    [2013/10/17 09:01:33 | 000,070,384 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/10/17 09:01:33 | 000,035,656 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/10/17 09:01:29 | 000,269,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/10/17 09:01:08 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/10/17 08:56:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
    [2013/10/16 23:44:43 | 000,000,000 | ---D | C] -- C:\Users\ika\AppData\Roaming\Maxis Broadband
    [2013/10/16 21:26:57 | 000,000,000 | ---D | C] -- C:\Users\ika\AppData\Roaming\Malwarebytes
    [2013/10/16 21:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/10/16 21:25:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
    [2013/10/16 21:23:56 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
    [2013/10/16 21:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
    [2013/10/16 20:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxis Broadband
    [2013/10/16 20:30:13 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01007.dll
    [2013/10/16 20:30:13 | 001,112,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
    [2013/10/16 20:30:13 | 000,861,696 | ---- | C] (DiBcom SA) -- C:\Windows\System32\drivers\mod7700.sys
    [2013/10/16 20:30:13 | 000,353,280 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbwwan.sys
    [2013/10/16 20:30:13 | 000,193,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
    [2013/10/16 20:30:13 | 000,181,760 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juwwanecm.sys
    [2013/10/16 20:30:13 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwusbdev.sys
    [2013/10/16 20:30:13 | 000,090,112 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcacm.sys
    [2013/10/16 20:30:13 | 000,073,216 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jubusenum.sys
    [2013/10/16 20:30:13 | 000,064,384 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_jucdcecm.sys
    [2013/10/16 20:30:13 | 000,026,624 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_juextctrl.sys
    [2013/10/16 20:30:13 | 000,025,856 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\System32\drivers\ewdcsc.sys
    [2013/10/16 20:30:13 | 000,019,200 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_hwupgrade.sys
    [2013/10/16 20:30:13 | 000,011,136 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ew_usbenumfilter.sys
    [2013/10/16 20:29:49 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis Broadband
    [2013/10/16 20:29:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DatacardService
    [2013/10/14 14:42:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Globe Broadband
    [2013/10/14 14:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Globe Broadband
    [2013/10/14 13:32:36 | 000,000,000 | ---D | C] -- C:\Users\ika\AppData\Local\Microsoft Games
    [2013/10/13 03:47:24 | 000,000,000 | ---D | C] -- C:\Users\ika\Desktop\Help2Go Forums - How to Start Removing Viruses and Spyware from your Computer_files
    [2013/10/13 02:42:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERSetup
    [2013/10/13 02:42:04 | 000,000,000 | ---D | C] -- C:\Users\ika\AppData\Roaming\SUPERAntiSpyware.com
    [2013/10/13 02:41:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    [2013/10/13 02:40:41 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
    [2013/10/13 02:40:41 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
    [2013/10/09 00:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
    [2013/10/07 21:27:28 | 000,000,000 | ---D | C] -- C:\Users\ika\Desktop\attachments_2013_10_07_2
    [2013/10/01 00:04:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
    [2013/09/30 23:54:26 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
    [2013/09/30 23:54:23 | 000,093,696 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FLBGGI.DLL
    [2013/09/30 23:54:22 | 000,063,488 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_FD4BGGI.DLL
    [2013/09/30 23:54:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
    [2013/09/30 23:53:59 | 000,341,504 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esw2ud.dll
    [2013/09/30 23:53:59 | 000,128,392 | ---- | C] (Seiko Epson Corporation) -- C:\Windows\System32\esdevapp.exe
    [2013/09/30 23:53:59 | 000,015,872 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escdev.dll
    [2013/09/25 00:42:00 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
    [2013/09/25 00:41:42 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
    [2013/09/25 00:41:30 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
    [2013/09/25 00:41:29 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
    [2013/09/25 00:41:19 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
    [2013/09/25 00:41:06 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
    [2013/09/25 00:41:05 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
    [2013/09/25 00:41:05 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
    [2013/09/25 00:41:04 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
    [2013/09/25 00:41:04 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
    [2013/09/25 00:15:57 | 000,792,704 | ---- | C] (AMD) -- C:\Users\ika\Desktop\amddriverdownloader.exe
    [2010/03/18 13:09:08 | 000,902,432 | ---- | C] (Broadcom Corporation.) -- C:\Program Files\Setup.exe

    ========== Files - Modified Within 30 Days ==========

    [2013/10/23 10:27:48 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/10/23 09:46:16 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/10/23 09:28:16 | 000,048,760 | ---- | M] () -- C:\Users\ika\Desktop\cpu usage reach 100%.htm
    [2013/10/23 09:15:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ika\Desktop\OTL.exe
    [2013/10/23 02:27:16 | 000,000,876 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/10/23 01:12:30 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/10/23 01:12:30 | 000,021,280 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/10/23 01:10:38 | 001,494,046 | ---- | M] () -- C:\Windows\System32\perfh009.dat
    [2013/10/23 01:10:38 | 001,277,774 | ---- | M] () -- C:\Windows\System32\perfh012.dat
    [2013/10/23 01:10:38 | 001,266,556 | ---- | M] () -- C:\Windows\System32\perfh011.dat
    [2013/10/23 01:10:38 | 000,546,778 | ---- | M] () -- C:\Windows\System32\perfc011.dat
    [2013/10/23 01:10:38 | 000,546,778 | ---- | M] () -- C:\Windows\System32\perfc009.dat
    [2013/10/23 01:10:38 | 000,545,066 | ---- | M] () -- C:\Windows\System32\perfc012.dat
    [2013/10/23 00:59:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/10/23 00:59:49 | 1553,035,264 | -HS- | M] () -- C:\hiberfil.sys
    [2013/10/22 03:28:49 | 000,000,312 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForika.job
    [2013/10/17 16:25:16 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\ika\Desktop\HijackThis.exe
    [2013/10/17 09:01:11 | 000,774,392 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
    [2013/10/17 09:01:11 | 000,403,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
    [2013/10/17 09:01:11 | 000,178,304 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/10/17 09:01:11 | 000,070,384 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
    [2013/10/17 09:01:11 | 000,057,672 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
    [2013/10/17 09:01:11 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/10/17 09:01:11 | 000,035,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
    [2013/10/17 09:01:10 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
    [2013/10/17 09:01:08 | 000,269,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
    [2013/10/17 09:01:08 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
    [2013/10/16 20:30:26 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
    [2013/10/14 14:42:06 | 000,001,053 | ---- | M] () -- C:\Users\Public\Desktop\Globe Broadband.lnk
    [2013/10/13 03:50:04 | 000,027,286 | ---- | M] () -- C:\Users\ika\Desktop\Help2Go Forums - How to Start Removing Viruses and Spyware from your Computer.htm
    [2013/10/13 02:24:43 | 000,007,598 | ---- | M] () -- C:\Users\ika\AppData\Local\Resmon.ResmonCfg
    [2013/10/12 16:50:43 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
    [2013/10/12 16:50:43 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
    [2013/10/07 15:07:34 | 000,003,496 | ---- | M] () -- C:\ProgramData\1381129654.bdinstall.bin
    [2013/09/25 00:16:13 | 000,792,704 | ---- | M] (AMD) -- C:\Users\ika\Desktop\amddriverdownloader.exe

    ========== Files Created - No Company Name ==========

    [2013/10/23 09:28:09 | 000,048,760 | ---- | C] () -- C:\Users\ika\Desktop\cpu usage reach 100%.htm
    [2013/10/17 09:01:34 | 000,178,304 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
    [2013/10/17 09:01:34 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
    [2013/10/16 20:30:26 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ew_jubusenum_01007.Wdf
    [2013/10/14 14:42:06 | 000,001,053 | ---- | C] () -- C:\Users\Public\Desktop\Globe Broadband.lnk
    [2013/10/13 03:49:26 | 000,027,286 | ---- | C] () -- C:\Users\ika\Desktop\Help2Go Forums - How to Start Removing Viruses and Spyware from your Computer.htm
    [2013/10/07 15:07:34 | 000,003,496 | ---- | C] () -- C:\ProgramData\1381129654.bdinstall.bin
    [2013/09/27 02:33:52 | 000,000,312 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForika.job
    [2013/09/20 04:04:46 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379621086.bdinstall.bin
    [2013/09/20 04:03:51 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379621031.bdinstall.bin
    [2013/09/20 04:03:48 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379621028.bdinstall.bin
    [2013/09/20 03:56:57 | 000,003,495 | ---- | C] () -- C:\ProgramData\1379620617.bdinstall.bin
    [2013/09/20 03:56:50 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379620610.bdinstall.bin
    [2013/09/20 03:55:27 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379620527.bdinstall.bin
    [2013/09/19 20:11:38 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379592698.bdinstall.bin
    [2013/09/19 20:10:11 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379592611.bdinstall.bin
    [2013/09/19 20:09:13 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379592553.bdinstall.bin
    [2013/09/19 20:08:49 | 000,003,496 | ---- | C] () -- C:\ProgramData\1379592529.bdinstall.bin
    [2013/09/10 20:44:36 | 000,080,449 | ---- | C] () -- C:\ProgramData\1378816920.bdinstall.bin
    [2013/09/10 20:41:53 | 000,022,759 | ---- | C] () -- C:\ProgramData\1378816854.bdinstall.bin
    [2013/09/10 19:29:21 | 000,002,104 | ---- | C] () -- C:\ProgramData\1378812559.1852.bin
    [2013/09/10 19:29:21 | 000,000,335 | ---- | C] () -- C:\ProgramData\1378812559.2384.bin
    [2013/09/10 19:29:19 | 000,022,758 | ---- | C] () -- C:\ProgramData\1378812556.bdinstall.bin
    [2013/09/10 19:29:19 | 000,022,429 | ---- | C] () -- C:\ProgramData\1378812559.4196.bin
    [2013/09/09 02:46:09 | 000,007,598 | ---- | C] () -- C:\Users\ika\AppData\Local\Resmon.ResmonCfg
    [2013/09/03 01:50:59 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
    [2013/09/02 21:40:38 | 001,277,774 | ---- | C] () -- C:\Windows\System32\perfh012.dat
    [2013/09/02 21:40:38 | 000,545,066 | ---- | C] () -- C:\Windows\System32\perfc012.dat
    [2013/09/02 21:40:38 | 000,157,694 | ---- | C] () -- C:\Windows\System32\perfi012.dat
    [2013/09/02 21:40:38 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd012.dat
    [2013/09/02 21:33:08 | 001,266,556 | ---- | C] () -- C:\Windows\System32\perfh011.dat
    [2013/09/02 21:33:08 | 000,546,778 | ---- | C] () -- C:\Windows\System32\perfc011.dat
    [2013/09/02 21:33:08 | 000,141,988 | ---- | C] () -- C:\Windows\System32\perfi011.dat
    [2013/09/02 21:33:08 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd011.dat
    [2013/08/28 21:13:43 | 000,198,697 | ---- | C] () -- C:\ProgramData\1377695481.bdinstall.bin
    [2013/08/25 23:23:29 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\lagarith.dll
    [2013/08/25 23:23:28 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
    [2013/08/25 23:23:28 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
    [2013/08/25 23:23:26 | 000,112,640 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
    [2013/08/25 23:00:51 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
    [2013/08/25 22:24:08 | 000,008,192 | ---- | C] () -- C:\Windows\System32\srvany.exe
    [2013/08/25 22:10:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
    [2013/08/25 22:05:19 | 000,001,105 | ---- | C] () -- C:\Windows\System32\atipblup.dat
    [2010/03/18 13:09:08 | 000,000,176 | ---- | C] () -- C:\Program Files\license.dat
    [2010/03/18 13:09:06 | 000,000,052 | ---- | C] () -- C:\Program Files\Autorun.inf

    ========== ZeroAccess Check ==========

    [2009/07/14 12:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 12:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
    "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 09:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    < End of report >

    OTL Extras logfile created on: 23/10/2013 9:29:41 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ika\Desktop
    Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16686)
    Locale: 00004409 | Country: Malaysia | Language: ENM | Date Format: d/M/yyyy

    1.93 Gb Total Physical Memory | 1.10 Gb Available Physical Memory | 56.95% Memory free
    3.86 Gb Paging File | 2.49 Gb Available in Paging File | 64.45% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
    Drive C: | 280.96 Gb Total Space | 64.29 Gb Free Space | 22.88% Space Free | Partition Type: NTFS
    Drive D: | 16.93 Gb Total Space | 2.70 Gb Free Space | 15.94% Space Free | Partition Type: NTFS
    Drive E: | 99.34 Mb Total Space | 95.23 Mb Free Space | 95.87% Space Free | Partition Type: FAT32

    Computer Name: IKA-PC | User Name: ika | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: All users
    Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

    ========== Extra Registry (All) ==========


    ========== File Associations ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
    .bat [@ = batfile] -- "%1" %*
    .chm [@ = chm.file] -- C:\Windows\hh.exe (Microsoft Corporation)
    .cmd [@ = cmdfile] -- "%1" %*
    .com [@ = comfile] -- "%1" %*
    .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
    .exe [@ = exefile] -- "%1" %*
    .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
    .hta [@ = htafile] -- C:\Windows\System32\mshta.exe (Microsoft Corporation)
    .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
    .inf [@ = inffile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .ini [@ = inifile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .url [@ = InternetShortcut] -- C:\Windows\System32\rundll32.exe (Microsoft Corporation)
    .js [@ = JSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .jse [@ = JSEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .pif [@ = piffile] -- "%1" %*
    .reg [@ = regfile] -- C:\Windows\regedit.exe (Microsoft Corporation)
    .scr [@ = scrfile] -- "%1" /S
    .txt [@ = txtfile] -- C:\Windows\System32\NOTEPAD.EXE (Microsoft Corporation)
    .vbe [@ = VBEFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .vbs [@ = VBSFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsf [@ = WSFFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)
    .wsh [@ = WSHFile] -- C:\Windows\System32\WScript.exe (Microsoft Corporation)

    [HKEY_USERS\S-1-5-21-1207086668-3793566029-2513089660-1000\SOFTWARE\Classes\<extension>]
    .html [@ = ChromeHTML] -- Reg Error: Key error. File not found

    ========== Shell Spawning ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
    batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    batfile [open] -- "%1" %*
    batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    chm.file [open] -- "%SystemRoot%\hh.exe" %1 (Microsoft Corporation)
    cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
    cmdfile [open] -- "%1" %*
    cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    comfile [open] -- "%1" %*
    cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
    exefile [open] -- "%1" %*
    helpfile [open] -- Reg Error: Key error.
    hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
    htafile [open] -- C:\Windows\System32\mshta.exe "%1" %* (Microsoft Corporation)
    htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
    htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
    http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
    inffile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inffile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    inifile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    inifile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
    InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
    jsfile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsfile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsfile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    jsefile [edit] -- C:\Windows\System32\Notepad.exe %1 (Microsoft Corporation)
    jsefile [open] -- C:\Windows\System32\WScript.exe "%1" %* (Microsoft Corporation)
    jsefile [print] -- C:\Windows\System32\Notepad.exe /p %1 (Microsoft Corporation)
    piffile [open] -- "%1" %*
    regfile [edit] -- %SystemRoot%\system32\notepad.exe "%1" (Microsoft Corporation)
    regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
    regfile [merge] -- Reg Error: Key error.
    regfile [print] -- %SystemRoot%\system32\notepad.exe /p "%1" (Microsoft Corporation)
    scrfile [config] -- "%1"
    scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
    scrfile [open] -- "%1" /S
    txtfile [edit] -- Reg Error: Key error.
    txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
    txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
    txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
    vbefile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbefile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbefile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    vbsfile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    vbsfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    vbsfile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wsffile [edit] -- "%SystemRoot%\System32\Notepad.exe" %1 (Microsoft Corporation)
    wsffile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    wsffile [print] -- "%SystemRoot%\System32\Notepad.exe" /p %1 (Microsoft Corporation)
    wshfile [open] -- "%SystemRoot%\System32\WScript.exe" "%1" %* (Microsoft Corporation)
    Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
    Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
    Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
    Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
    Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
    Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Folder [explore] -- Reg Error: Value error.
    Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
    Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
    CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

    ========== Security Center Settings ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "cval" = 1

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
    "VistaSp1" = Reg Error: Unknown registry data type -- File not found
    "AntiVirusOverride" = 0
    "AntiSpywareOverride" = 0
    "FirewallOverride" = 0

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

    ========== Firewall Settings ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall" = 1
    "DisableNotifications" = 0

    ========== Authorized Applications List ==========


    ========== Vista Active Open Ports Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{2313047E-F5F0-4917-BC49-22396EF44445}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
    "{917F551C-3FF4-44C2-A0CE-6AC1AF28F26F}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
    "{9D358E7C-E902-43E0-9625-73F275218D07}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
    "{BC2645AE-EF79-4ED1-B392-1A8A6C59B4DA}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |

    ========== Vista Active Application Exception List ==========

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
    "{4F6DAB5A-612B-4940-A051-B31091207BA4}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{5C1A6046-FE21-4E5D-B9F7-6F57E5CE929B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "{A7B97D81-429F-4FC2-8F9B-15BB991238FB}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
    "{EB468596-8AF3-430B-A77F-71E88DF61795}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
    "TCP Query User{9275AD32-0463-415C-85A6-7FC82F8CFF0E}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
    "UDP Query User{869B9CEC-BD38-465F-BFF5-565B5271A4B4}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |

    ========== HKEY_LOCAL_MACHINE Uninstall List ==========

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
    "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
    "{08765EF8-FEC4-9FC6-8530-38EC5E4DBAC4}" = Catalyst Control Center Graphics Full Existing
    "{0B6A2C77-4E93-D8AF-042B-40C8A3FF41BC}" = CCC Help Spanish
    "{0FBED6DB-E71D-8137-BC84-80FAB656DA3B}" = CCC Help Russian
    "{1BC34153-6243-D4E1-DC4F-AE7221A913EA}" = CCC Help Danish
    "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    "{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
    "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
    "{2713C258-4E0B-42AA-85A8-26B2C3248529}" = Catalyst Control Center Localization All
    "{282F7561-A79E-59AB-7411-C4C6A416A509}" = Catalyst Control Center InstallProxy
    "{2E52CA71-6D51-4216-72B3-A9F554225976}" = CCC Help Turkish
    "{3407C9A7-D959-1C0A-96CE-3AFC79F6BBD3}" = CCC Help German
    "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
    "{35B48D14-28A7-0C4A-D787-234300803C67}" = CCC Help Italian
    "{3C22760C-B0DE-58A8-5CE9-D13E30BAF035}" = Catalyst Control Center Graphics Previews Common
    "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
    "{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
    "{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = Broadcom 2070 Bluetooth 3.0
    "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
    "{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
    "{54F509AE-D95C-13D7-E95F-CD4CD6E79A15}" = CCC Help Polish
    "{59B91D2D-EC72-59D4-8195-08642B19C31E}" = CCC Help English
    "{63300B27-ACB2-3940-609C-8929F496D057}" = CCC Help Greek
    "{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
    "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
    "{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1" = Revo Uninstaller Pro 3.0.7
    "{6887FAC6-98AD-1974-9314-DA4348DFA3EA}" = ccc-utility
    "{6F33D09C-BA18-D2B6-714A-D46804F2C4DD}" = CCC Help Korean
    "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
    "{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
    "{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
    "{71EBD6F5-61C3-0771-12DC-EE5FF0350E98}" = CCC Help Chinese Traditional
    "{7A52EBA7-C452-1C16-CF27-3FCA87DC29F3}" = CCC Help Chinese Standard
    "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
    "{8627E80E-FE1B-2EE3-0700-EC97C9CC5715}" = Catalyst Control Center Graphics Full New
    "{8814C42C-5FBF-4D81-546F-A7CBEBE65851}" = CCC Help Czech
    "{8AE8F493-D1FD-C0F3-9474-1BBAB2E47352}" = CCC Help French
    "{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
    "{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
    "{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
    "{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
    "{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
    "{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
    "{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
    "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
    "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
    "{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
    "{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
    "{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
    "{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
    "{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
    "{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
    "{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
    "{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
    "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
    "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB2.0&PCIE Card Reader
    "{98B6C108-6497-CB44-366E-8FB3987E14A9}" = CCC Help Finnish
    "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    "{9E06D0DD-2889-ADA8-59B3-7D86397C0035}" = CCC Help Hungarian
    "{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Touch Pad Driver
    "{A7E2C2C1-0B7C-D610-C84B-309D925337FE}" = CCC Help Thai
    "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
    "{ABBC39BF-E8BF-F218-6A91-88C7B113A3D4}" = Catalyst Control Center Graphics Light
    "{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.5
    "{B5258F26-8F6C-946F-434F-95F9EB19B191}" = CCC Help Norwegian
    "{BA9DD224-EF64-8FFD-C427-12B2B14BEED8}" = ccc-core-static
    "{C1A0D5F7-02F3-4D95-872A-0E56CF968DC6}" = Catalyst Control Center - Branding
    "{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
    "{C9B7C2B4-ED3D-1692-2476-FD9DE09F09EB}" = PX Profile Update
    "{C9F864EC-970E-A8CC-208F-53D4AA4FCA4D}" = CCC Help Swedish
    "{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
    "{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
    "{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
    "{ED3CC5D1-3EE9-F98C-3AF6-33139EB01ACD}" = Catalyst Control Center Graphics Previews Vista
    "{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
    "{EDE18E15-2F16-0C5B-E1A4-8C4A07FF2AC6}" = CCC Help Japanese
    "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
    "{F28E29DF-CD50-72BE-3E74-E66C6572FAAE}" = Catalyst Control Center Core Implementation
    "{F45A1248-D25D-3790-C851-7A9897673BCE}" = CCC Help Portuguese
    "{F7AD1EF2-2670-40C2-A541-939265AF2F18}_is1" = Privacy Eraser Pro
    "{F9A43C0C-F274-4EC0-B02E-202C15C09C00}" = HP Wireless Assistant
    "{F9C23DBD-FFD2-6E3A-E13B-17DC78D84A46}" = ATI Catalyst Install Manager
    "{FEE696B7-D8BF-7C13-CBF2-03BFB5049395}" = CCC Help Dutch
    "2 Fast Driver_is1" = 2 Fast Driver
    "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
    "AIDA64 Extreme Edition_is1" = AIDA64 Extreme Edition v2.20
    "Alex Gordon_is1" = Alex Gordon
    "Avast" = avast! Free Antivirus
    "Candyz_is1" = Candyz
    "EPSON Scanner" = EPSON Scan
    "EPSON TX121 Series" = EPSON TX121 Series Printer Uninstall
    "EPSON TX121 Series Manual" = EPSON TX121 Series Manual
    "Globe Broadband" = Globe Broadband
    "Google Chrome" = Google Chrome
    "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
    "InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
    "Internet Download Manager" = Internet Download Manager
    "Jewel Quest II_is1" = Jewel Quest II
    "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 9.7.5
    "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
    "Maxis Broadband" = Maxis Broadband
    "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
    "Mozilla Firefox 24.0 (x86 en-US)" = Mozilla Firefox 24.0 (x86 en-US)
    "MozillaMaintenanceService" = Mozilla Maintenance Service
    "Office14.PROPLUS" = Microsoft Office Professional Plus 2010
    "Pool 8 Balls_is1" = Pool 8 Balls
    "Rail of War_is1" = Rail of War
    "Rainbow Web 3_is1" = Rainbow Web 3
    "Rescue Team_is1" = Rescue Team
    "Royal Gems_is1" = Royal Gems
    "Star Defender 4_is1" = Star Defender 4
    "TeraCopy_is1" = TeraCopy 2.27
    "Winamp" = Winamp
    "WinRAR archiver" = WinRAR archiver
    "Winter Sports Extreme_is1" = Winter Sports Extreme
    "Xing Chess_is1" = Xing Chess

    ========== HKEY_USERS Uninstall List ==========

    [HKEY_USERS\S-1-5-21-1207086668-3793566029-2513089660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
    "Winamp Detect" = Winamp Detector Plug-in

    ========== Last 20 Event Log Errors ==========

    [ Application Events ]
    Error - 22/10/2013 12:37:48 PM | Computer Name = ika-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 22/10/2013 12:45:34 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
    Description = The performance strings in the Performance registry value is corrupted
    when process Performance extension counter provider. The BaseIndex value from the
    Performance registry is the first DWORD in the Data section, LastCounter value
    is the second DWORD in the Data section, and LastHelp value is the third DWORD in
    the Data section.

    Error - 22/10/2013 12:45:35 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
    Description = The performance strings in the Performance registry value is corrupted
    when process Performance extension counter provider. The BaseIndex value from the
    Performance registry is the first DWORD in the Data section, LastCounter value
    is the second DWORD in the Data section, and LastHelp value is the third DWORD in
    the Data section.

    Error - 22/10/2013 12:45:35 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
    Description = The performance strings in the Performance registry value is corrupted
    when process Performance extension counter provider. The BaseIndex value from the
    Performance registry is the first DWORD in the Data section, LastCounter value
    is the second DWORD in the Data section, and LastHelp value is the third DWORD in
    the Data section.

    Error - 22/10/2013 12:45:35 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
    Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
    failed. The first DWORD in the Data section contains the error code.

    Error - 22/10/2013 1:01:49 PM | Computer Name = ika-PC | Source = WinMgmt | ID = 10
    Description =

    Error - 22/10/2013 1:10:33 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
    Description = The performance strings in the Performance registry value is corrupted
    when process Performance extension counter provider. The BaseIndex value from the
    Performance registry is the first DWORD in the Data section, LastCounter value
    is the second DWORD in the Data section, and LastHelp value is the third DWORD in
    the Data section.

    Error - 22/10/2013 1:10:33 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
    Description = The performance strings in the Performance registry value is corrupted
    when process Performance extension counter provider. The BaseIndex value from the
    Performance registry is the first DWORD in the Data section, LastCounter value
    is the second DWORD in the Data section, and LastHelp value is the third DWORD in
    the Data section.

    Error - 22/10/2013 1:10:33 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
    Description = The performance strings in the Performance registry value is corrupted
    when process Performance extension counter provider. The BaseIndex value from the
    Performance registry is the first DWORD in the Data section, LastCounter value
    is the second DWORD in the Data section, and LastHelp value is the third DWORD in
    the Data section.

    Error - 22/10/2013 1:10:33 PM | Computer Name = ika-PC | Source = Microsoft-Windows-LoadPerf | ID = 3011
    Description = Unloading the performance counter strings for service WmiApRpl (WmiApRpl)
    failed. The first DWORD in the Data section contains the error code.

    [ System Events ]
    Error - 22/10/2013 1:00:14 PM | Computer Name = ika-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Bitdefender
    Antivirus Free Edition service to connect.

    Error - 22/10/2013 1:00:14 PM | Computer Name = ika-PC | Source = Service Control Manager | ID = 7000
    Description = The Bitdefender Antivirus Free Edition service failed to start due
    to the following error: %%1053

    Error - 22/10/2013 1:04:22 PM | Computer Name = ika-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Microsoft
    .NET Framework NGEN v4.0.30319_X86 service to connect.

    Error - 22/10/2013 1:04:55 PM | Computer Name = ika-PC | Source = DCOM | ID = 10005
    Description =

    Error - 22/10/2013 1:04:55 PM | Computer Name = ika-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the Com4QLBEx
    service to connect.

    Error - 22/10/2013 1:04:55 PM | Computer Name = ika-PC | Source = Service Control Manager | ID = 7000
    Description = The Com4QLBEx service failed to start due to the following error:
    %%1053

    Error - 22/10/2013 1:05:20 PM | Computer Name = ika-PC | Source = DCOM | ID = 10010
    Description =

    Error - 22/10/2013 1:05:39 PM | Computer Name = ika-PC | Source = DCOM | ID = 10010
    Description =

    Error - 22/10/2013 1:06:52 PM | Computer Name = ika-PC | Source = Service Control Manager | ID = 7009
    Description = A timeout was reached (30000 milliseconds) while waiting for the HP
    Support Assistant Service service to connect.

    Error - 22/10/2013 1:06:52 PM | Computer Name = ika-PC | Source = Service Control Manager | ID = 7000
    Description = The HP Support Assistant Service service failed to start due to the
    following error: %%1053


    < End of report >

  5. #5
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi kaka,

    Let's see if we can determine what is causing the high CPU usage. I wouldn't think it is an infection of any kind since the OS was reinstalled.

    Please download Process Explorer to your desktop.

    Right click on the .zip folder and choose extract all. The folder will open once extracted. Right click on [b]procexp (Application) and choose Run as administrator > Yes.

    In the menubar, click on View. In the drop down menu, click Select Columns... Under Process Image tab click Verified Signer, then click OK

    Next:

    Click on Options in the menubar, then Verify Image Signatures.

    Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

    Wait a minute then:

    Click on File > Save As.., choose Desktop as the place to save, then click Save button.

    Post the log in your next reply.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  6. #6
    Member
    Join Date
    Oct 2013
    Posts
    9
    Points
    0

    Default

    hi Donna,

    Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
    procexp.exe 16.60 26,892 K 41,656 K 2644 Sysinternals Process Explorer Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources (Verified) Microsoft Corporation
    chrome.exe 16.26 55,296 K 101,560 K 5504 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 15.90 41,740 K 70,588 K 5448 Google Chrome Google Inc. (Verified) Google Inc
    sidebar.exe 11.26 33,076 K 41,584 K 3964 Windows Desktop Gadgets Microsoft Corporation (Verified) Microsoft Windows
    dwm.exe 8.75 29,516 K 37,268 K 952 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
    chrome.exe 7.28 48,952 K 77,700 K 4880 Google Chrome Google Inc. (Verified) Google Inc
    Interrupts 3.82 0 K 0 K n/a Hardware Interrupts and DPCs
    svchost.exe 3.37 72,024 K 70,400 K 1172 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    System 2.38 72 K 12,536 K 4
    WmiPrvSE.exe 2.70 5,456 K 8,824 K 4392 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    csrss.exe 2.15 2,312 K 9,100 K 644 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1.66 17,664 K 25,024 K 1244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    explorer.exe 1.11 32,988 K 41,596 K 1524 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
    avastui.exe 0.76 19,860 K 17,324 K 3340 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
    ApntEx.exe 0.67 1,536 K 3,452 K 2648 Alps Pointing-device Driver for Windows NT/2000/XP/Vista Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
    svchost.exe 0.49 20,840 K 20,456 K 1552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    System Idle Process 0.97 0 K 24 K 0
    SearchIndexer.exe 0.43 27,756 K 16,968 K 5628 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
    chrome.exe 0.43 54,856 K 83,896 K 3052 Google Chrome Google Inc. (Verified) Google Inc
    LMS.exe 0.42 2,132 K 3,656 K 2436 Local Manageability Service Intel Corporation (Verified) Intel Corporation
    svchost.exe 0.35 3,548 K 6,136 K 820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.27 20,416 K 13,932 K 1120 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    stacsv.exe 0.24 11,356 K 5,528 K 1276 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
    Apoint.exe 0.22 2,652 K 6,176 K 2824 Alps Pointing-device Driver Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
    ApMsgFwd.exe 0.22 940 K 3,352 K 3036 ApMsgFwd Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
    mbamservice.exe 0.22 110,020 K 56,508 K 2508 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    chrome.exe 0.17 17,108 K 50,908 K 3500 Google Chrome Google Inc. (Verified) Google Inc
    svchost.exe 0.17 7,592 K 10,264 K 1220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    AvastSvc.exe 0.15 43,600 K 11,872 K 1712 avast! Service AVAST Software (Verified) AVAST Software a.s.
    lsass.exe 0.14 3,884 K 6,716 K 712 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
    SUPERAntiSpyware.exe 0.11 140,444 K 756 K 4048 SUPERAntiSpyware Application SUPERAntiSpyware (Verified) SUPERAntiSpyware.com
    chrome.exe 0.11 75,812 K 105,280 K 2836 Google Chrome Google Inc. (Verified) Google Inc
    taskhost.exe 0.08 11,152 K 9,900 K 560 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
    BTStackServer.exe 0.06 27,324 K 9,648 K 5800 Bluetooth Stack COM Server Broadcom Corporation. (Verified) Broadcom Corporation
    MOM.exe 0.06 24,820 K 3,852 K 5916 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
    UNS.exe 0.05 2,928 K 7,484 K 5724 User Notification Service Intel Corporation (Verified) Intel Corporation
    svchost.exe 0.05 25,856 K 26,296 K 1652 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    lsm.exe 0.04 1,564 K 2,896 K 720 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
    SASCore.exe 0.02 1,064 K 2,680 K 1972 Core Service SUPERAntiSpyware.com (Verified) SUPERAntiSpyware.com
    svchost.exe 0.02 3,904 K 5,772 K 5384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    SearchProtocolHost.exe 0.02 2,004 K 6,556 K 1804 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
    mbamgui.exe 0.02 2,716 K 5,500 K 2692 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    svchost.exe 0.01 3,796 K 5,712 K 996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    YouCamService.exe 0.01 5,124 K 10,208 K 3280 CyberLink YouCam Service CyberLink Corp. (Verified) CyberLink
    csrss.exe 0.01 1,720 K 3,692 K 548 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.01 1,364 K 3,696 K 3168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    CCC.exe 0.01 39,648 K 11,628 K 1756 Catalyst Control Centre: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
    svchost.exe 0.01 99,100 K 20,312 K 2780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    SearchFilterHost.exe 0.01 1,816 K 4,660 K 5924 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
    HPWAMain.exe 0.01 17,980 K 15,448 K 3128 HP Wireless Assistant Main Program Hewlett-Packard Company (Verified) Hewlett-Packard Company
    HPSA_Service.exe < 0.01 11,368 K 10,952 K 5852 HP Support Assistant Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
    WmiPrvSE.exe 2,328 K 4,808 K 4152 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
    winlogon.exe 2,212 K 4,384 K 908 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
    wininit.exe 1,136 K 3,028 K 636 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
    winampa.exe 916 K 3,128 K 2964 Winamp Agent Nullsoft, Inc. (No signature was present in the subject) Nullsoft, Inc.
    svchost.exe 1,876 K 4,000 K 1432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,160 K 3,684 K 2532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,848 K 3,572 K 3848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    sttray.exe 5,944 K 5,868 K 2660 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
    spoolsv.exe 5,032 K 6,660 K 2000 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
    smss.exe 324 K 840 K 384 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
    services.exe 5,512 K 6,724 K 692 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
    QLBCTRL.exe 2,220 K 7,352 K 2916 Quick Launch Buttons Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
    ouc.exe 336 K 1,544 K 2176 Online Update Clinet Huawei Technologies Co., Ltd. (No signature was present in the subject) Huawei Technologies Co., Ltd.
    msiexec.exe 7,488 K 15,368 K 404 Windows® installer Microsoft Corporation (Verified) Microsoft Windows
    mbamscheduler.exe 3,348 K 5,644 K 2468 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    LSSrvc.exe 1,004 K 3,000 K 2384 LightScribe Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
    LightScribeControlPanel.exe 5,616 K 6,260 K 3992 Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
    IEMonitor.exe 1,704 K 5,352 K 4576 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc. (Verified) Tonec Inc.
    IDMan.exe 8,404 K 14,356 K 3864 Internet Download Manager (IDM) Tonec Inc. (No signature was present in the subject) Tonec Inc.
    IAANTmon.exe 1,852 K 4,476 K 2580 RAID Monitor Intel Corporation (Verified) Intel Corporation
    IAAnotif.exe 2,032 K 4,836 K 2936 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
    HWDeviceService.exe 1,696 K 4,304 K 2288 DCSHOST (No signature was present in the subject)
    hpqWmiEx.exe 1,536 K 4,476 K 940 hpqwmiex Module Hewlett-Packard Company (Verified) Hewlett-Packard Company
    HpqToaster.exe 1,916 K 6,568 K 5544 HpqToaster Module (Verified) Hewlett-Packard Company
    HPDrvMntSvc.exe 712 K 2,524 K 2216 HP Quick Synchronization Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
    hpCaslNotification.exe 17,256 K 5,060 K 5072 hpCaslNotification Hewlett-Packard Development Company L.P. (Verified) Hewlett-Packard Company
    GoogleCrashHandler.exe 1,408 K 748 K 2336 Google Crash Handler Google Inc. (Verified) Google Inc
    DCSHelper.exe 1,336 K 4,684 K 2360 DataCardMonitor MFC Application Huawei Technologies Co., Ltd. (No signature was present in the subject) Huawei Technologies Co., Ltd.
    conhost.exe 1,016 K 3,392 K 4144 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
    Com4QLBEx.exe 960 K 3,540 K 5480 Com for QLB application Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
    chrome.exe 20,968 K 47,488 K 5884 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 4,428 K 40,616 K 5768 Google Chrome Google Inc. (Verified) Google Inc
    chrome.exe 15,260 K 43,928 K 3628 Google Chrome Google Inc. (Verified) Google Inc
    BtwRSupportService.exe 1,600 K 4,016 K 2104 Bluetooth Radio Management Support Broadcom Corporation. (Verified) Microsoft Windows Hardware Compatibility Publisher
    btwdins.exe 2,044 K 4,176 K 2140 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation
    BTTray.exe 6,364 K 8,344 K 3056 Bluetooth Tray Application Broadcom Corporation. (Verified) Broadcom Corporation
    atiesrxx.exe 880 K 2,924 K 1044 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
    atieclxx.exe 1,536 K 4,372 K 1692 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
    armsvc.exe 872 K 2,800 K 2052 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
    AEstSrv.exe 524 K 1,692 K 2072 Andrea filters APO access service (32-bit) Andrea Electronics Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
    thank you..

  7. #7
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Donna is away for a minute.

    If you close the chrome browser, does the high cpu usage go away?

  8. #8
    Member
    Join Date
    Oct 2013
    Posts
    9
    Points
    0

    Default

    yes,it may fall from 45-95%. .even though im not surf the internet,it may reach 100% and if i play the video,it can't be watch smoothly. .

  9. #9
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    So chrome is the problem then.

    Think you can follow the instructions Here

    I would take my time and read them, I also need to read them as I am somewhat unfamiliar with them and the chrome browser in general.

    You could also consider uninstalling and reinstalling the Chrome browser.

    CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
    CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
    CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
    CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\30.0.1599.101\pdf.dll
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
    CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
    CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
    CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll
    CHR - plugin: Java(TM) Platform SE 7 U25 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
    CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll
    CHR - plugin: Java Deployment Toolkit 7.0.250.17 (Enabled) = C:\Windows\system32\npDeployJava1.dll
    CHR - Extension: HP Product Detection Plugin = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.28.1_0\
    CHR - Extension: Google Docs = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
    CHR - Extension: YouTube = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
    CHR - Extension: avast! Online Security = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2005.45_0\
    CHR - Extension: IDM Integration Module = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn\6.17.7_0\
    CHR - Extension: Chrome In-App Payments service = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
    CHR - Extension: Gmail = C:\Users\ika\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
    You have a "lot" of plug- ins and extensions in Chrome. Anyone of them could cause issue, the link above that I gave you will help you.

    Personally I would uninstall Chrome and reinstall it.

    Read the link, make a decision and let us know.

    Joe

  10. #10
    Member
    Join Date
    Oct 2013
    Posts
    9
    Points
    0

    Default

    hello. .

    i choose to uninstall chrome. .is 50++% consider to be high cpu usage (without running any program)?i don't really know about the notebook,but i hope this would help you to analyze it. .

    Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
    procexp.exe 44.05 15,492 K 24,400 K 5124 (No signature was present in the subject)
    procexp.exe 19.46 17,996 K 26,428 K 5512 Sysinternals Process Explorer Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources (Verified) Microsoft Corporation
    sidebar.exe 12.15 32,920 K 49,228 K 3032 Windows Desktop Gadgets Microsoft Corporation (Verified) Microsoft Windows
    services.exe 4.89 5,836 K 7,092 K 680 (No signature was present in the subject)
    Interrupts 3.77 0 K 0 K n/a Hardware Interrupts and DPCs
    dwm.exe 3.77 28,684 K 35,864 K 1932 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
    csrss.exe 2.23 1,960 K 5,596 K 632 (No signature was present in the subject)
    mbamservice.exe 1.73 109,624 K 105,716 K 2604 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    System 2.20 52 K 592 K 4
    lsass.exe 1.05 4,976 K 7,828 K 704 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
    explorer.exe 0.83 27,216 K 36,184 K 1864 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.78 19,716 K 29,184 K 1248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    avastui.exe 0.56 14,928 K 12,516 K 2916 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
    svchost.exe 0.43 13,396 K 12,836 K 1644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    ApntEx.exe 0.41 1,540 K 4,192 K 6080 Alps Pointing-device Driver for Windows NT/2000/XP/Vista Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
    ApMsgFwd.exe 0.29 944 K 3,692 K 4804 (No signature was present in the subject)
    SUPERAntiSpyware.exe 0.22 140,200 K 824 K 3332 SUPERAntiSpyware Application SUPERAntiSpyware (Verified) SUPERAntiSpyware.com
    LMS.exe 0.19 2,236 K 3,600 K 2548 Local Manageability Service Intel Corporation (Verified) Intel Corporation
    AvastSvc.exe 0.17 39,468 K 2,520 K 1828 avast! Service AVAST Software (Verified) AVAST Software a.s.
    Apoint.exe 0.16 2,676 K 6,776 K 2300 Alps Pointing-device Driver Alps Electric Co., Ltd. (Verified) Microsoft Windows Hardware Compatibility Publisher
    BTStackServer.exe 0.13 27,572 K 17,600 K 4692 Bluetooth Stack COM Server Broadcom Corporation. (Verified) Broadcom Corporation
    svchost.exe 0.11 3,512 K 7,604 K 868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 0.08 3,568 K 6,240 K 996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    SearchIndexer.exe 0.04 26,628 K 16,628 K 5644 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
    csrss.exe 0.03 1,672 K 3,536 K 548 (No signature was present in the subject)
    SASCore.exe 0.02 1,060 K 2,836 K 2060 (No signature was present in the subject)
    svchost.exe 0.02 97,100 K 18,584 K 6136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    taskhost.exe 0.02 6,232 K 8,388 K 1820 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
    YouCamService.exe 0.01 5,088 K 9,748 K 2804 CyberLink YouCam Service CyberLink Corp. (Verified) CyberLink
    svchost.exe 0.01 7,144 K 11,712 K 1204 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    mbamgui.exe 0.01 2,676 K 5,384 K 2844 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    svchost.exe 0.01 63,152 K 66,084 K 1156 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    lsm.exe < 0.01 1,556 K 3,104 K 712 (No signature was present in the subject)
    stacsv.exe < 0.01 11,872 K 5,916 K 1288 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
    System Idle Process 0.46 0 K 24 K 0
    WmiPrvSE.exe 5,344 K 9,956 K 3020 (No signature was present in the subject)
    WmiPrvSE.exe 2,480 K 5,288 K 4052 (No signature was present in the subject)
    winlogon.exe 2,272 K 4,376 K 796 (No signature was present in the subject)
    wininit.exe 1,036 K 3,188 K 624 (No signature was present in the subject)
    winampa.exe 912 K 3,132 K 2624 Winamp Agent Nullsoft, Inc. (No signature was present in the subject) Nullsoft, Inc.
    svchost.exe 26,380 K 27,764 K 1736 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 15,028 K 13,876 K 1116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,368 K 3,708 K 4012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,856 K 4,512 K 2452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 4,572 K 7,656 K 2408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 2,080 K 4,144 K 1500 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    svchost.exe 1,152 K 3,752 K 2656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
    sttray.exe 5,944 K 6,160 K 2268 IDT PC Audio IDT, Inc. (Verified) Microsoft Windows Hardware Compatibility Publisher
    spoolsv.exe 5,040 K 7,160 K 556 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
    smss.exe 324 K 788 K 384 (No signature was present in the subject)
    QLBCTRL.exe 2,292 K 7,848 K 2364 Quick Launch Buttons Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
    ouc.exe 336 K 1,520 K 3496 Online Update Clinet Huawei Technologies Co., Ltd. (No signature was present in the subject) Huawei Technologies Co., Ltd.
    mbamscheduler.exe 2,068 K 3,808 K 2576 Malwarebytes Anti-Malware Malwarebytes Corporation (Verified) Malwarebytes Corporation
    LSSrvc.exe 988 K 2,892 K 2460 LightScribe Service Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
    LightScribeControlPanel.exe 5,616 K 4,760 K 3244 Hewlett-Packard Company (No signature was present in the subject) Hewlett-Packard Company
    jusched.exe 944 K 3,276 K 2692 Java(TM) Update Scheduler Oracle Corporation (Verified) Oracle America
    IEMonitor.exe 1,684 K 5,464 K 4644 Internet Download Manager agent for click monitoring in IE-based browsers Tonec Inc. (Verified) Tonec Inc.
    IDMan.exe 8,724 K 16,316 K 2980 Internet Download Manager (IDM) Tonec Inc. (No signature was present in the subject) Tonec Inc.
    IAANTmon.exe 1,872 K 4,432 K 2828 RAID Monitor Intel Corporation (Verified) Intel Corporation
    IAAnotif.exe 1,964 K 4,760 K 2476 Event Monitor User Notification Tool Intel Corporation (Verified) Intel Corporation
    HWDeviceService.exe 1,332 K 3,972 K 2356 DCSHOST (No signature was present in the subject)
    HPWAMain.exe 18,332 K 19,776 K 2740 HP Wireless Assistant Main Program Hewlett-Packard Company (Verified) Hewlett-Packard Company
    hpqWmiEx.exe 1,576 K 4,804 K 3704 hpqwmiex Module Hewlett-Packard Company (Verified) Hewlett-Packard Company
    HpqToaster.exe 1,920 K 7,348 K 5448 HpqToaster Module (Verified) Hewlett-Packard Company
    HPDrvMntSvc.exe 712 K 2,524 K 2276 HP Quick Synchronization Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
    hpCaslNotification.exe 15,704 K 5,188 K 5356 hpCaslNotification Hewlett-Packard Development Company L.P. (Verified) Hewlett-Packard Company
    DCSHelper.exe 1,336 K 4,640 K 2488 DataCardMonitor MFC Application Huawei Technologies Co., Ltd. (No signature was present in the subject) Huawei Technologies Co., Ltd.
    conhost.exe 1,124 K 4,224 K 5664 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
    Com4QLBEx.exe 980 K 3,924 K 4552 Com for QLB application Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
    BtwRSupportService.exe 1,600 K 4,052 K 2164 Bluetooth Radio Management Support Broadcom Corporation. (Verified) Microsoft Windows Hardware Compatibility Publisher
    btwdins.exe 1,932 K 4,516 K 2188 Bluetooth Support Server Broadcom Corporation. (Verified) Broadcom Corporation
    BTTray.exe 6,520 K 9,456 K 3548 Bluetooth Tray Application Broadcom Corporation. (Verified) Broadcom Corporation
    audiodg.exe 15,524 K 14,600 K 4932 (No signature was present in the subject)
    atiesrxx.exe 888 K 2,768 K 1044 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
    atieclxx.exe 1,600 K 4,248 K 1576 (No signature was present in the subject)
    armsvc.exe 872 K 2,784 K 2096 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
    AEstSrv.exe 532 K 1,592 K 2132 Andrea filters APO access service (32-bit) Andrea Electronics Corporation (Verified) Microsoft Windows Hardware Compatibility Publisher
    AdobeARM.exe 3,140 K 10,352 K 2956 Adobe Reader and Acrobat Manager Adobe Systems Incorporated (Verified) Adobe Systems

Page 1 of 2 12 LastLast