# no internet connection, DHCP stopped and error when trying to restart it



## pcme (Jul 10, 2012)

no internet connection, DHCP stopped and error when trying to restart it. Had a virus but this erased it but cut off my internet connect. Followed the forum and did Hijack this, and dds scan but not sure if its safe to post on here to get help.
Please help
Thanks


----------



## pcme (Jul 10, 2012)

Anyone please?


----------



## Mark1956 (May 7, 2011)

Hi pcme and welcome to TSG, my name is Mark and I will be helping you.

As Malware removal can be a little unpredictable please backup any important data before we begin. Go Here and follow the instructions specific for your operating system.

Please go ahead and post the logs, it is perfectly safe. Without seeing the logs requested there is little we can do.


----------



## pcme (Jul 10, 2012)

I cant seem to open my hijack this log..


----------



## Mark1956 (May 7, 2011)

Hi pcme, a slight hitch with formatting of the logs which makes them extremely difficult to read. Please post both logs again, when you open the log to copy it make quite sure that under the Format tab Word Wrap is disabled. If you see that the log has come out the same then remove it from the post and send the file as an attachment. You will need to zip the file first, right click on the file, select *Send To* and then select *Compressed (zipped) folder*.


Below the *Message Box* click on *Go Advanced*. Then scroll down until you see a button, *Manage Attachments*. Click on that and a new window opens.
Click on the *Browse* button, find the zip folder you made earlier and doubleclick on it.
Now click on the *Upload* button. Wait for the Upload to complete, it will appear just below the *Browse* box.
When done, click on the *Close this window* button at the bottom of the page.
Enter your message-text in the message box, then click on *Submit Message/Reply.*
There is no need to post the HJT log as DDS gives the same information and more. I would however like to see the GMER log, but only do this if your version of XP Pro is 32bit.


----------



## pcme (Jul 10, 2012)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 5:20:47 PM, on 7/10/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\program files\common files\installshield\updateservice\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\ALCXMNTR.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\HP_Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?T...=Q405&bd=pavilion&pf=desktop&parm1=seconduser
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O2 - BHO: Increase performance and video formats for your HTML5 - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\SearchSettings.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [UUSeeMediaCenter] "C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background
O4 - HKCU\..\Run: [SHS] "C:\Program Files\Rogers\SelfHealing\SHS.exe" /background
O4 - HKCU\..\Run: [Update Manager] "C:\Program Files\Rogers\Update Manager\UpdateManager.exe" /background
O4 - HKCU\..\RunOnce: [] C:\Program Files\Internet Explorer\iexplore.exe http://www.symantec.com/techsupp/se...0000096.000001da&d=00000082.000000d4.00000264
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: SolidWorks Task Scheduler Engine.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: LaunchU3.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} (dnlplayer Class) - http://www.digitalwebbooks.com/reader/dbplugin.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133478383321
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
O16 - DPF: {958FCAB0-616B-11D3-A63F-00001B322780} (TimetickerLittleHelpers.usfServer) - http://www.timeticker.com/Timeset/TcpServer.CAB
O16 - DPF: {DB31DA00-4F6F-4CC7-8627-C5A142E1FC7C} (SyncXfer Class) - http://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
O18 - Protocol: bw+0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll
O18 - Protocol: offline-8876480 - {8CAAF89F-4166-4A4A-BB50-AEB30B8B136D} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
O23 - Service: Symantec RemoteAssist - Unknown owner - C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe (file missing)
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
O23 - Service: Amdk7 (zmxpzip) - Unknown owner - \\.\globalrootC:\WINDOWS\system32\svchost.exe (file missing)

--
End of file - 29135 bytes


----------



## pcme (Jul 10, 2012)

.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31
Run by HP_Administrator at 17:20:56 on 2012-07-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.481 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\program files\common files\installshield\updateservice\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG2012\avgtray.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\ALCXMNTR.EXE
c:\windows\system\hpsysdrv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\AVG\AVG2012\avgwdsvc.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\AVG\AVG2012\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\ehome\RMSvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\HP_Administrator\Desktop\HijackThis.exe
.
============== Pseudo HJT Report ===============
.
uSearch Page = hxxp://www.google.com
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearch Bar = hxxp://www.google.com/ie
uStart Page = hxxp://www.google.ca/
uWindow Title = Microsoft Internet Explorer
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\SearchSettings.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 : {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg2012\avgssie.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "c:\program files\microsoft\bingbar\BingExt.dll"
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - c:\program files\search settings\SearchSettings.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\BingExt.dll"
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.0.0.9\AVG Secure Search_toolbar.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: {D593DE91-7B41-45C2-830E-E9A99AB142AA} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
uRun: [SHS] "c:\program files\rogers\selfhealing\SHS.exe" /background
uRun: [Update Manager] "c:\program files\rogers\update manager\UpdateManager.exe" /background
uRunOnce: [<NO NAME>] c:\program files\internet explorer\iexplore.exe http://www.symantec.com/techsupp/se...0000096.000001da&d=00000082.000000d4.00000264
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [LVCOMS] c:\program files\common files\logitech\qcdriver3\LVCOMS.EXE
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [SearchSettings] c:\program files\search settings\SearchSettings.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [UUSeeMediaCenter] "c:\program files\common files\uusee\UUSeeMediaCenter.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>] 
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AVG_TRAY] "c:\program files\avg\avg2012\avgtray.exe"
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\launch~1.lnk - c:\windows\installer\{d8e363a7-88b7-446d-b2c0-e26ce4dc8e54}\_294823.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
uPolicies-explorer: NoViewOnDrive = 0 (0x0)
IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
LSP: mswsock.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133478383321
DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - hxxp://launch.gamespyarcade.com/software/launch/alaunch.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {958FCAB0-616B-11D3-A63F-00001B322780} - hxxp://www.timeticker.com/Timeset/TcpServer.CAB
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DB31DA00-4F6F-4CC7-8627-C5A142E1FC7C} - hxxp://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{40C19284-9B9E-456F-A2F4-5567B1573D6A} : DhcpNameServer = 64.71.255.198
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg2012\avgpp.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\11.0.2\ViProtocol.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\blvewxkk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/webhp?sourceid=navclient&ie=UTF-8
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3868eed9-ec7a-44bd-b25a-5e975a6f41c6%7D&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&ds=AVG&v=11.0.0.9&lang=en&pr=fr&d=2012-05-02%2021%3A31%3A57&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\coffplgn\components\coFFPlgn.dll
FF - component: c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\11.0.2\npsitesafety.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npuuseep.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - plugin: c:\program files\tvuplayer\npTVUAx.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_233.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2012-3-19 301248]
R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2010-1-8 380928]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]
R2 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\SeaPort.EXE [2011-10-13 249648]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 96256]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\common files\avg secure search\vtoolbarupdater\11.0.2\ToolbarUpdater.exe [2012-5-2 932736]
R3 Mach2;Mach2 Pulseing Service;c:\windows\system32\drivers\Mach2.sys [2008-4-6 99936]
S0 qqviagb;qqviagb;c:\windows\system32\drivers\jsyjqyvu.sys --> c:\windows\system32\drivers\jsyjqyvu.sys [?]
S2 BBSvc;Bing Bar Update Service;c:\program files\microsoft\bingbar\BBSvc.EXE [2011-10-21 196176]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 253088]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-11-22 13224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2007-4-7 19039]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-24 129976]
S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2010-11-22 155320]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2012-05-03 01:49:14 0 --sha-w- c:\windows\system32\dds_trash_log.cmd
2012-05-03 01:35:40 4126368 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-05-02 22:20:32 87552 ----a-w- c:\documents and settings\all users\application data\C43LxgkM.exe
2012-04-29 21:06:19 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-29 21:06:18 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-04-19 08:50:26 24896 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2008-11-14 23:28:38 12881 ----a-w- c:\program files\common files\ihasi.bat
.
============= FINISH: 17:21:09.28 ===============


----------



## pcme (Jul 10, 2012)

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/22/2005 3:21:36 PM
System Uptime: 7/10/2012 3:35:06 PM (2 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket 939 | 2188/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 70.131 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.877 GiB free.
E: is CDROM (CDFS)
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2A26103C&REV_10\4&1C88B56&0&18A4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2A26103C&REV_10\4&1C88B56&0&18A4
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP524: 4/13/2012 1:40:38 PM - Sony PC Companion
RP525: 4/13/2012 5:00:51 PM - Software Distribution Service 3.0
RP526: 4/15/2012 6:43:17 PM - System Checkpoint
RP527: 4/19/2012 12:14:50 PM - System Checkpoint
RP528: 4/24/2012 1:15:32 PM - System Checkpoint
RP529: 4/24/2012 4:28:09 PM - Software Distribution Service 3.0
RP530: 4/29/2012 7:21:33 PM - System Checkpoint
RP531: 5/2/2012 9:28:16 PM - Installed AVG 2012
RP532: 5/2/2012 9:29:15 PM - Installed AVG 2012
RP533: 5/7/2012 12:46:15 PM - System Checkpoint
RP534: 5/7/2012 5:58:17 PM - Installed Windows XP KB953761.
RP535: 5/13/2012 4:29:45 PM - System Checkpoint
RP536: 6/13/2012 5:19:44 PM - System Checkpoint
RP537: 6/14/2012 6:10:36 PM - System Checkpoint
RP538: 6/19/2012 9:14:52 PM - System Checkpoint
RP539: 7/10/2012 2:55:32 PM - System Checkpoint
.
==== Installed Programs ======================
.
.
µTorrent
2010 Ford Mustang Screensaver
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.1.0
Adobe Shockwave Player 11
Adobe Stock Photos 1.0
AiO_Scan
AiOSoftware
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2012
Bing Bar
BitTorrent
Bonjour
BufferChm
CameraDrivers
CheckIt Diagnostics
CNCez PRO 2006
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CustomerResearchQFolder
D2300
D2300_Help
Destinations
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DocProc
DocumentViewer
DocumentViewerQFolder
EasyDownloader
Enhanced Multimedia Keyboard Solution
eSupportQFolder
Fax
ffdshow [rev 1723] [2007-12-24]
FreeMill
Garmin MapSource
Garmin TOPO Canada v4
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
GdiplusUpgrade
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB895961-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953761)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Customer Participation Program 7.0
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 7.0
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Cameras 5.0
HP Photosmart Essential
HP Product Assistant
HP PSC & OfficeJet 5.3.B
HP Solution Center 7.0
HP Update
hph_ProductContext
hph_readme
hph_software
hph_software_req
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
InstantShareAlert
InstantShareDevices
IntelliMover Data Transfer Demo
InterActual Player
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 31
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
JDownloader
Junk Mail filter update
LightScribe 1.4.136.1
Logitech Desktop Messenger
Logitech Gaming Software
Logitech SetPoint
Magic ISO Maker v5.3 (build 0221)
MarketResearch
Maven Application Manager
Media Center Extender
Media Go
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Motorola SM56 Speakerphone Modem
Move Networks Media Player for Internet Explorer
Mozilla Firefox 12.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
muvee autoProducer 4.0
muvee autoProducer unPlugged 1.1 - HPD
neroxml
NewCopy
NVIDIA Drivers
OpenOffice.org Installer 1.0
Orb Runtime libraries
PanoStandAlone
PC-Doctor 5 for Windows
PhotoGallery
Player
PlayStation(R)Network Downloader
PlayStation(R)Store
PS2
PSPrinters08
PSTAPlugin
Python 2.2 pywin32 extensions (build 203)
QFolder
QuickTime
RandMap
Readme
Revo Uninstaller 1.87
Rogers Self Healing (remove only)
Rogers Update Manager (remove only)
Scan
ScannerCopy
Search Settings v1.2.3
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SkinsHP1
SolutionCenter
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Sony Ericsson Update Engine
Sony PC Companion 2.10.053
SoulSeek Client 156c
Status
Steam
StreamTorrent 1.0
Symantec Technical Support Web Controls
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
TVAnts 1.0
TVersity Codec Pack 1.4
TVUPlayer 2.5.3.1
U3Launcher
Ulead CD & DVD PictureShow 3 SE Basic
Ulead Photo Express 5 SE
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2598306) 32-Bit Edition
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
VBA (2627.01)
VC80CRTRedist - 8.0.50727.6195
VideoLAN VLC media player 0.8.6d
WebFldrs XP
WebReg
Winamp
Winamp Detector Plug-in
Winamp Toolbar for Firefox
Winamp Toolbar for Internet Explorer
Windows 7 Upgrade Advisor
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See KB889858 for more information]
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
XMLplayer
Yahoo! Install Manager
.
==== Event Viewer Messages From Past Week ========
.
7/10/2012 2:23:18 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
7/10/2012 2:23:18 PM, error: Service Control Manager [7023] - The Amdk7 service terminated with the following error: The specified module could not be found.
7/10/2012 2:23:18 PM, error: Service Control Manager [7003] - The TCP/IP NetBIOS Helper service depends on the following nonexistent service: NetBT
7/10/2012 2:23:18 PM, error: Service Control Manager [7003] - The DHCP Client service depends on the following nonexistent service: NetBT
.
==== End Of File ===========================


----------



## Mark1956 (May 7, 2011)

I think you may have misread my instructions, I said you need not bother with the HJT log but to post the GMER log if your system is 32bit. Please post the log from GMER.

I would also like you to run the following scan.

Please download *Malwarebytes Anti-Malware*







and save it to your desktop.

*Important!!* When you save the mbam-setup file, rename it to something random (such as 123abc.exe) *before* beginning the download.
Double-click on the renamed file to install, then follow these instructions for doing a *Quick Scan* in normal mode.
Malwarebytes will automatically check for updates as soon as it is launched.
_If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues_.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to *allow* the changes.

Double click on the *Malwarebytes* icon on your desktop to launch the program
Under the *Scanner* tab, make sure the *Perform Quick Scan* option is selected.
Click on the *Scan* button.
When finished, a message box will say "_The scan completed successfully. Click *Show Results* to display all objects found_". 
*NOTE:* If no detections are found a log will automatically open in Notepad, please copy and paste the log back here and close all windows, in this case you do not need to continue.
Click *OK* to close the message box, then click the *Show Results* button to see a list of any malware that was found.
Make sure that *everything is checked* and then click *Remove Selected*.
When removal is completed, a log report will open in Notepad.
The log is automatically saved and can be viewed by clicking the *Logs* tab.
Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
Exit Malwarebytes when done.
_If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. *Failure to reboot normally* will prevent Malwarebytes from removing all the malware._
_
Note: A 14-day trial of Malwarebytes Anti-Malware PRO is available as an option when first installing the free version so all users can test the real-time protection component for a period of two weeks. When the limited time period expires those features will be deactivated and locked. Enabling the Protection Module feature again *requires registration and purchase of a license key* that includes free lifetime upgrades and support. If you continue to use the free version, there is no requirement to buy a license...you can just use it as a stand-alone scanner._
*NOTE:* Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).


----------



## pcme (Jul 10, 2012)

Im running a 64 bit system so no GMER and as for malware bytes I can only download the setup file and thats it, when I put that on my desktop it requires more downloading and I can download because of no internet connection.


----------



## pcme (Jul 10, 2012)

Sorry, just read the post you sent about maleware and Im running now


----------



## pcme (Jul 10, 2012)

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.07.03.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
HP_Administrator :: MINE [administrator]

7/16/2012 7:42:39 PM
mbam-log-2012-07-16 (19-42-39).txt

Scan type: Quick scan
Scan options enabled: Memory | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Startup | P2P
Objects scanned: 329036
Time elapsed: 18 minute(s), 34 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 14
C:\WINDOWS\system32\application.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aswupdsv.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ATMsrvc.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\bthidmgr.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\diskeeper.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dlbu_device.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\HpqRemHid.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\http.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\JiaoIO.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\maxbackserviceint.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\npfs.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\slapd-data52.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\tsmservice.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\z525mdfl.dll (RootKit.0Access.H) -> Quarantined and deleted successfully.

(end)


----------



## pcme (Jul 10, 2012)

had 14 infected files and removed them, had to shut down but when it started up again I still could not connect to the internet. Tried to start DHCP but got an error : Could not start DHCP client service on Local Computer, Error 1075 The dependency service does not exist or has been marked for deletion


----------



## Mark1956 (May 7, 2011)

According to what I am seeing in the logs you have a 32bit system, but no need to post the GMER log as Malwarebytes has shown you have got a ZeroAccess Rootkit infection.

Please follow these instructions.

*STEP 1*
*NOTE:* If you have already used Combofix please delete the icon from your desktop.

Please download DeFogger and save it to your desktop.
Once downloaded, double-click on the *DeFogger* icon to start the tool.
The application window will appear.
You should now click on the *Disable* button to disable your CD Emulation drivers.
When it prompts you whether or not you want to continue, please click on the *Yes* button to continue.
When the program has completed you will see a *Finished!* message. Click on the *OK* button to exit the program.
If CD Emulation programs are present and have been disabled, *DeFogger* will now ask you to reboot the machine. Please allow it to do so by clicking on the *OK* button.
*STEP 2*
Please download *ComboFix*







from one of the locations below and *save it to your Desktop. <-Important!!!*

Download Mirror #1
Download Mirror #2
Be sure to print out and follow these instructions: *A guide and tutorial on using ComboFix*
*Vista*/*Windows 7* users can skip the Recovery Console instructions and use the Windows DVD to boot into the Vista Recovery Environment or Windows 7 System Recovery Options if something goes awry. If you do not have a Windows 7 DVD then please create a Windows 7 Repair Disc. *XP* users need to install the Recovery Console first.

Temporarily *disable* your *anti-virus*, script blocking and any *anti-malware* real-time protection _*before*_ performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause _"unpredictable results"_. Click this link to see a list of such programs and how to disable them.
If ComboFix detects an older version of itself, you will be asked to update the program.
ComboFix will begin by showing a Disclaimer. Read it and click *I Agree* if you want to continue.
Follow the prompts and click on *Yes* to continue scanning for malware.
If using Windows 7 or Vista and you receive a UAC prompt asking if you want to continue running the program, you should press the *Continue* button.
When finished, please copy and paste the contents of C:\*ComboFix.txt* (_which will open after reboot_) in your next reply.
Be sure to *re-enable* your anti-virus and other security programs.
_-- Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.
-- ComboFix will temporarily disable your desktop, and if interrupted may leave it disabled. If this occurs, please reboot to restore it.
-- ComboFix disables autorun of all CD, floppy and USB devices to assist with malware removal and increase security._
If you no longer have access to your Internet connection after running ComboFix, please reboot to restore it. If that does not restore the connection, then follow the instructions for Manually restoring the Internet connection provided in the "_How to Guide_" you printed out earlier.


> *Do NOT use ComboFix* unless you have been instructed to do so by a Malware Removal Expert. It is a powerful tool intended by its creator to be used under the guidance and supervision of an expert, *NOT for general public or personal use*. *Using this tool incorrectly could lead to serious problems with your operating system such as preventing it from ever starting again.* This site, sUBs and myself *will not* be responsible for any damage caused to your machine by misusing or running ComboFix on your own. Please read *ComboFix's Disclaimer*.


----------



## Mark1956 (May 7, 2011)

Are you still with us, it is important to catch this type of infection as quick as possible to stop it speading further.

If you no longer require assistance please let me know.


----------



## Mark1956 (May 7, 2011)

Due to the lack of response I am marking this thread as Solved.

If you wish to continue then please post back when you are ready.


----------



## pcme (Jul 10, 2012)

Hi, sorry for the long delay, but I just ran defogger and it ran fine, now running combofix and it started to do a new system restore point but stopped saying I dont have a microsoft windows recovery console installed or it needs to be updated.I have no internet connection yet to download an update if I do have what it is asking for.


----------



## Mark1956 (May 7, 2011)

Ok, decline the installation of the Recovery Console and continue with the rest of the instructions.


----------



## pcme (Jul 10, 2012)

ComboFix 12-07-25.04 - HP_Administrator 07/24/2012 18:45:51.1.1 - x86
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Application Data\C43LxgkM.exe
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\Start Menu\Programs\Startup\LaunchU3.exe.lnk
c:\documents and settings\All Users\Start Menu\Windows Live Messenger .lnk
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\Guest\WINDOWS
c:\documents and settings\HP_Administrator\Application Data\PriceGong
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\1.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\2229.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\2256.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\a.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\b.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\c.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\d.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\e.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\f.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\g.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\h.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\i.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\j.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\k.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\l.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\m.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\mru.xml
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\n.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\o.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\p.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\q.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\r.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\s.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\t.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\u.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\v.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\w.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\wlu.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\x.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\y.txt
c:\documents and settings\HP_Administrator\Application Data\PriceGong\Data\z.txt
c:\documents and settings\HP_Administrator\WINDOWS
c:\documents and settings\MCX1\WINDOWS
c:\documents and settings\MCX2\WINDOWS
c:\program files\Search Settings
c:\program files\Search Settings\SeARchsettings.dll
c:\program files\Search Settings\SearchSettings.exe
c:\program files\Search Settings\SearchSettingsRes409.dll
c:\windows\$NtUninstallKB27815$
c:\windows\$NtUninstallKB27815$\1416902867\@
c:\windows\$NtUninstallKB27815$\1416902867\cfg.ini
c:\windows\$NtUninstallKB27815$\1416902867\Desktop.ini
c:\windows\$NtUninstallKB27815$\1416902867\L\dievdnxz
c:\windows\$NtUninstallKB27815$\1416902867\oemid
c:\windows\$NtUninstallKB27815$\1416902867\U\[email protected]
c:\windows\$NtUninstallKB27815$\1416902867\U\[email protected]
c:\windows\$NtUninstallKB27815$\1416902867\U\[email protected]
c:\windows\$NtUninstallKB27815$\1416902867\U\[email protected]
c:\windows\$NtUninstallKB27815$\1416902867\U\[email protected]
c:\windows\$NtUninstallKB27815$\1416902867\U\[email protected]
c:\windows\$NtUninstallKB27815$\1416902867\version
c:\windows\$NtUninstallKB27815$\3662298341
c:\windows\Downloaded Program Files\f3initialsetup1.0.0.15.inf
c:\windows\hysi.scr
c:\windows\system32\9C9E192538.dll
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\DC120fc7_32.dll
c:\windows\system32\dds_trash_log.cmd
c:\windows\system32\ps2.bat
c:\windows\system32\SET101.tmp
c:\windows\system32\SET103.tmp
c:\windows\system32\SET10F.tmp
c:\windows\system32\SET120.tmp
c:\windows\system32\SET122.tmp
c:\windows\system32\SET131.tmp
c:\windows\system32\SETAE.tmp
c:\windows\system32\SETAF.tmp
c:\windows\system32\SETF8.tmp
c:\windows\system32\uxtheme.tmp
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-06-24 to 2012-07-24 )))))))))))))))))))))))))))))))
.
.
2012-07-16 23:11 . 2012-07-16 23:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-16 23:11 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-24 23:09 . 2012-07-24 23:09 4024320 ----a-w- c:\program files\GUT12.tmp
2012-06-02 19:19 . 2007-06-01 01:17 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2007-06-01 01:17 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2004-08-10 19:00 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2004-08-10 19:00 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2004-08-10 19:00 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2007-06-01 01:17 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2004-08-10 19:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2004-08-10 19:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2007-06-01 01:17 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2004-08-10 19:00 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2004-08-10 19:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2007-06-01 19:38 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 19:18 . 2005-12-02 21:42 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2005-05-26 09:19 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-03 01:35 . 2012-05-03 01:35 4126368 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
2012-04-29 21:06 . 2012-04-29 21:06 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-04-29 21:06 . 2011-08-04 22:09 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2008-11-14 23:28 . 2008-11-14 23:28 12881 ----a-w- c:\program files\Common Files\ihasi.bat
2012-04-25 03:37 . 2011-03-25 00:33 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-05-03 03:21 2067328 ----a-w- c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-05-03 2067328]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-04-10 32768]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
"Update Manager"="c:\program files\Rogers\Update Manager\UpdateManager.exe" [2005-01-28 131072]
"SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-04-13 2418344]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"ISUSScheduler"="c:\program files\common files\installshield\updateservice\issch.exe" [2004-07-28 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-02 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-05-03 1116544]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
SolidWorks Task Scheduler Engine.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [N/A]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-4-10 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2006-12-22 450560]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-9-28 36903]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Norton System Doctor.LNK]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\Norton System Doctor.LNK
backup=c:\windows\pss\Norton System Doctor.LNKStartup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-17 03:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2005-01-24 09:56 544768 ----a-w- c:\windows\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Photo Express Calendar Checker]
2004-01-13 01:40 69632 ----a-w- c:\program files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 4:50 AM 24896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [3/19/2012 5:17 AM 301248]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [1/8/2010 1:51 AM 380928]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/14/2012 4:53 AM 193288]
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 4:23 PM 196176]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 6:21 PM 249648]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/16/2012 7:11 PM 655944]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [5/2/2012 9:31 PM 932736]
R3 Mach2;Mach2 Pulseing Service;c:\windows\system32\drivers\Mach2.sys [4/6/2008 2:17 PM 99936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/16/2012 7:11 PM 22344]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [11/22/2010 2:14 PM 155320]
S0 qqviagb;qqviagb;c:\windows\system32\drivers\jsyjqyvu.sys --> c:\windows\system32\drivers\jsyjqyvu.sys [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/30/2010 7:05 PM 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/29/2012 5:06 PM 253088]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11/22/2010 2:21 PM 13224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/30/2010 7:05 PM 135664]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [4/7/2007 2:01 PM 19039]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/24/2012 11:37 PM 129976]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/17/2006 1:32 PM 691696]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - SONY_PC_COMPANION
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
StkAMini
us30sys
zpcollector
agentsrv
aavmker4
nimcrpcsu
amoagent
BootScreen
mafwboot
qhwscsvc
lktimesync
ATIVTUTW
cpsvc
AGV
zmxpzip
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 21:06]
.
2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 23:05]
.
2012-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 23:05]
.
2012-07-24 c:\windows\Tasks\User_Feed_Synchronization-{8A7EFBA3-8D6B-4E69-AC85-750B378CDC09}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.ca/
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 64.71.255.198
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: {958FCAB0-616B-11D3-A63F-00001B322780} - hxxp://www.timeticker.com/Timeset/TcpServer.CAB
DPF: {DB31DA00-4F6F-4CC7-8627-C5A142E1FC7C} - hxxp://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\blvewxkk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/webhp?sourceid=navclient&ie=UTF-8
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3868eed9-ec7a-44bd-b25a-5e975a6f41c6%7D&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&ds=AVG&v=11.0.0.9&lang=en&pr=fr&d=2012-05-02%2021%3A31%3A57&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKCU-Run-TomTomHOME.exe - c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
HKLM-Run-SearchSettings - c:\program files\Search Settings\SearchSettings.exe
HKLM-Run-UUSeeMediaCenter - c:\program files\Common Files\uusee\UUSeeMediaCenter.exe
Notify-AtiExtEvent - (no file)
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
AddRemove-87650DBA-0415-4C4A-9761-4A8944781A8A - c:\program files\EasyDownloader\uninstall.exe
AddRemove-BitTorrent - c:\program files\BitTorrent\BitTorrent.exe
AddRemove-FreeMill - c:\program files\MecSoft Corporation\FreeMill\DeIsL1.isu
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files\DivX\DivXCodecUninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-24 19:07
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
.
c:\windows\TEMP\OLD28.tmp 209632 bytes executable
c:\windows\system32\wuauclt.exe.wusetup.296781.bak 53472 bytes executable
c:\windows\system32\wuaueng.dll.wusetup.302156.bak 1929952 bytes executable
.
scan completed successfully
hidden files: 3
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ca,16,27,25,6d,84,ec,57,fa,61,27,ec,0e,4b,66,72,66,b8,96,f2,cc,35,f0,
d7,bb,a3,c0,f5,19,fd,bf,89,e7,91,49,c4,14,ea,4b,9f,8d,11,f7,26,84,21,42,72,\
"??"=hex:59,e5,97,70,47,08,a5,1e,f6,13,83,cc,52,0d,a6,6c
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(6064)
c:\windows\system32\WININET.dll
c:\docume~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\nview.dll
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\System32\wudfhost.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\ehome\RMSvc.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\ehome\McrdSvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\wscntfy.exe
c:\windows\eHome\ehmsas.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\windows\system32\msiexec.exe
.
**************************************************************************
.
Completion time: 2012-07-24 19:21:09 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-24 23:20
.
Pre-Run: 75,077,869,568 bytes free
Post-Run: 103,243,472,896 bytes free
.
- - End Of File - - 9E36BF4341D256D6F6E2DBDC803CB9CE


----------



## pcme (Jul 10, 2012)

does this mean my computer is clean?


----------



## pcme (Jul 10, 2012)

Ran a scan on my computer with AVG anti virus program and came up with 30 infected files and 2 that will not allow me to fix, they are white listed 

"File"";""Infection"";""Result"""

";""C:\WINDOWS\System32\DRIVERS\netbt.sys"";""Trojan horse Generic28.JOU"";""Object is white-listed (critical/system file that should not be removed)"""

";""C:\WINDOWS\system32\drivers\netbt.sys"";""Trojan horse Generic28.JOU"";""Object is white-listed (critical/system file that should not be removed)"""

";""C:\WINDOWS\Downloaded Program Files\gsda.dll"";""Trojan horse Downloader.Generic9.BIVN"";""Moved to Virus Vault"""

";""C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP540\A0101719.exe"";""Trojan horse Dropper.Generic6.QS"";""Moved to Virus Vault"""


----------



## Mark1956 (May 7, 2011)

Please do a repeat run with Combofix and post the log.

Also run this and post the results.

Please download *SystemLook* for your operating system from one of the links below and save it to your Desktop.

*Link 1: SystemLook (32-bit)*
Link 2: SystemLook (32-bit)
*Link 1: SystemLook (64-bit)*
Link 2: SystemLook (64-bit)

Double-click *SystemLook.exe* to run it.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
Copy and paste everything in the codebox below into the main textfield:

```
:filefind
netbt.sys
```

Click the Look button to start the scan.
When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
Please copy and paste the contents of that log in your next reply.


----------



## pcme (Jul 10, 2012)

SystemLook 30.07.11 by jpshortstuff Log created at 13:42 on 25/07/2012 by HP_Administrator Administrator - Elevation successful

========== filefind ==========

Searching for "netbt.sys" 
C:\WINDOWS\$NtServicePackUninstall$\netbt.sys -----c- 162816 bytes [20:32 19/11/2008] [19:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B 
C:\WINDOWS\ServicePackFiles\i386\netbt.sys ------- 162816 bytes [20:04 19/11/2008] [19:21 13/04/2008] 74B2B2F5BEA5E9A3DC021D685551BD3D 
C:\WINDOWS\SoftwareDistribution\Download\fd0264849c01086f3c6b505dc02dbd44\backup\netbt.sys ------- 162816 bytes [03:05 21/06/2008] [19:00 10/08/2004] 0C80E410CD2F47134407EE7DD19CC86B 
C:\WINDOWS\system32\drivers\netbt.sys --a---- 162816 bytes [19:00 10/08/2004] [19:21 13/04/2008] DA666BA9C2E08C8B1FA003939DD914A0

-= EOF =-

I shutdown my computer last night and started it again this morning and my internet connection was own again, do I have to redo all the defogger and combofix again?


----------



## pcme (Jul 10, 2012)

Sorry i mean down


----------



## pcme (Jul 10, 2012)

Ok so I can get my internet running when I run AVG anti virus scan, but when I reboot I end up in the same position and its like it respawns it self and my internet goes down again.


----------



## Mark1956 (May 7, 2011)

Ok, please run this tool and follow it with another scan with Combofix, there is no need to run Defogger again. Then post both the logs and let me know if you internet connection is back.

Download *Yorkyt.exe* and save to your Desktop.
Double click the *Yorkyt.exe* to run it, Vista or Windows 7 user right click and "Run as Administrator"








Select Yes to restart at the prompt.








Let it restart again when prompted.








Be patient as the tool is working after the 2nd reboot.








When you see the above, continue by running Combofix.
Attach the Yorkyt.exe.log to your next message (it should be on your desktop)


----------



## pcme (Jul 10, 2012)

2012-07-26 14:38:56: ****************************************************
2012-07-26 14:38:56: Starting UP ... v 0.0.0.220
2012-07-26 14:38:56: ****************************************************
2012-07-26 14:38:57: Stop TPSRV returns: 2
2012-07-26 14:39:12: Listing processes...
2012-07-26 14:39:12: :[System Process]:0
2012-07-26 14:39:12: :System:4
2012-07-26 14:39:12: :smss.exe:452
2012-07-26 14:39:12: :csrss.exe:548
2012-07-26 14:39:12: :winlogon.exe:572
2012-07-26 14:39:12: :services.exe:620
2012-07-26 14:39:12: :lsass.exe:632
2012-07-26 14:39:12: :svchost.exe:792
2012-07-26 14:39:12: :svchost.exe:900
2012-07-26 14:39:12: :svchost.exe:968
2012-07-26 14:39:12: :svchost.exe:1004
2012-07-26 14:39:12: :svchost.exe:1096
2012-07-26 14:39:12: :spoolsv.exe:1312
2012-07-26 14:39:12: :explorer.exe:1412
2012-07-26 14:39:12: :ehtray.exe:1620
2012-07-26 14:39:12: :LVComS.exe:1648
2012-07-26 14:39:12: :kbd.exe:1660
2012-07-26 14:39:12: :rundll32.exe:1716
2012-07-26 14:39:12: :rundll32.exe:1736
2012-07-26 14:39:12: :issch.exe:1744
2012-07-26 14:39:12: :iTunesHelper.exe:1928
2012-07-26 14:39:12: ivXUpdate.exe:1948
2012-07-26 14:39:12: :hpwuschd2.exe:1964
2012-07-26 14:39:12: :jusched.exe:1972
2012-07-26 14:39:12: :GrooveMonitor.exe:1984
2012-07-26 14:39:12: :avgtray.exe:2000
2012-07-26 14:39:12: :vprot.exe:2020
2012-07-26 14:39:12: :mbamgui.exe:2032
2012-07-26 14:39:12: :LogitechDesktopMessenger.exe:2044
2012-07-26 14:39:12: CCompanion.exe:188
2012-07-26 14:39:12: :ctfmon.exe:296
2012-07-26 14:39:12: CCompanionInfo.exe:360
2012-07-26 14:39:12: :hpqtra08.exe:184
2012-07-26 14:39:12: :SetPoint.exe:424
2012-07-26 14:39:12: :Updates from HP.exe:432
2012-07-26 14:39:12: :KHALMNPR.EXE:516
2012-07-26 14:39:12: :hpqste08.exe:1400
2012-07-26 14:39:12: :ALCXMNTR.EXE:1572
2012-07-26 14:39:12: :hpsysdrv.exe:1756
2012-07-26 14:39:12: :svchost.exe:2204
2012-07-26 14:39:12: :AppleMobileDeviceService.exe:2224
2012-07-26 14:39:12: :ApplicationUpdater.exe:2244
2012-07-26 14:39:12: :avgwdsvc.exe:2260
2012-07-26 14:39:12: :SeaPort.EXE:2344
2012-07-26 14:39:12: :mDNSResponder.exe:2384
2012-07-26 14:39:12: :avgnsx.exe:2428
2012-07-26 14:39:12: :avgemcx.exe:2436
2012-07-26 14:39:12: :ehrecvr.exe:2512
2012-07-26 14:39:12: :ehSched.exe:2668
2012-07-26 14:39:12: :svchost.exe:2876
2012-07-26 14:39:12: :jqs.exe:2888
2012-07-26 14:39:12: :LSSrvc.exe:2984
2012-07-26 14:39:12: :mbamservice.exe:3020
2012-07-26 14:39:12: :MDM.EXE:3056
2012-07-26 14:39:12: :avgrsx.exe:3064
2012-07-26 14:39:12: :nvsvc32.exe:3092
2012-07-26 14:39:12: :svchost.exe:3140
2012-07-26 14:39:12: :RMSvc.exe:3188
2012-07-26 14:39:12: :avgcsrvx.exe:3212
2012-07-26 14:39:12: :svchost.exe:3336
2012-07-26 14:39:12: :svchost.exe:3380
2012-07-26 14:39:12: :ULCDRSvr.exe:3476
2012-07-26 14:39:12: :ToolbarUpdater.exe:3540
2012-07-26 14:39:12: :avgidsagent.exe:3764
2012-07-26 14:39:12: :McrdSvc.exe:3844
2012-07-26 14:39:12: :wmpnetwk.exe:1256
2012-07-26 14:39:12: :ehmsas.exe:3868
2012-07-26 14:39:12: :iPodService.exe:1644
2012-07-26 14:39:12: :HPZipm12.exe:3392
2012-07-26 14:39:12: :dllhost.exe:2836
2012-07-26 14:39:12: :wscntfy.exe:1344
2012-07-26 14:39:12: :alg.exe:3600
2012-07-26 14:39:12: :yorkyt.exe:1424
2012-07-26 14:39:12: :wmiprvse.exe:3552
2012-07-26 14:39:12: 
2012-07-26 14:39:12: Setting restore point
2012-07-26 14:39:28: Determining autonomous or dropped mode...
2012-07-26 14:39:28: Autonomus mode
2012-07-26 14:39:28: Installing drivers...
2012-07-26 14:39:33: Checking that it installed...
2012-07-26 14:39:33: Driver is installed...
2012-07-26 14:39:33: cmd.exe /c start "C:\Documents and Settings\HP_Administrator\Desktop\yorkyt.exe"
2012-07-26 14:39:36: Restarting...
2012-07-26 14:47:23: ****************************************************
2012-07-26 14:47:32: Starting UP ... v 0.0.0.220
2012-07-26 14:47:32: ****************************************************
2012-07-26 14:47:44: Stop TPSRV returns: 2
2012-07-26 14:48:00: Listing processes...
2012-07-26 14:48:00: :[System Process]:0
2012-07-26 14:48:00: :System:4
2012-07-26 14:48:00: :smss.exe:476
2012-07-26 14:48:00: :avgrsx.exe:524
2012-07-26 14:48:00: :csrss.exe:596
2012-07-26 14:48:00: :winlogon.exe:628
2012-07-26 14:48:00: :services.exe:680
2012-07-26 14:48:00: :lsass.exe:696
2012-07-26 14:48:00: :svchost.exe:848
2012-07-26 14:48:00: :svchost.exe:964
2012-07-26 14:48:00: :svchost.exe:1020
2012-07-26 14:48:00: :svchost.exe:1060
2012-07-26 14:48:00: :svchost.exe:1144
2012-07-26 14:48:00: :spoolsv.exe:1336
2012-07-26 14:48:00: :svchost.exe:1520
2012-07-26 14:48:00: :explorer.exe:1532
2012-07-26 14:48:00: :AppleMobileDeviceService.exe:1580
2012-07-26 14:48:00: :yorkyt.exe:1716
2012-07-26 14:48:00: :ehtray.exe:1880
2012-07-26 14:48:00: :ApplicationUpdater.exe:1936
2012-07-26 14:48:00: :avgwdsvc.exe:1980
2012-07-26 14:48:00: :HPBootOp.exe:2000
2012-07-26 14:48:00: :LVComS.exe:2012
2012-07-26 14:48:00: :kbd.exe:244
2012-07-26 14:48:00: :BBSvc.EXE:424
2012-07-26 14:48:00: :issch.exe:572
2012-07-26 14:48:00: :SeaPort.EXE:608
2012-07-26 14:48:00: :iTunesHelper.exe:884
2012-07-26 14:48:00: :rundll32.exe:1108
2012-07-26 14:48:00: ivXUpdate.exe:1212
2012-07-26 14:48:00: :hpwuschd2.exe:924
2012-07-26 14:48:00: :jusched.exe:1304
2012-07-26 14:48:00: :GrooveMonitor.exe:1356
2012-07-26 14:48:00: :avgtray.exe:1360
2012-07-26 14:48:00: :vprot.exe:1436
2012-07-26 14:48:00: :mDNSResponder.exe:1476
2012-07-26 14:48:00: :mbamgui.exe:1288
2012-07-26 14:48:00: :LogitechDesktopMessenger.exe:1540
2012-07-26 14:48:00: CCompanion.exe:1668
2012-07-26 14:48:00: :ehrecvr.exe:1676
2012-07-26 14:48:00: :ehSched.exe:908
2012-07-26 14:48:00: :avgrsx.exe:1780
2012-07-26 14:48:00: :avgnsx.exe:1464
2012-07-26 14:48:00: :avgcsrvx.exe:1920
2012-07-26 14:48:00: :avgemcx.exe:2100
2012-07-26 14:48:00: CCompanionInfo.exe:2208
2012-07-26 14:48:00: :SHS.exe:2284
2012-07-26 14:48:00: :ctfmon.exe:2324
2012-07-26 14:48:00: :svchost.exe:2344
2012-07-26 14:48:00: :jqs.exe:2516
2012-07-26 14:48:00: :reader_sl.exe:2776
2012-07-26 14:48:00: :hpqtra08.exe:2792
2012-07-26 14:48:00: :SetPoint.exe:2848
2012-07-26 14:48:00: :Updates from HP.exe:2860
2012-07-26 14:48:00: :LSSrvc.exe:2948
2012-07-26 14:48:00: :mbamservice.exe:3052
2012-07-26 14:48:00: :MDM.EXE:3124
2012-07-26 14:48:00: :nvsvc32.exe:3148
2012-07-26 14:48:00: :KHALMNPR.EXE:3168
2012-07-26 14:48:00: :svchost.exe:3224
2012-07-26 14:48:00: :RMSvc.exe:3252
2012-07-26 14:48:00: :svchost.exe:3300
2012-07-26 14:48:00: :svchost.exe:3320
2012-07-26 14:48:00: :ULCDRSvr.exe:3364
2012-07-26 14:48:00: :ToolbarUpdater.exe:3452
2012-07-26 14:48:00: :McrdSvc.exe:3628
2012-07-26 14:48:00: :avgidsagent.exe:3804
2012-07-26 14:48:00: :wmpnetwk.exe:1868
2012-07-26 14:48:00: :wuauclt.exe:2476
2012-07-26 14:48:00: :hpqste08.exe:3640
2012-07-26 14:48:00: :iPodService.exe:2760
2012-07-26 14:48:00: :wmiprvse.exe:520
2012-07-26 14:48:00: :HPZipm12.exe:3684
2012-07-26 14:48:00: :wscntfy.exe:1656
2012-07-26 14:48:00: :alg.exe:3496
2012-07-26 14:48:00: :ehmsas.exe:3656
2012-07-26 14:48:00: :ehRec.exe:4444
2012-07-26 14:48:00: 
2012-07-26 14:48:00: RUN mode
2012-07-26 14:48:00: Determining autonomous or dropped mode...
2012-07-26 14:48:00: Autonomus mode
2012-07-26 14:48:05: Waiting for Explorer.exe...
2012-07-26 14:48:35: Launching parsers...
2012-07-26 14:48:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\KDCOM.DLL KDCOM.DLL
2012-07-26 14:48:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\BOOTVID.DLL BOOTVID.DLL
2012-07-26 14:48:44: ... Failed to identify driver B41CB3AA2E0AAE024B4FB316FE440BE4, using metod 2...
2012-07-26 14:48:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOT.SYS 
2012-07-26 14:48:44: ... Failed to identify driver 12DCA4373B9B0B3CFE505B0025BEB952, using metod 2...
2012-07-26 14:48:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTD.SYS 
2012-07-26 14:48:44: ... Failed to identify driver 718FB269AF435683E8ADBD5D2B36CF1A, using metod 2...
2012-07-26 14:48:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTK.SYS 
2012-07-26 14:48:44: ... Failed to identify driver C91F0B434B6F95A7EEC71361D166DFBF, using metod 2...
2012-07-26 14:48:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTI.SYS 
2012-07-26 14:48:44: ... Failed to identify driver F0B3EFFD3D114C5ABC75BA81302AFCFF, using metod 2...
2012-07-26 14:48:44: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTS.SYS 
2012-07-26 14:48:45: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ACPI.SYS ACPI.SYS
2012-07-26 14:48:45: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS WMILIB.SYS
2012-07-26 14:48:45: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PCI.SYS PCI.SYS
2012-07-26 14:48:46: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\OHCI1394.SYS OHCI1394.SYS
2012-07-26 14:48:46: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\1394BUS.SYS 1394BUS.SYS
2012-07-26 14:48:46: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ISAPNP.SYS ISAPNP.SYS
2012-07-26 14:48:46: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PCIIDE.SYS PCIIDE.SYS
2012-07-26 14:48:46: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS PCIIDEX.SYS
2012-07-26 14:48:46: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\VIAIDE.SYS PCIIDE.SYS
2012-07-26 14:48:47: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\INTELIDE.SYS INTELIDE.SYS
2012-07-26 14:48:47: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\MOUNTMGR.SYS MOUNTMGR.SYS
2012-07-26 14:48:47: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\FTDISK.SYS FTDISK.SYS
2012-07-26 14:48:47: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DMLOAD.SYS DMLOAD.SYS
2012-07-26 14:48:49: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DMIO.SYS DMIO.SYS
2012-07-26 14:48:50: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PARTMGR.SYS PARTMGR.SYS
2012-07-26 14:48:50: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\VOLSNAP.SYS VOLSNAP.SYS
2012-07-26 14:48:50: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\IASTOR.SYS IASTOR.SYS
2012-07-26 14:48:51: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS ATAPI.SYS
2012-07-26 14:48:51: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DISK.SYS SCSIDISK.SYS
2012-07-26 14:48:51: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS CLASSPNP.SYS
2012-07-26 14:48:52: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\FLTMGR.SYS FLTMGR.SYS
2012-07-26 14:48:52: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\SR.SYS SR.SYS
2012-07-26 14:48:52: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PXHELP20.SYS PXHELP20.SYS
2012-07-26 14:48:53: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\KSECDD.SYS KSECDD.SYS
2012-07-26 14:48:53: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\WUDFPF.SYS WUDFPF.SYS
2012-07-26 14:48:53: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\NTFS.SYS NTFS.SYS
2012-07-26 14:48:54: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\NDIS.SYS NDIS.SYS
2012-07-26 14:48:54: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\MUP.SYS MUP.SYS
2012-07-26 14:48:54: ... Failed to identify driver 998242A4EDE6992396A90585CC121F2C, using metod 2...
2012-07-26 14:48:54: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DASBOOTF.SYS 
2012-07-26 14:48:55: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\AVGRKX86.SYS AVGRKX86.SYS
2012-07-26 14:48:55: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\AVGIDSHX.SYS IDSFRHR.SYS
2012-07-26 14:48:55: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AMDK8.SYS AMDK8.SYS
2012-07-26 14:48:56: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS VIDEOPRT.SYS
2012-07-26 14:48:56: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NV4_MINI.SYS NV4_MINI.SYS
2012-07-26 14:48:57: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS USBPORT.SYS
2012-07-26 14:48:57: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBOHCI.SYS USBOHCI.SYS
2012-07-26 14:48:57: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS USBEHCI.SYS
2012-07-26 14:48:58: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS IMAPI.SYS
2012-07-26 14:48:58: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS CDROM.SYS
2012-07-26 14:48:59: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\KS.SYS KS.SYS
2012-07-26 14:48:59: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS REDBOOK.SYS
2012-07-26 14:49:00: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\GEARASPIWDM.SYS GEARAAPIWDM.SYS
2012-07-26 14:49:00: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NIC1394.SYS NIC1394.SYS
2012-07-26 14:49:00: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DRMK.SYS DRMK.SYS
2012-07-26 14:49:01: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\PORTCLS.SYS PORTCLS.SYS
2012-07-26 14:49:02: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\ALCXWDM.SYS ALCXWDM.SYS
2012-07-26 14:49:02: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS PARPORT.SYS
2012-07-26 14:49:02: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS AUDSTUB.SYS
2012-07-26 14:49:03: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASL2TP.SYS RASL2TP.SYS
2012-07-26 14:49:03: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDISTAPI.SYS NDISTAPI.SYS
2012-07-26 14:49:03: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDISWAN.SYS NDISWAN.SYS
2012-07-26 14:49:03: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASPPPOE.SYS RASPPPOE.SYS
2012-07-26 14:49:04: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS TDI.SYS
2012-07-26 14:49:04: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASPPTP.SYS RASPPTP.SYS
2012-07-26 14:49:05: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS PSCHED.SYS
2012-07-26 14:49:05: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS MSGPC.SYS
2012-07-26 14:49:05: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PTILINK.SYS PTILINK.SYS
2012-07-26 14:49:05: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASPTI.SYS RASPTI.SYS
2012-07-26 14:49:05: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MACH2.SYS MACH1.SYS
2012-07-26 14:49:06: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS RDPDR.SYS
2012-07-26 14:49:07: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS TERMDD.SYS
2012-07-26 14:49:07: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS KBDCLASS.SYS
2012-07-26 14:49:07: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS MOUCLASS.SYS
2012-07-26 14:49:08: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS SWENUM.SYS
2012-07-26 14:49:08: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS UPDATE.SYS
2012-07-26 14:49:08: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MSSMBIOS.SYS SMBIOS.SYS
2012-07-26 14:49:08: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WMBENUM.SYS WMBENUM.SYS
2012-07-26 14:49:09: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WMXLCORE.SYS WMXLCORE.SYS
2012-07-26 14:49:09: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDPROXY.SYS NDPROXY.SYS
2012-07-26 14:49:09: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS USBD.SYS
2012-07-26 14:49:09: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS USBHUB.SYS
2012-07-26 14:49:10: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SFLOPPY.SYS SFLOPPY.SYS
2012-07-26 14:49:10: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AVGMFX86.SYS AVGMFX86.SYS
2012-07-26 14:49:10: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\CDAUDIO.SYS CDAUDIO.SYS
2012-07-26 14:49:10: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS FS_REC.SYS
2012-07-26 14:49:11: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS NULL.SYS
2012-07-26 14:49:11: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS BEEP.SYS
2012-07-26 14:49:12: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS I8042PRT.SYS
2012-07-26 14:49:12: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\HIDPARSE.SYS HIDPARSE.SYS
2012-07-26 14:49:12: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS VGA.SYS
2012-07-26 14:49:12: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS VIDEOSIM.SYS
2012-07-26 14:49:12: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS RDPCDD.SYS
2012-07-26 14:49:12: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS MSFS.SYS
2012-07-26 14:49:12: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS NPFS.SYS
2012-07-26 14:49:13: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS RASACD.SYS
2012-07-26 14:49:13: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS IPSEC.SYS
2012-07-26 14:49:13: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS TCPIP.SYS
2012-07-26 14:49:13: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AVGTDIX.SYS AVGTDIX.SYS
2012-07-26 14:49:13: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\IPNAT.SYS IPNAT.SYS
2012-07-26 14:49:13: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WANARP.SYS WANARP.SYS
2012-07-26 14:49:13: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBAAPL.SYS USBAAPL.SYS
2012-07-26 14:49:14: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WS2IFSL.SYS WS2IFSL.SYS
2012-07-26 14:49:14: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\ARP1394.SYS ARP1394.SYS
2012-07-26 14:49:14: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS AFD.SYS
2012-07-26 14:49:14: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS NETBIOS.SYS
2012-07-26 14:49:14: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SERIAL.SYS SERIAL.SYS
2012-07-26 14:49:14: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PROCESSR.SYS PROCESSR.SYS
2012-07-26 14:49:14: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS RDBSS.SYS
2012-07-26 14:49:15: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS MRXSMB.SYS
2012-07-26 14:49:15: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS FIPS.SYS
2012-07-26 14:49:15: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AVGLDX86.SYS AVGLDX86.SYS
2012-07-26 14:49:15: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBCCGP.SYS USBCCGP.SYS
2012-07-26 14:49:15: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBSTOR.SYS USBSTOR.SYS
2012-07-26 14:49:15: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\HIDCLASS.SYS HIDCLASS.SYS
2012-07-26 14:49:16: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\HIDUSB.SYS HIDUSB.SYS
2012-07-26 14:49:16: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\KBDHID.SYS KBDHID.SYS
2012-07-26 14:49:16: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\LHIDKE.SYS LHIDKE.SYS
2012-07-26 14:49:16: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MOUHID.SYS MOUHID.SYS
2012-07-26 14:49:17: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\LMOUKE.SYS LMOUKE.SYS
2012-07-26 14:49:17: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\USBSCAN.SYS USBSCAN.SYS
2012-07-26 14:49:17: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\FASTFAT.SYS FASTFAT.SYS
2012-07-26 14:49:17: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS CDFS.SYS
2012-07-26 14:49:17: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS WMILIB.SYS
2012-07-26 14:49:17: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\ATAPI.SYS ATAPI.SYS
2012-07-26 14:49:18: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS DXAPI.SYS
2012-07-26 14:49:18: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\WATCHDOG.SYS WATCHDOG.SYS
2012-07-26 14:49:20: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\WIN32K.SYS WIN32K.SYS
2012-07-26 14:49:20: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS DXGTHK.SYS
2012-07-26 14:49:20: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\DXG.SYS DXG.SYS
2012-07-26 14:49:21: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\NV4_DISP.DLL NV4_DISP.DLL
2012-07-26 14:49:21: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\VGA.DLL VGA.DLL
2012-07-26 14:49:22: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\ATMFD.DLL ATMFD.DLL
2012-07-26 14:49:22: Looking at \Device\HarddiskVolume2\WINDOWS\SYSTEM32\DRIVERS\MBAM.SYS MBAM.SYS
2012-07-26 14:49:22: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\NDISUIO.SYS NDISUIO.SYS
2012-07-26 14:49:22: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\MRXDAV.SYS MRXDAV.SYS
2012-07-26 14:49:22: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\WDMAUD.SYS WDMAUD.SYS
2012-07-26 14:49:22: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SYSAUDIO.SYS SYSAUDIO.SYS
2012-07-26 14:49:22: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SPLITTER.SYS SPLITTER.SYS
2012-07-26 14:49:22: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AEC.SYS AEC.SYS
2012-07-26 14:49:23: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SWMIDI.SYS SWMIDI.SYS
2012-07-26 14:49:23: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\DMUSIC.SYS DMUSIC.SYS
2012-07-26 14:49:23: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\DRMKAUD.SYS DRMKAUD.SYS
2012-07-26 14:49:24: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\ASPI32.SYS ASPI32.SYS
2012-07-26 14:49:24: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AVGIDSSHIMX.SYS IDSSHIM.SYS
2012-07-26 14:49:24: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\HTTP.SYS HTTP.SYS
2012-07-26 14:49:24: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SRV.SYS SRV.SYS
2012-07-26 14:49:24: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\SECDRV.SYS SECDRV.SYS
2012-07-26 14:49:25: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AVGIDSFILTERX.SYS IDSFILTER.SYS
2012-07-26 14:49:25: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\AVGIDSDRIVERX.SYS IDSDRIVER.SYS
2012-07-26 14:49:25: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\TDTCP.SYS TDTCP.SYS
2012-07-26 14:49:25: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\RDPWD.SYS RDPWD.SYS
2012-07-26 14:49:25: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\KMIXER.SYS KMIXER.SYS
2012-07-26 14:49:26: ... Failed to identify driver B3C157A66ECDBCD3570E2DA139225589, using metod 2...
2012-07-26 14:49:26: Looking at \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\DRIVERS\PRSBDRVR.SYS 
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntdll.dll NTDLL.DLL
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\AmdK8.sys AMDK8.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\nv4_mini.sys NV4_MINI.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\videoprt.sys VIDEOPRT.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbohci.sys USBOHCI.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbport.sys USBPORT.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbehci.sys USBEHCI.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\imapi.sys IMAPI.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\cdrom.sys CDROM.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\redbook.sys REDBOOK.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ks.sys KS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\GEARAspiWDM.sys GEARAAPIWDM.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\nic1394.sys NIC1394.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ALCXWDM.SYS ALCXWDM.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\portcls.sys PORTCLS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\drmk.sys DRMK.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\parport.sys PARPORT.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\audstub.sys AUDSTUB.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rasl2tp.sys RASL2TP.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndistapi.sys NDISTAPI.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndiswan.sys NDISWAN.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\raspppoe.sys RASPPPOE.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\raspptp.sys RASPPTP.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\tdi.sys TDI.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\psched.sys PSCHED.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\msgpc.sys MSGPC.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ptilink.sys PTILINK.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\raspti.sys RASPTI.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\Mach2.sys MACH1.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rdpdr.sys RDPDR.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\termdd.sys TERMDD.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\kbdclass.sys KBDCLASS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mouclass.sys MOUCLASS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\swenum.sys SWENUM.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\update.sys UPDATE.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mssmbios.sys SMBIOS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\WmBEnum.sys WMBENUM.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\WmXlCore.sys WMXLCORE.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndproxy.sys NDPROXY.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbhub.sys USBHUB.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbd.sys USBD.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\sfloppy.sys SFLOPPY.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\avgmfx86.sys AVGMFX86.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\cdaudio.sys CDAUDIO.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fs_rec.sys FS_REC.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\null.sys NULL.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\beep.sys BEEP.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\i8042prt.sys I8042PRT.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\kbdhid.sys KBDHID.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\hidparse.sys HIDPARSE.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\vga.sys VGA.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mnmdd.sys VIDEOSIM.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rdpcdd.sys RDPCDD.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\msfs.sys MSFS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\npfs.sys NPFS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rasacd.sys RASACD.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ipsec.sys IPSEC.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\tcpip.sys TCPIP.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\avgtdix.sys AVGTDIX.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ipnat.sys IPNAT.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wanarp.sys WANARP.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbaapl.sys USBAAPL.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ws2ifsl.sys WS2IFSL.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\arp1394.sys ARP1394.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\afd.sys AFD.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\netbios.sys NETBIOS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\serial.sys SERIAL.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\processr.sys PROCESSR.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rdbss.sys RDBSS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mrxsmb.sys MRXSMB.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fips.sys FIPS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\avgldx86.sys AVGLDX86.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbccgp.sys USBCCGP.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbstor.sys USBSTOR.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\hidusb.sys HIDUSB.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\hidclass.sys HIDCLASS.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\LHidKE.Sys LHIDKE.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mouhid.sys MOUHID.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\LMouKE.Sys LMOUKE.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\usbscan.sys USBSCAN.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\smss.exe SMSS.EXE
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\autochk.exe AUTOCHK.EXE
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\fastfat.sys FASTFAT.SYS
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgrsx.exe AVGRS.EXE
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgsysx.dll AVGSYS.DLL
2012-07-26 14:49:27: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgntopensslx.dll AVGNTOPENSSL.DLL
2012-07-26 14:49:28: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avglogx.dll AVGLOG.DLL
2012-07-26 14:49:28: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\cdfs.sys CDFS.SYS
2012-07-26 14:49:28: Looking at \Device\HarddiskVolume2\Documents and Settings\HP_Administrator\Local Settings\temp\IadHide5.dll IADHIDE.DLL
2012-07-26 14:49:28: ... Failed to identify driver 8D069E28B1C2DC1EBD95466FBACB114D, using metod 2...
2012-07-26 14:49:28: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe 
2012-07-26 14:49:28: ... Failed to identify driver E125490B774C4B9ACDDEEE8918CB320C, using metod 2...
2012-07-26 14:49:28: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{90850409-6000-11D3-8CFE-0150048383C9}\wrdvicon.exe 
2012-07-26 14:49:28: ... Failed to identify driver C2FB4CC314A45CD8D8A1A1FA0B2F5896, using metod 2...
2012-07-26 14:49:28: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll 
2012-07-26 14:49:29: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\WUNPACLN.dll WUNPACLN.DLL
2012-07-26 14:49:29: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgclitx.dll AVGCLIT.DLL
2012-07-26 14:49:29: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\Device.dll DEVICE.DLL
2012-07-26 14:49:29: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll XAPAUTHENTICODESIP.DLL
2012-07-26 14:49:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\schannel.dll SCHANNEL.DLL
2012-07-26 14:49:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\url.dll URL.DLL
2012-07-26 14:49:30: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\PCCompanion.dll PCCOMPANION.DLL
2012-07-26 14:49:31: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avglngx.dll AVGLNG.DLL
2012-07-26 14:49:31: Looking at \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe MBAMGUI.EXE
2012-07-26 14:49:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\muweb.dll MUWEB.DLL
2012-07-26 14:49:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dbghelp.dll DBGHELP.DLL
2012-07-26 14:49:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\crypt32.dll CRYPT32.DLL
2012-07-26 14:49:33: Looking at \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbam.dll MBAM.DLL
2012-07-26 14:49:33: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgwdsvc.exe AVGWDSVC.EXE
2012-07-26 14:49:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml6.dll MSXML6.DLL
2012-07-26 14:49:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml3.dll MSXML3.DLL
2012-07-26 14:49:36: Looking at \Device\HarddiskVolume2\WINDOWS\system32\urlmon.dll URLMON.DLL
2012-07-26 14:49:37: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\PCCompanion.exe PCCOMPANION.EXE
2012-07-26 14:49:37: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\bvrpctln.dll BVRPCTLN.DLL
2012-07-26 14:49:38: ... Failed to identify driver 8C437C7A473FA6147FC62D61E395F780, using metod 2...
2012-07-26 14:49:38: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\MExplorer.dll 
2012-07-26 14:49:38: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\NewUI.dll NEWUI.DLL
2012-07-26 14:49:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wininet.dll WININET.DLL
2012-07-26 14:49:44: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ieframe.dll IEFRAME.DLL
2012-07-26 14:49:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sfcfiles.dll SFCFILES.DLL
2012-07-26 14:49:46: Looking at \Device\HarddiskVolume2\WINDOWS\system32\advapi32.dll ADVAPI32.DLL
2012-07-26 14:49:46: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comdlg32.dll COMDLG32.DLL
2012-07-26 14:49:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\gdi32.dll GDI32
2012-07-26 14:49:47: Looking at \Device\HarddiskVolume2\WINDOWS\system32\imagehlp.dll IMAGEHLP.DLL
2012-07-26 14:49:48: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kernel32.dll KERNEL32
2012-07-26 14:49:48: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lz32.dll LZ32.DLL
2012-07-26 14:49:48: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ole32.dll OLE32.DLL
2012-07-26 14:49:49: ... Failed to identify driver 1B2BE5777F69A71778F52FFEE1C798D6, using metod 2...
2012-07-26 14:49:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oleaut32.dll 
2012-07-26 14:49:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olecli32.dll OLECLI32.DLL
2012-07-26 14:49:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olecnv32.dll OLECNV32.DLL
2012-07-26 14:49:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olesvr32.dll OLESVR32.DLL
2012-07-26 14:49:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olethk32.dll OLETHK32.DLL
2012-07-26 14:49:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rpcrt4.dll RPCRT4.DLL
2012-07-26 14:49:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shell32.dll SHELL32.DLL
2012-07-26 14:49:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\user32.dll USER32
2012-07-26 14:49:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\version.dll VERSION.DLL
2012-07-26 14:49:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wldap32.dll WLDAP32.DLL
2012-07-26 14:49:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comctl32.dll COMCTL32.DLL
2012-07-26 14:49:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shlwapi.dll SHLWAPI.DLL
2012-07-26 14:49:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcrt.dll MSVCRT.DLL
2012-07-26 14:49:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mpr.dll MPR.DLL
2012-07-26 14:49:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntvdm.exe NTVDM.EXE
2012-07-26 14:49:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wow32.dll WOW32.DLL
2012-07-26 14:49:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\secur32.dll SECURITY.DLL
2012-07-26 14:49:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\iertutil.dll IERTUTIL.DLL
2012-07-26 14:49:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\normaliz.dll NORMALIZ.DLL
2012-07-26 14:49:57: Looking at \Device\HarddiskVolume2\WINDOWS\system32\apphelp.dll APPHELP
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\userenv.dll USERENV.DLL
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\atapi.sys ATAPI.SYS
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wmilib.sys WMILIB.SYS
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\win32k.sys WIN32K.SYS
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\dxapi.sys DXAPI.SYS
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\watchdog.sys WATCHDOG.SYS
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\csrss.exe CSRSS.EXE
2012-07-26 14:49:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\csrsrv.dll CSRSRV.DLL
2012-07-26 14:49:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\basesrv.dll BASESRV
2012-07-26 14:49:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winsrv.dll WINSRV.DLL
2012-07-26 14:50:00: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgui.exe AVGUI.EXE
2012-07-26 14:50:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\dxg.sys DXG.SYS
2012-07-26 14:50:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\dxgthk.sys DXGTHK.SYS
2012-07-26 14:50:00: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgcfgx.dll AVGCFG.DLL
2012-07-26 14:50:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nv4_disp.dll NV4_DISP.DLL
2012-07-26 14:50:01: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgwd.dll AVGWD.DLL
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll MBAMNET.DLL
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\vga.dll VGA.DLL
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winlogon.exe WINLOGON.EXE
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\authz.dll AUTHZ.DLL
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\crypt32.dll CRYPT32.DLL
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msasn1.dll MSASN1.DLL
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nddeapi.dll NDDEAPI.DLL
2012-07-26 14:50:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\profmap.dll USERENV.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\Program Files\AVG Secure Search\vprot.exe VPROTECT.EXE
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netapi32.dll NETAPI32.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\psapi.dll PSAPI
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\regapi.dll REGAPI.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\setupapi.dll SETUPAPI.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winsta.dll WINSTA.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wintrust.dll WINTRUST.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ws2_32.dll WS2_32.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ws2help.dll WS2HELP.DLL
2012-07-26 14:50:03: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgtray.exe AVGTRAY.EXE
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\imm32.dll IMM32
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kbdus.dll KBDUS.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sfc.dll SFC.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasadhlp.dll RASADHLP.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmi.dll WMI.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msimg32.dll GDIEXT
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msidle.dll MSIDLE.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lsass.exe LSASS.EXE
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sensapi.dll SENSAPI.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dot3dlg.dll DOT3DLG.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\d3d8thk.dll D3D8THK.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tapiperf.dll TAPIPERF.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\serwvdrv.dll SERWVDRV.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\umdmxfrm.dll UMDMXFRM.DRV
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wtsapi32.dll WTSAPI32.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ehETW.dll EHETW.DLL
2012-07-26 14:50:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\svchost.exe SVCHOST.EXE
2012-07-26 14:50:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winrnr.dll WINRNR
2012-07-26 14:50:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lmhsvc.dll LMHSVC.DLL
2012-07-26 14:50:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ncobjapi.dll NCOBJAPI.DLL
2012-07-26 14:50:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dumprep.exe DUMPREP.EXE
2012-07-26 14:50:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptdll.dll CRYPTDLL.DLL
2012-07-26 14:50:06: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pschdprf.dll PSCHDPRF.DLL
2012-07-26 14:50:06: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eapolqec.dll EAPOLQEC.DLL
2012-07-26 14:50:06: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_730c3508\mfc90enu.dll MFC90ENU.DLL
2012-07-26 14:50:06: ... Failed to identify driver EA9EE60B408878E5F2012F9C783836DB, using metod 2...
2012-07-26 14:50:06: Looking at \Device\HarddiskVolume2\WINDOWS\AppPatch\acadproc.dll J%PRODUCTNAME
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rsvpperf.dll RSVPPERF.DLL
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msctfime.ime MSCTFIME.IME
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wshtcpip.dll WSHTCPIP.DLL
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ctfmon.exe CTFMON.EXE
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rtutils.dll RTUTILS.DLL
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dciman32.dll DCIMAN32
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dot3api.dll DOT3API.DLL
2012-07-26 14:50:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dimsntfy.dll DIMSNTFY.DLL
2012-07-26 14:50:08: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehTrace.dll EHTRACE.DLL
2012-07-26 14:50:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oleaccrc.dll OLEACCRC.DLL
2012-07-26 14:50:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msgina.dll MSGINA.DLL
2012-07-26 14:50:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\powrprof.dll POWRPROF.DLL
2012-07-26 14:50:08: ... Failed to identify driver 460218B454B01453DD68A6E24F787A34, using metod 2...
2012-07-26 14:50:08: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Plugins\Npavi32.dll 
2012-07-26 14:50:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\odbc32.dll ODBC32
2012-07-26 14:50:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\midimap.dll MIDIMAP.DLL
2012-07-26 14:50:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\linkinfo.dll LINKINFO.DLL
2012-07-26 14:50:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hid.dll HID.DLL
2012-07-26 14:50:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml3r.dll MSXML3R.DLL
2012-07-26 14:50:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msprivs.dll MSPRIV.DLL
2012-07-26 14:50:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sxs.dll SXS.DLL
2012-07-26 14:50:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\audiosrv.dll AUDIOSRV.DLL
2012-07-26 14:50:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\userinit.exe USERINIT.EXE
2012-07-26 14:50:10: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe HPHUPD08.EXE
2012-07-26 14:50:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cfgmgr32.dll CFGMGR32.DLL
2012-07-26 14:50:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rundll32.exe RUNDLL.EXE
2012-07-26 14:50:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rcimlby.exe RCIMLBY.EXE
2012-07-26 14:50:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wsock32.dll WSOCK32.DLL
2012-07-26 14:50:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eappprxy.dll EAPPPRXY.DLL
2012-07-26 14:50:10: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll ASPNET_PERF.DLL
2012-07-26 14:50:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfos.dll PERFOS.DLL
2012-07-26 14:50:11: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll COMCTL32.DLL
2012-07-26 14:50:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntdsapi.dll NTDSAPI.DLL
2012-07-26 14:50:11: ... Failed to identify driver 5A5CFF37F1BD0F86B9BDAAD7A9445882, using metod 2...
2012-07-26 14:50:11: Looking at \Device\HarddiskVolume2\WINDOWS\WindowsShell.Manifest 
2012-07-26 14:50:11: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll APPLEVERSIONS.DLL
2012-07-26 14:50:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\snmpapi.dll SNMPAPI.DLL
2012-07-26 14:50:11: ... Failed to identify driver FDEFD28F09D2B0445E0ACD09EF13145A, using metod 2...
2012-07-26 14:50:11: Looking at \Device\HarddiskVolume2\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.0.2\SiteSafety.dll 
2012-07-26 14:50:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\odbcint.dll ODBCINT
2012-07-26 14:50:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shsvcs.dll SHSVCS.DLL
2012-07-26 14:50:12: ... Failed to identify driver CC5A9DABD3B07E5E5FD83EDA70F65355, using metod 2...
2012-07-26 14:50:12: Looking at \Device\HarddiskVolume2\Program Files\Soulseek\uninstall.exe 
2012-07-26 14:50:12: ... Failed to identify driver 1F6D5C0327DD1DDF0A402567F6DF2678, using metod 2...
2012-07-26 14:50:12: Looking at \Device\HarddiskVolume2\Program Files\ffdshow\makeAVIS.exe 
2012-07-26 14:50:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sfc_os.dll SFC.DLL
2012-07-26 14:50:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\traffic.dll TRAFFIC.DLL
2012-07-26 14:50:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcrt40.dll MSVCRT40.DLL
2012-07-26 14:50:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfdisk.dll PERFDISK.DLL
2012-07-26 14:50:13: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\GrooveMonitor.exe GROOVEMONITOR.EXE
2012-07-26 14:50:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\services.exe SERVICES.EXE
2012-07-26 14:50:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wupdmgr.exe WUPDMGR.EXE
2012-07-26 14:50:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wdigest.dll WDIGEST.DLL
2012-07-26 14:50:14: Looking at \Device\HarddiskVolume2\hp\KBD\led.dll LED.DLL
2012-07-26 14:50:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\batmeter.dll BATMETER.DLL
2012-07-26 14:50:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shimeng.dll SHIMENGINEDLL(IAT)
2012-07-26 14:50:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcp60.dll MSVCP60.DLL
2012-07-26 14:50:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msisip.dll MSISIP.DLL
2012-07-26 14:50:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\scesrv.dll SCESRV
2012-07-26 14:50:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\lsasrv.dll LSASRV.DLL
2012-07-26 14:50:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\feclient.dll FECLIENT.DLL
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\umpnpmgr.dll UMPNPMGR.DLL
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dnsapi.dll DNSAPI
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eventlog.dll EVENTLOG.DLL
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\samlib.dll SAMLIB.DLL
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\samsrv.dll SAMSRV.DLL
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe BACKWEB-8876480.EXE
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\hp\KBD\msg.dll MSG.DLL
2012-07-26 14:50:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msacm32.dll MSFLTR32.ACM
2012-07-26 14:50:17: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ssdpapi.dll SSDPAPI.DLL
2012-07-26 14:50:17: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msapsspc.dll MSAPSSPC.DLL
2012-07-26 14:50:17: Looking at \Device\HarddiskVolume2\WINDOWS\system32\digest.dll DIGEST.DLL
2012-07-26 14:50:18: ... Failed to identify driver 310C15FD8358B2C4CD7A5B98A112883F, using metod 2...
2012-07-26 14:50:18: Looking at \Device\HarddiskVolume2\WINDOWS\AppPatch\acgenral.dll J%PRODUCTNAME
2012-07-26 14:50:18: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll LIBDISPATCH.DLL
2012-07-26 14:50:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winmm.dll WINMM.DLL
2012-07-26 14:50:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\utilman.exe UTILMAN.EXE
2012-07-26 14:50:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\uxtheme.dll UXTHEME.DLL
2012-07-26 14:50:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cabinet.dll CABINET.DLL
2012-07-26 14:50:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mslbui.dll MSLBUI.DLL
2012-07-26 14:50:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\atl.dll ATL.DLL
2012-07-26 14:50:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\vct3216.acm VCT3216.ACM
2012-07-26 14:50:19: Looking at \Device\HarddiskVolume2\WINDOWS\system32\newdev.dll NEWDEV.DLL
2012-07-26 14:50:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msv1_0.dll MSV1_0.DLL
2012-07-26 14:50:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\schannel.dll SCHANNEL.DLL
2012-07-26 14:50:20: Looking at \Device\HarddiskVolume2\hp\KBD\aol.dll AOL.DLL
2012-07-26 14:50:20: Looking at \Device\HarddiskVolume2\hp\KBD\url.dll URL.DLL
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msnsspc.dll MSNSSPC.DLL
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dmserver.dll DMSERVER.DLL
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\qutil.dll QUTIL.DLL
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kerberos.dll KERBEROS.DLL
2012-07-26 14:50:21: ... Failed to identify driver 5D76C3FB736514E1D7C88791E7322784, using metod 2...
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\WindowsLogon.manifest 
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\wldlog.dll WLDLOG.DLL
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\iphlpapi.dll IPHLPAPI.DLL
2012-07-26 14:50:21: ... Failed to identify driver 20E34114F58E511A9DB9EA8717DA7960, using metod 2...
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{23FE964A-853B-4176-86D7-9E18B5CA1FC0}\MCXM.exe 
2012-07-26 14:50:21: ... Failed to identify driver B4608FF185BDCFE13E91778FCDB49BDE, using metod 2...
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{23FE964A-853B-4176-86D7-9E18B5CA1FC0}\MCXNetTW.exe 
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mprapi.dll MPRAPI.DLL
2012-07-26 14:50:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netlogon.dll NETLOGON.DLL
2012-07-26 14:50:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\w32time.dll W32TIME.DLL
2012-07-26 14:50:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasman.dll RASMAN.DLL
2012-07-26 14:50:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shfolder.dll SHFOLDER.DLL
2012-07-26 14:50:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rsaenh.dll RSAENH.DLL
2012-07-26 14:50:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\odbcad32.exe ODBCAD32
2012-07-26 14:50:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spoolsv.exe SPOOLSV.EXE
2012-07-26 14:50:22: Looking at \Device\HarddiskVolume2\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe ACROSPEEDLAUNCH.EXE
2012-07-26 14:50:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winscard.dll WINSCARD.DLL
2012-07-26 14:50:23: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe APPLEMOBILEDEVICESERVICE.EXE
2012-07-26 14:50:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\atmfd.dll ATMFD.DLL
2012-07-26 14:50:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shgina.dll SHGINA.DLL
2012-07-26 14:50:23: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll PTHREADVC
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\hp\KBD\kbd.exe KBD.EXE
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msctf.dll MSCTF.DLL
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mbam.sys MBAM.SYS
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\scecli.dll SCECLI
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\IAdHide.dll IADHIDE.DLL
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\wldcore.dll WLDCORE.DLL
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntmarta.dll NTMARTA.DLL
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\IAdHide.dll IADHIDE.DLL
2012-07-26 14:50:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\inetmib1.dll INETMIB1.DLL
2012-07-26 14:50:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcirt.dll MSVCIRT.DLL
2012-07-26 14:50:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rpcss.dll RPCSS.DLL
2012-07-26 14:50:25: Looking at \Device\HarddiskVolume2\hp\KBD\PS2.dll PS2.DLL
2012-07-26 14:50:25: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehtray.exe EHTRAY.EXE
2012-07-26 14:50:25: Looking at \Device\HarddiskVolume2\hp\KBD\Onl.dll ONL.DLL
2012-07-26 14:50:25: Looking at \Device\HarddiskVolume2\Program Files\HP\HP Software Update\hpwuschd2.exe HPWUSCHD.EXE
2012-07-26 14:50:25: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\Program\Updates from HP.exe RUNNEREXE.EXE
2012-07-26 14:50:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hhsetup.dll HHSETUP.DLL
2012-07-26 14:50:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\logonui.exe LOGONUI.EXE
2012-07-26 14:50:26: Looking at \Device\HarddiskVolume2\hp\KBD\msikbdif.dll MSIKBDIF.DLL
2012-07-26 14:50:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\duser.dll DUSER.DLL
2012-07-26 14:50:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\raschap.dll RASCHAP.DLL
2012-07-26 14:50:27: ... Failed to identify driver 67F891406974C448826C8DEE51FFD097, using metod 2...
2012-07-26 14:50:27: Looking at \Device\HarddiskVolume2\Program Files\TVersity Codec Pack\uninst.exe 
2012-07-26 14:50:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oleacc.dll OLEACC.DLL
2012-07-26 14:50:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\narrator.exe NARRATOR.EXE
2012-07-26 14:50:27: Looking at \Device\HarddiskVolume2\Program Files\Windows Media Player\wmplayer.exe WMPLAYER.EXE
2012-07-26 14:50:28: Looking at \Device\HarddiskVolume2\hp\KBD\usb.dll USB.DLL
2012-07-26 14:50:28: Looking at \Device\HarddiskVolume2\Program Files\Outlook Express\wab.exe WAB.EXE
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\xpsp2res.dll XPSP2RES.DLL
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dfrgres.dll DFRGRES.DLL
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\BWfiles-8876480.dll RUNNER.DLL
2012-07-26 14:50:29: ... Failed to identify driver F137A0CA70003DB20448D540651FA003, using metod 2...
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\clbcatq.dll 
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\inetres.dll INETRES.DLL
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll RUNNER.DLL
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mmcshext.dll MMCSHEXT.DLL
2012-07-26 14:50:29: ... Failed to identify driver 1280A158C722FA95A80FB7AEBE78FA7D, using metod 2...
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comres.dll 
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\notepad.exe NOTEPAD.EXE
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cscdll.dll CSCDLL.DLL
2012-07-26 14:50:29: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wlnotify.dll WLNOTIFY.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mswsock.dll MSWSOCK.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\adsldpc.dll ADSLDPC
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hnetcfg.dll HNETCFG.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\Cpuinf32.dll CPUINF32.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\hp\KBD\sct.dll SCT.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll MDNSNSP.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wzcsapi.dll WZCSAPI.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\hh.exe HH.EXE
2012-07-26 14:50:30: ... Failed to identify driver 685A4913FEDBC781477E53509C735C7D, using metod 2...
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}\AppleSoftwareUpdateIco.exe 
2012-07-26 14:50:30: ... Failed to identify driver AA5E22854F56C68148EB3345DBD62970, using metod 2...
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\devenum.dll DEVENUM.DLL
2012-07-26 14:50:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\WudfSvc.dll WUDFSVC.DLL
2012-07-26 14:50:31: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dpcdll.dll DPCDLL.DLL
2012-07-26 14:50:31: Looking at \Device\HarddiskVolume2\WINDOWS\system32\WudfPlatform.dll WUDFPLATFORM.DLL
2012-07-26 14:50:31: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll ATL80.DLL
2012-07-26 14:50:31: Looking at \Device\HarddiskVolume2\WINDOWS\system32\actxprxy.dll ACTXPRXY.DLL
2012-07-26 14:50:31: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ndisuio.sys NDISUIO.SYS
2012-07-26 14:50:31: Looking at \Device\HarddiskVolume2\Program Files\Windows Media Player\wmpband.dll WMDBAND.DLL
2012-07-26 14:50:31: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dnsrslvr.dll DNSRSLVR.DLL
2012-07-26 14:50:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wzcsvc.dll WZCSVC.DLL
2012-07-26 14:50:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dhcpcsvc.dll DHCPCSVC.DLL
2012-07-26 14:50:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mydocs.dll MYDOCS.DLL
2012-07-26 14:50:32: Looking at \Device\HarddiskVolume2\WINDOWS\Resources\Themes\Luna\luna.msstyles LUNA.MST
2012-07-26 14:50:32: Looking at \Device\HarddiskVolume2\hp\KBD\cfg.dll CFG.DLL
2012-07-26 14:50:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winspool.drv WINSPOOL.DRV
2012-07-26 14:50:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\esent.dll ESENT.DLL
2012-07-26 14:50:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\WgaLogon.dll WGALOGON.DLL
2012-07-26 14:50:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\magnify.exe MAGNIFY.EXE
2012-07-26 14:50:33: Looking at \Device\HarddiskVolume2\Program Files\Winamp Detect\UninstWaDetect.exe INSTALLWADETECT.EXE
2012-07-26 14:50:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml3.dll MSXML3.DLL
2012-07-26 14:50:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvwddi.dll NVWDDI.DLL
2012-07-26 14:50:33: Looking at \Device\HarddiskVolume2\Program Files\Common Files\InstallShield\UpdateService\issch.exe ISSCH.EXE
2012-07-26 14:50:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\schedsvc.dll SCHEDSVC.DLL
2012-07-26 14:50:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wkssvc.dll WKSSVC.DLL
2012-07-26 14:50:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rastls.dll RASTLS.DLL
2012-07-26 14:50:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvmctray.dll NVMCTRAY.DLL
2012-07-26 14:50:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptui.dll CRYPTUI.DLL
2012-07-26 14:50:35: ... Failed to identify driver 5652F6CE1D9E9D8068B9D29BC21B5409, using metod 2...
2012-07-26 14:50:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olepro32.dll 
2012-07-26 14:50:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\activeds.dll ADS
2012-07-26 14:50:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\faultrep.dll FAULTREP.DLL
2012-07-26 14:50:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasapi32.dll RASAPI32.DLL
2012-07-26 14:50:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\eappcfg.dll EAPPCFG.DLL
2012-07-26 14:50:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tapi32.dll TAPI32.DLL
2012-07-26 14:50:36: ... Failed to identify driver 1AB7A039FB6BF7925664E8C2174E6937, using metod 2...
2012-07-26 14:50:36: Looking at \Device\HarddiskVolume2\Program Files\JDownloader\uninstall.exe 
2012-07-26 14:50:36: ... Failed to identify driver 80F7C5FB8154B0692858246635E3BCCC, using metod 2...
2012-07-26 14:50:36: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}\_4133E2E1194A_4F95_A469_129AA046AB80.exe 
2012-07-26 14:50:36: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptnet.dll CRYPTNET.DLL
2012-07-26 14:50:36: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v2.0.50727\CORPerfMonExt.dll CORPERFMONEXT.DLL
2012-07-26 14:50:36: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\ASL.dll ASL.DLL
2012-07-26 14:50:36: ... Failed to identify driver 14E31E306EE09F28EF637A8BD95CCFD0, using metod 2...
2012-07-26 14:50:36: Looking at \Device\HarddiskVolume2\Program Files\VS Revo Group\Revo Uninstaller\uninst.exe 
2012-07-26 14:50:37: Looking at \Device\HarddiskVolume2\WINDOWS\system32\riched20.dll RICHED20.DLL
2012-07-26 14:50:37: ... Failed to identify driver 4D3189DAB4A3AC3FF4B41CC5536571CD, using metod 2...
2012-07-26 14:50:37: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\clntutil.dll CLNTUTIL.DLL
2012-07-26 14:50:38: Looking at \Device\HarddiskVolume2\Program Files\DivX\DivX Update\DivXUpdateCheck.dll DIVXUPDATE.EXE
2012-07-26 14:50:38: Looking at \Device\HarddiskVolume2\Program Files\Windows NT\hypertrm.exe HYPERTRM.EXE
2012-07-26 14:50:38: Looking at \Device\HarddiskVolume2\WINDOWS\Resources\Themes\Royale\Royale.msstyles ROYALE.MST
2012-07-26 14:50:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\charmap.exe CHARMAP.EXE
2012-07-26 14:50:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cscui.dll CSCUI.DLL
2012-07-26 14:50:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cleanmgr.exe CLEANMGR.DLL
2012-07-26 14:50:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\mrxdav.sys MRXDAV.SYS
2012-07-26 14:50:39: Looking at \Device\HarddiskVolume2\WINDOWS\system32\webclnt.dll DAVSVC.DLL
2012-07-26 14:50:40: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe MSINFO32.EXE
2012-07-26 14:50:40: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ConfigWizards.exe CONFIGWIZARDS.EXE
2012-07-26 14:50:40: Looking at \Device\HarddiskVolume2\Program Files\Google\Update\GoogleUpdate.exe GOOGLEUPDATE.EXE
2012-07-26 14:50:40: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mscoree.dll MSCOREE.DLL
2012-07-26 14:50:40: Looking at \Device\HarddiskVolume2\WINDOWS\explorer.exe EXPLORER.EXE
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\objc.dll LIBOBJC.DLL
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wdmaud.drv WDMAUD.DRV
2012-07-26 14:50:41: ... Failed to identify driver 0F097E6EA2B20448AEE452A285A93EEC, using metod 2...
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\Program Files\MSN Gaming Zone\Windows\bckgzm.exe 2 PRODUCTNAME
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\wdmaud.sys WDMAUD.SYS
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\uxcalendar.dll UXCALENDAR.DLL
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\Program Files\Google\Update\1.3.21.115\goopdate.dll GOOPDATE.DLL
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\sysaudio.sys SYSAUDIO.SYS
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\splitter.sys SPLITTER.SYS
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\aec.sys AEC.SYS
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\browseui.dll BROWSEUI.DLL
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntshrui.dll NTSHRUI.DLL
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\swmidi.sys SWMIDI.SYS
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\dmusic.sys DMUSIC.SYS
2012-07-26 14:50:41: ... Failed to identify driver 930270EC019A03CA2F0DF97C660AF7FD, using metod 2...
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\Program Files\MSN Gaming Zone\Windows\chkrzm.exe 2 PRODUCTNAME
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\kmixer.sys KMIXER.SYS
2012-07-26 14:50:41: ... Failed to identify driver 73B8B5915E8EDB68AAFBADCEDB012F86, using metod 2...
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe 2 PRODUCTNAME
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\drmkaud.sys DRMKAUD.SYS
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll MSVCP80.DLL
2012-07-26 14:50:41: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msacm32.drv MSACM32.ACM
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shdocvw.dll SHDOCVW.DLL
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll MSVCR80.DLL
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mycomput.dll MYCOMPUT.DLL
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\avifil32.dll AVIFIL32.DLL
2012-07-26 14:50:42: ... Failed to identify driver F0B652C670BA295C8A25E28A04A4C979, using metod 2...
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe 2 PRODUCTNAME
2012-07-26 14:50:42: ... Failed to identify driver 8053FEB9502EE2261F192EEB57DA2E4A, using metod 2...
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\Program Files\MSN Gaming Zone\Windows\shvlzm.exe 2 PRODUCTNAME
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll APPLEMOBILEDEVICESERVICE_MAIN.DLL
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\advpack.dll ADVPACK.DLL
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cryptsvc.dll CRYPTSVC.DLL
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Logitech\QCDriver3\LVComS.exe LVCOMS.EXE
2012-07-26 14:50:42: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msi.dll MSI.DLL
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mobsync.exe MOBSYNC.EXE
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll COREFOUNDATION.DLL
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netevent.dll NETEVENT.DLL
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll ZLIB1.DLL
2012-07-26 14:50:43: ... Failed to identify driver 445C97B4F13D3CDE120CD0CB3B73B812, using metod 2...
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{184E7118-0295-43C4-B72C-1D54AA75AAF7}\wlmail.exe 
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wshext.dll WSHEXT.DLL
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll GROOVESHELLEXTENSIONS.DLL
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dbghelp.dll DBGHELP.DLL
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\WINDOWS\system32\calc.exe CALC.EXE
2012-07-26 14:50:43: Looking at \Device\HarddiskVolume2\Program Files\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll QUICKTIME.QTS
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe GOOGLEUPDATE.EXE
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\WINDOWS\system32\stobject.dll STOBJECT.DLL
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll ICUIN40.DLL
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mstask.dll MSTASK.DLL
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msoert2.dll MSOERT2.DLL
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\GrooveUtil.dll GROOVEUTIL.DLL
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oledlg.dll OLEDLG.DLL
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\GrooveNew.dll GROOVENEW.DLL
2012-07-26 14:50:44: Looking at \Device\HarddiskVolume2\Program Files\QuickTime\QTSystem\QuickTime.Resources\QuickTime.dll QUICKTIMERESOURCES
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wpdshserviceobj.dll WPDSHSERVICEOBJ.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqtao08.dll HPQTAO00.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml6r.dll MSXML6R.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\SetPointCOM.DLL SETPOINTCOM.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll ICUUC40.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\desk.cpl DESK.CPL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\onex.dll ONEX.DLL
2012-07-26 14:50:45: ... Failed to identify driver A12BAA38CE07B522671678500D035D40, using metod 2...
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll CLNTUTIL.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\themeui.dll THEMEUI.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\upnp.dll UPNP.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\kgame.dll KGAME.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\gamehook.dll GAMEHOOK.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll GROOVESYSTEMSERVICES.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sndrec32.exe SNDREC32.EXE
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cmd.exe CMD.EXE
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll LGSCROLL.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\KemXML.dll KEMWND.DLL
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehSched.exe EHSCHED.EXE
2012-07-26 14:50:45: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msimtf.dll MSIMTF.DLL
2012-07-26 14:50:46: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpquio08.dll HPQUIO00.DLL
2012-07-26 14:50:48: ... Failed to identify driver C0484E445BBF648E5709E95E07E26B92, using metod 2...
2012-07-26 14:50:48: Looking at \Device\HarddiskVolume2\Documents and Settings\HP_Administrator\Desktop\yorkyt.exe 
2012-07-26 14:50:48: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sndvol32.exe SNDVOL32.EXE
2012-07-26 14:50:48: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehdrop.dll MEDIACENTER.DROPTARGET
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemdisp.dll WBEMDISP.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvfw32.dll MSVFW32.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemprox.dll WBEMPROX.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spoolss.dll SPOOLSS.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemcomn.dll WBEMCOMN.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\sqmapi.dll SQMAPI.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmiutils.dll WMIUTILS.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\credui.dll CREDUI.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\localspl.dll LOCALSPL.DLL
2012-07-26 14:50:49: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cnbjmon.dll CNBJMON.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\HPTcpMon.dll TCPMON.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hpzjrd01.dll HPZJRD01.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\Program Files\iTunes\iTunesHelper.dll ITUNESHELPER.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\clusapi.dll CLUSAPI
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\KemUtil.dll KEMUTIL.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\HPTcpMUI.dll TCPMON.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll HPQCXM00.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\HPTcpMib.dll TCPMON.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mgmtapi.dll MGMTAPI.DLL
2012-07-26 14:50:50: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wsnmp32.dll WSNMP32.DLL
2012-07-26 14:50:50: ... Failed to identify driver 10226A19DBB65FE794B63CD7588F990E, using metod 2...
2012-07-26 14:50:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hpzll463.dll 
2012-07-26 14:50:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pjlmon.dll PJLMON.DLL
2012-07-26 14:50:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msonpmon.dll MSPCORE.DLL
2012-07-26 14:50:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tcpmon.dll TCPMON.DLL
2012-07-26 14:50:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\usbmon.dll DYNAMON.DLL
2012-07-26 14:50:51: ... Failed to identify driver AC30389F94784919E26E8237B65FB259, using metod 2...
2012-07-26 14:50:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp463.dll 
2012-07-26 14:50:51: ... Failed to identify driver D4991D98F2DB73C60D042F1AEF79EFAE, using metod 2...
2012-07-26 14:50:51: Looking at \Device\HarddiskVolume2\WINDOWS\system32\es.dll 
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll MSPCORE.DLL
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll PRINTFILTERPIPELINEPRXY.DLL
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll MSPCORE.DLL
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\win32spl.dll WIN32SPL.DLL
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netrap.dll NETRAP.DLL
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\moricons.dll MORICONS.DLL
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\WINDOWS\system32\inetpp.dll INETPP.DLL
2012-07-26 14:50:52: ... Failed to identify driver 30A086BA3520555B718E77763B1C52C0, using metod 2...
2012-07-26 14:50:52: Looking at \Device\HarddiskVolume2\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe 
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\portabledevicetypes.dll PORTABLEDEVICETYPES.DLL
2012-07-26 14:50:53: ... Failed to identify driver 6D3524291202796B119F7CD8610F4001, using metod 2...
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}\_E0E140477A2B_41B0_8B73_F6E08C8722A0.exe 
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\webcheck.dll WEBCHECK.DLL
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msutb.dll MSUTB.DLL
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\KemWnd.dll KEMWND.DLL
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mlang.dll MLANG.DLL
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\EN\ClientRc.dll BACKWEB.EXE
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe ISUSPM.EXE
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll ICUDT40.DLL
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netshell.dll NETSHELL.DLL
2012-07-26 14:50:53: Looking at \Device\HarddiskVolume2\Program Files\Application Updater\ApplicationUpdater.exe APPLICATIONUPDATER.EXE
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll ITUNESMOBILEDEVICE
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winhttp.dll WINHTTP.DLL
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\ASPI32.SYS ASPI32.SYS
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\avgidsshimx.sys IDSSHIM.SYS
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwfiles.dll BWFILES.DLL
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\upnpui.dll UPNPUI.DLL
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgwdsvc.exe AVGWDSVC.EXE
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\accwiz.exe ACCWIZ.EXE
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll CFNETWORK.DLL
2012-07-26 14:50:54: Looking at \Device\HarddiskVolume2\WINDOWS\system32\portabledeviceapi.dll PORTABLEDEVICEAPI.DLL
2012-07-26 14:50:55: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll MSVCR90.DLL
2012-07-26 14:50:55: Looking at \Device\HarddiskVolume2\hp\KBD\OSD.DLL OSD.DLL
2012-07-26 14:50:55: Looking at \Device\HarddiskVolume2\WINDOWS\system32\compatui.dll COMPATUI.DLL
2012-07-26 14:50:55: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll SQLITE3.DLL
2012-07-26 14:50:55: ... Failed to identify driver 116F572B831E3A5572D1D306516F9DE3, using metod 2...
2012-07-26 14:50:55: Looking at \Device\HarddiskVolume2\WINDOWS\Installer\{1B343C8C-F170-4829-8481-E163317C5830}\iTunesIco.exe 
2012-07-26 14:50:55: Looking at \Device\HarddiskVolume2\Program Files\Microsoft\BingBar\BBSvc.EXE BBSVC.EXE
2012-07-26 14:50:55: ... Failed to identify driver 3860B249BF5AF7B28D11F2731FCF6088, using metod 2...
2012-07-26 14:50:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nwiz.exe NWIZ.EXE
2012-07-26 14:50:56: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Mobile Device Support\ssleay32.dll SSLEAY32.DLL
2012-07-26 14:50:56: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\OLMAPI32.DLL MAPI32.DLL
2012-07-26 14:50:56: Looking at \Device\HarddiskVolume2\WINDOWS\KHALMNPR.Exe KHALMNPR.EXE
2012-07-26 14:50:56: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvapi.dll NVAPI.DLL
2012-07-26 14:50:57: Looking at \Device\HarddiskVolume2\Program Files\Microsoft\BingBar\SeaPort.EXE SEAPORT.EXE
2012-07-26 14:50:57: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Mobile Device Support\libeay32.dll LIBEAY32.DLL
2012-07-26 14:50:57: Looking at \Device\HarddiskVolume2\Program Files\QuickTime\QTTask.exe QTTASK.EXE
2012-07-26 14:50:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvcpl.dll NVCPL.DLL
2012-07-26 14:50:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvcpl.dll NVCPL.DLL
2012-07-26 14:50:58: Looking at \Device\HarddiskVolume2\Program Files\Common Files\InstallShield\UpdateService\_ispmres.dll _ISPMRES.DLL
2012-07-26 14:50:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\osk.exe OSK.EXE
2012-07-26 14:50:58: ... Failed to identify driver 0163375AEACBAE85FDFCB530B1AF3AD2, using metod 2...
2012-07-26 14:50:58: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nview.dll NVIEW.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\els.dll ELS.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgclitx.dll AVGCLIT.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\iTunes\iTunesHelper.exe ITUNESHELPER.EXE
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\Common Files\InstallShield\UpdateService\agent.exe AGENT.EXE
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll ITUNESHELPER.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll ITUNESHELPERLOCALIZED.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\QuickTime\QTSystem\QTCF.dll QTCF.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll NPQTPLUGIN.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msxml6.dll MSXML6.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgidpsdkx.dll AVGIDPSDKX.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\DivX\DivX Update\DivXUpdate.exe DIVXUPDATE.EXE
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll NPQTPLUGIN.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Java\Java Update\jusched.exe JUSCHED.EXE
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcp90.dll MSVCP90.DLL
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\Bonjour\mDNSResponder.exe MDNSRESPONDER.EXE
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tourstart.exe TOURSTART.EXE
2012-07-26 14:50:59: Looking at \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe MBAMGUI.EXE
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\d3d9.dll D3D9.DLL
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe ADOBEUPDATEMANAGER.EXE
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbam.dll MBAM.DLL
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\Program Files\Windows NT\Accessories\wordpad.exe WORDPAD
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\PCCompanion.exe PCCOMPANION.EXE
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgwdwsc.dll AVGWDWSC.DLL
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\WINDOWS\system32\certcli.dll CERTCLI
2012-07-26 14:51:00: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehrecvr.exe EHRECVR.EXE
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\liveNatTrav.dll LIVENATTRAV.DLL
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL MSOXMLMF.DLL
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\NewUI.dll NEWUI.DLL
2012-07-26 14:51:01: ... Failed to identify driver EC573966BC92374C833F392895DF1570, using metod 2...
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\WINDOWS\system32\keystone.exe KEYSTONE.EXE
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\Program Files\Rogers\Update Manager\UpdateManager.exe UPDATEMANAGER.EXE
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgnsx.exe AVGNS.EXE
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\backweb.dll BACKWEB.EXE
2012-07-26 14:51:01: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_028bc148\mfc90u.dll MFC90U.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL MSO.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\bwsec.dll BWSEC.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\JDownloader\JDownloader.exe JDOWNLOADER.EXE
2012-07-26 14:51:02: ... Failed to identify driver C5FDCB15546C266A04E6E3BD9E485946, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\local.conf 
2012-07-26 14:51:02: ... Failed to identify driver 529584EC24AB8643D97E43EB2C0BFA6F, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\custom.conf 
2012-07-26 14:51:02: ... Failed to identify driver 42312FAD55E0C73EB6681441BE7C1EA2, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\manifest.conf 
2012-07-26 14:51:02: ... Failed to identify driver BE0FFF196D4F7F718595099FB2D59BA9, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\database.conf 
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll GDIPLUS
2012-07-26 14:51:02: ... Failed to identify driver 9CAF0F71DB072512197D4878F5584751, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\build.conf 
2012-07-26 14:51:02: ... Failed to identify driver 0B33F3F974CA9BF1C11C78F386A481CE, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\news.conf 
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netmsg.dll NETMSG.DLL
2012-07-26 14:51:02: ... Failed to identify driver C634AFCB0EA281F43DC007BFD8999418, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Configuration\config.conf 
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mfc42.dll MFC42.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\bvrpctln.dll BVRPCTLN.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\WINDOWS\ime\sptip.dll SPTIP.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgcorex.dll CORESDK.DLL
2012-07-26 14:51:02: ... Failed to identify driver C2FB4CC314A45CD8D8A1A1FA0B2F5896, using metod 2...
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll 
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll TOOLBAR.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll NPQTPLUGIN.DLL
2012-07-26 14:51:02: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgcclix.dll AVGCCLI.DLL
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgcsrvx.exe AVGCSRV.DLL
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ersvc.dll ERSVC.DLL
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll NPQTPLUGIN.DLL
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgemcx.exe AVGEMC.EXE
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\Program Files\QuickTime\QTSystem\QuickTime.qts QUICKTIME.QTS
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgcertx.dll AVGCERT.DLL
2012-07-26 14:51:03: ... Failed to identify driver 926AFC4848FF3297BB264333BF51E21F, using metod 2...
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sbe.dll SBE.DLL
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll NPQTPLUGIN.DLL
2012-07-26 14:51:03: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehRec.exe EHREC.EXE
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\Google\Update\1.3.21.115\goopdateres_en.dll GOOPDATERES_EN.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgchclx.dll AVGCHCL.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll PCHSVC.DLL
2012-07-26 14:51:04: ... Failed to identify driver 8D069E28B1C2DC1EBD95466FBACB114D, using metod 2...
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe 
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\http.sys HTTP.SYS
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\usmt\migwiz.exe MIGWIZ.EXE
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hidserv.dll HIDSERV.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dsound.dll DSOUND.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgntsqlitex.dll AVGNTSQLITE.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\Rogers\SelfHealing\SHS.exe SHS.EXE
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avglngx.dll AVGLNG.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\w3ssl.dll W3SSL.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\Java\jre6\bin\jqs.exe JQS.EXE
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\WINDOWS\system32\strmfilt.dll STREAMFILT.DLL
2012-07-26 14:51:04: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll NPQTPLUGIN.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\httpapi.dll HTTPAPI.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgsched.dll AVGSCHED.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvidctl.dll MSVIDCTL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\Program Files\Java\jre6\bin\msvcr71.dll MSVCR71.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\PLUGINS\npqtplugin7.dll NPQTPLUGIN.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ddraw.dll DDRAW.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\Device.dll DEVICE.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pdh.dll PDH.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\GrooveMisc.dll GROOVEMISC.DLL
2012-07-26 14:51:05: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqtra08.exe HPQTRA00.EXE
2012-07-26 14:51:05: ... Failed to identify driver 64B33CC5BF131DEF2721394CF9B3F8ED, using metod 2...
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvbvm60.dll 
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll MSCORWKS.DLL
2012-07-26 14:51:06: ... Failed to identify driver 8C437C7A473FA6147FC62D61E395F780, using metod 2...
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\MExplorer.dll 
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\WINDOWS\system32\odbcbcp.dll ODBCBCP
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\kemutb.dll KEMUTB.DLL
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll MSVCR71.DLL
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\WUNPACLN.dll WUNPACLN.DLL
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll FUSION.DLL
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\EN\ClientRc.dll BACKWEB.EXE
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqmif08.dll HPQMIF00.DLL
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll XAPAUTHENTICODESIP.DLL
2012-07-26 14:51:06: ... Failed to identify driver 34FFB6ABA2DA398BB33422E1E9275BA9, using metod 2...
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\WINDOWS\system32\quartz.dll QUARTZ.DLL
2012-07-26 14:51:06: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll ITUNESMOBILEDEVICE
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvdisps.dll NVDISPS.DLL
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MSVCP71.DLL MSVCP71.DLL
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgabout.dll AVGABOUT.DLL
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\PCCompanion.dll PCCOMPANION.DLL
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MSVCR71.DLL MSVCR71.DLL
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe LDMCONF.EXE
2012-07-26 14:51:07: ... Failed to identify driver 460218B454B01453DD68A6E24F787A34, using metod 2...
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Plugins\Npavi32.dll 
2012-07-26 14:51:07: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netman.dll NETMAN.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\SetPoint.exe SETPOINT.EXE
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mslbui.dll MSLBUI.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\Program\Updates from HP.exe RUNNEREXE.EXE
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\ONENOTEM.EXE ONENOTEM.EXE
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\IAdHide.dll IADHIDE.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MFC71u.dll MFC71U.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\IAdHide.dll IADHIDE.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mspaint.exe MSPAINT.EXE
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\PluginManager.dll PLUGINMANAGER.DLL
2012-07-26 14:51:08: ... Failed to identify driver AA5E22854F56C68148EB3345DBD62970, using metod 2...
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\devenum.dll DEVENUM.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Documents and Settings\HP_Administrator\Local Settings\temp\IadHide5.dll IADHIDE.DLL
2012-07-26 14:51:08: ... Failed to identify driver D25C03D04159D462D69F294BA7142BDB, using metod 2...
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msdmo.dll MSDMO.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hnetwiz.dll HNETWIZ.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\backweb.dll BACKWEB.EXE
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avguires.dll AVGUIRES.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\srvsvc.dll SRVSVC.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Common Files\LightScribe\LSSrvc.exe LSSRVC.EXE
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\inetmib1.dll INETMIB1.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll BWSEC.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Common Files\LightScribe\LSSProxy.dll LSSPROXY.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\Program Files\Common Files\LightScribe\LSLog.dll LSLOG.DLL
2012-07-26 14:51:08: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\srv.sys SRV.SYS
2012-07-26 14:51:08: ... Failed to identify driver 088FF293223D5EFCB1EBF366915A7678, using metod 2...
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvwimg.dll NVIEWIMG.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\msgslang.14.0.8117.0416.dll MSGSLANG.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe MBAMSERVICE.EXE
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgidpmx.dll AVGIDPMX.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MFC71ENU.DLL MFC71ENU.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\vvpltfrm.dll VVPLTFRM.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\BWDocMapExt-8876480.dll RUNNER.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll MSCORLIB.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\shfolder.dll SHFOLDER.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc HPQTRA00.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWDocMapExt.dll BWDOCMAPEXT.DLL
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\WINDOWS\system32\usp10.dll UNISCRIBE
2012-07-26 14:51:09: Looking at \Device\HarddiskVolume2\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll MBAMCORE.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\Macros\MacroCore.dll MACROCORE.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\atl71.dll ATL71.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\Cpuinf32.dll CPUINF32.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Microsoft Office\Office12\MSOHEVI.DLL MSOHEVI.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll RUNNER.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwfiles.dll BWFILES.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE MDM.EXE
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msapsspc.dll MSAPSSPC.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Logitech\KHAL\KHALAPI.DLL KHALAPI.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcrt40.dll MSVCRT40.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL PDM.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvsvc32.exe NVSVC32.EXE
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE KHALMNPR.EXE
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wzcsapi.dll WZCSAPI.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msdbg2.dll MSDBG2.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\digest.dll DIGEST.DLL
2012-07-26 14:51:10: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ipsecsvc.dll IPSECSVC.DLL
2012-07-26 14:51:10: ... Failed to identify driver 071DEABD8EE431CE0FC53624D7A45F57, using metod 2...
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2c950e4b\mscorlib.dll 
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\Unload\hpiCamTA.dll TRAYAPPPLUGIN.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msnsspc.dll MSNSSPC.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL MSDBG.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\Program Files\Rogers\SelfHealing\RogersListBar.ocx ROGERSLISTBAR.OCX
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oakley.dll OAKLEY.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\RMSvc.exe RMSVC.EXE
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winipsec.dll WINIPSEC.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\regsvc.dll REGSVC.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\Program Files\Rogers\SelfHealing\RogersTimer.dll ROGERSTIMER.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pstorsvc.dll PROTECTEDSTORAGESERVER
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\perfctrs.dll PERFCTRS.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\secdrv.sys SECDRV.SYS
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Logitech\KHAL\KHALITCH.DLL KHALITCH.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\psbase.dll PSBASE.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\Program Files\Internet Explorer\iexplore.exe IEXPLORE.EXE
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dssenh.dll DSSENH.DLL
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\WINDOWS\system32\seclogon.dll SECLOGON.EXE
2012-07-26 14:51:11: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Logitech\KHAL\KHALMW.DLL KHALMW.DLL
2012-07-26 14:51:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ssdpsrv.dll SSDPSRV.DLL
2012-07-26 14:51:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MFC71.DLL MFC71.DLL
2012-07-26 14:51:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\trkwks.dll TRKWKS.DLL
2012-07-26 14:51:12: ... Failed to identify driver 460218B454B01453DD68A6E24F787A34, using metod 2...
2012-07-26 14:51:12: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Plugins\Npavi32.dll 
2012-07-26 14:51:12: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe ULCDRSVR.EXE
2012-07-26 14:51:12: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wiaservc.dll WIASERVC.DLL
2012-07-26 14:51:12: Looking at \Device\HarddiskVolume2\Program Files\Common Files\Logitech\KHAL\KHALHPP.DLL KHALHPP.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\srsvc.dll SERVICE.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mscms.dll MSCMS.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll MSCORSN.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\PresenceIM.dll PRESENCEIM.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\sens.dll SENS.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\Unload\hpqunres.dll HPQUNRES.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe TOOLBARU.EXE
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpotradd.dll HPQTRADD.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\MSCOMCTL.OCX MSCOMCTL.OCX
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\Restore\rstrui.exe RSTRUI.EXE
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\Program\frext-9972322.dll RUNNER.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hphtra08.dll HPHTRA08.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll EHEPG.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\avgidsfilterx.sys IDSFILTER.SYS
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrExt.dll FREXT.DLL
2012-07-26 14:51:13: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuauserv.dll WUAUSERV.DLL
2012-07-26 14:51:14: ... Failed to identify driver 69EE0CB3B05F619EFF7E46F978BBFEEA, using metod 2...
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\asycfilt.dll 
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mshtml.dll MSHTML.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\McrdSvc.exe MCRDSVC.EXE
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msls31.dll MSLS31.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\filemgmt.dll FILEMGMT.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\Program\HPClientExt.dll BWCLIENTEXT.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ptpusd.dll PTPUSD.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpotra08.dll HPOTRA00.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\avgidsdriverx.sys IDSDRIVER.SYS
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\system32\upnphost.dll UNPNHOST.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\Program\NewProbe.exe NEWPROBE.EXE
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpotra08.rsc HPOTRA00.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\Program\frcom-9972322.dll RUNNER.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll MSCORJIT.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\FrCom.dll FRCOM.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\RMCtl.dll RMCTL.DLL
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\SetPointUpdate.exe SETPOINTUPDATE.EXE
2012-07-26 14:51:14: Looking at \Device\HarddiskVolume2\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\EN\frcomRc.dll FRCOM.DLL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuaueng.dll WUAUENG.DLL
2012-07-26 14:51:15: ... Failed to identify driver 5652F6CE1D9E9D8068B9D29BC21B5409, using metod 2...
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\olepro32.dll 
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll EHCIR.DLL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mspatcha.dll MSPATCHA.DLL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll EHRECOBJ.DLL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\Program Files\DivX\DivX Control Panel\DivXControlPanelLauncher.exe DIVXCONTROLPANEL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmisvc.dll WMISVC.DLL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\regsvr32.exe REGSVR32.EXE
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll EHEPGDAT.DLL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgidsagent.exe AVGIDSAGENT.EXE
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\system32\vssapi.dll VSSAPI.DLL
2012-07-26 14:51:15: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll EHIPROXY.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wiaacmgr.exe WIAACMGR.EXE
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\browser.dll BROWSER.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\LiteInstActivator.dll LITEINSTACTIVATOR.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\LCabHandler.dll LCABHANDLER.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\SetPointCOMMM9.DLL SETPOINTCOMMM9.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\SetPointCOMWMP9.DLL SETPOINTCOMWMP9.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\bwscriptext-8876480.dll RUNNER.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msrating.dll MSRATING.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqrif08.dll HPQRIF00.DLL
2012-07-26 14:51:16: ... Failed to identify driver ED0C0DF222209E43AD9AFBF3FE87DDE0, using metod 2...
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\comsvcs.dll 
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\BWScriptExt.dll BWCLIENTEXT.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\Logitech\SetPoint\KEMHook.dll KEMHOOK.DLL
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\DAEMON Tools Pro\DTProAgent.exe DTPROAGENT.EXE
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll SYSTEM.DLL
2012-07-26 14:51:16: ... Failed to identify driver 690D97864735E8ECD87F55777E266690, using metod 2...
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\WINDOWS\system32\colbact.dll 
2012-07-26 14:51:16: Looking at \Device\HarddiskVolume2\Program Files\AVG\AVG2012\avgopensslx.dll AVGNTOPENSSL.DLL
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hphtra09.dll HPHTRA09.DLL
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\uxcontacts.dll UXCONTACTS.DLL
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\WINDOWS\system32\vbscript.dll VBSCRIPT.DLL
2012-07-26 14:51:17: ... Failed to identify driver 36795A645EAA47FE31D2A8F136A2C69B, using metod 2...
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mtxclu.dll 
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll EHCM.DLL
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpocxi08.dll HPOCXI00.DLL
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\livetransport.dll LIVETRANSPORT.DLL
2012-07-26 14:51:17: ... Failed to identify driver 6C976DDE2B7F8E9A42ECCBA8425A7F1F, using metod 2...
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_06201a35\System.dll 
2012-07-26 14:51:17: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqcob08.dll HPOCOB00.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\resutils.dll RESUTILS
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\scrrun.dll SCRRUN.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\winbrand.dll WINBRAND.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wups.dll WUPS.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpodio08.dll HPODIO00.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll DIASYMREADER.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wshom.ocx WSHOM.OCX
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wups2.dll WUPS2.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehui.dll EHUI.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\Program Files\Windows Media Player\wmpnetwk.exe WMPNETWK.EXE
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ipnathlp.dll IPNATHLP.DLL
2012-07-26 14:51:18: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\Unload\hpnkhTA.dll TRAYAPPPLUGIN.DLL
2012-07-26 14:51:20: Looking at \Device\HarddiskVolume2\Program Files\uTorrent\uTorrent.exe UTORRENT.EXE
2012-07-26 14:51:20: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\SyncExt.dll SYNCEXT.DLL
2012-07-26 14:51:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmpmde.dll WMPMDE.DLL
2012-07-26 14:51:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msftedit.dll MSFTEDIT.DLL
2012-07-26 14:51:20: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuauclt.exe WUAUCLT.EXE
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wsecedit.dll WSECEDIT.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\Program Files\Logitech\Desktop Messenger\8876480\Program\LogiLdmW.dll LOGILDMW.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mfplat.dll MFPLAT.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ehETW.dll EHETW.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehdebug.dll EHDEBUG.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\HpqUtil.dll HPQUTIL.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll MSCORRC.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpodvd09.dll HPODVD09.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll SYSTEM.XML.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mstsc.exe MSTSC.EXE
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll HPODDCOMM09.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wscsvc.dll WSCSVC.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqste08.exe HPQSTS00.EXE
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll HPQMFC00.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqtap08.dll HPQTAP08.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemcore.dll WBEMCORE.DLL
2012-07-26 14:51:21: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\esscli.dll ESSCLI.DLL
2012-07-26 14:51:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmp.dll WMP.DLL
2012-07-26 14:51:22: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqusg.dll HPQUSG.DLL
2012-07-26 14:51:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\fastprox.dll FASTPROX.DLL
2012-07-26 14:51:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\HPZipr12.dll PMLRTL.DLL
2012-07-26 14:51:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemsvc.dll WBEMSVC.DLL
2012-07-26 14:51:22: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\repdrvfs.dll REPDRVFS.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmploc.dll WMPLOC.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmiprvsd.dll WMIPRVSD.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemess.dll WBEMESS.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqste08.rsc HPQSTE00.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wuapi.dll WUAPI.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmpps.dll WMPPS.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\ncprov.dll NCOBJAPI.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmdrmdev.dll WMDRMNET.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wbemcons.dll WBEMCONS
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqdirec.exe HPQDIREC.EXE
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drmv2clt.dll DRMV2CLT.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqsti08.dll HPQSTS00.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqstp08.dll HPQSTP00.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\termsrv.dll TERMSRV.EXE
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqstv08.dll HPQSTV00.DLL
2012-07-26 14:51:23: Looking at \Device\HarddiskVolume2\WINDOWS\system32\icaapi.dll ICAAPI.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\DRM\Cache\Indiv01.key INDIVIDUALIZEDBLACKBOXDLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\mstlsapi.dll MSTLSAPI.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmdrmnet.dll WMDRMNET.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc HPQSEM0800.RSC
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\WMVCore.dll WMVCORE.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wmasf.dll WMASF.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\tapisrv.dll TAPISRV.EXE
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drprov.dll DRPROV.DLL
2012-07-26 14:51:24: ... Failed to identify driver EC573966BC92374C833F392895DF1570, using metod 2...
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\keystone.exe KEYSTONE.EXE
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasmans.dll RASMANS.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\Program Files\iPod\bin\iPodService.exe IPODSERVICE.EXE
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvcpl.dll NVCPL.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rdpwsx.dll RDPWSX.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntlanman.dll NTLANMAN.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netcfgx.dll NETCFGX.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netui0.dll NETUI0.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\oleacc.dll OLEACC.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\netui1.dll NETUI1.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rastapi.dll RASTAPI.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\davclnt.dll DAVCLNT.DLL
2012-07-26 14:51:24: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\tdtcp.sys TDTCP.SYS
2012-07-26 14:51:24: ... Failed to identify driver 3860B249BF5AF7B28D11F2731FCF6088, using metod 2...
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nwiz.exe NWIZ.EXE
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\rdpwd.sys RDPWD.SYS
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmiprvse.exe WMIPRVSE.EXE
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\unimdm.tsp UNIMDM.TSP
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\uniplat.dll UNIPLAT.DLL
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\Program Files\Winamp\winamp.exe WINAMP.EXE
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\kmddsp.tsp KMDDSP.TSP
2012-07-26 14:51:25: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ndptsp.tsp NDPROXY.TSP
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ipconf.tsp IPCONF.TSP
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\h323.tsp H323.TSP
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\hidphone.tsp HIDPHONE.TSP
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasppp.dll RASPPP.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\cimwin32.dll CIMWIN32.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntlsapi.dll NTLSAPI.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvdisps.dll NVDISPS.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\framedyn.dll FRAMEDYN.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\HPZipm12.exe PMLDRV.EXE
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\Program Files\iPod\bin\iPodService.Resources\iPodService.dll IPODSERVICE.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wscntfy.exe WSCNTFY.EXE
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll IPODSERVICELOCALIZED.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasqec.dll RASQEC.DLL
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\Program Files\DAEMON Tools Pro\uninst.exe DAEMONSETUP4.35.0308.0131.EXE
2012-07-26 14:51:26: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\kmixer.sys KMIXER.SYS
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\crm\hpqcrmcm.dll ATLCRM.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msapsspc.dll MSAPSSPC.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\alg.exe ALG.EXE
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\rasdlg.dll RASDLG.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msvcrt40.dll MSVCRT40.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll XMLPARSE.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\digest.dll DIGEST.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehmsas.exe EHMSAS.EXE
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msnsspc.dll MSNSSPC.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll XMLTOK.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\Program Files\Soulseek\slsk.exe UI4.EXE
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\unicows.dll UNICOWS.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\net.exe NET.EXE
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\avicap32.dll AVICAP32.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\fpalsu.dll FPALSU.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\Program Files\HP\Digital Imaging\bin\dbghelp.dll DBGHELP.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\d3d9.dll D3D9.DLL
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\system32\net1.exe NET1.EXE
2012-07-26 14:51:27: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehProxy.dll EHPROXY.DLL
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe DIVXPLAYER.EXE
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehRec.exe EHREC.EXE
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ehETW.dll EHETW.DLL
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\DownloadManager.dll DOWNLOADMANAGER.DLL
2012-07-26 14:51:28: ... Failed to identify driver 1C5FD297C8738EF90E7D91D91522BAF3, using metod 2...
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\Program Files\WinRAR\WinRAR.exe WINRAR.EXE
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll MSCORWKS.DLL
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\WINDOWS\system32\icmp.dll ICMP.DLL
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll MSVCR71.DLL
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll FUSION.DLL
2012-07-26 14:51:28: ... Failed to identify driver 088FF293223D5EFCB1EBF366915A7678, using metod 2...
2012-07-26 14:51:28: Looking at \Device\HarddiskVolume2\WINDOWS\system32\nvwimg.dll NVIEWIMG.DLL
2012-07-26 14:51:29: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehres.dll EHRES.DLL
2012-07-26 14:51:29: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\CrashDump.dll CRASHDUMP.DLL
2012-07-26 14:51:29: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll MSCORLIB.DLL
2012-07-26 14:51:29: ... Failed to identify driver 071DEABD8EE431CE0FC53624D7A45F57, using metod 2...
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_2c950e4b\mscorlib.dll 
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\Program Files\Sony\Sony PC Companion\Statistics.dll STATISTICS.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll MSCORSN.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll EHEPG.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll MSCORJIT.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehCIR\6.0.3000.0__31bf3856ad364e35\ehCIR.dll EHCIR.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehepgdat\6.0.3000.0__31bf3856ad364e35\ehepgdat.dll EHEPGDAT.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehRecObj\6.0.3000.0__31bf3856ad364e35\ehRecObj.dll EHRECOBJ.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\system32\jscript.dll JSCRIPT.DLL
2012-07-26 14:51:30: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ehiProxy\6.0.3000.0__31bf3856ad364e35\ehiProxy.dll EHIPROXY.DLL
2012-07-26 14:51:32: ... Failed to identify driver FC1916F8DB79667B14058D113F92EF9B, using metod 2...
2012-07-26 14:51:32: Looking at \Device\HarddiskVolume2\Program Files\MagicISO\MagicISO.exe 
2012-07-26 14:51:32: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll SYSTEM.DLL
2012-07-26 14:51:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\imgutil.dll IMGUTIL.DLL
2012-07-26 14:51:32: Looking at \Device\HarddiskVolume2\WINDOWS\system32\pngfilt.dll PNGFILT.DLL
2012-07-26 14:51:32: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\EhCM.dll EHCM.DLL
2012-07-26 14:51:32: ... Failed to identify driver 6C976DDE2B7F8E9A42ECCBA8425A7F1F, using metod 2...
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_06201a35\System.dll 
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll GDIPLUS
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\diasymreader.dll DIASYMREADER.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehui.dll EHUI.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\msidcrl40.dll MSIDCRL.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\msftedit.dll MSFTEDIT.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\system32\inetcomm.dll INETCOMM.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehdebug.dll EHDEBUG.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\Help\SBSI\Training\orun32.exe ORUN32.EXE
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll MSCORRC.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\System.Xml\1.0.5000.0__b77a5c561934e089\System.XML.dll SYSTEM.XML.DLL
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\custsat.dll CUSTSAT.DLL
2012-07-26 14:51:33: ... Failed to identify driver 29A6F26217EFA5E6948E8D8FFBF117C8, using metod 2...
2012-07-26 14:51:33: Looking at \Device\HarddiskVolume2\Program Files\ffdshow\unins000.exe SHFOLDER.DLL
2012-07-26 14:51:33: ... Failed to identify driver 8FFA6F8181B45EE44AE1349D2F7F9AFD, using metod 2...
2012-07-26 14:51:34: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_64ab630b\System.Xml.dll 
2012-07-26 14:51:34: Looking at \Device\HarddiskVolume2\WINDOWS\system32\ntbackup.exe NTBACKUP.EXE
2012-07-26 14:51:34: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\BDATunePIA\6.0.3000.0__31bf3856ad364e35\bdatunepia.dll BDATUNEPIA.DLL
2012-07-26 14:51:34: ... Failed to identify driver B632D45D680EF08E657062A375556574, using metod 2...
2012-07-26 14:51:34: Looking at \Device\HarddiskVolume2\Documents and Settings\All Users\Application Data\U3\U3Launcher\LaunchU3.exe ORIGINALFILENAME
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\System.Data\1.0.5000.0__b77a5c561934e089\System.Data.dll SYSTEM.DATA.DLL
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll SYSTEM.ENTERPRISESERVICES.DLL
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll SYSTEM.ENTERPRISESERVICES.THUNK.DLL
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\dllhost.exe DLLHOST.EXE
2012-07-26 14:51:35: ... Failed to identify driver 17E0CF9C8CBB717D05948656BCD86EFA, using metod 2...
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\system32\txflog.dll 
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\sqldb20.dll SQLDB20.DLL
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\sqlse20.dll SQLSE20.DLL
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\sqlqp20.dll SQLQP20.DLL
2012-07-26 14:51:35: Looking at \Device\HarddiskVolume2\Program Files\VS Revo Group\Revo Uninstaller\revouninstaller.exe REVOUNINSTALLER.EXE
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\Program Files\StreamTorrent 1.0\StreamTorrent.exe STREAMTORRENT.EXE
2012-07-26 14:51:36: ... Failed to identify driver D8555A09D5862497F4156E9E4CCC808B, using metod 2...
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\WINDOWS\Temp\yt\run.bat 
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\WINDOWS\system32\cmd.exe CMD.EXE
2012-07-26 14:51:36: ... Failed to identify driver 2CD77B980B2CC3D655589A2E315AAB57, using metod 2...
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\WINDOWS\Temp\yt\nemesiscmd.exe 
2012-07-26 14:51:36: ... Failed to identify driver 459A04CCA068CAB8799C2F84068C222D, using metod 2...
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\WINDOWS\Temp\yt\PRSBLib.dll 
2012-07-26 14:51:36: ... Failed to identify driver B3C157A66ECDBCD3570E2DA139225589, using metod 2...
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\WINDOWS\system32\drivers\PRSBDrvr.sys 
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\Program Files\Sun\OpenOffice.org Installer 1.0\ooostub.exe OOOSTUB.EXE
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\WINDOWS\system32\wbem\wmipcima.dll WMIPCIMA.DLL
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\uxcore.dll UXCORE.DLL
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\Program Files\DAEMON Tools Pro\DTProImgEditor.exe DTPROIMGEDITOR.EXE
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\WINDOWS\ehome\ehshell.exe EHSHELL.EXE
2012-07-26 14:51:36: Looking at \Device\HarddiskVolume2\Program Files\Windows Live\Messenger\msnmsgr.exe MSNMSGR.EXE
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: Alerter
2012-07-26 14:51:37: Real Path: C:\WINDOWS\system32\alrsvc.dll
2012-07-26 14:51:37: Display Name: Alerter
2012-07-26 14:51:37: Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: system32\alrsvc.dll
2012-07-26 14:51:37: File size: 17408
2012-07-26 14:51:37: DLL File name: alrsvc.dll
2012-07-26 14:51:37: Original File Name: ALRSVC.DLL
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201149 20040810150000 20120726145137
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: AppMgmt
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\appmgmts.dll
2012-07-26 14:51:37: Display Name: Application Management
2012-07-26 14:51:37: Description: Provides software installation services such as Assign, Publish, and Remove.
2012-07-26 14:51:37: ServiceDLL: System32\appmgmts.dll
2012-07-26 14:51:37: File size: 167936
2012-07-26 14:51:37: DLL File name: appmgmts.dll
2012-07-26 14:51:37: Original File Name: appmgmts.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201149 20040810150000 20120726145137
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: AudioSrv
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\audiosrv.dll
2012-07-26 14:51:37: Display Name: Windows Audio
2012-07-26 14:51:37: Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: System32\audiosrv.dll
2012-07-26 14:51:37: File size: 42496
2012-07-26 14:51:37: DLL File name: audiosrv.dll
2012-07-26 14:51:37: Original File Name: audiosrv.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201150 20040810150000 20120726144212
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: BITS
2012-07-26 14:51:37: Real Path: C:\WINDOWS\system32\qmgr.dll
2012-07-26 14:51:37: Display Name: Background Intelligent Transfer Service
2012-07-26 14:51:37: Description: Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled.
2012-07-26 14:51:37: ServiceDLL: system32\qmgr.dll
2012-07-26 14:51:37: File size: 409088
2012-07-26 14:51:37: DLL File name: qmgr.dll
2012-07-26 14:51:37: Original File Name: qmgr.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201203 20040810150000 20120726144915
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: Browser
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\browser.dll
2012-07-26 14:51:37: Display Name: Computer Browser
2012-07-26 14:51:37: Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: System32\browser.dll
2012-07-26 14:51:37: File size: 77824
2012-07-26 14:51:37: DLL File name: browser.dll
2012-07-26 14:51:37: Original File Name: browser.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201150 20040810150000 20120726144509
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: CryptSvc
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\cryptsvc.dll
2012-07-26 14:51:37: Display Name: CryptSvc
2012-07-26 14:51:37: Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: System32\cryptsvc.dll
2012-07-26 14:51:37: File size: 62464
2012-07-26 14:51:37: DLL File name: cryptsvc.dll
2012-07-26 14:51:37: Original File Name: cryptsvc.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201151 20040810150000 20120726144237
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: DcomLaunch
2012-07-26 14:51:37: Real Path: C:\WINDOWS\system32\rpcss.dll
2012-07-26 14:51:37: Display Name: DCOM Server Process Launcher
2012-07-26 14:51:37: Description: Provides launch functionality for DCOM services.
2012-07-26 14:51:37: ServiceDLL: system32\rpcss.dll
2012-07-26 14:51:37: File size: 401408
2012-07-26 14:51:37: DLL File name: rpcss.dll
2012-07-26 14:51:37: Original File Name: rpcss.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20090209081048 20040810150000 20120726141403
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: Dhcp
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\dhcpcsvc.dll
2012-07-26 14:51:37: Display Name: DHCP Client
2012-07-26 14:51:37: Description: Manages network configuration by registering and updating IP addresses and DNS names.
2012-07-26 14:51:37: ServiceDLL: System32\dhcpcsvc.dll
2012-07-26 14:51:37: File size: 126976
2012-07-26 14:51:37: DLL File name: dhcpcsvc.dll
2012-07-26 14:51:37: Original File Name: dhcpcsvc.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080603100153 20040810150000 20120726141407
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: dmserver
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\dmserver.dll
2012-07-26 14:51:37: Display Name: Logical Disk Manager
2012-07-26 14:51:37: Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: System32\dmserver.dll
2012-07-26 14:51:37: File size: 23552
2012-07-26 14:51:37: DLL File name: dmserver.dll
2012-07-26 14:51:37: Original File Name: dmserver.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201152 20040810150000 20120726144216
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: Dnscache
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\dnsrslvr.dll
2012-07-26 14:51:37: Display Name: DNS Client
2012-07-26 14:51:37: Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: System32\dnsrslvr.dll
2012-07-26 14:51:37: File size: 45568
2012-07-26 14:51:37: DLL File name: dnsrslvr.dll
2012-07-26 14:51:37: Original File Name: dnsrslvr.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20090420131726 20040810150000 20120726144225
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: Dot3svc
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\dot3svc.dll
2012-07-26 14:51:37: Display Name: Wired AutoConfig
2012-07-26 14:51:37: Description: This service performs IEEE 802.1X authentication on Ethernet interfaces
2012-07-26 14:51:37: ServiceDLL: System32\dot3svc.dll
2012-07-26 14:51:37: File size: 132096
2012-07-26 14:51:37: DLL File name: dot3svc.dll
2012-07-26 14:51:37: Original File Name: dot3svc.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201152 20081119160219 20120726145137
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: EapHost
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\eapsvc.dll
2012-07-26 14:51:37: Display Name: Extensible Authentication Protocol Service
2012-07-26 14:51:37: Description: Provides windows clients Extensible Authentication Protocol Service
2012-07-26 14:51:37: ServiceDLL: System32\eapsvc.dll
2012-07-26 14:51:37: File size: 33792
2012-07-26 14:51:37: DLL File name: eapsvc.dll
2012-07-26 14:51:37: Original File Name: eapsvc.dll
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201152 20081119160227 20120726145137
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: ERSvc
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\ersvc.dll
2012-07-26 14:51:37: Display Name: Error Reporting Service
2012-07-26 14:51:37: Description: Allows error reporting for services and applictions running in non-standard environments.
2012-07-26 14:51:37: ServiceDLL: System32\ersvc.dll
2012-07-26 14:51:37: File size: 23040
2012-07-26 14:51:37: DLL File name: ersvc.dll
2012-07-26 14:51:37: Original File Name: ERSVC.DLL
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201153 20040810150000 20120726144346
2012-07-26 14:51:37: !!!!!!!
2012-07-26 14:51:37: Found Service: EventSystem
2012-07-26 14:51:37: Real Path: C:\WINDOWS\system32\es.dll
2012-07-26 14:51:37: Display Name: COM+ Event System
2012-07-26 14:51:37: Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: system32\es.dll
2012-07-26 14:51:37: File size: 253952
2012-07-26 14:51:37: DLL File name: es.dll
2012-07-26 14:51:37: Original File Name: 
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080707162658 20040810150000 20120726144003
2012-07-26 14:51:37: !!!!!!!!!
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: FastUserSwitchingCompatibility
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\shsvcs.dll
2012-07-26 14:51:37: Display Name: Fast User Switching Compatibility
2012-07-26 14:51:37: Description: Provides management for applications that require assistance in a multiple user environment.
2012-07-26 14:51:37: ServiceDLL: System32\shsvcs.dll
2012-07-26 14:51:37: File size: 135168
2012-07-26 14:51:37: DLL File name: shsvcs.dll
2012-07-26 14:51:37: Original File Name: SHSVCS.DLL
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20090727191741 20040810150000 20120726144213
2012-07-26 14:51:37: ---------------------------------------------------------------------
2012-07-26 14:51:37: Found Service: HidServ
2012-07-26 14:51:37: Real Path: C:\WINDOWS\System32\hidserv.dll
2012-07-26 14:51:37: Display Name: HID Input Service
2012-07-26 14:51:37: Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:37: ServiceDLL: System32\hidserv.dll
2012-07-26 14:51:37: File size: 21504
2012-07-26 14:51:37: DLL File name: hidserv.dll
2012-07-26 14:51:37: Original File Name: HIDSERV.DLL
2012-07-26 14:51:37: Company: 
2012-07-26 14:51:37: Mod/Cre/Acc time: 20080413201154 20061222181438 20120726144351
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: hkmsvc
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\kmsvc.dll
2012-07-26 14:51:38: Display Name: Health Key and Certificate Management Service
2012-07-26 14:51:38: Description: Manages health certificates and keys (used by NAP)
2012-07-26 14:51:38: ServiceDLL: System32\kmsvc.dll
2012-07-26 14:51:38: File size: 61440
2012-07-26 14:51:38: DLL File name: kmsvc.dll
2012-07-26 14:51:38: Original File Name: KmSvc.DLL
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080413201156 20081119160322 20120726145138
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: HTTPFilter
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\w3ssl.dll
2012-07-26 14:51:38: Display Name: HTTP SSL
2012-07-26 14:51:38: Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:38: ServiceDLL: System32\w3ssl.dll
2012-07-26 14:51:38: File size: 15872
2012-07-26 14:51:38: DLL File name: w3ssl.dll
2012-07-26 14:51:38: Original File Name: w3ssl.dll
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080413201208 20040810150000 20120726144354
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: lanmanserver
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\srvsvc.dll
2012-07-26 14:51:38: Display Name: Server
2012-07-26 14:51:38: Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:38: ServiceDLL: System32\srvsvc.dll
2012-07-26 14:51:38: File size: 99840
2012-07-26 14:51:38: DLL File name: srvsvc.dll
2012-07-26 14:51:38: Original File Name: SRVSVC.DLL
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20100827015743 20040810150000 20120726144425
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: lanmanworkstation
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\wkssvc.dll
2012-07-26 14:51:38: Display Name: Workstation
2012-07-26 14:51:38: Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:38: ServiceDLL: System32\wkssvc.dll
2012-07-26 14:51:38: File size: 132096
2012-07-26 14:51:38: DLL File name: wkssvc.dll
2012-07-26 14:51:38: Original File Name: WKSSVC.DLL
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20090610021449 20040810150000 20120726144227
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: LmHosts
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\lmhsvc.dll
2012-07-26 14:51:38: Display Name: TCP/IP NetBIOS Helper
2012-07-26 14:51:38: Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
2012-07-26 14:51:38: ServiceDLL: System32\lmhsvc.dll
2012-07-26 14:51:38: File size: 13824
2012-07-26 14:51:38: DLL File name: lmhsvc.dll
2012-07-26 14:51:38: Original File Name: lmhsvc.dll
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080413201156 20040810150000 20120726144211
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: Messenger
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\msgsvc.dll
2012-07-26 14:51:38: Display Name: Messenger
2012-07-26 14:51:38: Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:38: ServiceDLL: System32\msgsvc.dll
2012-07-26 14:51:38: File size: 33792
2012-07-26 14:51:38: DLL File name: msgsvc.dll
2012-07-26 14:51:38: Original File Name: msgsvc.dll
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080413201159 20040810150000 20120726145138
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: MHN
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\mhn.dll
2012-07-26 14:51:38: Display Name: MHN
2012-07-26 14:51:38: Description: Multimedia Home Networking (MHN) is a networking platform for Audio Video (AV) streaming applications on IP home networks. MHN enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications by providing mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
2012-07-26 14:51:38: ServiceDLL: System32\mhn.dll
2012-07-26 14:51:38: File size: 85504
2012-07-26 14:51:38: DLL File name: mhn.dll
2012-07-26 14:51:38: Original File Name: mhn.dll
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20040810221150 20040810221150 20120726145138
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: napagent
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\qagentrt.dll
2012-07-26 14:51:38: Display Name: Network Access Protection Agent
2012-07-26 14:51:38: Description: Allows windows clients to participate in Network Access Protection
2012-07-26 14:51:38: ServiceDLL: System32\qagentrt.dll
2012-07-26 14:51:38: File size: 291328
2012-07-26 14:51:38: DLL File name: qagentrt.dll
2012-07-26 14:51:38: Original File Name: QAgentRT.DLL
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080413201203 20081119160421 20120726145138
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: Netman
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\netman.dll
2012-07-26 14:51:38: Display Name: Network Connections
2012-07-26 14:51:38: Description: Manages objects in the Network and Dial-Up Connections folder, in which you can view both local area network and remote connections.
2012-07-26 14:51:38: ServiceDLL: System32\netman.dll
2012-07-26 14:51:38: File size: 198144
2012-07-26 14:51:38: DLL File name: netman.dll
2012-07-26 14:51:38: Original File Name: netman.dll
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080413201201 20040810150000 20120726143129
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: Nla
2012-07-26 14:51:38: Real Path: C:\WINDOWS\System32\mswsock.dll
2012-07-26 14:51:38: Display Name: Network Location Awareness (NLA)
2012-07-26 14:51:38: Description: Collects and stores network configuration and location information, and notifies applications when this information changes.
2012-07-26 14:51:38: ServiceDLL: System32\mswsock.dll
2012-07-26 14:51:38: File size: 245248
2012-07-26 14:51:38: DLL File name: mswsock.dll
2012-07-26 14:51:38: Original File Name: mswsock.dll
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080620120247 20040810150000 20120726144224
2012-07-26 14:51:38: ---------------------------------------------------------------------
2012-07-26 14:51:38: Found Service: NtmsSvc
2012-07-26 14:51:38: Real Path: C:\WINDOWS\system32\ntmssvc.dll
2012-07-26 14:51:38: Display Name: Removable Storage
2012-07-26 14:51:38: Description: 
2012-07-26 14:51:38: ServiceDLL: system32\ntmssvc.dll
2012-07-26 14:51:38: File size: 435200
2012-07-26 14:51:38: DLL File name: ntmssvc.dll
2012-07-26 14:51:38: Original File Name: ntmssvc.dll
2012-07-26 14:51:38: Company: 
2012-07-26 14:51:38: Mod/Cre/Acc time: 20080413201202 20040810150000 20120726145138
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: QWAVE
2012-07-26 14:51:39: Real Path: C:\WINDOWS\system32\qwave.dll
2012-07-26 14:51:39: Display Name: QWAVE service
2012-07-26 14:51:39: Description: Quality Windows Audio Video Experience (qWave) is a networking platform for Audio Video (AV) streaming applications on IP home networks. qWave enhances AV streaming performance and reliability by ensuring network quality-of-service (QoS) for AV applications. It provides mechanisms for admission control, run time monitoring and enforcement, application feedback, and traffic prioritization.
2012-07-26 14:51:39: ServiceDLL: system32\qwave.dll
2012-07-26 14:51:39: File size: 154112
2012-07-26 14:51:39: DLL File name: qwave.dll
2012-07-26 14:51:39: Original File Name: qwave.dll
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20051020212006 20051020212006 20120726140528
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: RasAuto
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\rasauto.dll
2012-07-26 14:51:39: Display Name: Remote Access Auto Connection Manager
2012-07-26 14:51:39: Description: Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address.
2012-07-26 14:51:39: ServiceDLL: System32\rasauto.dll
2012-07-26 14:51:39: File size: 88576
2012-07-26 14:51:39: DLL File name: rasauto.dll
2012-07-26 14:51:39: Original File Name: rasauto.dll
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201203 20040810150000 20120726145139
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: RasMan
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\rasmans.dll
2012-07-26 14:51:39: Display Name: Remote Access Connection Manager
2012-07-26 14:51:39: Description: Creates a network connection.
2012-07-26 14:51:39: ServiceDLL: System32\rasmans.dll
2012-07-26 14:51:39: File size: 186368
2012-07-26 14:51:39: DLL File name: rasmans.dll
2012-07-26 14:51:39: Original File Name: Rasmans.dll
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201203 20040810150000 20120726144649
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: RemoteAccess
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\mprdim.dll
2012-07-26 14:51:39: Display Name: Routing and Remote Access
2012-07-26 14:51:39: Description: Offers routing services to businesses in local area and wide area network environments.
2012-07-26 14:51:39: ServiceDLL: System32\mprdim.dll
2012-07-26 14:51:39: File size: 53248
2012-07-26 14:51:39: DLL File name: mprdim.dll
2012-07-26 14:51:39: Original File Name: MPRDIM.DLL
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201157 20040810150000 20120726145139
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: RemoteRegistry
2012-07-26 14:51:39: Real Path: C:\WINDOWS\system32\regsvc.dll
2012-07-26 14:51:39: Display Name: Remote Registry
2012-07-26 14:51:39: Description: Enables remote users to modify registry settings on this computer. If this service is stopped, the registry can be modified only by users on this computer. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:39: ServiceDLL: system32\regsvc.dll
2012-07-26 14:51:39: File size: 59904
2012-07-26 14:51:39: DLL File name: regsvc.dll
2012-07-26 14:51:39: Original File Name: REGSVC.DLL
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201204 20040810150000 20120726144441
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: RpcSs
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\rpcss.dll
2012-07-26 14:51:39: Display Name: Remote Procedure Call (RPC)
2012-07-26 14:51:39: Description: Provides the endpoint mapper and other miscellaneous RPC services.
2012-07-26 14:51:39: ServiceDLL: System32\rpcss.dll
2012-07-26 14:51:39: File size: 401408
2012-07-26 14:51:39: DLL File name: rpcss.dll
2012-07-26 14:51:39: Original File Name: rpcss.dll
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20090209081048 20040810150000 20120726141403
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: Schedule
2012-07-26 14:51:39: Real Path: C:\WINDOWS\system32\schedsvc.dll
2012-07-26 14:51:39: Display Name: Task Scheduler
2012-07-26 14:51:39: Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:39: ServiceDLL: system32\schedsvc.dll
2012-07-26 14:51:39: File size: 192512
2012-07-26 14:51:39: DLL File name: schedsvc.dll
2012-07-26 14:51:39: Original File Name: schedsvc.dll
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201205 20040810150000 20120726144227
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: seclogon
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\seclogon.dll
2012-07-26 14:51:39: Display Name: Secondary Logon
2012-07-26 14:51:39: Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:39: ServiceDLL: System32\seclogon.dll
2012-07-26 14:51:39: File size: 18944
2012-07-26 14:51:39: DLL File name: seclogon.dll
2012-07-26 14:51:39: Original File Name: SECLOGON.EXE
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201205 20040810150000 20120726144443
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: SENS
2012-07-26 14:51:39: Real Path: C:\WINDOWS\system32\sens.dll
2012-07-26 14:51:39: Display Name: System Event Notification
2012-07-26 14:51:39: Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
2012-07-26 14:51:39: ServiceDLL: system32\sens.dll
2012-07-26 14:51:39: File size: 39424
2012-07-26 14:51:39: DLL File name: sens.dll
2012-07-26 14:51:39: Original File Name: sens.dll
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201205 20040810150000 20120726144003
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: SharedAccess
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\ipnathlp.dll
2012-07-26 14:51:39: Display Name: Windows Firewall/Internet Connection Sharing (ICS)
2012-07-26 14:51:39: Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
2012-07-26 14:51:39: ServiceDLL: System32\ipnathlp.dll
2012-07-26 14:51:39: File size: 331264
2012-07-26 14:51:39: DLL File name: ipnathlp.dll
2012-07-26 14:51:39: Original File Name: IPNATHLP.DLL
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201155 20040810150000 20120726144537
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: ShellHWDetection
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\shsvcs.dll
2012-07-26 14:51:39: Display Name: Shell Hardware Detection
2012-07-26 14:51:39: Description: Provides notifications for AutoPlay hardware events.
2012-07-26 14:51:39: ServiceDLL: System32\shsvcs.dll
2012-07-26 14:51:39: File size: 135168
2012-07-26 14:51:39: DLL File name: shsvcs.dll
2012-07-26 14:51:39: Original File Name: SHSVCS.DLL
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20090727191741 20040810150000 20120726144213
2012-07-26 14:51:39: !!!!!!!
2012-07-26 14:51:39: Found Service: srservice
2012-07-26 14:51:39: Real Path: C:\WINDOWS\system32\srsvc.dll
2012-07-26 14:51:39: Display Name: System Restore Service
2012-07-26 14:51:39: Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
2012-07-26 14:51:39: ServiceDLL: system32\srsvc.dll
2012-07-26 14:51:39: File size: 171008
2012-07-26 14:51:39: DLL File name: srsvc.dll
2012-07-26 14:51:39: Original File Name: SERVICE.DLL
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201207 20040810150000 20120726144447
2012-07-26 14:51:39: !!!!!!!!!
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: SSDPSRV
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\ssdpsrv.dll
2012-07-26 14:51:39: Display Name: SSDP Discovery Service
2012-07-26 14:51:39: Description: Enables discovery of UPnP devices on your home network.
2012-07-26 14:51:39: ServiceDLL: System32\ssdpsrv.dll
2012-07-26 14:51:39: File size: 71680
2012-07-26 14:51:39: DLL File name: ssdpsrv.dll
2012-07-26 14:51:39: Original File Name: ssdpsrv.dll
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201207 20040810150000 20120726144443
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: stisvc
2012-07-26 14:51:39: Real Path: C:\WINDOWS\system32\wiaservc.dll
2012-07-26 14:51:39: Display Name: Windows Image Acquisition (WIA)
2012-07-26 14:51:39: Description: Provides image acquisition services for scanners and cameras.
2012-07-26 14:51:39: ServiceDLL: system32\wiaservc.dll
2012-07-26 14:51:39: File size: 333824
2012-07-26 14:51:39: DLL File name: wiaservc.dll
2012-07-26 14:51:39: Original File Name: WIASERVC.DLL
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201208 20040810150000 20120726144445
2012-07-26 14:51:39: ---------------------------------------------------------------------
2012-07-26 14:51:39: Found Service: TapiSrv
2012-07-26 14:51:39: Real Path: C:\WINDOWS\System32\tapisrv.dll
2012-07-26 14:51:39: Display Name: Telephony
2012-07-26 14:51:39: Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
2012-07-26 14:51:39: ServiceDLL: System32\tapisrv.dll
2012-07-26 14:51:39: File size: 249856
2012-07-26 14:51:39: DLL File name: tapisrv.dll
2012-07-26 14:51:39: Original File Name: TAPISRV.EXE
2012-07-26 14:51:39: Company: 
2012-07-26 14:51:39: Mod/Cre/Acc time: 20080413201207 20040810150000 20120726144647
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: TermService
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\termsrv.dll
2012-07-26 14:51:40: Display Name: Terminal Services
2012-07-26 14:51:40: Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
2012-07-26 14:51:40: ServiceDLL: System32\termsrv.dll
2012-07-26 14:51:40: File size: 295424
2012-07-26 14:51:40: DLL File name: termsrv.dll
2012-07-26 14:51:40: Original File Name: termsrv.exe
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080415111737 20040810150000 20120726144637
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: Themes
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\shsvcs.dll
2012-07-26 14:51:40: Display Name: Themes
2012-07-26 14:51:40: Description: Provides user experience theme management.
2012-07-26 14:51:40: ServiceDLL: System32\shsvcs.dll
2012-07-26 14:51:40: File size: 135168
2012-07-26 14:51:40: DLL File name: shsvcs.dll
2012-07-26 14:51:40: Original File Name: SHSVCS.DLL
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20090727191741 20040810150000 20120726144213
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: TrkWks
2012-07-26 14:51:40: Real Path: C:\WINDOWS\system32\trkwks.dll
2012-07-26 14:51:40: Display Name: Distributed Link Tracking Client
2012-07-26 14:51:40: Description: Maintains links between NTFS files within a computer or across computers in a network domain.
2012-07-26 14:51:40: ServiceDLL: system32\trkwks.dll
2012-07-26 14:51:40: File size: 90112
2012-07-26 14:51:40: DLL File name: trkwks.dll
2012-07-26 14:51:40: Original File Name: trkwks.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201207 20040810150000 20120726144444
2012-07-26 14:51:40: !!!!!!!
2012-07-26 14:51:40: Found Service: upnphost
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\upnphost.dll
2012-07-26 14:51:40: Display Name: Universal Plug and Play Device Host
2012-07-26 14:51:40: Description: Provides support to host Universal Plug and Play devices.
2012-07-26 14:51:40: ServiceDLL: System32\upnphost.dll
2012-07-26 14:51:40: File size: 185856
2012-07-26 14:51:40: DLL File name: upnphost.dll
2012-07-26 14:51:40: Original File Name: unpnhost.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201208 20040810150000 20120726144459
2012-07-26 14:51:40: !!!!!!!!!
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: W32Time
2012-07-26 14:51:40: Real Path: C:\WINDOWS\system32\w32time.dll
2012-07-26 14:51:40: Display Name: Windows Time
2012-07-26 14:51:40: Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:40: ServiceDLL: system32\w32time.dll
2012-07-26 14:51:40: File size: 175104
2012-07-26 14:51:40: DLL File name: w32time.dll
2012-07-26 14:51:40: Original File Name: w32time.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201208 20040810150000 20120726144217
2012-07-26 14:51:40: !!!!!!!
2012-07-26 14:51:40: Found Service: WebClient
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\webclnt.dll
2012-07-26 14:51:40: Display Name: WebClient
2012-07-26 14:51:40: Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:40: ServiceDLL: System32\webclnt.dll
2012-07-26 14:51:40: File size: 68096
2012-07-26 14:51:40: DLL File name: webclnt.dll
2012-07-26 14:51:40: Original File Name: davsvc.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201208 20040810150000 20120726144231
2012-07-26 14:51:40: !!!!!!!!!
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: winmgmt
2012-07-26 14:51:40: Real Path: C:\WINDOWS\system32\wbem\WMIsvc.dll
2012-07-26 14:51:40: Display Name: Windows Management Instrumentation
2012-07-26 14:51:40: Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
2012-07-26 14:51:40: ServiceDLL: system32\wbem\WMIsvc.dll
2012-07-26 14:51:40: File size: 144896
2012-07-26 14:51:40: DLL File name: WMIsvc.dll
2012-07-26 14:51:40: Original File Name: wmisvc.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201209 20040810150000 20120726144506
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: WmdmPmSN
2012-07-26 14:51:40: Real Path: C:\WINDOWS\system32\MsPMSNSv.dll
2012-07-26 14:51:40: Display Name: Portable Media Serial Number Service
2012-07-26 14:51:40: Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
2012-07-26 14:51:40: ServiceDLL: system32\MsPMSNSv.dll
2012-07-26 14:51:40: File size: 27136
2012-07-26 14:51:40: DLL File name: MsPMSNSv.dll
2012-07-26 14:51:40: Original File Name: MsPMSNSv.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20061018224716 20040810220000 20120726145140
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: Wmi
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\advapi32.dll
2012-07-26 14:51:40: Display Name: Windows Management Instrumentation Driver Extensions
2012-07-26 14:51:40: Description: Provides systems management information to and from drivers.
2012-07-26 14:51:40: ServiceDLL: System32\advapi32.dll
2012-07-26 14:51:40: File size: 617472
2012-07-26 14:51:40: DLL File name: advapi32.dll
2012-07-26 14:51:40: Original File Name: advapi32.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20090209081048 20040810150000 20120726143855
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: wscsvc
2012-07-26 14:51:40: Real Path: C:\WINDOWS\system32\wscsvc.dll
2012-07-26 14:51:40: Display Name: 
2012-07-26 14:51:40: Description: 
2012-07-26 14:51:40: ServiceDLL: system32\wscsvc.dll
2012-07-26 14:51:40: File size: 80896
2012-07-26 14:51:40: DLL File name: wscsvc.dll
2012-07-26 14:51:40: Original File Name: wscsvc.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201210 20040810150000 20120726144551
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: wuauserv
2012-07-26 14:51:40: Real Path: C:\WINDOWS\system32\wuauserv.dll
2012-07-26 14:51:40: Display Name: Automatic Updates
2012-07-26 14:51:40: Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
2012-07-26 14:51:40: ServiceDLL: system32\wuauserv.dll
2012-07-26 14:51:40: File size: 6656
2012-07-26 14:51:40: DLL File name: wuauserv.dll
2012-07-26 14:51:40: Original File Name: wuauserv.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201211 20040810150000 20120726144454
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: WudfSvc
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\WUDFSvc.dll
2012-07-26 14:51:40: Display Name: Windows Driver Foundation - User-mode Driver Framework
2012-07-26 14:51:40: Description: Manages user-mode driver host processes
2012-07-26 14:51:40: ServiceDLL: System32\WUDFSvc.dll
2012-07-26 14:51:40: File size: 55808
2012-07-26 14:51:40: DLL File name: WUDFSvc.dll
2012-07-26 14:51:40: Original File Name: WUDFSvc.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20060928195614 20060411142656 20120726144225
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: WZCSVC
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\wzcsvc.dll
2012-07-26 14:51:40: Display Name: Wireless Zero Configuration
2012-07-26 14:51:40: Description: Provides automatic configuration for the 802.11 adapters
2012-07-26 14:51:40: ServiceDLL: System32\wzcsvc.dll
2012-07-26 14:51:40: File size: 483840
2012-07-26 14:51:40: DLL File name: wzcsvc.dll
2012-07-26 14:51:40: Original File Name: wzcsvc.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201211 20040810220000 20120726143130
2012-07-26 14:51:40: ---------------------------------------------------------------------
2012-07-26 14:51:40: Found Service: xmlprov
2012-07-26 14:51:40: Real Path: C:\WINDOWS\System32\xmlprov.dll
2012-07-26 14:51:40: Display Name: Network Provisioning Service
2012-07-26 14:51:40: Description: Manages XML configuration files on a domain basis for automatic network provisioning.
2012-07-26 14:51:40: ServiceDLL: System32\xmlprov.dll
2012-07-26 14:51:40: File size: 129024
2012-07-26 14:51:40: DLL File name: xmlprov.dll
2012-07-26 14:51:40: Original File Name: xmlprov.dll
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 20080413201211 20040810150000 20120726145140
2012-07-26 14:51:40: !!!!!!!
2012-07-26 14:51:40: Found Service: zmxpzip
2012-07-26 14:51:40: Real Path: C:\WINDOWS\system32\LC7981.dll
2012-07-26 14:51:40: Display Name: Amdk7
2012-07-26 14:51:40: Description: 
2012-07-26 14:51:40: ServiceDLL: system32\LC7981.dll
2012-07-26 14:51:40: File size: 0
2012-07-26 14:51:40: DLL File name: LC7981.dll
2012-07-26 14:51:40: Original File Name: 
2012-07-26 14:51:40: Company: 
2012-07-26 14:51:40: Mod/Cre/Acc time: 
2012-07-26 14:51:40: !!!!!!!!!
2012-07-26 14:51:40: 
2012-07-26 14:51:40: Looking for SHELL key
2012-07-26 14:51:40: Now looking for bad DLL files in system32
2012-07-26 14:55:39: Folder: GAC
2012-07-26 14:55:39: Folder: GAC_32
2012-07-26 14:55:39: Folder: GAC_MSIL
2012-07-26 14:55:39: Folder: NativeImages1_v1.0.3705
2012-07-26 14:55:39: Folder: NativeImages1_v1.1.4322
2012-07-26 14:55:39: Folder: NativeImages_v2.0.50727_32
2012-07-26 14:55:39: Folder: temp
2012-07-26 14:55:39: Folder: tmp
2012-07-26 14:55:40: Checking for bad folder
2012-07-26 14:55:40: Found 1 folders.
2012-07-26 14:55:40: Checking C:\WINDOWS\assembly\tmp
2012-07-26 14:55:40: ... Folder test returns: 1
2012-07-26 14:55:40: Done with folder list in C:\WINDOWS\assembly\ tmp
2012-07-26 14:55:44: Checking for bad folder
2012-07-26 14:55:44: Found 404 folders.
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2079403$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2115168$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2121546$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2141007$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2158563$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2160329$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2229593$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2259922$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2279986$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2286198$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2296011$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2296199$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2345886$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2347290$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2360937$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2378111_WM9$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2387149$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2393802$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2412687$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2419632$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2423089$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2436673$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2440591$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2443105$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2443685$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2447961_WM9L$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2467659$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2476490$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2476687$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2478960$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2478971$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2479628$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2481109$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2483185$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2485376$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2485663$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2502898$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2503658$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2503665$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2506212$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2506223$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2507618$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2507938$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2508272$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2508429$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2509553$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2511455$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2524375$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2535512$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2536276$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2536276-v2$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2541763$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2544893$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2544893-v2$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2555917$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2562937$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2564958$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2566454$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2567053$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2567680$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2570222$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2570791$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2570947$
2012-07-26 14:55:44: ... Folder test returns: 1
2012-07-26 14:55:44: Checking C:\WINDOWS\$NtUninstallKB2572066$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2584146$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2585542$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2592799$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2598479$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2603381$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2604042$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2607712$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2616676$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2618451$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2619340$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2620712$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2621440$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2624667$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2628259$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2631813$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2633171$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2633952$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2639417$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2641653$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2641690$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2646524$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2647518$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2653956$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2655992$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2656378$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2659262$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2660465$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2676562$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2685939$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2686509$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2691442$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2695962$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2698365$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2707511$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2718523$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2718704$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB2719985$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB873339$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB883667$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB883939$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB885250$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB885354$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB885835$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB885836$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB886185$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB887472$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB887742$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB887998$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB888113$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB888302$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB888316$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB888795$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB889858$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB890046$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB890175$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB890859$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB891220$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB891593$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB891781$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB893066$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB893756$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB894391$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB895678$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB895961$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB895961-v4$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB895961-v4_0$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB896358$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB896422$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB896423$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB896424$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB896428$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB896688$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB898458$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB898461$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB899337$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB899510$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB899587$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB899589$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB899591$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB900325$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB900485$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB900725$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB901017$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB901214$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB902400$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB902841$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB903157$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB904706$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB904942$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB905414$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB905589$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB905749$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB905915$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB908250$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB908519$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB908531$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB910437$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB911280$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB911562$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB911565$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB911567$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB911927$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB912812$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB912919$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB913446$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB913580$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB913800$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB914388$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB914389$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB914440$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB915865$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB916281$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB916281_0$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB916595$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB917159$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB917344$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB917422$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB917734_WMP10$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB917953$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB918118$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB918439$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB918899$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB919007$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB920213$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB920214$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB920670$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB920683$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB920685$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB920872$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB921398$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB921503$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB921883$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB922582$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB922616$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB922819$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB923191$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB923414$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB923561$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB923694$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB923723$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB923980$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB924191$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB924270$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB924496$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB924667$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB925398_WMP64$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB925486$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB925766$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB925902$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB926239$
2012-07-26 14:55:45: ... Folder test returns: 1
2012-07-26 14:55:45: Checking C:\WINDOWS\$NtUninstallKB926255$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB926436$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB927779$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB927802$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB927891$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB928255$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB928843$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB929123$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB929338$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB929399$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB930178$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB930494$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB930916$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB931261$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB931784$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB931836$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB932168$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB932823-v3$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB933360$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB933729$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB935839$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB935840$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB936021$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB936782_WMP11$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB937894$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB938464$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB938464-v2$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB938464_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB938828$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB938829$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB939683$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB941202$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB941568$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB941569$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB941644$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB941693$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB942288-v3$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB942763$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB943055$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB943460$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB943485$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB944653$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB945553$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB946026$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB946648$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB946648_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB948590$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB948881$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB950749$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB950760$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB950762$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB950762_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB950974$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB950974_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951066$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951066_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951072-v2$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951376$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951376-v2$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951376-v2_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951376_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951698$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951698_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951748$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951748_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB951978$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB952004$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB952069_WM9$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB952287$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB952287_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB952954$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB952954_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB953295$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB953356$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB953761$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB953839$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954154_WM11$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954155_WM9$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954156_WM9L$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954211$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954211_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954459$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954600$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB954708$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB955069$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB955069_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB955759$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB955839$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956391$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956572$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956744$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956802$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956803$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956803_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956841$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956841_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB956844$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB957095$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB957095_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB957097$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB957097_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB958644$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB958644_0$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB958687$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB958690$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB958869$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB959426$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB959772_WM11$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB960225$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB960715$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB960803$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB960859$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB961118$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB961371$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB961373$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB961501$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB961503$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB967715$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB968389$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB968537$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB968816_WM9$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB969059$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB969898$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB969947$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB970238$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB970430$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB970653-v3$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB971029$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB971468$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB971486$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB971557$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB971633$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB971657$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB971737$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB972270$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973346$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973354$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973507$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973525$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973540_WM9$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973687$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973768$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973815$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973869$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB973904$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB974112$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB974318$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB974392$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB974571$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB975025$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB975467$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB975558_WM8$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB975560$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB975561$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB975562$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB975713$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB976098-v2$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB977165$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB977816$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB977914$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978037$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978251$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978262$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978338$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978542$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978601$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978695_WM9$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB978706$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979306$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979309$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979332_WM9L$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979482$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979559$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979683$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979687$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB979904$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB980195$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB980218$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB980232$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB980436$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB981322$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB981793$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB981852$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB981957$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB981997$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB982132$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB982214$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB982665$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Checking C:\WINDOWS\$NtUninstallKB982802$
2012-07-26 14:55:46: ... Folder test returns: 1
2012-07-26 14:55:46: Done with folder list in C:\WINDOWS\ $NTuninstallKB*
2012-07-26 14:55:54: Some drivers where replaced. We need to enforce...
2012-07-26 14:55:54: Drivers replaced:
2012-07-26 14:55:54: B89CFBE8CB247B57D8C10ADAA66B462B

11028C6A84A967070CB1286550F2058F

2012-07-26 14:55:54: Autonomous mode, clearing out yt folder
2012-07-26 14:55:57: cmd.exe /c start "C:\Documents and Settings\HP_Administrator\Desktop\yorkyt.exe"
2012-07-26 14:56:02: Restarting...
2012-07-26 15:01:43: ****************************************************
2012-07-26 15:01:53: Starting UP ... v 0.0.0.220
2012-07-26 15:01:53: ****************************************************
2012-07-26 15:02:01: Stop TPSRV returns: 2
2012-07-26 15:02:16: Listing processes...
2012-07-26 15:02:16: :[System Process]:0
2012-07-26 15:02:16: :System:4
2012-07-26 15:02:16: :smss.exe:412
2012-07-26 15:02:16: :csrss.exe:516
2012-07-26 15:02:16: :winlogon.exe:544
2012-07-26 15:02:16: :services.exe:588
2012-07-26 15:02:16: :lsass.exe:600
2012-07-26 15:02:16: :svchost.exe:760
2012-07-26 15:02:16: :svchost.exe:856
2012-07-26 15:02:16: :svchost.exe:924
2012-07-26 15:02:16: :svchost.exe:960
2012-07-26 15:02:16: :svchost.exe:1072
2012-07-26 15:02:16: :spoolsv.exe:1220
2012-07-26 15:02:16: :explorer.exe:1412
2012-07-26 15:02:16: :yorkyt.exe:1532
2012-07-26 15:02:16: :ehtray.exe:1620
2012-07-26 15:02:16: :LVComS.exe:1668
2012-07-26 15:02:16: :kbd.exe:1676
2012-07-26 15:02:16: :issch.exe:1788
2012-07-26 15:02:16: :iTunesHelper.exe:1816
2012-07-26 15:02:16: ivXUpdate.exe:1824
2012-07-26 15:02:16: :hpwuschd2.exe:1844
2012-07-26 15:02:16: :jusched.exe:1852
2012-07-26 15:02:16: :GrooveMonitor.exe:1908
2012-07-26 15:02:16: :avgtray.exe:1920
2012-07-26 15:02:16: :rundll32.exe:1960
2012-07-26 15:02:16: :vprot.exe:1968
2012-07-26 15:02:16: :mbamgui.exe:1976
2012-07-26 15:02:16: :LogitechDesktopMessenger.exe:1992
2012-07-26 15:02:16: CCompanion.exe:2012
2012-07-26 15:02:16: :ctfmon.exe:116
2012-07-26 15:02:16: CCompanionInfo.exe:208
2012-07-26 15:02:16: :reader_sl.exe:292
2012-07-26 15:02:16: :hpqtra08.exe:316
2012-07-26 15:02:16: :SetPoint.exe:352
2012-07-26 15:02:16: :Updates from HP.exe:360
2012-07-26 15:02:16: :KHALMNPR.EXE:896
2012-07-26 15:02:16: :hpqste08.exe:1368
2012-07-26 15:02:16: :ALCXMNTR.EXE:1276
2012-07-26 15:02:16: :hpsysdrv.exe:1408
2012-07-26 15:02:16: :svchost.exe:2228
2012-07-26 15:02:16: :AppleMobileDeviceService.exe:2252
2012-07-26 15:02:16: :ApplicationUpdater.exe:2268
2012-07-26 15:02:16: :avgwdsvc.exe:2296
2012-07-26 15:02:16: :BBSvc.EXE:2324
2012-07-26 15:02:16: :SeaPort.EXE:2392
2012-07-26 15:02:16: :mDNSResponder.exe:2428
2012-07-26 15:02:16: :ehrecvr.exe:2476
2012-07-26 15:02:16: :ehSched.exe:2492
2012-07-26 15:02:16: :avgnsx.exe:2532
2012-07-26 15:02:16: :avgemcx.exe:2588
2012-07-26 15:02:16: :svchost.exe:2972
2012-07-26 15:02:16: :jqs.exe:2992
2012-07-26 15:02:16: :LSSrvc.exe:3040
2012-07-26 15:02:16: :avgrsx.exe:3060
2012-07-26 15:02:16: :mbamservice.exe:3104
2012-07-26 15:02:16: :avgcsrvx.exe:3152
2012-07-26 15:02:16: :MDM.EXE:3164
2012-07-26 15:02:16: :nvsvc32.exe:3200
2012-07-26 15:02:16: :svchost.exe:3240
2012-07-26 15:02:16: :RMSvc.exe:3260
2012-07-26 15:02:16: :svchost.exe:3376
2012-07-26 15:02:16: :svchost.exe:3388
2012-07-26 15:02:16: :ULCDRSvr.exe:3508
2012-07-26 15:02:16: :ToolbarUpdater.exe:3620
2012-07-26 15:02:16: :McrdSvc.exe:3760
2012-07-26 15:02:16: :avgidsagent.exe:3852
2012-07-26 15:02:16: :wmpnetwk.exe:4032
2012-07-26 15:02:16: :wuauclt.exe:4092
2012-07-26 15:02:16: :wmiprvse.exe:2864
2012-07-26 15:02:16: :ehmsas.exe:3360
2012-07-26 15:02:16: :iPodService.exe:3828
2012-07-26 15:02:16: :HPZipm12.exe:2076
2012-07-26 15:02:16: :dllhost.exe:3324
2012-07-26 15:02:16: :alg.exe:2704
2012-07-26 15:02:16: :wscntfy.exe:4668
2012-07-26 15:02:16: 
2012-07-26 15:02:16: Starting cleanup mode...
2012-07-26 15:02:41: ... Done with files, now folders
2012-07-26 15:02:51: All DONE


----------



## pcme (Jul 10, 2012)

ComboFix 12-07-25.04 - HP_Administrator 07/26/2012 15:12:19.3.1 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.384 [GMT -4:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\docume~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\HP_Administrator\Local Settings\Temp\IadHide5.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-06-26 to 2012-07-26 )))))))))))))))))))))))))))))))
.
.
2012-07-26 18:39 . 2012-07-26 18:55 -------- d-----w- c:\windows\system32\DBBK
2012-07-24 23:50 . 2012-07-24 23:50 -------- d-----w- c:\program files\AVG Secure Search
2012-07-24 23:49 . 2012-07-26 19:43 -------- d-----w- c:\windows\system32\drivers\AVG
2012-07-24 23:43 . 2012-07-24 23:43 -------- d-----w- C:\AVG2012
2012-07-24 23:34 . 2012-05-11 14:42 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2012-07-16 23:11 . 2012-07-16 23:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-07-16 23:11 . 2012-07-03 17:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-25 00:37 . 2012-04-29 21:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-25 00:37 . 2011-08-04 22:09 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:19 . 2004-08-10 19:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50 . 2008-08-30 01:06 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50 . 2004-08-10 19:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32 . 2004-08-10 19:00 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19 . 2007-06-01 01:17 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19 . 2007-06-01 01:17 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19 . 2004-08-10 19:00 329240 ----a-w- c:\windows\system32\wucltui.dll
2012-06-02 19:19 . 2004-08-10 19:00 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19 . 2004-08-10 19:00 210968 ----a-w- c:\windows\system32\wuweb.dll
2012-06-02 19:19 . 2007-06-01 01:17 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19 . 2005-05-26 09:16 45080 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 19:19 . 2004-08-10 19:00 97304 ----a-w- c:\windows\system32\cdm.dll
2012-06-02 19:19 . 2004-08-10 19:00 53784 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 19:19 . 2004-08-10 19:00 35864 ----a-w- c:\windows\system32\wups.dll
2012-06-02 19:19 . 2007-06-01 01:17 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:19 . 2004-08-10 19:00 577048 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 19:19 . 2004-08-10 19:00 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 19:18 . 2007-06-01 19:38 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-06-02 19:18 . 2005-12-02 21:42 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18 . 2005-05-26 09:19 214256 ----a-w- c:\windows\system32\muweb.dll
2012-05-31 13:22 . 2004-08-10 19:00 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08 . 2004-08-10 19:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:42 . 2004-08-10 19:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42 . 2004-08-10 19:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38 . 2004-08-10 19:00 385024 ----a-w- c:\windows\system32\html.iec
2012-05-04 13:16 . 2004-08-04 13:18 2148352 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-04 12:32 . 2004-08-04 12:59 2026496 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-05-02 13:46 . 2004-08-10 19:00 139656 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2008-11-14 23:28 . 2008-11-14 23:28 12881 ----a-w- c:\program files\Common Files\ihasi.bat
2012-04-25 03:37 . 2011-03-25 00:33 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-07-24 23:50 2069088 ----a-w- c:\program files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll" [2012-07-24 2069088]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-04-10 32768]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
"Update Manager"="c:\program files\Rogers\Update Manager\UpdateManager.exe" [2005-01-28 131072]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"ISUSScheduler"="c:\program files\common files\installshield\updateservice\issch.exe" [2004-07-28 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-02 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-07-24 1118304]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
SolidWorks Task Scheduler Engine.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [N/A]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-4-10 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2006-12-22 450560]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-9-28 36903]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Norton System Doctor.LNK]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\Norton System Doctor.LNK
backup=c:\windows\pss\Norton System Doctor.LNKStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-17 03:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2005-01-24 09:56 544768 ----a-w- c:\windows\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Photo Express Calendar Checker]
2004-01-13 01:40 69632 ----a-w- c:\program files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2012\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [4/19/2012 4:50 AM 24896]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [1/31/2012 4:46 AM 31952]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2/22/2012 5:25 AM 235216]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [3/19/2012 5:17 AM 301248]
R2 Application Updater;Application Updater;c:\program files\Application Updater\ApplicationUpdater.exe [1/8/2010 1:51 AM 380928]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2012\avgidsagent.exe [7/4/2012 5:25 PM 5160568]
R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2/14/2012 4:53 AM 193288]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [10/13/2011 6:21 PM 249648]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/16/2012 7:11 PM 655944]
R2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [5/2/2012 9:31 PM 932736]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [12/23/2011 1:32 PM 139856]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [12/23/2011 1:32 PM 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [12/23/2011 1:32 PM 17232]
R3 Mach2;Mach2 Pulseing Service;c:\windows\system32\drivers\Mach2.sys [4/6/2008 2:17 PM 99936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/16/2012 7:11 PM 22344]
S0 qqviagb;qqviagb;c:\windows\system32\drivers\jsyjqyvu.sys --> c:\windows\system32\drivers\jsyjqyvu.sys [?]
S2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [10/21/2011 4:23 PM 196176]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/30/2010 7:05 PM 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/29/2012 5:06 PM 250056]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11/22/2010 2:21 PM 13224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/30/2010 7:05 PM 135664]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [4/7/2007 2:01 PM 19039]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/24/2012 11:37 PM 129976]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [11/22/2010 2:14 PM 155320]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/17/2006 1:32 PM 691696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
StkAMini
us30sys
zpcollector
agentsrv
aavmker4
nimcrpcsu
amoagent
BootScreen
mafwboot
qhwscsvc
lktimesync
ATIVTUTW
cpsvc
AGV
zmxpzip
.
Contents of the 'Scheduled Tasks' folder
.
2012-07-26 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 00:37]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 23:05]
.
2012-07-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 23:05]
.
2012-07-26 c:\windows\Tasks\User_Feed_Synchronization-{8A7EFBA3-8D6B-4E69-AC85-750B378CDC09}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.ca/
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
TCP: DhcpNameServer = 64.71.255.198
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: {958FCAB0-616B-11D3-A63F-00001B322780} - hxxp://www.timeticker.com/Timeset/TcpServer.CAB
DPF: {DB31DA00-4F6F-4CC7-8627-C5A142E1FC7C} - hxxp://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\blvewxkk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/webhp?sourceid=navclient&ie=UTF-8
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3868eed9-ec7a-44bd-b25a-5e975a6f41c6%7D&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&ds=AVG&v=11.0.0.9&lang=en&pr=fr&d=2012-05-02%2021%3A31%3A57&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-07-26 15:42
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ca,16,27,25,6d,84,ec,57,fa,61,27,ec,0e,4b,66,72,66,b8,96,f2,cc,35,f0,
d7,bb,a3,c0,f5,19,fd,bf,89,e7,91,49,c4,14,ea,4b,9f,8d,11,f7,26,84,21,42,72,\
"??"=hex:59,e5,97,70,47,08,a5,1e,f6,13,83,cc,52,0d,a6,6c
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2092)
c:\windows\system32\WININET.dll
c:\docume~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\nview.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\AVG\AVG2012\avgnsx.exe
c:\program files\AVG\AVG2012\avgemcx.exe
c:\program files\AVG\AVG2012\avgrsx.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\AVG\AVG2012\avgcsrvx.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\ehome\RMSvc.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\ehome\McrdSvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\dllhost.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\HPZipm12.exe
c:\windows\ALCXMNTR.EXE
.
**************************************************************************
.
Completion time: 2012-07-26 15:59:24 - machine was rebooted
ComboFix-quarantined-files.txt 2012-07-26 19:58
ComboFix2.txt 2012-07-25 21:50
ComboFix3.txt 2012-07-24 23:21
.
Pre-Run: 100,956,520,448 bytes free
Post-Run: 100,842,168,320 bytes free
.
- - End Of File - - 2240C16EA769908ED1058E96BB19E874


----------



## pcme (Jul 10, 2012)

I now have internet connection, I deleted NETBT.sys the virus version out of my system32 file last night and replaced it with a new one from the i386 folder in windows, didn't work till I just ran yorkyt and combofix.


----------



## Mark1956 (May 7, 2011)

Well done for figuring that out, I was going to wait and see if Combofix would find it after Yorkyt had been run. The hash code gives no results on Google so it was clearly suspicious but I would not have replaced it without having it thorougly checked with an online virus scan. Please confirm that you copied the file between the folders and you didn't simply move its location.

So, you have internet conection back, how well is the PC running now, any other issues?


----------



## pcme (Jul 10, 2012)

File was copied not moved and ran antivirus on my computer, everything looks clean. I would say I am satisfied with my computers performance for a 7 yr old computer. If I do have anymore problems I will differently post again. Thank you for your help.


----------



## Mark1956 (May 7, 2011)

You're welcome, but we are not done yet, after a ZeroAccess infection it is wise to run an online scan to check for anything else. It is also part of the process to check your systems security to make sure everything is up to date which will help reduce the risk of you becoming infected again. I then have to give you specific instructions to remove all the tools used. Combofix has to be uninstalled using a specific process.

Please follow these instructions:

*Eset online scan instructions.*
*IMPORTANT --->* Please make sure you follow the instruction to *uncheck* the box next to *Remove found threats*. Eset will detect anything that looks even remotely suspicious, this can include legitimate program files. If you do not uncheck the box, as instructed, Eset will automatically remove all suspect files which could leave some of your software inoperative. If you make a mistake these files can be restored from quarantine, but it would be preferable not to add any extra work to the clean up of your system.

Disable your existing Anti Virus following these instructions.
Please go here to use the Eset Online Scanner.
When the web page opens click on this button








If you are not using *Internet Explorer* you will see a message box open asking you to to download the *ESET Smart Installer*, click on the link and allow it to download and then run it. Accept the *Terms of use* and click on *Start*. The required components will download.
If using Internet Explorer the *Terms of use* box will open immediately, accept it and click on *Start*.
After the download is complete the *Computer scan settings* window will open, *IMPORTANT ---->* *uncheck* the box next to *Remove found threats* and click on *Start*. The virus signature database will then download which may take some time depending on the speed of your internet connection. The scan will automatically start when the download is complete.
This is a very thorough scan and may take several hours to complete depending on how much data you have on your hard drive. *Do not* interrupt it, be patient and let it finish.
A Scan Results window will appear at the end of the scan. If it lists any number of Infected Files click on List of found threats. Click on Copy to clipboard, come back to this thread and right click on the message box. Select *Paste* and the report will appear, add any comments you have and post the reply.
Back on the *Eset* window, click the *Back* button and then click on *Finish*.
______________________________________________________________

Download Security Check by screen317 from Here or Here.
Save it to your Desktop.
Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
A Notepad document should open automatically called checkup.txt; please post the contents of that document.


----------



## pcme (Jul 10, 2012)

ok, I will run it all right now


----------



## Mark1956 (May 7, 2011)

:up:


----------



## pcme (Jul 10, 2012)

here are the results of eset

C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\10\7f2a98ca-528e2378 Java/TrojanDownloader.Agent.NCN trojan

C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\eJS.jar-3dadbc30-790f8299.zip  Java/TrojanDownloader.Agent.NCN trojan

C:\Program Files\Application Updater\ApplicationUpdater.exe probably a variant of Win32/Toolbar.Widgi application

C:\Qoobox\Quarantine\C\Documents and Settings\All Users\Application Data\C43LxgkM.exe.vir a variant of Win32/Kryptik.AEVI trojan

C:\Qoobox\Quarantine\C\Program Files\Search Settings\SeARchsettings.dll.vir Win32/Toolbar.Widgi 
application

C:\Qoobox\Quarantine\C\Program Files\Search Settings\SearchSettings.exe.vir Win32/Toolbar.Widgi application

C:\Qoobox\Quarantine\C\Program Files\Search Settings\SearchSettingsRes409.dll.vir Win32/Toolbar.Widgi application

C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP539\A0100988.exe a variant of Win32/InstallCore.D application

C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP540\A0101722.dll Win32/Toolbar.Widgi application

C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP540\A0101723.exe Win32/Toolbar.Widgi application

C:\System Volume Information\_restore{D7BD54B8-C977-4903-8CE7-9415B851EC71}\RP540\A0101724.dll Win32/Toolbar.Widgi application

C:\WINDOWS\system32\DBBK\293E66AA529F0FBA1AA56340E293A389 probably a variant of Win32/Toolbar.Widgi application
Operating memory probably a variant of Win32/Toolbar.Widgi application


----------



## pcme (Jul 10, 2012)

results of security checkup

Results of screen317's Security Check version 0.99.43 
Windows XP Service Pack 3 x86 
Internet Explorer 8 
*``````````````Antivirus/Firewall Check:``````````````* 
Windows Firewall Enabled! 
AVG Anti-Virus Free Edition 2012 
Antivirus up to date! (On Access scanning *disabled*!) 
*`````````Anti-malware/Other Utilities Check:`````````* 
Malwarebytes Anti-Malware version 1.62.0.1300 
Java(TM) 6 Update 31 
Java(TM) SE Runtime Environment 6 Update 1 
Java(TM) 6 Update 2 
Java(TM) 6 Update 3 
Java(TM) 6 Update 5 
Java(TM) 6 Update 7 
*Java version out of Date!* 
Adobe Flash Player 11.3.300.268 
Adobe Reader 7 *Adobe Reader out of Date!* 
Mozilla Firefox 12.0 *Firefox out of Date!* 
*````````Process Check: objlist.exe by Laurent````````* 
Malwarebytes Anti-Malware mbamservice.exe 
AVG avgwdsvc.exe 
AVG avgtray.exe 
ESET ESET Online Scanner OnlineScannerApp.exe 
*`````````````````System Health check`````````````````* 
Total Fragmentation on Drive C:: 21% *Defragment your hard drive soon!*
*````````````````````End of Log``````````````````````*


----------



## Mark1956 (May 7, 2011)

Ok, please follow the instructions below to remove orphan entries and suspicious files found by Eset, then post the log.

After that I will give instructions to update a few programs. You have a big collection of old versions of Java, which is a security risk, older versions are prone to get infected and one of them had.

We are now going to run ComboFix a different way.
Open Notepad by clicking







> *Run...* and in the open box type: 
*Notepad.exe*
Press Ok, then copy and paste everything in the *code box* below into it.
_-- Note: Make sure Word Wrap is *unchecked* in Notepad by clicking on *Format* in the top menu._

```
KillAll::
File::
C:\WINDOWS\system32\DBBK\293E66AA529F0FBA1AA56340E293A389
Folder::
C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache
C:\Program Files\Application Updater
DDS::
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: {D593DE91-7B41-45C2-830E-E9A99AB142AA} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
ClearJavaCache::
Reboot::
```

Save the file as *CFScript.txt* by choosing _Save As..._ in the File Menu, and save it to your Desktop where the ComboFix icon 
is also located.
Close your browser and* disconnect* from the Internet.
Now use your mouse to *drag*, then *drop* the CFScript.txt file on top of ComboFix.exe as seen in the image below.








This will start ComboFix again and launch the script.
ComboFix may reboot your system when it finishes. This is normal.
A log will be created just as before and saved to C:\ComboFix.txt. Please copy and paste the contents of *ComboFix.txt* in your next 
reply.
Be sure to *re-enable* your anti-virus and other security programs *after* the scan is complete.
NOTE: if you see a message like this when you attempt to open anything after the reboot *"Illegal **Operation attempted on a registry key that has been marked for deletion"* please reboot the system again and the warning should not return.


----------



## pcme (Jul 10, 2012)

So this scan has been running for about 2 hours now and it seems to be in the same spot where it says scan can take 10mins or double....is this normal?


----------



## pcme (Jul 10, 2012)

Its still in the same spot, Im going to shut it down till you read this


----------



## Mark1956 (May 7, 2011)

Hi, sounds like you have had a hitch, but not sure why, it is not normal for CF to run for several hours.

Please try again following the same instructions as above, make sure your Anti Virus is disabled and remove this following line from the script and let me know how it goes.

C:\WINDOWS\system32\DBBK\293E66AA529F0FBA1AA56340E293A389

EDIT: I should have added, make sure the PC is not touched during the scan, clicking the mouse pointer on the scan progress box can cause problems.


----------



## pcme (Jul 10, 2012)

Same deal as yesterday, still in the same spot and I let it run for the same amount of time with antivirus off no internet and didnt touch the mouse.


----------



## Mark1956 (May 7, 2011)

Ok, please run the scan below.

Please follow the instructions exactly as written, deviating from the instructions and trying to fix anything before I have seen the logs may make your PC unbootable. If TDSSKiller does not offer the Cure option *DO NOT select delete* as you may remove files needed for the system to operate.
Please download Kaspersky's *TDSSKiller* and *save it to your Desktop. <-Important!*
_-- The tool is frequently updated...if you used TDSSKiller before, delete that version and download the most current one before using again._
_Be sure to print out and follow the instructions for performing a scan_.

Extract (unzip) the file to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the Desktop.
Alternatively, you can download TDSSKiller.exe and use that instead.
Double-click on *TDSSKiller.exe* to run the tool for known TDSS variants.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
If an update is available, TDSSKiller will prompt you to update and download the most current version. Click *Load Update*. Close TDSSKiller and start again.

When the program opens, click the *Change parameters.*









Under "Additional options", check the boxes next to *Verify file digital signatures* and *Detect TDLFS file system*, then click *OK*.









Click the *Start Scan* button.









Do not use the computer during the scan
If the scan completes with nothing found, click *Close* to exit.
If '*Suspicious objects*' are detected, the default action will be *Skip*. Leave the default set to Skip and click on *Continue*.
If *Malicious objects* are detected, they will show in the Scan results - Select action for found objects and offer three options.









Ensure *Cure* is selected...then click *Continue* -> *Reboot computer* *for cure completion.*









*Important! ->* If *Cure* *is not available*, please choose *Skip* instead. *Do not choose Delete unless instructed.* If you choose *Delete* you may *remove critical system files* and make your PC *unstable* or possibly *unbootable*.
A log file named *TDSSKiller_version_date_time_log.txt* will be created and saved to the root directory (usually Local Disk C: ).
Copy and paste the contents of that file in your next reply.
_-- If TDSSKiller does not run, try renaming it. To do this, right-click on *TDSSKiller.exe*, select *Rename* and give it a random name with the *.com* file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it to something else *before* beginning the download and saving to the computer or to perform the scan in "safe mode"._


----------



## Mark1956 (May 7, 2011)

Just thought of something else you could try before running TDSSKiller.

Delete the Combofix icon from the desktop and download a fresh copy using the link in the original instructions, then continue with the instructions in post 37. If it then runs ok post the log and wait for further instructions. If it still won't run to completion try running it without the script input and post the log.


----------



## pcme (Jul 10, 2012)

13:19:09.0945 5928 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
13:19:10.0430 5928 ============================================================
13:19:10.0430 5928 Current date / time: 2012/07/30 13:19:10.0430
13:19:10.0430 5928 SystemInfo:
13:19:10.0430 5928 
13:19:10.0430 5928 OS Version: 5.1.2600 ServicePack: 3.0
13:19:10.0430 5928 Product type: Workstation
13:19:10.0430 5928 ComputerName: MINE
13:19:10.0430 5928 UserName: HP_Administrator
13:19:10.0430 5928 Windows directory: C:\WINDOWS
13:19:10.0430 5928 System windows directory: C:\WINDOWS
13:19:10.0430 5928 Processor architecture: Intel x86
13:19:10.0430 5928 Number of processors: 1
13:19:10.0430 5928 Page size: 0x1000
13:19:10.0430 5928 Boot type: Normal boot
13:19:10.0430 5928 ============================================================
13:19:14.0586 5928 Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:19:14.0648 5928 ============================================================
13:19:14.0648 5928 \Device\Harddisk0\DR0:
13:19:14.0648 5928 MBR partitions:
13:19:14.0648 5928 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1006857
13:19:14.0648 5928 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1006896, BlocksNum 0x1649752B
13:19:14.0648 5928 ============================================================
13:19:14.0898 5928 C: <-> \Device\Harddisk0\DR0\Partition1
13:19:14.0930 5928 D: <-> \Device\Harddisk0\DR0\Partition0
13:19:14.0977 5928 ============================================================
13:19:14.0977 5928 Initialize success
13:19:14.0977 5928 ============================================================
13:20:49.0023 4820 ============================================================
13:20:49.0023 4820 Scan started
13:20:49.0023 4820 Mode: Manual; SigCheck; TDLFS; 
13:20:49.0023 4820 ============================================================
13:20:51.0102 4820 Abiosdsk - ok
13:20:51.0117 4820 abp480n5 - ok
13:20:51.0164 4820 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:20:51.0539 4820 ACPI - ok
13:20:51.0602 4820 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
13:20:51.0758 4820 ACPIEC - ok
13:20:51.0945 4820 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
13:20:51.0961 4820 AdobeFlashPlayerUpdateSvc - ok
13:20:51.0977 4820 adpu160m - ok
13:20:52.0008 4820 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
13:20:52.0180 4820 aec - ok
13:20:52.0336 4820 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
13:20:52.0414 4820 AFD - ok
13:20:52.0414 4820 Aha154x - ok
13:20:52.0430 4820 aic78u2 - ok
13:20:52.0445 4820 aic78xx - ok
13:20:52.0805 4820 ALCXWDM (781c5ec517c53f5214b61253b20c13c4) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
13:20:52.0945 4820 ALCXWDM - ok
13:20:53.0227 4820 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
13:20:53.0367 4820 Alerter - ok
13:20:53.0383 4820 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
13:20:53.0539 4820 ALG - ok
13:20:53.0602 4820 AliIde - ok
13:20:53.0633 4820 AmdK8 (efbb0956baed786e137351b5ca272aef) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
13:20:53.0711 4820 AmdK8 - ok
13:20:53.0711 4820 amsint - ok
13:20:54.0148 4820 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:20:54.0352 4820 Apple Mobile Device - ok
13:20:55.0445 4820 Application Updater (293e66aa529f0fba1aa56340e293a389) C:\Program Files\Application Updater\ApplicationUpdater.exe
13:20:55.0789 4820 Application Updater ( UnsignedFile.Multi.Generic ) - warning
13:20:55.0789 4820 Application Updater - detected UnsignedFile.Multi.Generic (1)
13:20:56.0461 4820 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll
13:20:56.0695 4820 AppMgmt - ok
13:20:56.0992 4820 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
13:20:57.0164 4820 Arp1394 - ok
13:20:57.0180 4820 asc - ok
13:20:57.0195 4820 asc3350p - ok
13:20:57.0195 4820 asc3550 - ok
13:20:57.0320 4820 Aspi32 (54ab078660e536da72b21a27f56b035b) C:\WINDOWS\system32\drivers\aspi32.sys
13:20:57.0414 4820 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
13:20:57.0414 4820 Aspi32 - detected UnsignedFile.Multi.Generic (1)
13:20:58.0023 4820 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
13:20:58.0336 4820 aspnet_state - ok
13:20:58.0430 4820 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:20:58.0633 4820 AsyncMac - ok
13:20:59.0039 4820 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
13:20:59.0242 4820 atapi - ok
13:20:59.0258 4820 Atdisk - ok
13:20:59.0305 4820 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:20:59.0445 4820 Atmarpc - ok
13:20:59.0617 4820 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
13:20:59.0773 4820 AudioSrv - ok
13:20:59.0836 4820 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
13:21:00.0008 4820 audstub - ok
13:21:00.0930 4820 AVGIDSAgent (d67719bcfde5798f5c30d14efed3bcaf) C:\Program Files\AVG\AVG2012\avgidsagent.exe
13:21:01.0273 4820 AVGIDSAgent - ok
13:21:01.0539 4820 AVGIDSDriver (1074f787080068c71303b61fae7e7ca4) C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
13:21:01.0602 4820 AVGIDSDriver - ok
13:21:01.0664 4820 AVGIDSFilter (61a7e0b02f82cff3db2445bbe50b3589) C:\WINDOWS\system32\DRIVERS\avgidsfilterx.sys
13:21:01.0680 4820 AVGIDSFilter - ok
13:21:01.0727 4820 AVGIDSHX (d63d83659eedf60b3a3e620281a888e5) C:\WINDOWS\system32\DRIVERS\avgidshx.sys
13:21:01.0742 4820 AVGIDSHX - ok
13:21:01.0789 4820 AVGIDSShim (baf975b72062f53d327788e99d64197e) C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
13:21:01.0789 4820 AVGIDSShim - ok
13:21:01.0836 4820 Avgldx86 (dda6a2a18841e4c9172bb85958b8d948) C:\WINDOWS\system32\DRIVERS\avgldx86.sys
13:21:01.0867 4820 Avgldx86 - ok
13:21:01.0883 4820 Avgmfx86 (ccdd61545aaea265977e4b1efdc74e8c) C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
13:21:01.0898 4820 Avgmfx86 - ok
13:21:01.0961 4820 Avgrkx86 (1fd90b28d2c3100bf4500199c8ad6358) C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
13:21:01.0977 4820 Avgrkx86 - ok
13:21:02.0070 4820 Avgtdix (1263f2554ace925c237a40b4c568d815) C:\WINDOWS\system32\DRIVERS\avgtdix.sys
13:21:02.0102 4820 Avgtdix - ok
13:21:02.0242 4820 avgwd (ea1145debcd508fd25bd1e95c4346929) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
13:21:02.0273 4820 avgwd - ok
13:21:02.0398 4820 BBSvc (f48feb7da35821da15e0b006dcb9a169) C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.exe
13:21:02.0430 4820 BBSvc - ok
13:21:02.0539 4820 BBUpdate (8e16f7a85441986fd2b9ce6c879524e4) C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
13:21:02.0555 4820 BBUpdate - ok
13:21:02.0602 4820 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
13:21:02.0789 4820 Beep - ok
13:21:02.0867 4820 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
13:21:03.0164 4820 BITS - ok
13:21:03.0258 4820 Bonjour Service (f832f1505ad8b83474bd9a5b1b985e01) C:\Program Files\Bonjour\mDNSResponder.exe
13:21:03.0305 4820 Bonjour Service - ok
13:21:03.0367 4820 Bridge (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
13:21:03.0492 4820 Bridge - ok
13:21:03.0508 4820 BridgeMP (f934d1b230f84e1d19dd00ac5a7a83ed) C:\WINDOWS\system32\DRIVERS\bridge.sys
13:21:03.0617 4820 BridgeMP - ok
13:21:03.0664 4820 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
13:21:03.0789 4820 Browser - ok
13:21:03.0977 4820 catchme - ok
13:21:04.0008 4820 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
13:21:04.0180 4820 cbidf2k - ok
13:21:04.0227 4820 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:21:04.0352 4820 CCDECODE - ok
13:21:04.0367 4820 cd20xrnt - ok
13:21:04.0383 4820 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
13:21:04.0570 4820 Cdaudio - ok
13:21:04.0602 4820 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
13:21:04.0742 4820 Cdfs - ok
13:21:04.0867 4820 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:21:04.0992 4820 Cdrom - ok
13:21:05.0008 4820 Changer - ok
13:21:05.0039 4820 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
13:21:05.0148 4820 CiSvc - ok
13:21:05.0180 4820 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
13:21:05.0320 4820 ClipSrv - ok
13:21:05.0430 4820 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:21:05.0523 4820 clr_optimization_v2.0.50727_32 - ok
13:21:05.0523 4820 CmdIde - ok
13:21:05.0539 4820 COMSysApp - ok
13:21:05.0555 4820 Cpqarray - ok
13:21:05.0586 4820 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
13:21:05.0727 4820 CryptSvc - ok
13:21:05.0727 4820 dac2w2k - ok
13:21:05.0742 4820 dac960nt - ok
13:21:05.0820 4820 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
13:21:05.0930 4820 DcomLaunch - ok
13:21:05.0992 4820 Dhcp (c51de19619d50cbd03708647aca10e70) C:\WINDOWS\System32\dhcpcsvc.dll
13:21:06.0055 4820 Dhcp - ok
13:21:06.0102 4820 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
13:21:06.0242 4820 Disk - ok
13:21:06.0242 4820 dmadmin - ok
13:21:06.0305 4820 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
13:21:06.0492 4820 dmboot - ok
13:21:06.0508 4820 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
13:21:06.0664 4820 dmio - ok
13:21:06.0695 4820 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
13:21:06.0914 4820 dmload - ok
13:21:07.0008 4820 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
13:21:07.0133 4820 dmserver - ok
13:21:07.0258 4820 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
13:21:07.0383 4820 DMusic - ok
13:21:07.0492 4820 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
13:21:07.0711 4820 Dnscache - ok
13:21:07.0883 4820 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
13:21:08.0008 4820 Dot3svc - ok
13:21:08.0023 4820 dpti2o - ok
13:21:08.0070 4820 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
13:21:08.0180 4820 drmkaud - ok
13:21:08.0195 4820 EagleNT - ok
13:21:08.0383 4820 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
13:21:08.0523 4820 EapHost - ok
13:21:08.0820 4820 ehRecvr (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
13:21:08.0961 4820 ehRecvr - ok
13:21:09.0023 4820 ehSched (a53243709439ac2a4c216b817f8d7411) C:\WINDOWS\eHome\ehSched.exe
13:21:09.0070 4820 ehSched - ok
13:21:09.0102 4820 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
13:21:09.0227 4820 ERSvc - ok
13:21:09.0273 4820 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:21:09.0305 4820 Eventlog - ok
13:21:09.0367 4820 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
13:21:09.0430 4820 EventSystem - ok
13:21:09.0477 4820 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
13:21:09.0617 4820 Fastfat - ok
13:21:09.0664 4820 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:21:09.0773 4820 FastUserSwitchingCompatibility - ok
13:21:09.0789 4820 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
13:21:09.0914 4820 Fdc - ok
13:21:09.0977 4820 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
13:21:10.0117 4820 Fips - ok
13:21:10.0148 4820 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
13:21:10.0258 4820 Flpydisk - ok
13:21:10.0305 4820 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
13:21:10.0445 4820 FltMgr - ok
13:21:10.0570 4820 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:21:10.0602 4820 FontCache3.0.0.0 - ok
13:21:10.0680 4820 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:21:10.0852 4820 Fs_Rec - ok
13:21:10.0883 4820 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:21:11.0086 4820 Ftdisk - ok
13:21:11.0102 4820 ftsata2 - ok
13:21:11.0148 4820 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
13:21:11.0148 4820 GEARAspiWDM - ok
13:21:11.0211 4820 ggflt (007aea2e06e7cef7372e40c277163959) C:\WINDOWS\system32\DRIVERS\ggflt.sys
13:21:11.0227 4820 ggflt - ok
13:21:11.0258 4820 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\WINDOWS\system32\DRIVERS\ggsemc.sys
13:21:11.0273 4820 ggsemc - ok
13:21:11.0289 4820 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:21:11.0414 4820 Gpc - ok
13:21:11.0445 4820 grmnusb (6003bc70f1a8307262bd3c941bda0b7e) C:\WINDOWS\system32\drivers\grmnusb.sys
13:21:11.0477 4820 grmnusb - ok
13:21:11.0617 4820 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:21:11.0633 4820 gupdate - ok
13:21:11.0633 4820 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
13:21:11.0664 4820 gupdatem - ok
13:21:11.0680 4820 GVCplDrv (f22bf7f345df95c09942951246aaa28d) C:\WINDOWS\system32\drivers\GVCplDrv.sys
13:21:11.0680 4820 GVCplDrv ( UnsignedFile.Multi.Generic ) - warning
13:21:11.0680 4820 GVCplDrv - detected UnsignedFile.Multi.Generic (1)
13:21:11.0727 4820 GVTDrv (53651772b30798c13486776e6aa4786a) C:\WINDOWS\system32\Drivers\GVTDrv.sys
13:21:11.0742 4820 GVTDrv ( UnsignedFile.Multi.Generic ) - warning
13:21:11.0742 4820 GVTDrv - detected UnsignedFile.Multi.Generic (1)
13:21:11.0836 4820 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:21:11.0961 4820 helpsvc - ok
13:21:12.0023 4820 HidServ (deb04da35cc871b6d309b77e1443c796) C:\WINDOWS\System32\hidserv.dll
13:21:12.0148 4820 HidServ - ok
13:21:12.0195 4820 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:21:12.0305 4820 HidUsb - ok
13:21:12.0430 4820 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
13:21:12.0602 4820 hkmsvc - ok
13:21:12.0602 4820 hpn - ok
13:21:12.0695 4820 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
13:21:12.0758 4820 HTTP - ok
13:21:12.0789 4820 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
13:21:12.0945 4820 HTTPFilter - ok
13:21:12.0961 4820 i2omgmt - ok
13:21:12.0977 4820 i2omp - ok
13:21:13.0008 4820 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:21:13.0133 4820 i8042prt - ok
13:21:13.0273 4820 iaStor (79ae2a97c120f282845d854d0f070ea9) C:\WINDOWS\system32\DRIVERS\iaStor.sys
13:21:13.0398 4820 iaStor - ok
13:21:13.0477 4820 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:21:13.0492 4820 IDriverT ( UnsignedFile.Multi.Generic ) - warning
13:21:13.0492 4820 IDriverT - detected UnsignedFile.Multi.Generic (1)
13:21:13.0680 4820 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:21:13.0758 4820 idsvc - ok
13:21:13.0945 4820 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
13:21:14.0070 4820 Imapi - ok
13:21:14.0117 4820 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
13:21:14.0242 4820 ImapiService - ok
13:21:14.0258 4820 ini910u - ok
13:21:14.0289 4820 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
13:21:14.0398 4820 IntelIde - ok
13:21:14.0430 4820 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:21:14.0539 4820 intelppm - ok
13:21:14.0555 4820 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
13:21:14.0680 4820 Ip6Fw - ok
13:21:14.0727 4820 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:21:14.0898 4820 IpFilterDriver - ok
13:21:14.0945 4820 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:21:15.0055 4820 IpInIp - ok
13:21:15.0102 4820 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:21:15.0242 4820 IpNat - ok
13:21:15.0398 4820 iPod Service (82b9bf8f3cb7f443fbb7fecd5350665b) C:\Program Files\iPod\bin\iPodService.exe
13:21:15.0461 4820 iPod Service - ok
13:21:15.0492 4820 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:21:15.0602 4820 IPSec - ok
13:21:15.0648 4820 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
13:21:15.0773 4820 IRENUM - ok
13:21:15.0805 4820 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:21:15.0914 4820 isapnp - ok
13:21:16.0055 4820 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
13:21:16.0086 4820 JavaQuickStarterService - ok
13:21:16.0102 4820 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:21:16.0211 4820 Kbdclass - ok
13:21:16.0227 4820 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:21:16.0352 4820 kbdhid - ok
13:21:16.0398 4820 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
13:21:16.0539 4820 kmixer - ok
13:21:16.0602 4820 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
13:21:16.0695 4820 KSecDD - ok
13:21:16.0742 4820 L8042Kbd (5a11400ea1f0a106fe7edb28c270f7b8) C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
13:21:16.0805 4820 L8042Kbd - ok
13:21:16.0867 4820 L8042mou (20c919b52897b72ebcb2ad2fc29d8ef0) C:\WINDOWS\system32\Drivers\L8042mou.sys
13:21:16.0945 4820 L8042mou - ok
13:21:16.0992 4820 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
13:21:17.0086 4820 lanmanserver - ok
13:21:17.0164 4820 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
13:21:17.0211 4820 lanmanworkstation - ok
13:21:17.0211 4820 lbrtfdc - ok
13:21:17.0273 4820 LHidKe (31b582394da3290dff300f10952e9a4d) C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
13:21:17.0289 4820 LHidKe - ok
13:21:17.0414 4820 LightScribeService (559c9b7800fac92fc515cd0003d7c631) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
13:21:17.0445 4820 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
13:21:17.0445 4820 LightScribeService - detected UnsignedFile.Multi.Generic (1)
13:21:17.0492 4820 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
13:21:17.0602 4820 LmHosts - ok
13:21:17.0664 4820 LMouKE (90a794d0a0bf3531c4ba1c0510449629) C:\WINDOWS\system32\Drivers\LMouKE.sys
13:21:17.0695 4820 LMouKE - ok
13:21:17.0773 4820 ltmodem5 (9ee18a5a45552673a67532ea37370377) C:\WINDOWS\system32\DRIVERS\ltmdmnt.sys
13:21:17.0883 4820 ltmodem5 - ok
13:21:17.0945 4820 Mach2 (7cdb64f2c2a32178fc3bd1eb264f7b08) C:\WINDOWS\system32\Drivers\Mach2.sys
13:21:17.0961 4820 Mach2 ( UnsignedFile.Multi.Generic ) - warning
13:21:17.0961 4820 Mach2 - detected UnsignedFile.Multi.Generic (1)
13:21:18.0008 4820 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
13:21:18.0023 4820 MBAMProtector - ok
13:21:18.0117 4820 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
13:21:18.0164 4820 MBAMService - ok
13:21:18.0242 4820 McrdSvc (bec8d118490817f93fbe620b30ec7264) C:\WINDOWS\ehome\McrdSvc.exe
13:21:18.0258 4820 McrdSvc ( UnsignedFile.Multi.Generic ) - warning
13:21:18.0258 4820 McrdSvc - detected UnsignedFile.Multi.Generic (1)
13:21:18.0398 4820 MDM (11f714f85530a2bd134074dc30e99fca) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
13:21:18.0414 4820 MDM - ok
13:21:18.0539 4820 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
13:21:18.0648 4820 Messenger - ok
13:21:18.0711 4820 MHN (b7521f69c0a9b29d356157229376fb21) C:\WINDOWS\System32\mhn.dll
13:21:18.0727 4820 MHN ( UnsignedFile.Multi.Generic ) - warning
13:21:18.0727 4820 MHN - detected UnsignedFile.Multi.Generic (1)
13:21:18.0820 4820 MHNDRV (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
13:21:18.0820 4820 MHNDRV ( UnsignedFile.Multi.Generic ) - warning
13:21:18.0820 4820 MHNDRV - detected UnsignedFile.Multi.Generic (1)
13:21:18.0945 4820 Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
13:21:18.0961 4820 Microsoft Office Groove Audit Service - ok
13:21:18.0977 4820 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
13:21:19.0164 4820 mnmdd - ok
13:21:19.0180 4820 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
13:21:19.0305 4820 mnmsrvc - ok
13:21:19.0352 4820 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
13:21:19.0445 4820 Modem - ok
13:21:19.0477 4820 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
13:21:19.0648 4820 MODEMCSA - ok
13:21:19.0680 4820 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:21:19.0805 4820 Mouclass - ok
13:21:19.0836 4820 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:21:19.0992 4820 mouhid - ok
13:21:20.0039 4820 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
13:21:20.0148 4820 MountMgr - ok
13:21:20.0242 4820 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
13:21:20.0273 4820 MozillaMaintenance - ok
13:21:20.0289 4820 mraid35x - ok
13:21:20.0305 4820 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:21:20.0430 4820 MRxDAV - ok
13:21:20.0617 4820 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:21:20.0758 4820 MRxSmb - ok
13:21:20.0820 4820 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
13:21:20.0930 4820 MSDTC - ok
13:21:20.0961 4820 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
13:21:21.0070 4820 Msfs - ok
13:21:21.0086 4820 MSIServer - ok
13:21:21.0117 4820 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:21:21.0242 4820 MSKSSRV - ok
13:21:21.0258 4820 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:21:21.0367 4820 MSPCLOCK - ok
13:21:21.0383 4820 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
13:21:21.0508 4820 MSPQM - ok
13:21:21.0539 4820 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:21:21.0680 4820 mssmbios - ok
13:21:21.0711 4820 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
13:21:21.0820 4820 MSTEE - ok
13:21:21.0852 4820 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
13:21:21.0898 4820 Mup - ok
13:21:21.0945 4820 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:21:22.0070 4820 NABTSFEC - ok
13:21:22.0133 4820 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
13:21:22.0273 4820 napagent - ok
13:21:22.0320 4820 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
13:21:22.0430 4820 NDIS - ok
13:21:22.0461 4820 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:21:22.0586 4820 NdisIP - ok
13:21:22.0648 4820 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:21:22.0711 4820 NdisTapi - ok
13:21:22.0758 4820 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:21:22.0898 4820 Ndisuio - ok
13:21:22.0930 4820 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:21:23.0039 4820 NdisWan - ok
13:21:23.0055 4820 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
13:21:23.0133 4820 NDProxy - ok
13:21:23.0148 4820 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
13:21:23.0273 4820 NetBIOS - ok
13:21:23.0336 4820 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
13:21:23.0461 4820 NetBT - ok
13:21:23.0508 4820 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:21:23.0648 4820 NetDDE - ok
13:21:23.0648 4820 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
13:21:23.0773 4820 NetDDEdsdm - ok
13:21:23.0789 4820 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:23.0930 4820 Netlogon - ok
13:21:23.0977 4820 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
13:21:24.0117 4820 Netman - ok
13:21:24.0258 4820 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:21:24.0289 4820 NetTcpPortSharing - ok
13:21:24.0367 4820 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
13:21:24.0492 4820 NIC1394 - ok
13:21:24.0555 4820 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
13:21:24.0602 4820 Nla - ok
13:21:24.0742 4820 NMIndexingService - ok
13:21:24.0789 4820 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
13:21:24.0914 4820 Npfs - ok
13:21:25.0008 4820 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
13:21:25.0180 4820 Ntfs - ok
13:21:25.0211 4820 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:25.0320 4820 NtLmSsp - ok
13:21:25.0398 4820 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
13:21:25.0555 4820 NtmsSvc - ok
13:21:25.0586 4820 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
13:21:25.0758 4820 Null - ok
13:21:26.0336 4820 nv (9f4384aa43548ddd438f7b7825d11699) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:21:26.0773 4820 nv - ok
13:21:27.0070 4820 NVSvc (0c41c4acfe00d826db479c40c1d9edc8) C:\WINDOWS\system32\nvsvc32.exe
13:21:27.0117 4820 NVSvc - ok
13:21:27.0195 4820 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:21:27.0352 4820 NwlnkFlt - ok
13:21:27.0367 4820 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:21:27.0523 4820 NwlnkFwd - ok
13:21:27.0727 4820 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:21:27.0758 4820 odserv - ok
13:21:27.0820 4820 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
13:21:27.0945 4820 ohci1394 - ok
13:21:28.0008 4820 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:21:28.0023 4820 ose - ok
13:21:28.0070 4820 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
13:21:28.0195 4820 Parport - ok
13:21:28.0242 4820 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
13:21:28.0367 4820 PartMgr - ok
13:21:28.0398 4820 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
13:21:28.0555 4820 ParVdm - ok
13:21:28.0586 4820 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
13:21:28.0711 4820 PCI - ok
13:21:28.0711 4820 PCIDump - ok
13:21:28.0742 4820 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
13:21:28.0898 4820 PCIIde - ok
13:21:28.0977 4820 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
13:21:29.0102 4820 Pcmcia - ok
13:21:29.0102 4820 PDCOMP - ok
13:21:29.0117 4820 PDFRAME - ok
13:21:29.0133 4820 PDRELI - ok
13:21:29.0148 4820 PDRFRAME - ok
13:21:29.0148 4820 perc2 - ok
13:21:29.0164 4820 perc2hib - ok
13:21:29.0242 4820 PhilCam8116 (8754763a924639b9d07d4c8ea9990f1e) C:\WINDOWS\system32\DRIVERS\CamDrO21.sys
13:21:29.0383 4820 PhilCam8116 - ok
13:21:29.0445 4820 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
13:21:29.0492 4820 PlugPlay - ok
13:21:29.0539 4820 Pml Driver HPZ12 (9d84376931440f3679beef2a414fa493) C:\WINDOWS\system32\HPZipm12.exe
13:21:29.0539 4820 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
13:21:29.0539 4820 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
13:21:29.0602 4820 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:29.0711 4820 PolicyAgent - ok
13:21:29.0773 4820 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:21:29.0898 4820 PptpMiniport - ok
13:21:29.0914 4820 Processor (a32bebaf723557681bfc6bd93e98bd26) C:\WINDOWS\system32\DRIVERS\processr.sys
13:21:30.0039 4820 Processor - ok
13:21:30.0039 4820 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:30.0148 4820 ProtectedStorage - ok
13:21:30.0180 4820 Ps2 (390c204ced3785609ab24e9c52054a84) C:\WINDOWS\system32\DRIVERS\PS2.sys
13:21:30.0211 4820 Ps2 - ok
13:21:30.0227 4820 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
13:21:30.0352 4820 PSched - ok
13:21:30.0383 4820 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:21:30.0539 4820 Ptilink - ok
13:21:30.0570 4820 PxHelp20 (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:21:30.0586 4820 PxHelp20 - ok
13:21:30.0602 4820 ql1080 - ok
13:21:30.0617 4820 Ql10wnt - ok
13:21:30.0633 4820 ql12160 - ok
13:21:30.0648 4820 ql1240 - ok
13:21:30.0648 4820 ql1280 - ok
13:21:30.0664 4820 qqviagb - ok
13:21:30.0758 4820 QWAVE (d2ea58899fcf66539fad12897b787216) C:\WINDOWS\system32\qwave.dll
13:21:30.0773 4820 QWAVE ( UnsignedFile.Multi.Generic ) - warning
13:21:30.0773 4820 QWAVE - detected UnsignedFile.Multi.Generic (1)
13:21:30.0789 4820 QWAVEDRV (2bb1d2baf3493362e5c1949c5f210d5f) C:\WINDOWS\system32\DRIVERS\qwavedrv.sys
13:21:30.0805 4820 QWAVEDRV ( UnsignedFile.Multi.Generic ) - warning
13:21:30.0805 4820 QWAVEDRV - detected UnsignedFile.Multi.Generic (1)
13:21:30.0836 4820 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:21:30.0977 4820 RasAcd - ok
13:21:31.0023 4820 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
13:21:31.0148 4820 RasAuto - ok
13:21:31.0180 4820 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:21:31.0305 4820 Rasl2tp - ok
13:21:31.0367 4820 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
13:21:31.0539 4820 RasMan - ok
13:21:31.0555 4820 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:21:31.0680 4820 RasPppoe - ok
13:21:31.0711 4820 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
13:21:31.0867 4820 Raspti - ok
13:21:31.0914 4820 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:21:32.0070 4820 Rdbss - ok
13:21:32.0086 4820 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:21:32.0227 4820 RDPCDD - ok
13:21:32.0273 4820 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
13:21:32.0398 4820 rdpdr - ok
13:21:32.0461 4820 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
13:21:32.0539 4820 RDPWD - ok
13:21:32.0602 4820 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
13:21:32.0727 4820 RDSessMgr - ok
13:21:32.0758 4820 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
13:21:32.0867 4820 redbook - ok
13:21:32.0930 4820 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
13:21:33.0055 4820 RemoteAccess - ok
13:21:33.0086 4820 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll
13:21:33.0227 4820 RemoteRegistry - ok
13:21:33.0305 4820 RMSvc (868e6c58e9b301a768ae50e2a8e3c5d5) C:\WINDOWS\ehome\RMSvc.exe
13:21:33.0336 4820 RMSvc ( UnsignedFile.Multi.Generic ) - warning
13:21:33.0336 4820 RMSvc - detected UnsignedFile.Multi.Generic (1)
13:21:33.0383 4820 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
13:21:33.0492 4820 RpcLocator - ok
13:21:33.0602 4820 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
13:21:33.0648 4820 RpcSs - ok
13:21:33.0711 4820 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
13:21:33.0836 4820 RSVP - ok
13:21:33.0914 4820 RT73 (cb20f16afdba63707fb971e0922edec1) C:\WINDOWS\system32\DRIVERS\Dr71WU.sys
13:21:33.0945 4820 RT73 ( UnsignedFile.Multi.Generic ) - warning
13:21:33.0945 4820 RT73 - detected UnsignedFile.Multi.Generic (1)
13:21:33.0992 4820 RTL8023xp (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
13:21:34.0086 4820 RTL8023xp - ok
13:21:34.0117 4820 rtl8139 (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
13:21:34.0180 4820 rtl8139 - ok
13:21:34.0227 4820 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
13:21:34.0336 4820 SamSs - ok
13:21:34.0383 4820 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
13:21:34.0508 4820 SCardSvr - ok
13:21:34.0555 4820 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
13:21:34.0664 4820 Schedule - ok
13:21:34.0727 4820 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:21:34.0852 4820 Secdrv - ok
13:21:34.0883 4820 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
13:21:34.0992 4820 seclogon - ok
13:21:35.0023 4820 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
13:21:35.0148 4820 SENS - ok
13:21:35.0195 4820 Serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
13:21:35.0305 4820 Serenum - ok
13:21:35.0367 4820 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
13:21:35.0492 4820 Serial - ok
13:21:35.0523 4820 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
13:21:35.0648 4820 Sfloppy - ok
13:21:35.0727 4820 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
13:21:35.0867 4820 SharedAccess - ok
13:21:35.0930 4820 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:21:35.0992 4820 ShellHWDetection - ok
13:21:35.0992 4820 Simbad - ok
13:21:36.0055 4820 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:21:36.0180 4820 SLIP - ok
13:21:36.0258 4820 smserial (0c81c75a42a4e920a91a8bb729b10449) C:\WINDOWS\system32\DRIVERS\smserial.sys
13:21:36.0352 4820 smserial - ok
13:21:36.0492 4820 Sony PC Companion (5177d14a78e60fd61dcfc6b388e7e971) C:\Program Files\Sony\Sony PC Companion\PCCService.exe
13:21:36.0508 4820 Sony PC Companion - ok
13:21:36.0789 4820 Sparrow - ok
13:21:36.0852 4820 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
13:21:36.0977 4820 splitter - ok
13:21:37.0023 4820 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
13:21:37.0070 4820 Spooler - ok
13:21:37.0164 4820 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\System32\Drivers\sptd.sys
13:21:37.0320 4820 sptd - ok
13:21:37.0477 4820 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
13:21:37.0602 4820 sr - ok
13:21:37.0664 4820 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
13:21:37.0773 4820 srservice - ok
13:21:37.0852 4820 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
13:21:37.0992 4820 Srv - ok
13:21:38.0039 4820 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
13:21:38.0164 4820 SSDPSRV - ok
13:21:38.0211 4820 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
13:21:38.0336 4820 stisvc - ok
13:21:38.0367 4820 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:21:38.0492 4820 streamip - ok
13:21:38.0523 4820 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
13:21:38.0633 4820 swenum - ok
13:21:38.0664 4820 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
13:21:38.0773 4820 swmidi - ok
13:21:38.0789 4820 SwPrv - ok
13:21:39.0070 4820 Symantec RemoteAssist - ok
13:21:39.0070 4820 symc810 - ok
13:21:39.0086 4820 symc8xx - ok
13:21:39.0102 4820 sym_hi - ok
13:21:39.0117 4820 sym_u3 - ok
13:21:39.0148 4820 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
13:21:39.0273 4820 sysaudio - ok
13:21:39.0320 4820 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
13:21:39.0445 4820 SysmonLog - ok
13:21:39.0492 4820 tap0901 (98a1e6bc9f766b0b0a5bf00af847ef20) C:\WINDOWS\system32\DRIVERS\tap0901.sys
13:21:39.0508 4820 tap0901 ( UnsignedFile.Multi.Generic ) - warning
13:21:39.0508 4820 tap0901 - detected UnsignedFile.Multi.Generic (1)
13:21:39.0555 4820 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
13:21:39.0695 4820 TapiSrv - ok
13:21:39.0758 4820 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:21:39.0805 4820 Tcpip - ok
13:21:39.0836 4820 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
13:21:39.0945 4820 TDPIPE - ok
13:21:39.0977 4820 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
13:21:40.0102 4820 TDTCP - ok
13:21:40.0117 4820 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
13:21:40.0242 4820 TermDD - ok
13:21:40.0289 4820 TermService (7a014d2211ff90c76f20b776822b332e) C:\WINDOWS\System32\termsrv.dll
13:21:40.0367 4820 TermService - ok
13:21:40.0414 4820 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
13:21:40.0430 4820 Themes - ok
13:21:40.0461 4820 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe
13:21:40.0586 4820 TlntSvr - ok
13:21:40.0602 4820 TosIde - ok
13:21:40.0648 4820 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
13:21:40.0773 4820 TrkWks - ok
13:21:40.0805 4820 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
13:21:40.0914 4820 Udfs - ok
13:21:41.0055 4820 UleadBurningHelper (332d341d92b933600d41953b08360dfb) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
13:21:41.0070 4820 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
13:21:41.0070 4820 UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
13:21:41.0086 4820 ultra - ok
13:21:41.0148 4820 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
13:21:41.0289 4820 Update - ok
13:21:41.0352 4820 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
13:21:41.0477 4820 upnphost - ok
13:21:41.0508 4820 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
13:21:41.0617 4820 UPS - ok
13:21:41.0680 4820 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
13:21:41.0773 4820 USBAAPL - ok
13:21:41.0820 4820 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
13:21:41.0930 4820 usbaudio - ok
13:21:41.0977 4820 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:21:42.0102 4820 usbccgp - ok
13:21:42.0164 4820 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:21:42.0289 4820 usbehci - ok
13:21:42.0320 4820 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:21:42.0445 4820 usbhub - ok
13:21:42.0492 4820 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
13:21:42.0617 4820 usbohci - ok
13:21:42.0664 4820 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:21:42.0789 4820 usbprint - ok
13:21:42.0820 4820 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:21:42.0930 4820 usbscan - ok
13:21:42.0961 4820 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:21:43.0070 4820 USBSTOR - ok
13:21:43.0117 4820 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:21:43.0211 4820 usbuhci - ok
13:21:43.0258 4820 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
13:21:43.0367 4820 VgaSave - ok
13:21:43.0414 4820 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys
13:21:43.0539 4820 ViaIde - ok
13:21:43.0555 4820 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
13:21:43.0664 4820 VolSnap - ok
13:21:43.0711 4820 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
13:21:43.0852 4820 VSS - ok
13:21:43.0977 4820 vToolbarUpdater11.2.0 (8ed347bad8d1fb7c40b593bfb01786d2) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe
13:21:44.0055 4820 vToolbarUpdater11.2.0 - ok
13:21:44.0273 4820 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
13:21:44.0398 4820 W32Time - ok
13:21:44.0539 4820 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:21:44.0664 4820 Wanarp - ok
13:21:44.0742 4820 Wdf01000 (bbcfeab7e871cddac2d397ee7fa91fdc) C:\WINDOWS\system32\Drivers\wdf01000.sys
13:21:44.0773 4820 Wdf01000 - ok
13:21:44.0789 4820 WDICA - ok
13:21:44.0820 4820 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
13:21:44.0945 4820 wdmaud - ok
13:21:45.0008 4820 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
13:21:45.0133 4820 WebClient - ok
13:21:45.0227 4820 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
13:21:45.0367 4820 winmgmt - ok
13:21:45.0430 4820 WmBEnum (1abfd1399436e81c9d857f5fc76eaf98) C:\WINDOWS\system32\drivers\WmBEnum.sys
13:21:45.0477 4820 WmBEnum - ok
13:21:45.0523 4820 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
13:21:45.0570 4820 WmdmPmSN - ok
13:21:45.0617 4820 WmFilter (b3cfcbcc91ff61ef82fc693b8b57e7f0) C:\WINDOWS\system32\drivers\WmFilter.sys
13:21:45.0680 4820 WmFilter - ok
13:21:45.0773 4820 Wmi (e76f8807070ed04e7408a86d6d3a6137) C:\WINDOWS\System32\advapi32.dll
13:21:45.0867 4820 Wmi - ok
13:21:45.0930 4820 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
13:21:46.0055 4820 WmiApSrv - ok
13:21:46.0227 4820 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
13:21:46.0305 4820 WMPNetworkSvc - ok
13:21:46.0414 4820 WmVirHid (a40d2dd0f019423ef6c363f1295eb38d) C:\WINDOWS\system32\drivers\WmVirHid.sys
13:21:46.0461 4820 WmVirHid - ok
13:21:46.0508 4820 WmXlCore (2bf505424f469155cd90d7b3301d7adc) C:\WINDOWS\system32\drivers\WmXlCore.sys
13:21:46.0539 4820 WmXlCore - ok
13:21:46.0602 4820 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
13:21:46.0617 4820 WpdUsb - ok
13:21:46.0664 4820 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:21:46.0820 4820 WS2IFSL - ok
13:21:46.0883 4820 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
13:21:47.0008 4820 wscsvc - ok
13:21:47.0039 4820 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:21:47.0164 4820 WSTCODEC - ok
13:21:47.0211 4820 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
13:21:47.0367 4820 wuauserv - ok
13:21:47.0398 4820 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:21:47.0461 4820 WudfPf - ok
13:21:47.0492 4820 WUDFRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:21:47.0523 4820 WUDFRd - ok
13:21:47.0555 4820 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
13:21:47.0570 4820 WudfSvc - ok
13:21:47.0648 4820 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
13:21:47.0820 4820 WZCSVC - ok
13:21:47.0883 4820 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
13:21:48.0102 4820 xmlprov - ok
13:21:48.0117 4820 zmxpzip - ok
13:21:48.0195 4820 MBR (0x1B8) (0ac6d996bce152aed9600e6d6b797e2e) \Device\Harddisk0\DR0
13:21:48.0336 4820 \Device\Harddisk0\DR0 - ok
13:21:48.0352 4820 Boot (0x1200) (2354442338349c0931bd2d4b83675b3e) \Device\Harddisk0\DR0\Partition0
13:21:48.0352 4820 \Device\Harddisk0\DR0\Partition0 - ok
13:21:48.0367 4820 Boot (0x1200) (9d1f774fb666e64a6c55c897bf293c09) \Device\Harddisk0\DR0\Partition1
13:21:48.0367 4820 \Device\Harddisk0\DR0\Partition1 - ok
13:21:48.0367 4820 ============================================================
13:21:48.0367 4820 Scan finished
13:21:48.0367 4820 ============================================================
13:21:48.0492 4548 Detected object count: 17
13:21:48.0492 4548 Actual detected object count: 17
13:23:02.0133 4548 Application Updater ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 Application Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 GVCplDrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 GVCplDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 GVTDrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 GVTDrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 Mach2 ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 Mach2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 McrdSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 McrdSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 MHN ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 MHN ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0133 4548 MHNDRV ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0133 4548 MHNDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0148 4548 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0148 4548 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0148 4548 QWAVE ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0148 4548 QWAVE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0148 4548 QWAVEDRV ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0148 4548 QWAVEDRV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0148 4548 RMSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0148 4548 RMSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0148 4548 RT73 ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0148 4548 RT73 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0148 4548 tap0901 ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0148 4548 tap0901 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:23:02.0148 4548 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
13:23:02.0148 4548 UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip


----------



## Mark1956 (May 7, 2011)

TDSSkiller is only showing Unsigned files so no problem there, I just thought for a moment that a Rootkit might still be present and was blocking Combofix.

Try what I suggested in my last post and still leave out this entry:

C:\WINDOWS\system32\DBBK\293E66AA529F0FBA1AA56340E293A389

It is related to one of the tools we have used so is harmless.


----------



## pcme (Jul 10, 2012)

So the scan is still in the same spot for the past hour, dont think its working.


----------



## Mark1956 (May 7, 2011)

Ok, this is odd when considering that it ran ok the first time around. My only other suspicion is AVG is causing the problem which is not uncommon.

Unnstall AVG and then run this tool: AVG Removal tool
And install this to keep you protected: Microsoft Security Essentials
You can easily disable MSE by clicking on the icon in the taskbar and click on Open.
Click on Settings > In the left pane select Real-time protection.
Uncheck the box and click on Save Changes and shut the window.

Now try Combofix again.


----------



## pcme (Jul 10, 2012)

Sorry Ive taken so long, I ran the avg removal tool and rebooted, but when I run combofix it says its still running in the background. I tried running it anyways but it just does the same thing


----------



## pcme (Jul 10, 2012)

II also installed mircosoft security and turned it off before running.


----------



## Mark1956 (May 7, 2011)

Ok, please run DDS again and post both the logs, DDS.txt and Attach.txt.


----------



## pcme (Jul 10, 2012)

.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_33
Run by HP_Administrator at 19:45:08 on 2012-08-06
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.208 [GMT -4:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\program files\common files\installshield\updateservice\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\ALCXMNTR.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.ca/
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - c:\program files\avg\avg2012\avgdtiex.dll
BHO: DivX Plus Web Player HTML5 : {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll"
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: {D593DE91-7B41-45C2-830E-E9A99AB142AA} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
uRun: [Update Manager] "c:\program files\rogers\update manager\UpdateManager.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [LVCOMS] c:\program files\common files\logitech\qcdriver3\LVCOMS.EXE
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - c:\program files\avg\avg2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133478383321
DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - hxxp://launch.gamespyarcade.com/software/launch/alaunch.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {958FCAB0-616B-11D3-A63F-00001B322780} - hxxp://www.timeticker.com/Timeset/TcpServer.CAB
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DB31DA00-4F6F-4CC7-8627-C5A142E1FC7C} - hxxp://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{40C19284-9B9E-456F-A2F4-5567B1573D6A} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{BD4FB9D8-12B7-4433-B126-2CCE9D18B37B} : DhcpNameServer = 64.71.255.198
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\blvewxkk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/webhp?sourceid=navclient&ie=UTF-8
FF - prefs.js: keyword.URL - hxxp://isearch.avg.com/search?cid=%7B3868eed9-ec7a-44bd-b25a-5e975a6f41c6%7D&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&ds=AVG&v=11.0.0.9&lang=en&pr=fr&d=2012-05-02%2021%3A31%3A57&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - plugin: c:\program files\tvuplayer\npTVUAx.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_268.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\Npindeo.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
.
============= SERVICES / DRIVERS ===============
.
R? AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service
R? AVGIDSDriver;AVGIDSDriver
R? AVGIDSFilter;AVGIDSFilter
R? AVGIDSHX;AVGIDSHX
R? AVGIDSShim;AVGIDSShim
R? BBSvc;BingBar Service
R? ggflt;SEMC USB Flash Driver Filter
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? GVTDrv;GVTDrv
R? MozillaMaintenance;Mozilla Maintenance Service
R? qqviagb;qqviagb
R? Sony PC Companion;Sony PC Companion
S? Application Updater;Application Updater
S? BBUpdate;BBUpdate
S? Mach2;Mach2 Pulseing Service
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? McrdSvc;Media Center Extender Service
S? MpFilter;Microsoft Malware Protection Driver
.
=============== Created Last 30 ================
.
2012-08-06 23:38:19 6891424 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{664eb0a7-bd66-43be-a185-6d07c4ad5a9a}\mpengine.dll
2012-08-04 00:46:39 -------- d-s---w- C:\ComboFix
2012-08-04 00:13:42 476976 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-04 00:11:42 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-03 23:51:27 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-08-03 23:48:09 -------- d-----w- c:\program files\Microsoft Security Client
2012-07-27 21:23:24 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
2012-07-27 21:23:24 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
2012-07-27 00:53:40 8281168 ----a-w- c:\documents and settings\all users\application data\microsoft\bingbar\bbsvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-07-26 21:39:02 -------- d-----w- c:\windows\system32\cache
2012-07-26 18:39:31 -------- d-----w- c:\windows\system32\DBBK
2012-07-24 23:43:45 -------- d-----w- C:\AVG2012
2012-07-24 23:34:13 521728 ------w- c:\windows\system32\dllcache\jsdbgui.dll
2012-07-24 21:25:43 98816 ----a-w- c:\windows\sed.exe
2012-07-24 21:25:43 518144 ----a-w- c:\windows\SWREG.exe
2012-07-24 21:25:43 256000 ----a-w- c:\windows\PEV.exe
2012-07-24 21:25:43 208896 ----a-w- c:\windows\MBR.exe
2012-07-16 23:11:00 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-16 23:11:00 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M ====================
.
2012-08-04 00:13:16 472880 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-03 23:36:43 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-03 23:36:40 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 13:19:59 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18:58 214256 ----a-w- c:\windows\system32\muweb.dll
2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
2012-05-16 15:08:26 916992 ----a-w- c:\windows\system32\wininet.dll
2012-05-11 14:42:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-05-11 14:42:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-11 11:38:02 385024 ----a-w- c:\windows\system32\html.iec
2008-11-14 23:28:38 12881 ----a-w- c:\program files\common files\ihasi.bat
.
============= FINISH: 19:49:45.06 ===============


----------



## pcme (Jul 10, 2012)

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/22/2005 3:21:36 PM
System Uptime: 8/6/2012 1:53:25 PM (6 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket 939 | 2188/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 94.431 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.877 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2A26103C&REV_10\4&1C88B56&0&18A4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2A26103C&REV_10\4&1C88B56&0&18A4
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP535: 5/13/2012 4:29:45 PM - System Checkpoint
RP536: 6/13/2012 5:19:44 PM - System Checkpoint
RP537: 6/14/2012 6:10:36 PM - System Checkpoint
RP538: 6/19/2012 9:14:52 PM - System Checkpoint
RP539: 7/10/2012 2:55:32 PM - System Checkpoint
RP540: 7/24/2012 5:26:10 PM - ComboFix created restore point
RP541: 7/24/2012 7:14:10 PM - Sony PC Companion
RP542: 7/24/2012 7:48:19 PM - Installed AVG 2012
RP543: 7/24/2012 10:53:56 PM - Software Distribution Service 3.0
RP544: 7/26/2012 12:34:01 PM - System Checkpoint
RP545: 7/26/2012 2:39:28 PM - Panda ZAcccess init
RP546: 7/26/2012 3:02:29 PM - Panda ZAcccess Cleanup
RP547: 7/27/2012 3:17:32 PM - System Checkpoint
RP548: 7/29/2012 6:57:43 PM - ComboFix created restore point
RP549: 8/3/2012 7:35:14 PM - Sony PC Companion
RP550: 8/3/2012 7:51:26 PM - Software Distribution Service 3.0
RP551: 8/3/2012 8:10:32 PM - Removed Java(TM) 6 Update 31
RP552: 8/6/2012 4:27:10 PM - System Checkpoint
.
==== Installed Programs ======================
.
µTorrent
2010 Ford Mustang Screensaver
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.1.0
Adobe Shockwave Player 11
Adobe Stock Photos 1.0
AiO_Scan
AiOSoftware
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bonjour
BufferChm
CameraDrivers
CheckIt Diagnostics
CNCez PRO 2006
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CustomerResearchQFolder
D2300
D2300_Help
Destinations
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DocProc
DocumentViewer
DocumentViewerQFolder
Enhanced Multimedia Keyboard Solution
eSupportQFolder
Fax
ffdshow [rev 1723] [2007-12-24]
Garmin MapSource
Garmin TOPO Canada v4
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
GdiplusUpgrade
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB895961-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953761)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Customer Participation Program 7.0
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 7.0
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Cameras 5.0
HP Photosmart Essential
HP Product Assistant
HP PSC & OfficeJet 5.3.B
HP Solution Center 7.0
HP Update
hph_ProductContext
hph_readme
hph_software
hph_software_req
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
InstantShareAlert
InstantShareDevices
IntelliMover Data Transfer Demo
InterActual Player
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 33
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
JDownloader
Junk Mail filter update
LightScribe 1.4.136.1
Logitech Desktop Messenger
Logitech Gaming Software
Logitech SetPoint
Magic ISO Maker v5.3 (build 0221)
Malwarebytes Anti-Malware version 1.62.0.1300
MarketResearch
Maven Application Manager
Media Center Extender
Media Go
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Motorola SM56 Speakerphone Modem
Move Networks Media Player for Internet Explorer
Mozilla Firefox 14.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
muvee autoProducer 4.0
muvee autoProducer unPlugged 1.1 - HPD
neroxml
NewCopy
NVIDIA Drivers
OpenOffice.org Installer 1.0
Orb Runtime libraries
PanoStandAlone
PC-Doctor 5 for Windows
PhotoGallery
Player
PlayStation(R)Network Downloader
PlayStation(R)Store
PS2
PSPrinters08
PSTAPlugin
Python 2.2 pywin32 extensions (build 203)
QFolder
QuickTime
RandMap
Readme
Revo Uninstaller 1.87
Rogers Self Healing (remove only)
Rogers Update Manager (remove only)
Scan
ScannerCopy
Search Settings v1.2.3
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition 
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SkinsHP1
SolutionCenter
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Sony Ericsson Update Engine
Sony PC Companion 2.10.079
SoulSeek Client 156c
Status
Steam
StreamTorrent 1.0
Symantec Technical Support Web Controls
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
TVAnts 1.0
TVersity Codec Pack 1.4
TVUPlayer 2.5.3.1
U3Launcher
Ulead CD & DVD PictureShow 3 SE Basic
Ulead Photo Express 5 SE
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
VBA (2627.01)
VC80CRTRedist - 8.0.50727.6195
VideoLAN VLC media player 0.8.6d
WebFldrs XP
WebReg
Winamp
Winamp Detector Plug-in
Winamp Toolbar for Firefox
Winamp Toolbar for Internet Explorer
Windows 7 Upgrade Advisor
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See KB889858 for more information]
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
XMLplayer
Yahoo! Install Manager
.
==== Event Viewer Messages From Past Week ========
.
8/6/2012 2:05:21 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.1345.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus  Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
8/3/2012 8:33:17 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
8/3/2012 8:33:16 PM, error: Service Control Manager [7034] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s).
8/3/2012 8:33:16 PM, error: Service Control Manager [7034] - The BingBar Service service terminated unexpectedly. It has done this 1 time(s).
8/3/2012 8:18:06 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AVGIDSHX ftsata2
8/3/2012 8:00:35 PM, error: Service Control Manager [7022] - The AVGIDSAgent service hung on starting.
8/3/2012 6:43:50 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
8/3/2012 6:43:49 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the COM+ System Application service to connect.
8/3/2012 6:43:49 PM, error: Service Control Manager [7000] - The COM+ System Application service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/3/2012 6:43:49 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service COMSysApp with arguments "" in order to run the server: {ECABAFBC-7F19-11D2-978E-0000F8757E2A}
8/3/2012 6:43:14 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
8/3/2012 6:42:02 PM, error: Service Control Manager [7023] - The Amdk7 service terminated with the following error: The specified module could not be found.
7/30/2012 7:52:26 PM, error: Service Control Manager [7031] - The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
7/30/2012 1:37:48 PM, error: Service Control Manager [7034] - The vToolbarUpdater11.2.0 service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:48 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:48 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:48 PM, error: Service Control Manager [7034] - The Machine Debug Manager service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:48 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:48 PM, error: Service Control Manager [7031] - The Media Center Extender Resource Monitor service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/30/2012 1:37:48 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
7/30/2012 1:37:47 PM, error: Service Control Manager [7034] - The Ulead Burning Helper service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:47 PM, error: Service Control Manager [7034] - The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:47 PM, error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:47 PM, error: Service Control Manager [7034] - The BBUpdate service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:47 PM, error: Service Control Manager [7034] - The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:47 PM, error: Service Control Manager [7031] - The Media Center Extender Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
7/30/2012 1:37:47 PM, error: Service Control Manager [7031] - The COM+ System Application service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
7/30/2012 1:37:46 PM, error: Service Control Manager [7034] - The Media Center Scheduler Service service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:46 PM, error: Service Control Manager [7034] - The LightScribeService Direct Disc Labeling Service service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:46 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:46 PM, error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).
7/30/2012 1:37:46 PM, error: Service Control Manager [7031] - The Media Center Receiver Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
.
==== End Of File ===========================


----------



## Mark1956 (May 7, 2011)

Ok, follow this to remove the AVG entries then try to tun Combofix again.

Please download *OTM by OldTimer*. Save it to your desktop. 
Double click *OTM.exe* to start the tool.

*Copy* the text in the code box below to the clipboard by highlighting *ALL* of them and *pressing CTRL + C* (or, after 
highlighting, right-click and choose *Copy*):

```
:Processes
explorer.exe
:Services
AVGIDSDriver
AVGIDSFilter
AVGIDSHX
AVGIDSShim
:Files
C:\AVG2012
c:\program files\avg
:Reg
[-HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332eef-cb9f-458f-afeb-d30e9a66b6ba}]
:Commands
[reboot]
```

 Return to OTM, right click in the *"Paste Instructions for Items to be Moved"* window (under the yellow bar) and choose *Paste*.
Click the red *Moveit!* button.
*Copy* everything in the Results window (under the green bar) to the clipboard by highlighting *ALL* of them and *pressing CTRL + 
C* (or, after highlighting, right-click and choose copy), and paste it in your next reply.
Close *OTM*
-- Note: If a file or folder cannot be moved immediately you may be asked to reboot your computer in order to finish the move 
process. If asked to reboot, choose Yes...If not, reboot anyway. After the reboot, open Notepad, click File > Open, in the File Name box type 
*.log and press the Enter key. Navigate to the C:\_OTM\MovedFiles folder, open the newest .log file (mmddyyyy_hhmmss.log) and copy/paste the 
contents in your next reply.


----------



## pcme (Jul 10, 2012)

so I did all that OTM and reinstalled combofix, then ran it and it did the same thing saying AVG was running in the background still...


----------



## pcme (Jul 10, 2012)

========== PROCESSES ==========
Process explorer.exe killed successfully!
========== SERVICES/DRIVERS ==========
Service AVGIDSDriver stopped successfully!
Service AVGIDSDriver deleted successfully!
Service AVGIDSFilter stopped successfully!
Service AVGIDSFilter deleted successfully!
Service AVGIDSHX stopped successfully!
Service AVGIDSHX deleted successfully!
Service AVGIDSShim stopped successfully!
Service AVGIDSShim deleted successfully!
========== FILES ==========
C:\AVG2012\cfgall folder moved successfully.
C:\AVG2012 folder moved successfully.
c:\program files\AVG\AVG2012\html\reportcard folder moved successfully.
c:\program files\AVG\AVG2012\html folder moved successfully.
c:\program files\AVG\AVG2012\Firefox\DoNotTrack\defaults\preferences folder moved successfully.
c:\program files\AVG\AVG2012\Firefox\DoNotTrack\defaults folder moved successfully.
c:\program files\AVG\AVG2012\Firefox\DoNotTrack\components folder moved successfully.
c:\program files\AVG\AVG2012\Firefox\DoNotTrack\Chrome folder moved successfully.
c:\program files\AVG\AVG2012\Firefox\DoNotTrack folder moved successfully.
c:\program files\AVG\AVG2012\Firefox folder moved successfully.
c:\program files\AVG\AVG2012 folder moved successfully.
c:\program files\AVG folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31332eef-cb9f-458f-afeb-d30e9a66b6ba}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31332eef-cb9f-458f-afeb-d30e9a66b6ba}\ deleted successfully.
========== COMMANDS ==========

OTM by OldTimer - Version 3.1.21.0 log created on 08072012_192221


----------



## Mark1956 (May 7, 2011)

This is weird. Tell me, when you ran the AVG removal tool did you actually uninstall AVG before you used it or did you just use the removal tool?

If you did not uninstall AVG before using the removal tool then please reinstall AVG, then uninstall it and then run the removal tool.

If you did do things in the correct order then try running Combofix in Safe Mode.


----------



## pcme (Jul 10, 2012)

I used the removal tool to uninstall AVG. But it do remember before contacting this site I didnt use a removal tool. Should I still try installing and uninstalling it again?


----------



## Mark1956 (May 7, 2011)

That would explain what has happened. In post 47 I said "Uninstall AVG and then run this tool: AVG Removal tool". It has to be done that way as the Removal Tool is only designed to take out remnants of the program "after" it has been uninstalled in the normal way from Add/Remove Programs.

Please reinstall AVG, then click on Start > Conrol Panel > Add/Remove Programs. Select all AVG items in the list of programs and then choose Uninstall. Reboot the PC and then run the Removal Tool.

Once complete try to run Combofix again, if it still gets stuck try it in safe mode.


----------



## pcme (Jul 10, 2012)

Ok, so I reinstalled avg, uninstalled it then ran the removal tool, ran the script and it still says avg is running, so I ran in safe mode and the same thing.....avg is pretty annoying.


----------



## Mark1956 (May 7, 2011)

Ok, ignore the warning and let it run. Leave it overnight if need be and see if it will complete.

If it still won't complete we need to change direction. (Never had this much of a problem with AVG).

Follow the instructions in post 53 to run OTM and use this script. That will at least take care of the suspicious files.

```
:Processes
explorer.exe
:Files
C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache
C:\Program Files\Application Updater
:Commands
[reboot]
```
Then follow these instructions to remove a multitude of old versions of Java and install the latest.

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. 
Please follow these steps to remove older version of Java and update. 
*How to update Java:*
Be aware that the act of downloading any Java installer means that you have read and agree to abide by the end users license agreement. 
End user licence agreement
First uninstall all existing versions of Java. 

Go to Start > Control Panel double-click on *Add/Remove programs *(or Programs and Features) and click on any item with *Java, Java(TM), JRE* or *J2SE* in the name.
Click the *Uninstall*, *Remove* or *Change/Remove* button and allow it to uninstall. 
If a *User Account Control* warning appears click on *Allow*.
Repeat as many times as necessary to remove each and every item. 
Reboot your computer once all Java components are removed. 
*NOTE:* If you have a 64bit version of Windows and are using the 64bit version of Internet Explorer the Java site will automatically give you the correct Java version using the instructions below, but it is recommended that you use only 32bit browsers and versions of Java. Please read this for further information: Which Java download should I choose for my 64bit operating system?. If you install Java for the 64bit version of Internet Explorer and you use any other browser you will also need to repeat the installation while using your other browser which will most likely be 32bit. If in doubt please ask.

*How to install the latest version.*

Open the browser that you normally use and click on this link: Java Download
Click on the big red button *Free Java Download*
On the next page click on the big red button *Agree and Start Free Download*
Select *Run* whenever the option appears. If no *Run* option appears click on *Save* and then when the download completes click on *Run*. If a *User Account Control* warning appears click on *Continue*.
When the *Welcome to Java* window appears click on* Install*.
It may takes several minutes to download the installer depending on the speed of your connection, allow it to complete.
If any error messages appear click on OK and then click on the *Agree and start free download* button again.
Please wait for the *Java Setup* window to appear. Uncheck the box to install the *Ask Toolbar* and then click on *Next*.
*NOTE: *The Ask Toolbar option may change without notice to something different, please make sure you uncheck the box for anything else that is offered. On some systems this offer may not appear, in which case, continue with the next instruction.
You will then see the *Java Setup Progress* window and another will appear for *JavaFX* (on some systems the JavaFX will not appear or be installed). Finally the *Java Setup Complete* window will appear, click on *Close*.
If a Java page then appears with a button to *Verify Java Version* click on it and it will verify the installation.
The Installation is now complete, please reboot the system.
*NOTE:* The JavaFX component is not required unless you are developing Java applications. It is perfectly safe to keep on your system, but if you wish to uninstall it please do so.
______________________________________________________

Once complete follow this guide to update old versions of Adobe.

*Adobe*
Close any programs you may have running - especially your web browser.
Click on Start







> *Control Panel*, double-click on Programs and Features and uninstall the following Adobe entries:

*Adobe Reader 7.0.5 Language Support
Adobe Reader 7.1.0
Adobe Shockwave Player 11
*
*NOTE:* For *XP* click on







> *Control Panel*, double-click on *Add or Remove Programs* and continue as above.
Then go to this link Adobe Downloads and select the latest version to download and install. You will see this page below, click on the appropriate button for for the Adobe product that was just removed.










You will now see a page similar to this one:










All four Adobe products, Reader, Flash Player, Air and Shockwave Player are set by default to download the version for *Windows* Operating Systems and for *Internet Explorer* in *English*. If you are using a Macintosh, or you want to use the Adobe product with a different Browser or language you must click on the line (as indicated in the above image) to make further selections to meet your requirements.

As you will see in the above image the Adobe Reader is set for Windows 7, please click (as indicated) if you are using a different version of *Windows* to make further selections. All the other Adobe products are universal and you will only need to change the selection for different Browsers, Languages or for Macintosh.
NOTE: In all the downloads look out for the Google Toolbar and uncheck the box if you do not need it.

Some additional instructions may appear for XP installations. In all cases save the download to your desktop, then close your browser and double click on the Adobe icon on your desktop to install it. If you have any problems installing, disconnect from the internet and disable your Anti Virus and any other security software, instructions for most AV's, etc. can be found here: How to disable security software.

__________________________________________________________

Let me know how this all goes and if Combofix finally made it.


----------



## Mark1956 (May 7, 2011)

If Combofix still refuses to run and continues to warn that AVG is running then please follow this and post the log.


Double-click *SystemLook.exe* to run it.
_*Vista*/*Windows 7* users right-click and select Run As Administrator_.
Copy and paste everything in the codebox below into the main textfield:

```
:filefind
*avg*
:folderfind
*avg*
:regfind
avg
```

Click the Look button to start the scan.
When finished, a Notepad window will open SystemLook.txt with the results of the search and save a copy on your Desktop.
Please copy and paste the contents of that log in your next reply.


----------



## pcme (Jul 10, 2012)

HI sorry for such a long gap in response I had a family emergency, hopefully you can still help in removing the last little bits of virus from my computer. Just to refresh your memory, AVG was removed with the removal tool from there website but when running combofix it would not run and said AVG was still running in the background. I ran it all nite but still no luck.

here is that log:

SystemLook 30.07.11 by jpshortstuff
Log created at 12:27 on 11/09/2012 by HP_Administrator
Administrator - Elevation successful

========== filefind ==========

Searching for "*avg*"
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgatend.stp --a---- 32 bytes [19:30 08/08/2012] [19:30 08/08/2012] 34C50B69C2B299929457A85A8E030F38
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgatupd.stp --a---- 32 bytes [19:30 08/08/2012] [19:30 08/08/2012] 34C50B69C2B299929457A85A8E030F38
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgmfapx.exe --a---- 6033528 bytes [19:30 08/08/2012] [19:30 08/08/2012] 698DF76D021BDF9A65AB8152D1CEAB7C
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgmfarx.dll --a---- 859256 bytes [19:30 08/08/2012] [19:30 08/08/2012] F6FDB248676ED600A0DF4F789A48743A
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgntdumpx.exe --a---- 631928 bytes [19:30 08/08/2012] [19:30 08/08/2012] AC851BC6888F9F95C040D6AF794430F0
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgrunasx.exe --a---- 248160 bytes [19:30 08/08/2012] [19:30 08/08/2012] 97D2EDB9417F0887160685BF65F12D72
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avguirux.exe --a---- 49536 bytes [19:30 08/08/2012] [19:30 08/08/2012] 8481754A39B960D25DFFE980A297F3D1
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgupd.sig --a---- 300 bytes [19:30 08/08/2012] [19:30 08/08/2012] 34715B8B96BFCCEE1B41BF0BED9F5D0C
C:\Documents and Settings\All Users\Application Data\MFAData\SelfUpd\avgupdx.dll --a---- 2859600 bytes [19:30 08/08/2012] [19:30 08/08/2012] 49A51FF919061DD7141FBB9A0C4DD733
C:\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Content.IE5\EFENILAN\976g210t7yavg[1].gif --a--c- 1597 bytes [17:08 08/07/2006] [17:08 08/07/2006] 49D0FE2C146BC8700F3BE546CA3C6DC1
C:\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Content.IE5\EFENILAN\CAVGDT31.htm --a--c- 8554 bytes [18:15 08/07/2006] [18:15 08/07/2006] 72930539A4778E57D8915F50AD3453C3
C:\Documents and Settings\Guest\Local Settings\Temporary Internet Files\Content.IE5\QHWN6DE5\976g210t7yavg[1].gif --a--c- 1597 bytes [20:21 08/07/2006] [20:21 08/07/2006] 49D0FE2C146BC8700F3BE546CA3C6DC1
C:\Documents and Settings\HP_Administrator\Local Settings\temp\avg-ad32560d-9e40-4233-977b-59729077b344.tmp.mht --a---- 9775 bytes [00:03 04/08/2012] [00:03 04/08/2012] 74C0AF816D92738F5976B37E2A8F6794
C:\Documents and Settings\HP_Administrator\Local Settings\temp\avg-secure-search.tmp --a---- 3685 bytes [19:33 08/08/2012] [19:34 08/08/2012] A40A1A708616159BF1F64F33ACC64703
C:\Documents and Settings\HP_Administrator\Local Settings\temp\avg-secure-search.xml --a---- 3749 bytes [19:33 08/08/2012] [19:34 08/08/2012] 00613E2D612316BD9BFA86BB2CF3A0B6
C:\Documents and Settings\HP_Administrator\Local Settings\temp\avginfo.id --a---- 146 bytes [19:29 08/08/2012] [19:36 08/08/2012] 13BBBAD61C4B8DC7DB80A2F380849CE5
C:\Documents and Settings\HP_Administrator\Local Settings\temp\avguidx.dll --a---- 255072 bytes [19:33 08/08/2012] [19:33 08/08/2012] 08B04D5673C9283D3DBDBC4F845F049A
C:\Documents and Settings\HP_Administrator\Local Settings\temp\AVG_TB_DumpLog.txt --a---- 845 bytes [23:01 08/08/2012] [23:01 08/08/2012] A88DB5679A9FA75730B9E131D4C0CB55
C:\Documents and Settings\HP_Administrator\Local Settings\temp\[email protected]\chrome\avg.jar --a---- 60408 bytes [19:34 08/08/2012] [19:34 08/08/2012] 2916B05E373DDDF6B503FEE5F26E94A6
C:\Documents and Settings\HP_Administrator\Local Settings\temp\[email protected]\components\avg-dnt-policy.js --a---- 20191 bytes [19:34 08/08/2012] [19:34 08/08/2012] C65361515C5EB70C5B692B801A31793A
C:\Documents and Settings\HP_Administrator\Local Settings\temp\[email protected]\modules\avg-dnt-adapter.js --a---- 4168 bytes [19:34 08/08/2012] [19:34 08/08/2012] A73651701DB7A08141FAC38C877FC0DB
C:\Documents and Settings\HP_Administrator\Local Settings\temp\[email protected]\modules\avg.xml --a---- 3638 bytes [19:34 08/08/2012] [19:34 08/08/2012] 84059126470FF171DE4A9EE04150F799
C:\Documents and Settings\HP_Administrator\Local Settings\temp\[email protected]\modules\avgJsm.js --a---- 2283 bytes [19:34 08/08/2012] [19:34 08/08/2012] F237B59113A94AB7FD85F1490EABB62F
C:\Documents and Settings\HP_Administrator\Local Settings\temp\avgdiagex\7444D646-4FA8-47f5-8F6E-16DDE4C2C385\avg_info.xml --a---- 34356 bytes [22:55 26/07/2012] [22:55 26/07/2012] 9839729842970E485F21B392D2F46D28
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\AVGIDPUninstaller.exe --a---- 2132576 bytes [23:31 08/08/2012] [23:31 08/08/2012] 690FAF248610F5B5AF118878854FA822
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\avgremover.log --a---- 243661 bytes [00:05 09/08/2012] [00:32 09/08/2012] 15CF0AE251C66745022B1F5D319F9FF0
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\avg_remover_stf_x86_2012_2125.exe --a---- 1973368 bytes [00:05 09/08/2012] [00:05 09/08/2012] 9D01A11C3C74A887F68759A04DD35D71
C:\Documents and Settings\HP_Administrator\Recent\avgremover.log.lnk --a---- 714 bytes [00:03 09/08/2012] [00:03 09/08/2012] FDDF4976E3570711C53CAC43AD4B5D95
C:\Documents and Settings\HP_Administrator\Recent\avgremover_msilog.txt.lnk --a---- 749 bytes [00:04 09/08/2012] [00:04 09/08/2012] A1678A77F5A807C15FD625D8898B9495
C:\Documents and Settings\HP_Administrator\Recent\avgrep.lnk --a---- 515 bytes [04:51 03/05/2012] [04:51 03/05/2012] AEF870403C6D1D661450624CBEBA6E6A
C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml --a---- 3749 bytes [01:31 03/05/2012] [19:34 08/08/2012] 00613E2D612316BD9BFA86BB2CF3A0B6
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\Res\POPUP\SL\Sharpen\Avg.bmp --a--c- 10424 bytes [18:05 11/11/2006] [00:51 28/11/2000] D87C315EEEB78E0854F95AFAE85BDA5E
C:\Program Files\Ulead Systems\Ulead Photo Express 5 SE\Res\POPUP\SL\Sharpen\Avg.UI --a--c- 191 bytes [18:05 11/11/2006] [00:51 28/11/2000] E9D79E9B5207EA4E65FDE2CAABE249CA
C:\WINDOWS\Temp\avg-secure-search.tmp --a---- 3683 bytes [21:38 26/07/2012] [21:38 26/07/2012] EE53B6F734A312E8CFE48063ADD71335
C:\WINDOWS\Temp\avg-secure-search.xml --a---- 3767 bytes [21:38 26/07/2012] [21:38 26/07/2012] ADEC8EC50C52820C62087A3F0C5F650D
C:\WINDOWS\Temp\avginfo.id --a---- 146 bytes [22:52 26/07/2012] [22:12 08/08/2012] 9D39E3E93740E8E7D6E796F5D13D811D
C:\WINDOWS\Temp\avguidx.dll --a---- 247808 bytes [21:38 26/07/2012] [21:38 26/07/2012] AAA7D53D228E76B4291AC61E987BB058
C:\WINDOWS\Temp\[email protected]\chrome\avg.jar --a---- 57838 bytes [21:39 26/07/2012] [21:39 26/07/2012] 0AEC36611BAA835FBC07A44CA7643896
C:\WINDOWS\Temp\[email protected]\modules\avg.xml --a---- 3636 bytes [21:39 26/07/2012] [21:39 26/07/2012] 1993F367E0573C58AAE61FB6E8306521
C:\WINDOWS\Temp\[email protected]\modules\avgJsm.js --a---- 2281 bytes [21:39 26/07/2012] [21:39 26/07/2012] 30B736D3F26FDDAF2A4C6227B8B86636

========== folderfind ==========

Searching for "*avg*"
C:\$VAULT$.AVG dr----- [21:24 25/01/2007]
C:\Documents and Settings\All Users\Application Data\Avg7 d------ [18:05 24/02/2007]
C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\blvewxkk.default\avg d------ [02:57 03/05/2012]
C:\Documents and Settings\HP_Administrator\Local Settings\temp\[email protected] d------ [19:34 08/08/2012]
C:\Documents and Settings\HP_Administrator\Local Settings\temp\avgdiagex d------ [22:54 26/07/2012]
C:\WINDOWS\Temp\[email protected] d------ [21:39 26/07/2012]

========== regfind ==========

Searching for "avg"
[HKEY_CURRENT_USER\Software\Adobe\Acrobat Reader\7.0\AVGeneral]
[HKEY_CURRENT_USER\Software\Garmin\MapSource\Settings\Tabs\Tracks\7]
"Label"="Avg Speed"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"DisplayName"="AVG Secure Search"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"URL"="https://isearch.avg.com/search?cid={853AEDAE-0EA3-4558-8019-6982ECA0D373}&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&lang=en&ds=AVG&pr=fr&d=2012-08-08 15:34:23&v=12.2.0.5&sap=dsp&q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"FaviconURLFallback"="https://isearch.avg.com/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"FaviconPath"="C:\Program Files\AVG Secure Search\favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"FaviconURL"="https://isearch.avg.com/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs]
"url1"="http://avg/"
[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603]
"000"="avg"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithList]
"a"="avgui.exe"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Standalone LinkScanner]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avgtray]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avgui]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_free_stb_all_2012_2169_cnet]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_free_stb_all_2012_2169_cnet(1)]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_free_stb_all_2012_2197_cnet]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_isct_stb_all_2012_2171_ppc2]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_remover_stf_x86_2012_2125]
[HKEY_CURRENT_USER\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_remover_stf_x86_2012_2125(1)]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification]
@="AVGeneralNotification Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification\CurVer]
@="AVGeneralNotification.AVGeneralNotification.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AVGeneralNotification.AVGeneralNotification.1]
@="AVGeneralNotification Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}\InprocServer32]
@="C:\Program Files\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}\ProgID]
@="AVG Secure Search.BrowserWndAPI.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0C1284BA-4F3A-41C6-94B5-77446F5948A9}\VersionIndependentProgID]
@="AVG Secure Search.BrowserWndAPI"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1152F8E0-69DB-4935-AFC3-59F8A5A86A30}\LocalServer32]
@="C:\PROGRA~1\AVG\AVG2012\PCTuneup\MICROS~1.EXE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B29DEAA-3F68-4A51-8877-A0EB3F879AC3}\InprocServer32]
@="C:\PROGRA~1\AVG\AVG2012\PCTuneup\MICROS~1.DLL"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}]
@="AVGeneralNotification Class"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\ProgID]
@="AVGeneralNotification.AVGeneralNotification.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{239A3C5E-8D41-11D1-B675-00C04FA3C554}\VersionIndependentProgID]
@="AVGeneralNotification.AVGeneralNotification"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6AD7E9AC-DBB1-422D-961B-3FDDDE6FD999}\InprocServer32]
@="C:\Program Files\AVG Secure Search\11.0.0.10\AVG Secure Search_toolbar.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6AD7E9AC-DBB1-422D-961B-3FDDDE6FD999}\ProgID]
@="AVG Secure Search.BrowserWndAPI.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6AD7E9AC-DBB1-422D-961B-3FDDDE6FD999}\VersionIndependentProgID]
@="AVG Secure Search.BrowserWndAPI"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Assemblies\c:|Program Files|Microsoft Silverlight|4.0.60129.0|hr|system.resources.dll]
"system.resources,culture="hr",fileVersion="4.0.60129.0",processorArchitecture="MSIL",publicKeyToken="7cec85d7bea7798e",version="2.0.5.0""="3PgDT0$gy?~Dc}DI]?&!Complete4.0.60129.0>NGEM5AVgG=~j$-v0s9cr"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66694099-FBD8-4A98-AB9F-F19EAB4144C0}\1.0\0\win32]
@="C:\Program Files\AVG\AVG2012\PCTuneup\MicroScanner.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66694099-FBD8-4A98-AB9F-F19EAB4144C0}\1.0\HELPDIR]
@="C:\Program Files\AVG\AVG2012\PCTuneup\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}\1.0\0\win32]
@="C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\12.2.0\toolband"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}\1.0\HELPDIR]
@="C:\Program Files\Common Files\AVG Secure Search\ToolBandTlb\12.2.0\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E5D35344-B1B8-4671-81D7-11CF87391027}\1.0\0\win32]
@="C:\Program Files\AVG\AVG2012\PCTuneup\MicroScannerElevation.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E5D35344-B1B8-4671-81D7-11CF87391027}\1.0\HELPDIR]
@="C:\Program Files\AVG\AVG2012\PCTuneup\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla]
"path"="C:\Program Files\AVG\AVG2012\Chrome\safesearch.crx"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\avgmfapx]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\avgui]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
"DllName"="avgssie.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\11.0\Registration\{91120409-6000-11D3-8CFE-0150048383C9}]
"Current1"="TQBpAGMAcgBvAHMAbwBmAHQAIABPAGYAZgBpAGMAZQAgADIAMAAwADMALAAgAFQAcgBpAGEAbAAgAEUAZABpAHQAaQBvAG4ACgBFAE4ARAAtAFUAUwBFAFIAIABMAEkAQwBFAE4AUwBFACAAQQBHAFIARQBFAE0ARQBOAFQAIABGAE8AUgAgAE0ASQBDAFIATwBTAE8ARgBUACAAUwBPAEYAVABXAEEAUgBFAAoACgBJAE0AUABPAFIAVABBAE4AVAAUIFIARQBBAEQAIABDAEEAUgBFAEYAVQBMAEwAWQA6ACAAIABUAGgAaQBzACAARQBuAGQALQBVAHMAZQByACAATABpAGMAZQBuAHMAZQAgAEEAZwByAGUAZQBtAGUAbgB0ACAAKAAiAEUAVQBMAEEAIgApACAAaQBzACAAYQAgAGwAZQBnAGEAbAAgAGEAZwByAGUAZQBtAGUAbgB0ACAAYgBlAHQAdwBlAGUAbgAgAHkAbwB1ACAAKABlAGkAdABoAGUAcgAgAGEAbgAgAGkAbgBkAGkAdgBpAGQAdQBhAGwAIABvAHIAIABhACAAcwBpAG4AZwBsAGUAIABlAG4AdABpAHQAeQApACAAYQBuAGQAIAB0AGgAZQAgAG0AYQBuAHUAZgBhAGMAdAB1AHIAZQByACAAKAAiAE0AYQBuAHUAZgBhAGMAdAB1AHIAZQByACIAKQAgAG8AZgAgAHQAaABlACAAYwBvAG0AcAB1AHQAZQByACAAcwB5AHMAdABlAG0AIABvAHIAIABjAG8AbQBwAHUAdABlAHIAIABzAHkAcwB0AGUAbQAgAGMAbwBtAHAAbwBuAGUAbgB0ACAAKAAiAEgAYQByAGQAdwBhAHIAZQAiACkAIAB3AGkAdABoACAAdwB
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\11.0\Registration\{91120409-6000-11D3-8CFE-0150048383C9}]
"Current2"="AZAAgAHAAYQByAHQAeQAgAHMAaQB0AGUAIABvAHIAIABzAGUAcgB2AGkAYwBlAC4AIAAKADgALgAJAFMARQBQAEEAUgBBAFQASQBPAE4AIABPAEYAIABDAE8ATQBQAE8ATgBFAE4AVABTAC4AIAAgAFQAaABlACAAUwBvAGYAdAB3AGEAcgBlACAAaQBzACAAbABpAGMAZQBuAHMAZQBkACAAYQBzACAAYQAgAHMAaQBuAGcAbABlACAAcAByAG8AZAB1AGMAdAAuACAAIABJAHQAcwAgAGMAbwBtAHAAbwBuAGUAbgB0ACAAcABhAHIAdABzACAAbQBhAHkAIABuAG8AdAAgAGIAZQAgAHMAZQBwAGEAcgBhAHQAZQBkACAAZgBvAHIAIAB1AHMAZQAgAG8AbgAgAG0AbwByAGUAIAB0AGgAYQBuACAAbwBuAGUAIABDAG8AbQBwAHUAdABlAHIALgAKADkALgAJAFMATwBGAFQAVwBBAFIARQAgAFQAUgBBAE4AUwBGAEUAUgAuACAAIABZAG8AdQAgAG0AYQB5ACAAbgBvAHQAIAB0AHIAYQBuAHMAZgBlAHIAIABhAG4AeQBvAGYAIAB5AG8AdQByACAAcgBpAGcAaAB0AHMAIAB1AG4AZABlAHIAIAB0AGgAaQBzACAARQBVAEwAQQAuAAoAMQAwAC4ACQBUAEUAUgBNAEkATgBBAFQASQBPAE4ALgAgACAAVwBpAHQAaABvAHUAdAAgAHAAcgBlAGoAdQBkAGkAYwBlACAAdABvACAAYQBuAHkAIABvAHQAaABlAHIAIAByAGkAZwBoAHQAcwAsACAATQBhAG4AdQBmAGEAYwB0AHUAcgBlAHIAIABvAHIAIABNAFMAIABtAGEAeQAgAHQAZQ
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\12.0\Registration\{90120000-0030-0000-0000-0000000FF1CE}]
"Current"="TQBJAEMAUgBPAFMATwBGAFQAIABTAE8ARgBUAFcAQQBSAEUAIABMAEkAQwBFAE4AUwBFACAAVABFAFIATQBTAA0ACgAyADAAMAA3ACAATQBJAEMAUgBPAFMATwBGAFQAIABPAEYARgBJAEMARQAgAFMAWQBTAFQARQBNACAARABFAFMASwBUAE8AUAAgAEEAUABQAEwASQBDAEEAVABJAE8ATgAgAFMATwBGAFQAVwBBAFIARQANAAoAQgBlAGwAbwB3ACAAYQByAGUAIAB0AGgAcgBlAGUAIABzAGUAcABhAHIAYQB0AGUAIABzAGUAdABzACAAbwBmACAATABpAGMAZQBuAHMAZQAgAFQAZQByAG0AcwAuAKAAIABPAG4AbAB5ACAAbwBuAGUAIABzAGUAdAAgAGEAcABwAGwAaQBlAHMAIAB0AG8AIAB5AG8AdQAuAKAAIABUAG8AIABkAGUAdABlAHIAbQBpAG4AZQAgAHcAaABpAGMAaAAgAEwAaQBjAGUAbgBzAGUAIABUAGUAcgBtAHMAIABhAHAAcABsAHkAIAB0AG8AIAB5AG8AdQAgAGMAaABlAGMAawAgAHQAaABlACAAbABpAGMAZQBuAHMAZQAgAGQAZQBzAGkAZwBuAGEAdABpAG8AbgAgAHAAcgBpAG4AdABlAGQAIABlAGkAdABoAGUAcgAgAG8AbgAgAHkAbwB1AHIAIABwAHIAbwBkAHUAYwB0ACAAawBlAHkALAAgAG4AZQBhAHIAIAB0AGgAZQAgAHAAcgBvAGQAdQBjAHQAIABuAGEAbQBlACAAbwBuACAAeQBvAHUAcgAgAEMAZQByAHQAaQBmAGkAYwBhAHQAZQAgAG8AZgAgAEEAdQB0AGgAZQBuAHQAaQBjAGkAdAB5
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG7Uninstall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\AVG\AVG2012\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\AVG\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\log\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\update\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\Cfg\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\cfgall\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\Temp\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\Chjw\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\IDS\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\$AVG\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\$AVG\$VAULT\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\AVG\AVG2012\Firefox4\Components\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\AVG\AVG2012\Firefox4\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Application Data\AVG2012\IDS\config\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\AVG\AVG2012\Firefox\Chrome\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\AVG\AVG2012\Firefox4\Chrome\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Documents and Settings\All Users\Start Menu\Programs\AVG Standalone LinkScanner\"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00002109030000000000000000F01FEC\Features]
"VSTAIDEFiles"="*'=!-^1,a=%'HvwuM1s`lKe5wH&]&@iPgg*yzeka^FHUlH5uN9JD-'X2le-Ps(AJAjg'5=pm02,i9u5Td?k78go{S9v~.([email protected]@7WH?biopFjqbsZ4?0!M_EtF9n3t3Yv}eU**[email protected]{g1g(Rsy?VXB]2dxS}AW1_mOA!$oMQKOGPv*5!ULp'a99B&BsXmnNlg^k^shb2)g(FNy?VXB]2dgMB+sWA*0?jr)%4E?mxW}[email protected]&p3_R8rRJ54([email protected]+wP31En{vb`BzOcNs9F9~+.([email protected][email protected]{kc-~ak={8UQmN?b?x%%F%[email protected]!iX2C%[email protected],dmh3~OTp%[email protected]&=gEZ%m[NUKVZU?&~nA,q7iv-R*hIkzh[)@*)d?=di1Y&v,B]z([email protected]?R3hF,[email protected](CfHR}{9(tu$Vq'QBd!FH'[email protected][[C?9x)rAZTkpo9u!-Gb}$QWPlH*czRL2*96Y3KkKmxWX_q'UA+WQJAj%[email protected]~CX`crX-O5$&uxpTp_=A89%l7Qjzj46CT9*IvZ8=EXq+,6+([Ae-p$J{+o=QtITuzyO8Zs.C2V_Fe`A~HkA-Ty8qv!42?$gW$r9lZ)[email protected]=HmWx%iGDJ*,!!V-bI9%9sresQy6&Xc'BFM1pD([email protected]`P&+d$2m}[fE+4Ia?QI?y=)RA)^-d%_JNIM]8P1ch1vDV6P}'-*F{[email protected]={j_uap)^fAv9p'S?&tq64pQ10,{zJA,Yg!GA[^F.EP^h6RToHvwCweq?[FVtL,~k~,kDG-p
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9E6E4EC855D9BF34D9BD86C879B6CF50\Features]
"Unload"="u.'b9VZqf(g6u.Q(31aRw.'b9VZqf(g6u.Q(31aR3%A_WCdVC=ArD*MY's'rCoNvaQ??WA8N.+Ou*==^_5Atk%aP[@k39+DK2=wznw1oIlDw`9*]Vce+$Dlub7ugvh{'O?V*zbDC&4G^t[$v`jp^b8?h~3)s3WpKY^waiZ([email protected]*g3(ck'{vR&Vk]w4)[email protected]@(lsE0o0zj66&JbAYYo.T6q&7l`kEAvTWqY9a$$*AxP3j6r0q3=NKk^=ex_~6miB{ql_n^If`[email protected]+pTIavR1Ajui34B5i*pP5GtkaI[JA=[mc$}ANtNqcYa&`QR{8}43dz3*[email protected]~9Ldk5Ts&9Z`G7CZAaHR*[email protected]@@(-xX[hdjDOv*`OxpsAv=PodbG9ttYPmwszLip+q?]1hNw&Z}43-0uH*u'[email protected]%$8cKg02RA)G93(WuAARlrlY1.nr0ho3M.&@^-={[email protected]?ALT9])[email protected]_STyD$z8I&&VX=$Co(D-e`=mCw}?Vs(tDdiL}1c6,1?BCPi8HupBD1?oGtNUY~u_?Eb97L2FM3R!MIk,9=ZzNVq9vk,Id[9G5%qw}[email protected]~H^?0o~]Fhz_JT?6y$cswDcRLW~T+kgh7R?dC[[email protected]}L?+&[email protected]?unl{hj-{W$YdC)QONT6?[PX.sA&AX(cs!_-5G][email protected]`Yz,jqGIP$ncHCyFod8PRGSan5d8*5cSAk&@&&=Mw(GqmChEH6=$5'[email protected]@8w!J(cf4HnN-^)[email protected]@`
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"GalleryExe"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-qCcRu`
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"MyImages"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-qCcRu`rq
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"GalleryEditorCore"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"Gallery_Help30"="B3&5,B^pf(V%eqFgkW_B83&5,B^pf(V%eqFgkW_BO(PVHMTWL?F^[email protected]{n=xkI4s1Y+l?s4`8F]xVUy_lQx0%M1PP3Q79}eLL-Aw[)-ZFjpxx3.y=~][email protected],pXh,vkTFTUAJ0I_H&.rrOs.2X=il`!9ma,jPEx*{[email protected][[email protected],dS0]y(.(U?=HSt%MiGy3XC+(Ikvo[x9EB(xSk9L}?ePjQlKnu[@Q3.9rWeYX3{rkV]Oxie9R9mxNS!S1`GBA[UGc0!=p=d'72A2`+$wexVzCK,AiJBa3ejCKUC_8jrl2QQ9NvMpLVpvwNHJn!CW5]]8)XpDBjfafn&UL^[email protected]{7%][email protected]?-ig?a{opdllNN4[O7LyB'[email protected]'hs,&x1z+]Px,fu&K?1!tIDXl?yI$jwZx[(?m?g_^c`'+2Z=3hw.FxydVA'pBLOi3RF3cY`][email protected]@pJBePtuDBf[55eP9g1130Hm!{wMLVW)@=W(9sdX~QzdHZi%*RjvFqZt=mf([email protected]?J^[email protected]_eRL%[email protected])%Rl}@g*?I[[email protected]*K&k20HXQU,.{[email protected]$Hxxyk2R!zfx%C2UlA8Aqaj9tlJa_N]`[email protected])[email protected]~)aIGcNyI8&s2AcQ%@SZ4(PXr'[email protected]^cYI'RriU6!-.?X3d=V?Z*[email protected]~54[[email protected]`.G=?HA5}n''Im*wJA%.$6X_W-fuDH8DS5~y'ApBERr?P![%H3C
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"PrintApplications"="Enm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-qCcRu`rq?*k7[0^7fT*@^5yi_3PR9HV6hBYFV{Ngq[9%)0k,?b?){9vyqHL3Qe1bJ[!.?`kciNh3{[*
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"CreativeProjects"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"CreativeProjectsPlugins"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"GalleryBackup"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-qCc
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B24B1B30ED6F9d14C8FFCD448E597C7A\Features]
"InstantShareTab"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-q
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B3186732A5E214647B3B0A5DDA5B2592\Features]
"HPPhotoSmartExpress"="u.'b9VZqf(g6u.Q(31aRw.'b9VZqf(g6u.Q(31aR).z2K3m+~9)n5..0Y71*G`b{teMXd?zGT=dOg1+&df%(j,)1^?2Iht,(ihHFhW_uo][email protected]*6[[email protected]?sD*G{l~9z!$NmJ3{Np,[email protected]]gb?+w`?&*csy$-Xzc?U^N+9Po.b]o}&_&4g[(VCaI}?E-t}M+fww=AbyIr!I`@=vR~Hc{9U6N.[!C6y^Z*@]tzrBQevBIN&b$-m)]KAwI2__'^Es)Kz$ug[IW{?bqPKHwY'i9)Bl6F'$pZ9`k{%Da]iBRv}px9brXL916`hwYraUdR*Z!ueecU?nIn{7-?.]PpGFPjdNez9vUgYN6fGgfrCsmSd_7190tZ7?aa$P97~nI)1dF^A=],!_gkr+?tvDL=0lqj?hTW'+s6)[email protected]?[[email protected]&c]7cTyRnU^CHqdO!A29SGQ8uI*]XKOFpbI~x)d9][email protected]@tqM][email protected]%YI1R339%1[3[f[&[9EbE,8v'V)0$*FJI3,ko9p4&=YFE,QkT^AfFIrR%AhsQWp]20+L(dz15Vc)8=fiKYjseW^SV4I[OJ3!k8Sho~H,'KqVp4yR9r!ii8^5dG8th8,7RJAr^e?*??[MEiQN'y_VNx7~RmgzS?}^[email protected]?{bsy~&tP71~l9x.]m4N`IQ4c$LF,[email protected]{6Zc}.tF^)eW3par`[email protected],hMnWcP9]G`RRYnCsJL)[email protected](i16pbN&=JmqYIm$?7TyuPpu%T88&*oP%GLD=PMK***don&?%21k*d})=dKhS]0p~o9]s[BM3(vq=a`13lbb(
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B67A8B54CE7524240B91604600DC4882\Features]
"BufferChm"="ftKH.A8I~87+Hcpz0'N1kJ0uCo%}[email protected]_{VtOoph)@[email protected]}IMJA{'2}BZu8]5vT]M{Qiy}H667k1`[=YexbKM6lwEVrBA[*[email protected]?OE3D1wCuFWWDY84Ye5yHuC}ljqC!=h6~^=bwJ!-Lk-J1w=DcArM&7?O$)mg4pi+UZ~wozpKhX?xq*elvE%?{'oU&!MX?2=LPWc7$xyTDrR^[email protected]!a?f+y6DuSg13[s8h8CD2sKL?3AvkJ=$ES`Ak-a)clo_5,e&[email protected]=gzdzv8H2bAV)'[email protected]'[email protected]*?e9HDK{+48Jdj20['?5Oe_D98wOx]fB{M+^[email protected]_TZjr2%[email protected]?[7MsbX}_UWgF~nNgy!v?R5r{^,hh$%Wg5$]0OO==ZqpXvK~!8egu1}a'%%o9hE)^G_acXpx3!zWPhrq8&[email protected]`TPfRlK]77X%[email protected]+&!bx}Q([email protected]&R=StA6?)pL]VgbS1DI{yG?{?Bz?KvOvgwR^71Tm`57-{,d==LyKNnPe&woAx7]$V{DAr.FOVtqD+4?6m~^[email protected]'-P^VKPr~CF*p!)A`v[Z=?V88`dlrcialYK9(m^PihfvcI4K'yukD}29QsE=)[RC'Es-y[TC)[email protected]+=8++u&f&?A)h(jdoE[=uF5J)Sps6r${)[email protected](A'R$e?vlk4uVYSrBhg[m9h8F)%&4RPi}I-6Fx%AQ?j9B?vA4)F`CMeM(@Ym59b*6b,[email protected]@@TLaps(-*L3RoYe?O(8?&xpmZ6n4'XsOe{Asn~59D)yx$m=3Rj]X5ypsD_g?GMtt`1SuX2K0X-`=oS
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE57927156491684595B7CBBD6D36EA2\Features]
"DocViewerExe"="6u!OmmWU}[email protected]?zm}1HhA0zZg^ZXj_E.D=?`xEYB=1`$-.'u8]fM&?Z1.jZq.AAGEnm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-qCcR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE57927156491684595B7CBBD6D36EA2\Features]
"PrintApplications"="Enm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-qCcRu`rq?*k7[0^7fT*@^5yi_3PR9HV6hBYFV{Ngq[9%)0k,?b?){9vyqHL3Qe1bJ[!.?`kciNh3{[*
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE57927156491684595B7CBBD6D36EA2\Features]
"PrintSubsystem"="Enm~MSKp)9&56TH$yl=jpbNlKuw,'?(7wdXH$r},BBcVVR&[email protected]$iZvJ+X7LH-U4=9iulv[d?bMOKkxT~^[email protected]+eqI{o=Wrm^[email protected][email protected]$9l{?`[email protected]=]-F=)R%9rPb$%bdkvl5H^l`ERM1AfB6W0l~b,&b2[[email protected]*([email protected]'[email protected]=rxo?G([email protected]]NmD=`[email protected],KwOGkv8Tfva(i8Y`Y_%[email protected](K16U,X?+TmBgV'zOv^iYz1K6NU9s{wgQwAn,zyD6{s[L6bAR,sT0zYa^scQj)=YGf79dufQusq5Yz-{[email protected],sg-RNA1c'_'7X][email protected]!SwHm*k{k`8qN??nuGWPpHj`[email protected])}[email protected]!5.UZAge-b_{s0wW5?W70d'Q%bHS1{,[email protected]{vz8%)0$)[email protected]?n)]A7{R_zHNMR(QFj7yLS8e8Hb7nhEX`*,m'3jr{CTp?3U,qmZXcZ0jFxOJx,Y8=%*ndD*yXVC`~HBoKw?N=*4b,N?ua!6U(uXK`r&9?^4l(@0&sw0,[email protected]?IA-5)V*CS$nB%[email protected]=r.Lu(gueZoMvdRz^&0944]9v$G68bbiEg_yTp}@7zPF`[email protected]!g^k$DZ8V?AiKHkJ565}gXa2MRgj139e4swNvb?Wg^-sE%fhL4?97W%BkyrB3IYY4eof,4=iq&*NGkveB-qCcRu`rq?*k7[0^7fT*@^5yi_3PR9HV6hBYFV{Ngq[9%)0k,?b?){9vyqHL3Qe1bJ[!.?`kciNh3{[*LDw
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F6A3416BBE2A1AC43AA0627E38FCF828\Features]
"TPCAN4"="sERs'bkm[A!z=IvzA[d)d`6pooeI!=wHg`EoUSRGKT&d3bbZ4?Rhx~,8I5BbY~y_6AEuJ9YaHVma)78f4M]q-zC%s9sLgI?ciRpihbCFC(XrcAlamZ0FZN!f4~bj+^[email protected])fUh^6Zdb_}M*d[k~?liwE-AK%Ww-AMe5Jorm9Yb+QLWzYqiw,@YENRTR9dtp5m&[email protected]$zyXPmQqA1x3wg?SeCQ(*4c5p+F'[email protected]_%Nn^)gP=H$lx&*]@)9&DhW'-L8c_u32v&-KMj?rAG.t}%E'kgc=.l!Ril9w~]@xth^9u7j}iyiBL19vl^*[email protected]?zG`2[2'[email protected]!`]l19!g}[email protected]+CsA_rYkh=kB%lQae`,$DwT!`[email protected]&-G'q7$yEcw[J)H!?FXPf=[R+m30[,o?je5_='1kW`$GR.3{b?4_XkPV=Nom{A3UH-Nwu07Id'$t9P(9,**!3AsK5`oQi.Ll85+_H7Xo^Z7jYHj]G3ns8z7EYKR?0!BKaB`Y,~8E9vqZY]rl~q_2+_'cB}K,?~_!,[email protected][email protected](c=LL^dmwm$'KG=74.80}O$.bLZj$hPmmF?zpD8O-Bt~xI3k?J.QRb=C2Cdssxae`+x9C5Ry,u84sPdespLWF}[email protected])V0,*-cd5+su=lyC'!Xh%Z,]6o6Bi90*@yW2(Y]7w([email protected]&SUU'zWT3?YTC*r9fkBCSleOC)Y7D&[email protected]*[email protected]$z`iXCeU5)OD.BkEV-Z9'IxsxwP1&&SAPHJUb7c?EZ][Ef6w11INr+Dz9J)?f
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ROC_roc_ssl_v12"=""C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Counter"="1 1847 2 System 4 Memory 6 % Processor Time 10 File Read Operations/sec 12 File Write Operations/sec 14 File Control Operations/sec 16 File Read Bytes/sec 18 File Write Bytes/sec 20 File Control Bytes/sec 24 Available Bytes 26 Committed Bytes 28 Page Faults/sec 30 Commit Limit 32 Write Copies/sec 34 Transition Faults/sec 36 Cache Faults/sec 38 Demand Zero Faults/sec 40 Pages/sec 42 Page Reads/sec 44 Processor Queue Length 46 Thread State 48 Pages Output/sec 50 Page Writes/sec 52 Browser 54 Announcements Server/sec 56 Pool Paged Bytes 58 Pool Nonpaged Bytes 60 Pool Paged Allocs 64 Pool Nonpaged Allocs 66 Pool Paged Resident Bytes 68 System Code Total Bytes 70 System Code Resident Bytes 72 System Driver Total Bytes 74 System Driver Resident Bytes 76 System Cache Resident Bytes 78 Announcements Domain/sec 80 Election Packets/sec 82 Mailslot Writes/sec 84 Server List Requests/sec 86 Cache 88 Data Maps/sec 90 Sync Data Maps/s
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009]
"Help"="3 The System performance object consists of counters that apply to more than one instance of a component processors on the computer. 5 The Memory performance object consists of counters that describe the behavior of physical and virtual memory on the computer. Physical memory is the amount of random access memory on the computer. Virtual memory consists of the space in physical memory and on disk. Many of the memory counters monitor paging, which is the movement of pages of code and data between disk and physical memory. Excessive paging, a symptom of a memory shortage, can cause delays which interfere with all system processes. 7 % Processor Time is the percentage of elapsed time that the processor spends to execute a non-Idle thread. It is calculated by measuring the duration of the idle thread is active in the sample interval, and subtracting that time from interval duration. (Each processor has an idle thread tha
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SysmonLog\Log Queries\{dabffcc8-8640-4f1f-b8cc-1524458bb4c0}]
"Counter List"="\Processor(_Total)\% Processor Time \Memory\Pages/sec \PhysicalDisk(_Total)\Avg. Disk Queue Length"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7CORE]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSW]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSW\0000]
"Service"="Avg7RsW"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSW\0000]
"DeviceDesc"="AVG7 Wrap Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVG7RSXP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGCLEAN]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_AVGTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application]
"Sources"="WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows Media Encoder Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv Tlntsvr System.ServiceModel.Install 3.0.0.0 System.ServiceModel 3.0.0.0 System.Runtime.Serialization 3.0.0.0 System.IO.Log 3.0.0.0 System.IdentityModel 3.0.0.0 SysmonLog Starter SpoolerCtrs SonicMCEBurnEngine Software Restriction Policies Software Installation ServiceModel Audit 3.0.0.0 SecurityCenter SeaPort SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Outlook Offline Files Oakley NUEWizard Ntbackup.ini ntbackup Norton Disk Doctor NIS NDP1.1sp1-KB979906-X86 NDP1.1sp1-KB953297-X86 MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine mnmsrvc Microsoft.Transactions.Bridge 3.0.0.0 Microsoft Office 12 Microsoft Office 11 Microsoft H.323 Telephony Service Provider M
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVG7]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVG7]
"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\AVG7]
"CategoryMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SysmonLog\Log Queries\{dabffcc8-8640-4f1f-b8cc-1524458bb4c0}]
"Counter List"="\Processor(_Total)\% Processor Time \Memory\Pages/sec \PhysicalDisk(_Total)\Avg. Disk Queue Length"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVG7CORE]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVG7RSW]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVG7RSW\0000]
"Service"="Avg7RsW"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVG7RSW\0000]
"DeviceDesc"="AVG7 Wrap Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVG7RSXP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVGCLEAN]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVGTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVGTP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVGTP\0000]
"Service"="avgtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Enum\Root\LEGACY_AVGTP\0000]
"DeviceDesc"="avgtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Eventlog\Application]
"Sources"="WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows Media Encoder Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv Tlntsvr System.ServiceModel.Install 3.0.0.0 System.ServiceModel 3.0.0.0 System.Runtime.Serialization 3.0.0.0 System.IO.Log 3.0.0.0 System.IdentityModel 3.0.0.0 SysmonLog Starter SpoolerCtrs SonicMCEBurnEngine Software Restriction Policies Software Installation ServiceModel Audit 3.0.0.0 SecurityCenter SeaPort SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Outlook Offline Files Oakley NUEWizard Ntbackup.ini ntbackup Norton Disk Doctor NDP1.1sp1-KB979906-X86 NDP1.1sp1-KB953297-X86 NDP1.1sp1-KB2656370-X86 NDP1.1sp1-KB2656353-X86 NDP1.1sp1-KB2572067-X86 NDP1.1sp1-KB2416447-X86 MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine MPSampleSubmission mnmsrvc Microsoft.T
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Eventlog\Application\AVG7]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Eventlog\Application\AVG7]
"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\Eventlog\Application\AVG7]
"CategoryMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\SysmonLog\Log Queries\{dabffcc8-8640-4f1f-b8cc-1524458bb4c0}]
"Counter List"="\Processor(_Total)\% Processor Time \Memory\Pages/sec \PhysicalDisk(_Total)\Avg. Disk Queue Length"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVG7CORE]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVG7RSW]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVG7RSW\0000]
"Service"="Avg7RsW"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVG7RSW\0000]
"DeviceDesc"="AVG7 Wrap Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVG7RSXP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVGCLEAN]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVGTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVGTP]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVGTP\0000]
"Service"="avgtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Enum\Root\LEGACY_AVGTP\0000]
"DeviceDesc"="avgtp"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Eventlog\Application]
"Sources"="WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows Media Encoder Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv Tlntsvr System.ServiceModel.Install 3.0.0.0 System.ServiceModel 3.0.0.0 System.Runtime.Serialization 3.0.0.0 System.IO.Log 3.0.0.0 System.IdentityModel 3.0.0.0 SysmonLog Starter SpoolerCtrs SonicMCEBurnEngine Software Restriction Policies Software Installation ServiceModel Audit 3.0.0.0 SecurityCenter SeaPort SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Outlook Offline Files Oakley NUEWizard Ntbackup.ini ntbackup Norton Disk Doctor NDP1.1sp1-KB979906-X86 NDP1.1sp1-KB953297-X86 NDP1.1sp1-KB2656370-X86 NDP1.1sp1-KB2656353-X86 NDP1.1sp1-KB2572067-X86 NDP1.1sp1-KB2416447-X86 MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine MPSampleSubmission mnmsrvc Microsoft.T
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Eventlog\Application\AVG7]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Eventlog\Application\AVG7]
"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\Eventlog\Application\AVG7]
"CategoryMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\SysmonLog\Log Queries\{dabffcc8-8640-4f1f-b8cc-1524458bb4c0}]
"Counter List"="\Processor(_Total)\% Processor Time \Memory\Pages/sec \PhysicalDisk(_Total)\Avg. Disk Queue Length"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7CORE]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSW]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSW\0000]
"Service"="Avg7RsW"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSW\0000]
"DeviceDesc"="AVG7 Wrap Driver"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVG7RSXP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGCLEAN]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTDI]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTP]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTP\0000]
"Service"="avgtp"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_AVGTP\0000]
"DeviceDesc"="avgtp"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application]
"Sources"="WSH WMIAdapter WMI.NET Provider Extension WmdmPmSN WinMgmt Winlogon Windows Product Activation Windows Media Encoder Windows 3.1 Migration WebClient VSS VBRuntime Userinit Userenv Tlntsvr System.ServiceModel.Install 3.0.0.0 System.ServiceModel 3.0.0.0 System.Runtime.Serialization 3.0.0.0 System.IO.Log 3.0.0.0 System.IdentityModel 3.0.0.0 SysmonLog Starter SpoolerCtrs SonicMCEBurnEngine Software Restriction Policies Software Installation ServiceModel Audit 3.0.0.0 SecurityCenter SeaPort SclgNtfy SceSrv SceCli safrslv SAFrdms RPC Remote Assistance PerfProc PerfOS PerfNet Perfmon Perflib PerfDisk Perfctrs Outlook Offline Files Oakley NUEWizard Ntbackup.ini ntbackup Norton Disk Doctor NDP1.1sp1-KB979906-X86 NDP1.1sp1-KB953297-X86 NDP1.1sp1-KB2656370-X86 NDP1.1sp1-KB2656353-X86 NDP1.1sp1-KB2572067-X86 NDP1.1sp1-KB2416447-X86 MSSQLSERVER/MSDE MSSOAP MSSHA MsiInstaller MSDTC Client MSDTC MSDMine MPSampleSubmission mnmsrvc Microso
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVG7]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVG7]
"EventMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\AVG7]
"CategoryMessageFile"="C:\PROGRA~1\Grisoft\AVG7\avglog.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\AVG\AVG2012\avgmfapx.exe"="C:\Program Files\AVG\AVG2012\avgmfapx.exe:*:Enabled:AVG Installer"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysmonLog\Log Queries\{dabffcc8-8640-4f1f-b8cc-1524458bb4c0}]
"Counter List"="\Processor(_Total)\% Processor Time \Memory\Pages/sec \PhysicalDisk(_Total)\Avg. Disk Queue Length"
[HKEY_USERS\.DEFAULT\Software\AVG Secure Search]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Adobe\Acrobat Reader\7.0\AVGeneral]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Garmin\MapSource\Settings\Tabs\Tracks\7]
"Label"="Avg Speed"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"DisplayName"="AVG Secure Search"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"URL"="https://isearch.avg.com/search?cid={853AEDAE-0EA3-4558-8019-6982ECA0D373}&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&lang=en&ds=AVG&pr=fr&d=2012-08-08 15:34:23&v=12.2.0.5&sap=dsp&q={searchTerms}"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"FaviconURLFallback"="https://isearch.avg.com/favicon.ico"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"FaviconPath"="C:\Program Files\AVG Secure Search\favicon.ico"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}]
"FaviconURL"="https://isearch.avg.com/favicon.ico"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Internet Explorer\TypedURLs]
"url1"="http://avg/"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Search Assistant\ACMru\5603]
"000"="avg"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.csv\OpenWithList]
"a"="avgui.exe"
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG 7.5]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\AVG Standalone LinkScanner]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avgtray]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avgui]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_free_stb_all_2012_2169_cnet]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_free_stb_all_2012_2169_cnet(1)]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_free_stb_all_2012_2197_cnet]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_isct_stb_all_2012_2171_ppc2]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_remover_stf_x86_2012_2125]
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\NVIDIA Corporation\Global\nView\WindowManagement\avg_remover_stf_x86_2012_2125(1)]
[HKEY_USERS\S-1-5-18\Software\AVG Secure Search]

-= EOF =-


----------



## Mark1956 (May 7, 2011)

I doesn't look as if AVG has uninstalled. Lets try another approach.

Go Here, scroll down the page until you see *AVG Antivirus Free 2013* and click on the button to the right to download it. Install the program and reboot. I appreciate you had version 2012 but this will overwrite it.

Then go into Programs and Features, select AVG 2013 and select Uninstall when it confirms completion reboot the PC. Then delete the uninstall tool you have and go back to the link I gave earlier and download the removal tool for the 2013 version, it's the first one on the list, run the tool and reboot.

Check in Programs and Features to see if AVG Secure Search has come back, it should not interfere with Combofix but uninstall it anyway.

Now run Combofix again and let me know how it goes.

Just out of interest when you reinstalled AVG 2012 where did you get the download from as that version does not appear to be available from the AVG site.


----------



## pcme (Jul 10, 2012)

this program and features, where can I find it? or is add/remove programs from control panel? Also I downloaded AVG 2012 off the CNet website


----------



## Mark1956 (May 7, 2011)

Ooops, your on XP so it is Add/Remove in the Control Panel. Programs and Features is for Vista and Windows 7.

Always best to only download security software from the official site as you never know what might have been added to it. 

Give it a shot using the 2013 version and the 2013 uninstaller as suggested above and let me know how it goes.


----------



## pcme (Jul 10, 2012)

So I removed then uninstalled AVG and Im running combofix currently. No AVG running in the background so combofix didnt alarm, but combofix has been running for the past hour and I havent touched the mouse or anything and I think its stalled. I will let it run for the rest of the night.


----------



## Mark1956 (May 7, 2011)

Ok, let me know how it goes, I'll be back in the morning.


----------



## pcme (Jul 10, 2012)

It stalled, nothing has happened since I let it run all night.


----------



## Mark1956 (May 7, 2011)

Please run this tool and post the log.

Download RogueKiller (by tigzy) and save direct to your Desktop.

On the web page click on this:









Quit all running programs
Start RogueKiller.exe
Wait until Prescan has finished.
Ensure all boxes are ticked under "Report" tab.
Click on Scan.
Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
NOTE: *DO NOT attempt to remove anything that the scan detects.*


----------



## Mark1956 (May 7, 2011)

Are you still with us?


----------



## pcme (Jul 10, 2012)

RogueKiller V8.0.3 [09/13/2012] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/file/413-roguekiller/
Blog: http://tigzyrk.blogspot.com

Operating System: Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : HP_Administrator [Admin rights]
Mode : Scan -- Date : 09/18/2012 11:22:42

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 3 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> FOUND
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST3200822AS +++++
--- User ---
[MBR] 397b623dbac3e08eb39e69b8f21d1d9d
[BSP] 8a7884da59e414827f91c43dcf324e78 : Toshiba tatooed MBR Code
Partition table:
0 - [XXXXXX] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 63 | Size: 8205 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 16803990 | Size: 182574 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[1].txt >>
RKreport[1].txt


----------



## Mark1956 (May 7, 2011)

RogueKiller log is clean, but I am still concerned that Combofix will not complete when run with a script.

Several things I would like you to do.

Please follow this to run Combofix, but do it in Safe Mode and see how it goes.

Open Notepad by clicking







> *Run...* and in the open box type: *Notepad.exe*
Press Ok, then copy and paste everything in the *code box* below into it.
_-- Note: Make sure Word Wrap is *unchecked* in Notepad by clicking on *Format* in the top menu._

```
KillAll::
DDS::
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: {D593DE91-7B41-45C2-830E-E9A99AB142AA} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
ClearJavaCache::
Reboot::
```

Save the file as *CFScript.txt* by choosing _Save As..._ in the File Menu, and save it to your Desktop where the ComboFix icon is also located.
Close your browser and* disconnect* from the Internet.
Now use your mouse to *drag*, then *drop* the CFScript.txt file on top of ComboFix.exe as seen in the image below.








This will start ComboFix again and launch the script.
ComboFix may reboot your system when it finishes. This is normal.
A log will be created just as before and saved to C:\ComboFix.txt. Please copy and paste the contents of *ComboFix.txt* in your next reply.
Be sure to *re-enable* your anti-virus and other security programs *after* the scan is complete.
NOTE: if you see a message like this when you attempt to open anything after the reboot *"Illegal Operation attempted on a registry key that has been marked for deletion"* please reboot the system again and the warning should not return.

_____________________________________________________________

To avoid confusion, everything else should be done in Normal Mode.

Regardless of Combofix completing or not please run this.


Click on *Start* then *Run* and type *cmd* in the search box and hit *Enter*. At the *C:* prompt, type *chkdsk /r *exactly as written here with the gap before the slash, then hit* Enter*. 
You will then see a message *"Would you like to schedule this volume to be checked the next time the system restarts? (Y/N)" *
Type *Y* for yes, and hit *Enter*. Then reboot the computer. The disc check will start when Windows begins loading again. Let all 5 phases run and don't use or turn off the computer. (The disc check process may take an hour or more to finish and may appear to freeze which is normal.)
When the disc check is done, it will finish loading Windows.
When finished click on *Start* then *Run* and type: *eventvwr.msc* and hit *Enter*.
When *Event Viewer* opens, click on* Application* in the left pane. In the main pane scroll down until you find *Winlogon* under the *Source* column and double-click on it. 
This is the log created after running the disc check. Click *once* on the *Copy* button








Come back here and* right click* on the message box, select *Paste* from the pop up menu and the log will appear. Then submit the post.
__________________________________________________________________

Run the system file checker as follows. 
Click on Start > Run > Type cmd in the Run box and hit Enter. At the Command Prompt type *sfc /scannow* (you must include the gap before the /) and hit Enter. Let the process run to completion. You will be asked to insert the XP disc, it needs to match your OS and have SP3 included or it will not work.

After completion see if there is any message in the Command Prompt window.

If you get an error message when you insert the XP disc stating it is the wrong version you will have to slipstream it with SP3. This guide shows how to do it, you can leave out the part about SATA drivers if not required. Slipstream XP with SP3 and SATA drivers

_______________________________________________________________

Follow this guide to defrag your hard drive:How to run Defrag in Windows XP


----------



## pcme (Jul 10, 2012)

Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 9/18/2012
Time: 7:13:44 PM
User: N/A
Computer: MINE
Description:
Checking file system on C:
The type of the file system is NTFS.
Volume label is HP_PAVILION.

A disk check has been scheduled.
Windows will now check the disk. 
Cleaning up minor inconsistencies on the drive.
Cleaning up 716 unused index entries from index $SII of file 0x9.
Cleaning up 716 unused index entries from index $SDH of file 0x9.
Cleaning up 716 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the
master file table (MFT) bitmap.
Windows has made corrections to the file system.

186956437 KB total disk space.
94410736 KB in 174995 files.
73832 KB in 19957 indexes.
0 KB in bad sectors.
522837 KB in use by the system.
65536 KB occupied by the log file.
91949032 KB available on disk.

4096 bytes in each allocation unit.
46739109 total allocation units on disk.
22987258 allocation units available on disk.

Internal Info:
70 41 03 00 93 f9 02 00 80 71 04 00 00 00 00 00 pA.......q......
25 5c 00 00 02 00 00 00 93 10 00 00 00 00 00 00 %\..............
b4 86 f0 0b 00 00 00 00 2e c2 b1 df 00 00 00 00 ................
22 ea e2 3d 00 00 00 00 c0 d5 b6 3d 0c 00 00 00 "..=.......=....
8e d4 08 f2 06 00 00 00 6a 8d b5 6b 14 00 00 00 ........j..k....
99 9e 36 00 00 00 00 00 a8 39 07 00 93 ab 02 00 ..6......9......
00 00 00 00 00 c0 5f 82 16 00 00 00 f5 4d 00 00 ......_......M..

Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## pcme (Jul 10, 2012)

I never recieved a xp cd with my computer just a back up on my hard drive, also I tried downloading the Windows Framesworks and it said there was an error. oh and the drivers I needed the link was dead.


----------



## Mark1956 (May 7, 2011)

Why are you trying to install Framework
I didn't ask you to do this and it will serve no purpose at present.
Also, what drivers are you talking about, I have not asked you to install any

Please completete the rest of the instructions for Combofix and Defrag.

Follow these instructions to run the System File Checker without the disk:

First, follow this guide to create a Restore Point:Create a System Restore point in XP

Go Start and then Run
type in regedit and click OK.

Navigate to the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup

You will see various entries Values on the right hand side.

The one we want is called: SourcePath

It probably has an entry pointing to your CD-ROM drive, usually D and that is why it is asking for the XP CD.
All we need to do is change it to: C:
Now, double click the SourcePatch setting and a new box will pop up.
Change the drive letter from your CD drive to your root drive, usually C:
Close Registry Editor.

If the system still asks for the CD then also change the SourcePath entry as before for this key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SourcePath
And this one:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ServicePackSourcePath
Now restart your computer and try sfc /scannow again!


----------



## pcme (Jul 10, 2012)

I was reading what you posted on scannow, so I ran it and had a problem with asking it for xp disc, it wouldn't read my back xp disc because of the current version is SP3. So I followed the slip stream link you provided and started to follow instructions on using nlite.. thats where I fell in to more problems. So I guess I will ignore all that and just carry onto your current instructions.

Run the system file checker as follows. 
Click on Start > Run > Type cmd in the Run box and hit Enter. At the Command Prompt type *sfc /scannow* (you must include the gap before the /) and hit Enter. Let the process run to completion. You will be asked to insert the XP disc, it needs to match your OS and have SP3 included or it will not work.

After completion see if there is any message in the Command Prompt window.

If you get an error message when you insert the XP disc stating it is the wrong version you will have to slipstream it with SP3. This guide shows how to do it, you can leave out the part about SATA drivers if not required. Slipstream XP with SP3 and SATA drivers


----------



## Mark1956 (May 7, 2011)

First I need to apologise for this:


> Why are you trying to install Framework
> I didn't ask you to do this and it will serve no purpose at present.
> Also, what drivers are you talking about, I have not asked you to install any


 I was forgetting that the .net Framework has to be downloaded to make the slipstreamed disc. The drivers are not an issue unless you wanted to use the disc to reinstall Windows and you have a SATA hard drive, it will work for the purposes of running the System File Checker without those drivers.

I gave the instruction to run Combofix in Safe Mode and then the disc check followed by the System File Checker and Defrag. You seem to have skipped the run with Combofix in Safe Mode.


----------



## pcme (Jul 10, 2012)

my sourcepatch is already set to my hard drive c:/


----------



## pcme (Jul 10, 2012)

I'm looking in the same area as HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup and I see a installation sources key and it's set to D:\ if that helps with anything?


----------



## pcme (Jul 10, 2012)

also in the same place there is ServicePackCachePath and ServicePackSourcePath


----------



## pcme (Jul 10, 2012)

oh wait a sec there is another folder with windows nt, disregard previous post for now


----------



## pcme (Jul 10, 2012)

ok so now it is asking for my service pack 3 cd when running scan now


----------



## Mark1956 (May 7, 2011)

Ok, it's getting late here now so I will have another look at the problem with System File Checker in the morning. Either you have not made the registry edits correctly or the file checker is for some other reason not seeing the i386 folder.

Meanwhile please try what I suggested to run Combofix in Safe Mode and let me know what happens.


----------



## pcme (Jul 10, 2012)

I ran combofix in safe mode and it worked with no problems. I am going to run defrag now.


----------



## Mark1956 (May 7, 2011)

Sorry I didn't get back sooner, had a busy day and out this evening. Please post the Combofix log.


----------



## pcme (Jul 10, 2012)

ComboFix 12-09-13.03 - HP_Administrator 09/18/2012 16:10:44.4.1 - x86 MINIMAL
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.735 [GMT -4:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
- REDUCED FUNCTIONALITY MODE -
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\8eeefcddffa6536f.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-08-18 to 2012-09-18 )))))))))))))))))))))))))))))))
.
.
2012-09-18 20:19 . 2012-09-18 20:19 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7702AC8D-D79B-4D66-87CB-EBBA301A3A3A}\MpKsld41e9763.sys
2012-09-17 16:23 . 2012-08-23 07:15 7022536 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7702AC8D-D79B-4D66-87CB-EBBA301A3A3A}\mpengine.dll
2012-09-16 15:46 . 2012-08-23 07:15 7022536 ------w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-09-12 23:03 . 2012-09-12 23:03 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\TuneUp Software
2012-09-10 19:18 . 2012-09-10 19:20 -------- d-----w- c:\program files\Cisco Systems
2012-09-10 19:10 . 2012-09-10 19:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Cisco Systems
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-04 16:36 . 2012-04-29 21:06 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-04 16:36 . 2011-08-04 22:09 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-29 00:24 . 2012-08-04 00:13 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-29 00:24 . 2010-06-05 00:09 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-28 22:39 . 2012-08-04 00:11 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-27 00:53 . 2012-07-27 00:53 8281168 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2012-07-06 13:58 . 2004-08-10 19:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05 . 2004-08-10 19:00 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 17:46 . 2012-07-16 23:11 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40 . 2004-08-10 19:00 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49 . 2004-08-10 19:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49 . 2004-08-10 19:00 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49 . 2004-08-10 19:00 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05 . 2004-08-10 19:00 385024 ----a-w- c:\windows\system32\html.iec
2008-11-14 23:28 . 2008-11-14 23:28 12881 ----a-w- c:\program files\Common Files\ihasi.bat
2012-07-27 21:23 . 2011-03-25 00:33 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LDM"="c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2009-04-10 32768]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"Sony PC Companion"="c:\program files\Sony\Sony PC Companion\PCCompanion.exe" [2012-05-31 445624]
"Update Manager"="c:\program files\Rogers\Update Manager\UpdateManager.exe" [2005-01-28 131072]
"SHS"="c:\program files\Rogers\SelfHealing\SHS.exe" [2005-05-17 2418344]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-26 245760]
"LVCOMS"="c:\program files\Common Files\Logitech\QCDriver3\LVCOMS.EXE" [2002-12-10 127022]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2005-05-20 28160]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 221184]
"ISUSScheduler"="c:\program files\common files\installshield\updateservice\issch.exe" [2004-07-28 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-11-29 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-03-02 421160]
"DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 931200]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
SolidWorks Task Scheduler Engine.lnk - c:\program files\SolidWorks\swScheduler\swBOEngine.exe [N/A]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-4-23 29696]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-2-19 288472]
Logitech Desktop Messenger.lnk - c:\program files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2009-4-10 450560]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2006-12-22 450560]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-9-28 36903]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Norton System Doctor.LNK]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\Norton System Doctor.LNK
backup=c:\windows\pss\Norton System Doctor.LNKStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-04-17 03:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL]
2005-01-24 09:56 544768 ----a-w- c:\windows\sm56hlpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ulead Photo Express Calendar Checker]
2004-01-13 01:40 69632 ----a-w- c:\program files\Ulead Systems\Ulead Photo Express 5 SE\CalCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\NexonUS\\NGM\\NGM.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Sony Ericsson\\Update Engine\\Sony Ericsson Update Engine.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3776:UDP"= 3776:UDP:Media Center Extender Service
"3390:TCP"= 3390:TCP:Remote Media Center Experience
"9420:TCP"= 9420:TCP:Red Swoosh
"5000:UDP"= 5000:UDP:Red Swoosh
.
R1 MpKsld41e9763;MpKsld41e9763;c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7702AC8D-D79B-4D66-87CB-EBBA301A3A3A}\MpKsld41e9763.sys [9/18/2012 4:19 PM 29904]
R2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [6/11/2012 4:22 PM 193616]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [7/16/2012 7:11 PM 655944]
R3 Mach2;Mach2 Pulseing Service;c:\windows\system32\drivers\Mach2.sys [4/6/2008 2:17 PM 99936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [7/16/2012 7:11 PM 22344]
S0 qqviagb;qqviagb;c:\windows\system32\drivers\jsyjqyvu.sys --> c:\windows\system32\drivers\jsyjqyvu.sys [?]
S2 Application Updater;Application Updater;"c:\program files\Application Updater\ApplicationUpdater.exe" --> c:\program files\Application Updater\ApplicationUpdater.exe [?]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [1/30/2010 7:05 PM 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [4/29/2012 5:06 PM 250056]
S3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [6/11/2012 4:22 PM 240208]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [11/22/2010 2:21 PM 13224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [1/30/2010 7:05 PM 135664]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [4/7/2007 2:01 PM 19039]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [4/24/2012 11:37 PM 113120]
S3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [11/22/2010 2:14 PM 155320]
S4 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/17/2006 1:32 PM 691696]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSLD41E9763
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
QWAVE REG_MULTI_SZ QWAVE
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
StkAMini
us30sys
zpcollector
agentsrv
aavmker4
nimcrpcsu
amoagent
BootScreen
mafwboot
qhwscsvc
lktimesync
ATIVTUTW
cpsvc
AGV
zmxpzip
.
Contents of the 'Scheduled Tasks' folder
.
2012-09-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-29 16:36]
.
2012-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 23:05]
.
2012-09-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-01-30 23:05]
.
2012-09-18 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-03-26 21:03]
.
2012-09-18 c:\windows\Tasks\User_Feed_Synchronization-{8A7EFBA3-8D6B-4E69-AC85-750B378CDC09}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 08:31]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.ca/
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
IE: &Winamp Search - c:\documents and settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: {958FCAB0-616B-11D3-A63F-00001B322780} - hxxp://www.timeticker.com/Timeset/TcpServer.CAB
DPF: {DB31DA00-4F6F-4CC7-8627-C5A142E1FC7C} - hxxp://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\blvewxkk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/webhp?sourceid=navclient&ie=UTF-8
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7B84232f05-341e-4379-8656-a8b823c4f463%7D&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&ds=AVG&v=12.2.5.34&lang=en&pr=fr&d=2012-09-12%2019%3A02%3A58&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-ROC_roc_ssl_v12 - c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe
HKLM-Run-ROC_ROC_NT - c:\program files\AVG Secure Search\ROC_ROC_NT.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-18 16:19
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1065277131-828664852-2200292380-1008\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:ca,16,27,25,6d,84,ec,57,fa,61,27,ec,0e,4b,66,72,66,b8,96,f2,cc,35,f0,
d7,bb,a3,c0,f5,19,fd,bf,89,e7,91,49,c4,14,ea,4b,9f,8d,11,f7,26,84,21,42,72,\
"??"=hex:59,e5,97,70,47,08,a5,1e,f6,13,83,cc,52,0d,a6,6c
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2948)
c:\windows\system32\WININET.dll
c:\docume~1\HP_ADM~1\LOCALS~1\Temp\IadHide5.dll
c:\windows\system32\nview.dll
c:\program files\Logitech\SetPoint\GameHook.dll
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll
c:\progra~1\WINDOW~1\wmpband.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\system32\hnetcfg.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Microsoft Security Client\MsMpEng.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\ehome\RMSvc.exe
c:\program files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
c:\windows\ehome\McrdSvc.exe
c:\program files\Windows Media Player\WMPNetwk.exe
c:\windows\system32\dllhost.exe
c:\windows\eHome\ehmsas.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\system32\rundll32.exe
c:\program files\Sony\Sony PC Companion\PCCompanionInfo.exe
c:\program files\Common Files\Logitech\KHAL\KHALMNPR.EXE
c:\program files\iPod\bin\iPodService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\HPZipm12.exe
.
**************************************************************************
.
Completion time: 2012-09-18 16:30:23 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-18 20:29
.
Pre-Run: 95,085,711,360 bytes free
Post-Run: 94,105,198,592 bytes free
.
- - End Of File - - 469BB89EB33F91B6ACD05D6813325149


----------



## Mark1956 (May 7, 2011)

Great, Combofix has finally made it with the script and removed a few more files.

How well is the PC running now?

If all is ok there is no need to worry about getting the System File Checker to run.

Please run DDS again and post both the logs so I can check to see if there is anything else left behind that needs to be removed.


----------



## pcme (Jul 10, 2012)

good, doesn't seem to have any problems? Can I just delete the programs I used to fix my computer without any problems? I have combofix rougekiller, security check, york yt and omt.


----------



## Mark1956 (May 7, 2011)

I'll post the instructions to remove the tools, do not delete Combofix, if you have reinstall it.


----------



## Mark1956 (May 7, 2011)

It would be advisable to post the DDS logs before removing any of the tools incase they are needed to remove any other files.

To re-enable your CD Emulation drivers if you disabled them, double click *DeFogger.exe* to run the tool again.

The application window will appear.
Click the *Re-enable* button to re-enable your CD Emulation drivers.
Click *Yes* to continue.
A *'Finished!*' message will appear.
Click *OK*.
DeFogger will now ask to reboot the machine...click *OK*.
To uninstall ComboFix, press the *WINKEY + R* keys on your keyboard or click







> *Run... *and in the Open dialog box, type: *ComboFix /Uninstall*










Press *OK*.
*-- Vista/Windows 7* users refer to these instructions.
If you encounter any problems using the switch from the Run dialog box, just rename ComboFix.exe to *Uninstall.exe*, then double-click on it to remove.
This will delete ComboFix's related folders/files, reset the clock settings, hide file extensions/system files, clear the System Restore cache to prevent possible reinfection and *create a new Restore point.*
When it has finished you will see a dialog box stating that _"ComboFix has been uninstalled". _
After that, you can delete the ComboFix.exe program from your computer (Desktop).

*Next*
Download *OTC* by OldTimer and save it to your *desktop.*
Double click







icon to start the program. 
If you are using Vista or Windows 7, please right-click and choose *Run as Administrator*
Then Click the big







button.
You will get a prompt saying "_Begin Cleanup Process_". Please select *Yes*.
Restart your computer when prompted.
-- Doing this will *remove* any specialized tools downloaded and used. If OTC does not delete itself, then delete the file manually when done.
-- Any leftover folders/files related to ComboFix or other tools which OTC did not remove can be deleted manually (right-click on it and choose delete).

*Please post back when this is complete and let me know if you have had any problems.*


----------



## pcme (Jul 10, 2012)

ok, here is the DDS log

.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_35
Run by HP_Administrator at 18:02:15 on 2012-09-23
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.422 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\ehome\RMSvc.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\Logitech\QCDriver3\LVCOMS.EXE
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\program files\common files\installshield\updateservice\issch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Rogers\SelfHealing\rogersagent.exe
C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\ALCXMNTR.EXE
c:\windows\system\hpsysdrv.exe
C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.exe
.
============== Pseudo HJT Report ===============
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://www.google.ca/
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com
uSearchURL,(Default) = hxxp://ca.red.clientapps.yahoo.com/customize/rogers/defaults/su/*http://www.yahoo.com
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: DivX Plus Web Player HTML5 : {326e768d-4182-46fd-9c16-1449a49795f4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - c:\program files\winamp toolbar\winamptb.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "c:\program files\microsoft\bingbar\7.1.391.0\BingExt.dll"
uRun: [LDM] c:\program files\logitech\desktop messenger\8876480\program\LogitechDesktopMessenger.exe
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_1_0 -reboot 1
uRun: [Sony PC Companion] "c:\program files\sony\sony pc companion\PCCompanion.exe" /Background
uRun: [Update Manager] "c:\program files\rogers\update manager\UpdateManager.exe" /background
uRun: [SHS] "c:\program files\rogers\selfhealing\SHS.exe" /background
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [RogersAgent] c:\program files\rogers\selfhealing\rogersagent.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [LVCOMS] c:\program files\common files\logitech\qcdriver3\LVCOMS.EXE
mRun: [KBD] c:\hp\kbd\KBD.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\solidw~1.lnk - c:\program files\solidworks\swscheduler\swBOEngine.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\desktop messenger\8876480\program\LDMConf.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logite~2.lnk - c:\program files\logitech\setpoint\SetPoint.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\9972322\program\Updates from HP.exe
IE: &Winamp Search - c:\documents and settings\all users\application data\winamp toolbar\ietoolbar\resources\en-us\local\search.html
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\mi1933~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\mi1933~1\office12\REFIEBAR.DLL
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} - hxxp://www.digitalwebbooks.com/reader/dbplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://by112fd.bay112.hotmail.msn.com/resources/MsnPUpld.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5483.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133478383321
DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} - hxxp://launch.gamespyarcade.com/software/launch/alaunch.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {958FCAB0-616B-11D3-A63F-00001B322780} - hxxp://www.timeticker.com/Timeset/TcpServer.CAB
DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DB31DA00-4F6F-4CC7-8627-C5A142E1FC7C} - hxxp://www.syncmyride.com/Own/Modules/UploadDownload/applets/sync.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
TCP: DhcpNameServer = 64.71.255.198
TCP: Interfaces\{40C19284-9B9E-456F-A2F4-5567B1573D6A} : DhcpNameServer = 64.71.255.198
TCP: Interfaces\{BD4FB9D8-12B7-4433-B126-2CCE9D18B37B} : DhcpNameServer = 64.71.255.198
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\blvewxkk.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.ca/webhp?sourceid=navclient&ie=UTF-8
FF - prefs.js: keyword.URL - hxxps://isearch.avg.com/search?cid=%7B84232f05-341e-4379-8656-a8b823c4f463%7D&mid=c89b35b68ac247d0ab11d15a9232b1cf-a62a9a39678ccdec6e4bb3d3ac57d8a5dbbdbd10&ds=AVG&v=12.2.5.34&lang=en&pr=fr&d=2012-09-12%2019%3A02%3A58&sap=ku&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\sony\media go\npmediago.dll
FF - plugin: c:\program files\tvuplayer\npTVUAx.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_278.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\Npindeo.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-3-20 171064]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-9-20 399432]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-7-16 676936]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\McrdSvc.exe [2005-10-20 96256]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 Mach2;Mach2 Pulseing Service;c:\windows\system32\drivers\Mach2.sys [2008-4-6 99936]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-7-16 22856]
S0 qqviagb;qqviagb;c:\windows\system32\drivers\jsyjqyvu.sys --> c:\windows\system32\drivers\jsyjqyvu.sys [?]
S2 Application Updater;Application Updater;"c:\program files\application updater\applicationupdater.exe" --> c:\program files\application updater\ApplicationUpdater.exe [?]
S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-29 250288]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-11-22 13224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-1-30 135664]
S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2007-4-7 19039]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-24 114144]
S3 Sony PC Companion;Sony PC Companion;c:\program files\sony\sony pc companion\PCCService.exe [2010-11-22 155320]
.
=============== Created Last 30 ================
.
2012-09-23 17:49:38 6980552 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{c6ebea28-281d-4c05-85b3-5d66fd7031a9}\mpengine.dll
2012-09-21 16:47:56 6980552 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-09-19 16:39:42 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2012-09-19 00:47:00 26496 ----a-w- c:\windows\system32\dllcache\asc.sys
2012-09-19 00:47:00 22400 ----a-w- c:\windows\system32\dllcache\asc3350p.sys
2012-09-19 00:46:44 6272 ----a-w- c:\windows\system32\dllcache\apmbatt.sys
2012-09-19 00:46:43 36224 ----a-w- c:\windows\system32\dllcache\an983.sys
2012-09-19 00:46:42 12032 ----a-w- c:\windows\system32\dllcache\amsint.sys
2012-09-19 00:46:41 16969 ----a-w- c:\windows\system32\dllcache\amb8002.sys
2012-09-19 00:46:40 5248 ----a-w- c:\windows\system32\dllcache\aliide.sys
2012-09-19 00:46:40 26624 ----a-w- c:\windows\system32\dllcache\alifir.sys
2012-09-19 00:46:39 27678 ----a-w- c:\windows\system32\dllcache\ali5261.sys
2012-09-19 00:46:38 56960 ----a-w- c:\windows\system32\dllcache\aic78xx.sys
2012-09-19 00:46:38 55168 ----a-w- c:\windows\system32\dllcache\aic78u2.sys
2012-09-19 00:46:37 12800 ----a-w- c:\windows\system32\dllcache\aha154x.sys
2012-09-19 00:10:39 -------- d-----w- c:\program files\nLite
2012-09-19 00:10:04 101888 ----a-w- c:\windows\system32\dllcache\adpu160m.sys
2012-09-19 00:10:03 46112 ----a-w- c:\windows\system32\dllcache\adptsf50.sys
2012-09-19 00:10:02 10880 ----a-w- c:\windows\system32\dllcache\admjoy.sys
2012-09-19 00:10:01 747392 ----a-w- c:\windows\system32\dllcache\adm8830.sys
2012-09-19 00:10:01 553984 ----a-w- c:\windows\system32\dllcache\adm8820.sys
2012-09-19 00:10:00 584448 ----a-w- c:\windows\system32\dllcache\adm8810.sys
2012-09-19 00:10:00 20160 ----a-w- c:\windows\system32\dllcache\adm8511.sys
2012-09-13 21:09:52 98816 ----a-w- c:\windows\sed.exe
2012-09-13 21:09:52 518144 ----a-w- c:\windows\SWREG.exe
2012-09-13 21:09:52 256000 ----a-w- c:\windows\PEV.exe
2012-09-13 21:09:52 208896 ----a-w- c:\windows\MBR.exe
2012-09-12 23:03:58 -------- d-----w- c:\documents and settings\hp_administrator\application data\TuneUp Software
2012-09-10 19:18:27 -------- d-----w- c:\program files\Cisco Systems
2012-09-10 19:10:28 -------- d-----w- c:\documents and settings\all users\application data\Cisco Systems
.
==================== Find3M ====================
.
2012-09-20 20:35:08 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-20 20:35:08 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-07 21:04:46 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-29 00:24:56 477168 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-29 00:24:53 473072 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-28 22:39:23 73728 ----a-w- c:\windows\system32\javacpl.cpl
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2008-11-14 23:28:38 12881 ----a-w- c:\program files\common files\ihasi.bat
.
============= FINISH: 18:04:07.21 ===============


----------



## pcme (Jul 10, 2012)

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 11/22/2005 3:21:36 PM
System Uptime: 9/23/2012 5:10:25 PM (1 hours ago)
.
Motherboard: ASUSTek Computer INC. | | Amberine M
Processor: AMD Athlon(tm) 64 Processor 3500+ | Socket 939 | 2188/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 178 GiB total, 90.454 GiB free.
D: is FIXED (FAT32) - 8 GiB total, 0.878 GiB free.
E: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2A26103C&REV_10\4&1C88B56&0&18A4
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8139/810x Family Fast Ethernet NIC
PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_2A26103C&REV_10\4&1C88B56&0&18A4
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP581: 9/18/2012 8:47:51 PM - Software Distribution Service 3.0
RP582: 9/19/2012 5:21:08 PM - System Checkpoint
RP583: 9/19/2012 6:56:31 PM - After Fix
RP584: 9/20/2012 9:53:59 AM - Software Distribution Service 3.0
RP585: 9/21/2012 12:47:43 PM - Software Distribution Service 3.0
RP586: 9/23/2012 1:49:11 PM - Software Distribution Service 3.0
RP587: 9/23/2012 5:00:31 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
µTorrent
2010 Ford Mustang Screensaver
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Reader 7.0.5 Language Support
Adobe Reader 7.1.0
Adobe Shockwave Player 11
Adobe Stock Photos 1.0
AiO_Scan
AiOSoftware
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bonjour
BufferChm
CameraDrivers
CheckIt Diagnostics
CNCez PRO 2006
Connect
CP_AtenaShokunin1Config
CP_CalendarTemplates1
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
Critical Update for Windows Media Player 11 (KB959772)
CueTour
CustomerResearchQFolder
D2300
D2300_Help
Destinations
DivX Converter
DivX Plus DirectShow Filters
DivX Setup
DivX Version Checker
DocProc
DocumentViewer
DocumentViewerQFolder
Enhanced Multimedia Keyboard Solution
eSupportQFolder
Fax
ffdshow [rev 1723] [2007-12-24]
Garmin MapSource
Garmin TOPO Canada v4
Garmin Trip and Waypoint Manager v5
Garmin USB Drivers
GdiplusUpgrade
Google Update Helper
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB895961-v4)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB953761)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Customer Participation Program 7.0
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 7.0
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart and Deskjet 7.0 Software
HP Photosmart Cameras 5.0
HP Photosmart Essential
HP Product Assistant
HP PSC & OfficeJet 5.3.B
HP Solution Center 7.0
HP Update
hph_ProductContext
hph_readme
hph_software
hph_software_req
HPPhotoSmartExpress
HPProductAssistant
HpSdpAppCoreApp
InstantShareAlert
InstantShareDevices
IntelliMover Data Transfer Demo
InterActual Player
InterVideo WinDVD Player
iTunes
J2SE Runtime Environment 5.0
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Java Auto Updater
Java(TM) 6 Update 2
Java(TM) 6 Update 3
Java(TM) 6 Update 35
Java(TM) 6 Update 5
Java(TM) 6 Update 7
Java(TM) SE Runtime Environment 6 Update 1
JDownloader
Junk Mail filter update
LightScribe 1.4.136.1
Logitech Desktop Messenger
Logitech Gaming Software
Logitech SetPoint
Magic ISO Maker v5.3 (build 0221)
Malwarebytes Anti-Malware version 1.65.0.1400
MarketResearch
Maven Application Manager
Media Center Extender
Media Go
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.5
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Works
Motorola SM56 Speakerphone Modem
Move Networks Media Player for Internet Explorer
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 6 Service Pack 2 (KB954459)
muvee autoProducer 4.0
muvee autoProducer unPlugged 1.1 - HPD
neroxml
NewCopy
NVIDIA Drivers
OpenOffice.org Installer 1.0
Orb Runtime libraries
PanoStandAlone
PC-Doctor 5 for Windows
PhotoGallery
Player
PlayStation(R)Network Downloader
PlayStation(R)Store
PS2
PSPrinters08
PSTAPlugin
Python 2.2 pywin32 extensions (build 203)
QFolder
QuickTime
RandMap
Readme
Revo Uninstaller 1.87
Rogers Self Healing Software (remove only)
Scan
ScannerCopy
Search Settings v1.2.3
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition 
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SkinsHP1
SolutionCenter
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Sony Ericsson Update Engine
Sony PC Companion 2.10.094
SoulSeek Client 156c
Status
Steam
StreamTorrent 1.0
Symantec Technical Support Web Controls
TomTom HOME Visual Studio Merge Modules
Toolbox
TrayApp
TVAnts 1.0
TVersity Codec Pack 1.4
TVUPlayer 2.5.3.1
U3Launcher
Ulead CD & DVD PictureShow 3 SE Basic
Ulead Photo Express 5 SE
Unload
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Manager (remove only)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
VBA (2627.01)
VC80CRTRedist - 8.0.50727.6195
VideoLAN VLC media player 0.8.6d
WebFldrs XP
WebReg
Winamp
Winamp Detector Plug-in
Winamp Toolbar for Firefox
Winamp Toolbar for Internet Explorer
Windows 7 Upgrade Advisor
Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (05/27/2006 1.3.2.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage v1.3.0254.0
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix [See KB889858 for more information]
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB888316
Windows XP Media Center Edition 2005 KB890629
Windows XP Media Center Edition 2005 KB895678
Windows XP Media Center Edition 2005 KB905589
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
XMLplayer
.
==== Event Viewer Messages From Past Week ========
.
9/23/2012 1:30:48 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the BBUpdate service to connect.
9/23/2012 1:30:48 PM, error: Service Control Manager [7000] - The BBUpdate service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
9/23/2012 1:30:48 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service BBUpdate with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
9/18/2012 8:46:21 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000056' while processing the file 'advapi32.dll.new' on the volume 'HarddiskVolume2'. It has stopped monitoring the volume.
9/18/2012 7:15:30 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
9/18/2012 7:15:20 PM, error: Service Control Manager [7023] - The Amdk7 service terminated with the following error: The specified module could not be found.
9/18/2012 4:35:58 PM, error: Application Popup [877] - There was error [DATABASE OPEN FAILED] processing the driver database.
9/18/2012 4:29:12 PM, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.135.1409.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8704.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
9/18/2012 4:16:40 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/18/2012 4:10:34 PM, error: Service Control Manager [7031] - The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.
9/18/2012 4:03:01 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
9/18/2012 4:02:43 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD AmdK8 Fips ftsata2 IPSec MpFilter MRxSmb NetBIOS RasAcd Rdbss Tcpip WS2IFSL
9/18/2012 4:02:43 PM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
9/18/2012 4:02:43 PM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/18/2012 4:02:43 PM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/18/2012 4:02:43 PM, error: Service Control Manager [7001] - The Bonjour Service service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/18/2012 4:02:43 PM, error: Service Control Manager [7001] - The Apple Mobile Device service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
9/17/2012 4:51:44 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
9/17/2012 12:13:03 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the NVSvc service.
9/16/2012 11:37:18 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
9/16/2012 11:37:18 AM, error: Service Control Manager [7000] - The Application Layer Gateway Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================


----------



## pcme (Jul 10, 2012)

I will leave the programs on my computer till you responed...


----------



## Mark1956 (May 7, 2011)

You don't appear to have followed any of the instructions in post 60 to remove all the old versions of Java, the old versions of Adobe and to install the newest versions 

As you have a lot of old versions of Java you may find it easier to use JavaRa to remove them all, but you will need to follow my instructions in post 60 to remove and update the Adobe software.

After you have run JavaRa please check carefully in Programs and Features that all of them have gone, older versions on the system are an open window to infections. All the versions that start with Java(TM) and J2SE need to go.


Click on this link JavaRa on the web page click on the download button for Version 2.0 and save it to your desktop.
Extract the zip file, double click on the *JavaRa* folder that will appear on the desktop then double click on the JavaRa application.








You should see this box below open up.
Click on *Remove JRE* and allow it to complete.










Once complete hit the update button or follow the instructions in post 60 to download and install the latest version.

_____________________________________________________________

Follow this to remove a couple of orphan entries:

Run HijackThis, and press *"Scan."* When the scan is complete place a *check mark* next to the following entries (if they are still present): (Please be careful and do not check any other boxes)

*O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)*
*O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)*

*NOTE* For Windows 7 and Vista you must turn off the User Account Control to allow HJT to run correctly.
For Vista, click on *Start* and type* User Accounts* in the search box and hit *Enter*, click on *Turn User Account Control on or off*, uncheck the box to turn off *UAC*. For Windows 7 click on Start and type *UAC* in the box and hit *Enter*, then move the slider all the way to the bottom and click on *ok*. *This action is not required for Windows XP.*

After checking these items *CLOSE ALL open windows* except HijackThis and click *"Fix Checked"* to remove the entries you checked. A box will pop up asking you if you wish to fix the selected items. Please choose *YES.* Once it has fixed them, close HijackThis.


----------



## Mark1956 (May 7, 2011)

Are you still with us, the clean up is not yet complete.


----------



## pcme (Jul 10, 2012)

Yes sorry, I ran the javara and hijack this without any problems. The went back to post 60 and uninstalled the old java versions I had on my computer. Has installed new ones yet and I also uninstalled combofix and ran old timer. Only thing left on my computer is security check and yorkyt.


----------



## Mark1956 (May 7, 2011)

Ok, we are all done. You can simply right click on those two progs on your desktop and select delete and they will be gone.

I shall now leave you with some security advice, but please feel free to post back if you have any remaining issues or concerns.

There are many places where you will find security advice, but most are biased towards a particular item of software that they are trying to promote. I have given some unbiased advice below that should help keep you better protected. Unfortunately there is no "best protection", new Malware is being produced every minute of the day so it is a cat & mouse game for all security software vendors to keep up with the latest infections.

It has always been the case that what one Anti Virus program will detect another one will miss and vice versa. That being said, never be tempted to install more than one Anti Virus program thinking that will give you better protection as in fact the reverse is true. Two or more AV programs will (in most cases) conflict with each other, slow your system down and actually reduce your security level. Don't assume that your present Anti Virus is no good on the grounds that you got infected, if I have seen you are using a poor Anti Virus I will have advised you earlier in the thread. There are a lot of nasty infections out there waiting to jump onto a PC and with some of the newest infections there is very little that will block them. Fortunately there are those who dedicate their spare time, for little reward, in making the tools we use here to remove these infections. It is those people that we have to thank as without them a reinstall would often be the only way out.

*Some additional security measures.*
If your present security software does not include a third party Firewall or AntiSpyware.
Go Here for a selection of third party Firewalls.
Go Here or Here for Anti Spyware.

Malwarebytes free version (which you may have used during this thread) is worth having for regular scans of your system, always check for updates before using it. If you can afford the Malwarebytes Pro version it will provide even better protection with a full time active scanner. Never have more than one active anti virus, anti spyware or firewall running on your system as it can cause conflicts and slow down the PC. You can safely run the Pro version of *Malwarebytes* with any Anti Virus software.

WOT (Web OF Trust) Will warn you (in most cases) about dangerous web sites.

Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Attacks exploiting vulnerable programs and plug-ins are rarely blocked by traditional anti-virus and are therefore increasingly "popular"among criminals.

WinPatrol is a useful facility to have. *WinPatrol* takes snapshots of your critical system resources and alerts you to any changes that may occur without your knowledge. It can also be used to control all your *start up* programs.

Finally, make sure that Windows Update is turned on as many updates are to fix newly discovered security holes in the Windows Operating System. You should also make sure that any Java or Adobe products are kept up to date and any old versions are uninstalled. Never use Registry Cleaners as they can and do damage the systems registry and stay well clear of P2P file sharing sites as these are one of the best places to get your PC infected.


----------



## pcme (Jul 10, 2012)

Thank you I will install these programs on my computer, one last thing is there a all in one anti virus program you recommend like Norton 360 I believe does everything from monitoring your browser to your computer?


----------



## Mark1956 (May 7, 2011)

Simple answer is no. My own view is that the all in one packages tend to be quite demanding on system resources. Microsoft Security Essentials does a good job and is low on system resources, couple that with the full version of Malwarebytes, SuperAntiSpyware and a third party firewall and that will be about as good as it gets.


----------

