# Solved: IE 8 & Firefox wont even open or load? But Connection is FINE



## olabola (May 20, 2012)

I have used TSG before and am asking for help again. I would post information regarding my computer but I have notbeen able to open any internet connections on my desktop in several days. For some reason there are several non responsive programs on the desktop that will not open. I am writing this from my Asus netbook, which is connected to the same network so I do not believe its the network itself, but who knows. I tried to run HiJackThis, but it would not load, IE and Mozilla Firefox will not open or load...I double click, you see the hour glass, and then, nothing happens. When I try to use contorl-alt-delete to see if the program is nonresponsive my task manager will not open and then my start menu will also not open. Interestingly, my Mozilla Thunderbird email opens with no problems and downloads messages from the server. There are two things that are different about my computer in the last several months. One is that I got rid of my printer and got a new one, and I do not think that would affect the connectivity? The other is that I tried installing google chrome and was super disappointed to find toolbars installed without my knowledge or permission. I didnt care much for the software and did some research, mostly onthis site and found many complaints about the toolbars being downloaded with instalation of chrome and lots of difficulty getting rid of the toolbars despite uninstalling chrome. I found a solution that called for uninstalling and reinstalling chrome and than making sure you checked a specific box that disabled the toolbar, then using the add/delete in the control panel to remove chrome. I used the solution and it seemed to work. However, I wonder if that is why my computer has been acting up? I know this is lots of information, but I know that more information will only help right?
Other symptoms that I noticed prior to installation of chrome were lots of extra messages from IE about security warnings and web sites being blocked because of security certificates, or because they may not be from a secure website.
Im running Windows XP, SP 3 and I have both a wired and wireless connection. Please help!

New Error Message:
Windows cannot find '(null)'. Make sure you typed the name correctly, and then try again. To search for a file, click the Start button, and then click search. 

I received this error when I tried to reach a website directly from my favorites in the menu under my computer.


----------



## vicks (Jan 31, 2005)

Have you tried doing a system restore, or starting in safe mode?
To start in safe mode, as computer is starting to boot, continousily tap the F8 key, when the safe mode window opens (black screen with white lettering) use your arrow keys to move the highlight to 'Last Known Good Configuration) click enter. See if that helps open it.
Vicks


----------



## olabola (May 20, 2012)

vicks said:


> Have you tried doing a system restore, or starting in safe mode?
> To start in safe mode, as computer is starting to boot, continousily tap the F8 key, when the safe mode window opens (black screen with white lettering) use your arrow keys to move the highlight to 'Last Known Good Configuration) click enter. See if that helps open it.
> Vicks


I have not tried a system restore or to boot in safe mode, but what do I do once it is in safe mode? A system restore frightens me, is that really necessary?


----------



## olabola (May 20, 2012)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:27:21 AM, on 12/4/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus NX430"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.aol.com and https
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/download/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} - http://aol.skilljam.com/ssp/SkillJamLoader.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1118701430265
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1345548205328
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} - https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} (CPlayFirstzenerchiControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - http://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://24.97.152.19/activex/AMC.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Norton Disk Doctor Service (DiskDoctorService) - Symantec Corporation - C:\Program Files\Norton Utilities 15\Tools\Disk Doctor\DiskDoctorSrv.exe
O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
O23 - Service: GenericMount Helper Service - Unknown owner - C:\Program Files\Norton Ghost\Shared\Drivers\GenericMountHelper.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Norton SpeedDisk Service (SpeedDiskService) - Symantec Corporation - C:\Program Files\Norton Utilities 15\Tools\SpeedDisk\SpeedDiskSrv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: SymSnapService - Unknown owner - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe (file missing)
O23 - Service: TomTomHOMEService - Unknown owner - C:\Documents and Settings\Alexandra Jachimczyk\Desktop\TomTom HOME 2\TomTomHOMEService.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 12734 bytes


----------



## vicks (Jan 31, 2005)

Now that you have posted a HJ log, you will need to wait for one of the security specialist to respond. Only those with a gold or blue shield next to their name are supposed to do so. They have had special training to work with those logs.
Vicks


----------



## Phantom010 (Mar 9, 2009)

olabola said:


> Other symptoms that I noticed prior to installation of chrome were lots of extra messages from IE about security warnings and web sites being blocked because of security certificates, or because they may not be from a secure website.


This often happens if your computer doesn't have the proper *date and time*. It can also cause issues with some programs and applications on your computer. Make sure they are correct.

I can see a few missing files from Norton Ghost in your HijackThis log. They're not from your antivirus but can you tell me if you are still using the Norton antivirus or have you recently tried uninstalling it?


----------



## olabola (May 20, 2012)

vicks said:


> Now that you have posted a HJ log, you will need to wait for one of the security specialist to respond. Only those with a gold or blue shield next to their name are supposed to do so. They have had special training to work with those logs.
> Vicks


ok, thanks...BTW, I remembered some other symptoms:
one of my flash drives that I use all the time in between work and home (between two computers) all of a sudden stopped working. It was connected and showed up as being connected but the computer listed it as malfunctioning and told me to try again. When I would go to properties it would show the flash drive as both empty and full and all of my documents were gone. When I noticed that I ran malware and spyware and came up with a bunch of "infections" which were removed, but it did not solve the problem. This was about a week ago.


----------



## olabola (May 20, 2012)

I also recall, around the time of the Google Chrome download that I attempted to utilize the disk cleanup to remove all traces of that stupid toolbar and ignorantly clicked on all th boxes to remove all of the files that were possible to delet. Just before doing that, I searched the forums and others to see what, if any negative reprucussions there would be and I could not find any. I would always find statements like, "Microsoft wouldnt give the option to delete those files if it wasnt safe to do so." Well....As the computer was deleteing the files, I received an error/warrning message (maybe during the setup log files) saying that deleting the files would cause lots of problems. I tried to cancel the disk cleanup, but had to use Control-Alt-Delete to end it, instead. That may have also contributed to my computer problems?


----------



## Phantom010 (Mar 9, 2009)

Have you read post #6?

Reading through what you did, you may very well have a number of causes for your problems. You may be missing a lot of important system files. You best bet might be to reinstall Windows.


----------



## olabola (May 20, 2012)

Phantom010 said:


> This often happens if your computer doesn't have the proper *date and time*. It can also cause issues with some programs and applications on your computer. Make sure they are correct.
> 
> I can see a few missing files from Norton Ghost in your HijackThis log. They're not from your antivirus but can you tell me if you are still using the Norton antivirus or have you recently tried uninstalling it?


My date and time settings were correct...Until this morning...weird right? I noticed that they were an hour off, but when I rebooted in safe mode the time automatically reverted. Yes, I have Norton Internet Security, and Norton Utilities 15, and Norton RnR, which I downloaded a while back with another issue I was having when it was blocking images in my thunderbird account. I have not changed any settings in Norton. I try not to mess with it because honestly I am waiting for it to expire and get rid of it because it has caused me nothing but trouble.


----------



## olabola (May 20, 2012)

Phantom010 said:


> Have you read post #6?
> 
> Reading through what you did, you may very well have a number of causes for your problems. You may be missing a lot of important system files. You best bet might be to reinstall Windows.


Yes, I read post 6, and again, reinstalling windows scares me more than doing a system restore, isnt there a less invasive way to fix all of this?


----------



## Phantom010 (Mar 9, 2009)

Your malware removal process and Disk Cleanup may have deleted some important files. It's almost impossible to know which ones. And frankly, I do not believe a system restore will do any good, providing you can even run it! It might even create a bigger mess.


----------



## olabola (May 20, 2012)

Phantom010 said:


> Your malware removal process and Disk Cleanup may have deleted some important files. It's almost impossible to know which ones. And frankly, I do not believe a system restore will do any good, providing you can even run it! It might even create a bigger mess.


What information will I loose? My documents? My files? I guess that is what concerns me...Ive had this computer for years, and to wipe out everything would be devastating. Doesnt the fact that my Mozilla Thunderbird connects to the network mean something? Sorry to be so difficult, but like I said, I would prefer a less extreme solution if possible.


----------



## Phantom010 (Mar 9, 2009)

If you wish to keep your important documents, you need to save them first to any type of removable media, like a CD, a DVD, a USB flash drive, or an external hard drive.


----------



## throoper (Jan 20, 2007)

Give this a try.
Boot into Safe Mode again and select "Safe Mode with Networking". See if either browser can connect to the Internet.


----------



## Phantom010 (Mar 9, 2009)

Hi throoper! 

I've not even suggested it because the programs themselves (IE, Firefox) won't even open.


----------



## olabola (May 20, 2012)

throoper said:


> Give this a try.
> Boot into Safe Mode again and select "Safe Mode with Networking". See if either browser can connect to the Internet.


While in safe mode with networking, I was able to access my thunderbird email, as well as connect to the internet using IE as well as Mozilla Firefox!!! That must be good right?


----------



## Phantom010 (Mar 9, 2009)

Well, that means you didn't use the right words to describe your Internet problem. Seems you weren't having trouble opening your browsers after all.

Since you're planning on not renewing your Norton subscription after it expires soon, you should probably remove it right away. Norton may be responsible for your Internet issue.

To remove Norton, use the *Norton Removal Tool*.

You can replace Norton with the free *Microsoft Security Essentials*.


----------



## olabola (May 20, 2012)

Im replying from the messed up computer...but prior to booting in safe mode with networking I was not able to open either browsers. Interestingly enough, I was able to open IE once, but since then I have not been able to do it again. I am using Mozilla Firefox to write this.

OK, after removing Norton, what do I do? Wont my computer be susceptible to infection?


----------



## olabola (May 20, 2012)

I tried to download the removal tool, but the computer froze up when I hit save. When I tried to restart Firefox, it took several minutes and now it is "checking addons for compatibility with this version of firefox"

When I tried to download it from my netbook I received a message saying the download failed, extraction corrupt.


----------



## throoper (Jan 20, 2007)

olabola said:


> OK, after removing Norton, what do I do? Wont my computer be susceptible to infection?


I see Phantom beat me to it in suspecting Norton. 
Before uninstalling Norton, download another AV program such as MSE or Avira (but don't install it until after Norton has been removed).

I would try Firefox again. It sounds like it may have updated to a newer version and crashed while it was downloading the removal tool. If needed, do it in Safe Mode with Networking.

Once Norton has been removed and a new AV installed, check that your firewall is also active via Control Panel>Windows Firewall.


----------



## olabola (May 20, 2012)

Can I remove it using add/remove programs, since the removal tool would not download?


----------



## olabola (May 20, 2012)

OK, my computer froze up again so I rebooted in safe mode with networking and was able to retry downloading the norton removal tool. I was also able to download Microsoft Security Essentials, but did not install it (it actually said it was not possible to install in safe mode). Norton Removal Tool told me to uninstall utilites using add/remove first. That was easily done, and the removal tool proceeded to remove all Norton products. It has been removing for about 20 minutes but i received a warning that it could take a while for the removal to finish.


----------



## throoper (Jan 20, 2007)

You may need to reboot and rerun the tool. 20 min seems excessive.


----------



## olabola (May 20, 2012)

throoper said:


> You may need to reboot and rerun the tool. 20 min seems excessive.


Really? The status has been moving along and the descriptions of what it is removing has been changing. It appears to have one bar left and it says its setting registry values. But, if you think I should then I will. However, the removal tool warned against stopping the removal once it has started.


----------



## olabola (May 20, 2012)

OK, I see your point, it is still running. What would be the best way to stop it, and retry? There is no cancel button or X, they are both greyed out.


----------



## throoper (Jan 20, 2007)

If it's still doing something, then let it run. Apparently it's just doing it really slow.
If it stalls and quits progressing, then you can stop it with Task Manager (but *only* if it's stopped doing anything and froze).


----------



## olabola (May 20, 2012)

Well, I went to bed thinking that the removal tool would stop on its own. It didtnt so I was able to stop it with the task manager (so far nothing blew up). I figured it would be a good time to run HJT but when I attempted to do that I received the following message:

This application has failed to start because MSVBVM60.DLL was not found. Re-installing the application may fix this problem. After that the computer froze up on me and I couldnt shut it down so I had to use the power button to restart. When I tried to rerun the removal tool it wouldnt start because it said that Norton Utilities was still installed and had to be removed first. I checked and it was listed in the add/remove so I clicked uninstall, but I received a message that it was uninstalled but the program was listed and could be removed from the list. The utilities icon is all that remains after doing a windows search. I delete the icon and still received the message to remove norton utilities when i ran the removal tool. It also appears that Norton Internet Security was partially removed because the icon has changed and in the add/remove list I get the same message about the program already being uninstalled and there simply being a listing of the program in the add/remove box.

I have also lost the ability to get onto the internet via IE or Firefox. Both browsers are opening but unable to connect. A network diagnostic done in IE resulted in a Runtime Error! 

Microsoft Visual C++ Runtime Library
Program C:\WINDOWS\Network\xpnetdiag.exe
This application has requested the Runtime to terminate it in an unusual way. Please contact the applicatin's support team for more information.


----------



## throoper (Jan 20, 2007)

olabola said:


> I have also lost the ability to get onto the internet via IE or Firefox. Both browsers are opening but unable to connect.


In both normal mode and Safe Mode w/ Networking?


----------



## Phantom010 (Mar 9, 2009)

The Norton removal process did not go as expected. You may indeed still have leftovers interfering with your Internet connection.

Try running the Norton Removal Tool again, this time, after booting in Safe Mode.

The Windows Installer service doesn't normally work in Safe Mode. In order to proceed, you will need to load a little utility called *SafeMSI* to start the service while in Safe Mode.

After getting SafeMSI to your desktop, reboot your computer in Safe Mode. Run SafeMSI in Safe Mode. Then, run the Norton Removal Tool, hoping it will pick up the pieces it left behind.


----------



## olabola (May 20, 2012)

throoper said:


> In both normal mode and Safe Mode w/ Networking?


After working in safe mode with networking I never thought to go back and try regular safe mode.


----------



## olabola (May 20, 2012)

Phantom010 said:


> The Norton removal process did not go as expected. You may indeed still have leftovers interfering with your Internet connection.
> 
> Try running the Norton Removal Tool again, this time, after booting in Safe Mode.
> 
> ...


Im having trouble with the Safe MSI utility. I was able to copy the zip file to a flash drive (interestingly the desktop only recognized my old flashdrive and not the newer one that had "lost" files). I then tried to run the application on the desktop and received the following message:

SafeMSI.exe Unable to Locate Component
This application failed to start because MSVBVM60.DLL was not found. Re-installing the application may fix this problem.

Also, attempting to run the removal tool in safe mode also did not work.


----------



## olabola (May 20, 2012)

I rebooted in regular mode, not safe or anything like that and was surprosed to find that both browsers opened. Neither one connected but both at least opened up at said that they could not connect. I was again not able to run the removal tool and when I tried to open the Safe MSI utility was again not able to run it because I received the same error message. (the same error when I try to run HJT)


----------



## throoper (Jan 20, 2007)

I'm guessing one of the things that Norton "fixed" for you was that dll file.
See if the file itself is still there. 
In Windows Explorer, navigate to C:\WINDOWS\system32, scroll down and see if the msvbvm60.dll is there. You will also likely have a msvbvm50.dll, but we're looking for the 60.
If it's present, try re-registering it by clicking Start>Run>type *regsvr32 msvbvm60.dll* (note the space between the 32 and msv)>OK.


----------



## Edgey (Dec 6, 2012)

olabola said:


> there are several non responsive programs on the desktop that will not open.
> 
> When I try to use contorl-alt-delete to see if the program is nonresponsive my task manager will not open and then my start menu will also not open.
> 
> ...


Sounds like a nasty buggar of a virus.


----------



## olabola (May 20, 2012)

Edgey said:


> Sounds like a nasty buggar of a virus.


Virus ?


----------



## olabola (May 20, 2012)

throoper said:


> I'm guessing one of the things that Norton "fixed" for you was that dll file.
> See if the file itself is still there.
> In Windows Explorer, navigate to C:\WINDOWS\system32, scroll down and see if the msvbvm60.dll is there. You will also likely have a msvbvm50.dll, but we're looking for the 60.
> If it's present, try re-registering it by clicking Start>Run>type *regsvr32 msvbvm60.dll* (note the space between the 32 and msv)>OK.


 msvbvm50.dll is there, but msvbvm60.dll is not contained within that folder


----------



## throoper (Jan 20, 2007)

See if it can be replaced from your XP disc. 
This should also load a fresh copy of other protected system files that may be damaged or missing.
Start>Run>type *sfc /scannow* (space between the sfc and /)>OK.
Insert your disc if asked (you almost certainly will be).


----------



## olabola (May 20, 2012)

I saved every disk that came with this computer and XP was not one of them.


----------



## olabola (May 20, 2012)

throoper said:


> See if it can be replaced from your XP disc.
> This should also load a fresh copy of other protected system files that may be damaged or missing.
> Start>Run>type *sfc /scannow* (space between the sfc and /)>OK.
> Insert your disc if asked (you almost certainly will be).


I typed in the command and a box popped up momentarily and dissapeared. And then nothing else happened. (BTW I am in safe mode is that ok?)

I located a different disk from my netbook that says its XP support, in case that might help?


----------



## Macboatmaster (Jan 15, 2010)

in the run
type
cmd
then at the prompt in the cmd window
type
sfc /scannow


----------



## olabola (May 20, 2012)

Macboatmaster said:


> in the run
> type
> cmd
> then at the prompt in the cmd window
> ...


OK, The result of that direction was this:

Windows File Protection could not initiate a scan of protected system files.
The specific error code is 0x000006ba [The RPC server is unavailable.]


----------



## Cookiegal (Aug 27, 2003)

Edgey,

I've edited your post as you're not authorized for malware removal. Please refer to this section of the site rules:


> *Log Analysis/Malware Removal* - In order to ensure that advice given to users is consistent and of the highest quality, those who wish to assist with security related matters must first graduate from one of the malware boot camp training universities or be approved by the administration as already being qualified. Those authorized to help with malware issues have a gold shield (Username) is authorized to help remove malware. next to their name and authorized malware removal trainees have a blue shield (Username) is training to help remove malware. next to their names. If you'd like to participate in a training program, please contact a Moderator or see this article.


----------



## throoper (Jan 20, 2007)

olabola said:


> OK, The result of that direction was this:
> 
> Windows File Protection could not initiate a scan of protected system files.
> The specific error code is 0x000006ba [The RPC server is unavailable.]


Start>Run>type services.msc>OK.
Scroll down to "Remote Procedure Call (RPC)" and see if it is started.


----------



## olabola (May 20, 2012)

throoper said:


> Start>Run>type services.msc>OK.
> Scroll down to "Remote Procedure Call (RPC)" and see if it is started.


Status says Started, Startup Type says Automatic, Logon As says Network Service


----------



## Macboatmaster (Jan 15, 2010)

Whilst my colleague* throoper* is offline

and I am also signing off now
go back to the RPC service click the dependencies tab
you will see that it depends on DCOM and RPC Endpoint Mapper
STOP the Remote Procedure Call
you should have confirmation that it is stopped
Go to
DCOM
if it is not set automatic
STOP it if running and then set automatic and then START it
Do the same with End Point Mapper

No go back to RPC and start it.
If other services are found to have errors, it is either not good news, or YOU, someone or a program - TWEAKS - make it go faster are notorious for it, has been changing services start type.

That system 32 dynamic link library file
*msvbvm60.dll*

is part of the file system for 
Microsoft Visual C++ Runtime Library

actually Visual 6.0
and that error is contained in your post 28

May be worthwhile trying downloading and installing this
http://support.microsoft.com/kb/192461

you will see the dll file listed.

That said I do not think that this will prove to be your only problem


----------



## olabola (May 20, 2012)

Macboatmaster said:


> Whilst my colleague* throoper* is offline
> 
> and I am also signing off now
> go back to the RPC service click the dependencies tab
> ...


I am not sure I understand your directions what is the dependencies tab? I am in the Services window and found the DCOM Server Process Launcher which shows that it is started and automatic. However, I do not see anything listed as End Point Mapper.


----------



## Macboatmaster (Jan 15, 2010)

> go back to the RPC service click the dependencies tab


Have you done that and then you will see THE DEPENDENCIES

Sorry cannot stay in UK
Goodnight


----------



## olabola (May 20, 2012)

Macboatmaster said:


> Have you done that and then you will see THE DEPENDENCIES
> 
> Sorry cannot stay in UK
> Goodnight


I didnt realize I was supposed to double click on the RPC. Now I am seeing the tab and see two boxes the top box says that it depends on the folowing system components...but there are no dependencies listed.

The box on teh bottom lists the following system components depend on this service: and a long list of items are there, but none of the ones you mentioned.


----------



## olabola (May 20, 2012)

I downloaded the file from the microsoft support site, should I still install into the computer?


----------



## Macboatmaster (Jan 15, 2010)

SORRY about that



> . Now I am seeing the tab and see two boxes the top box says that it depends on the folowing system components...but there are no dependencies listed


*I owe you an apology*
IN XP - I am on 7 and was on Vista beofre there are no services that RPC depend on, as you said
In 7 it is the two I listed
Here is the list and once again I apologise
http://www.blackviper.com/windows-services/remote-procedure-call-rpc/

It was my error, and I should not have made it but I trust you will realise the ease of working 7 and foregtting exactly what it was on XP. I should have checked.

In reply to the query on 50 YES I think it worthwhile
That missing dll file is certainly associated with that. It may well but the file back in the system 32 folder

HOWEVER please do continue with my colleagues recommendations.

*throoper*
Sorry for the interjection
Hope you did not mind
Saw the post re SFC 
Have sent PM


----------



## throoper (Jan 20, 2007)

Stay out of Safe Mode unless we need to use it for a specific purpose. It's hard to tell if something isn't working because it's broken or you're in safe mode and don't have the drivers loaded.

So, in normal boot mode:
Click Start>Run>type *regedit*>OK.
On the left side, expand the keys (click the little plus signs) to navigate to the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon.

Select the Winlogon key to display it's values in the right pane.
Scroll down and find the item *SFCDisable*. 
At the far right under the Data column, the value should be all zeros: 0x00000000 (0).
If it's not, right click SFCDisable and select Modify.
Type *0* (that's a zero, not an o) and then close Registry Editor and reboot.
Important: Please post if the value was not all zeros and you needed to do that.
Also, please use caution while in the Registry Editor. If you're not sure of something, please ask.

If you Modified it, try running SFC /scannow again (Start>Run>type sfc /scannow>OK).
You should have a recovery disc for the computer that has the I386 folder on it and that will be the one to use when you are asked to insert your disc.

If you are successful in running sfc /scannow, but it does NOT replace the msvbvm60.dll in the System32 folder, install the Visual Basic that you downloaded.


----------



## olabola (May 20, 2012)

throoper said:


> Stay out of Safe Mode unless we need to use it for a specific purpose. It's hard to tell if something isn't working because it's broken or you're in safe mode and don't have the drivers loaded.
> 
> So, in normal boot mode:
> Click Start>Run>type *regedit*>OK.
> ...


The SFC Disable is all Zeros like you said it should be so I didnt change a thing. But I tried the SFC Scan Now command anyway but in Normal mode like you suggested. As you said it would, It requested my Windows XP Professional Service Pack 3 CD, which I do not have. As I recall, the computer was not preinstalled with SP3 and I believe I installed it with a windows update. I checked my files and I still have the printed invoice from the purchase of the computer in 2005 that states that the operating system is Windows XP, Media Center 2005 Edition and does not mention any Service Packs. The only disks I have are:
Dell LCD Monitor Driver
Dell Drivers and Utilities for reinstalling V.9x capable 56K Telephony Data/Fax/Modem Software for Microsoft Windows
Dell Picture Studio
Word Perfect
Sonic Installer
Sound Blaster Instalation disk


----------



## throoper (Jan 20, 2007)

OK, that's good news, sort of. Go ahead and install the Visual Basic "Macboatmaster" had you download.


----------



## olabola (May 20, 2012)

throoper said:


> I'm guessing one of the things that Norton "fixed" for you was that dll file.
> See if the file itself is still there.
> In Windows Explorer, navigate to C:\WINDOWS\system32, scroll down and see if the msvbvm60.dll is there. You will also likely have a msvbvm50.dll, but we're looking for the 60.
> If it's present, try re-registering it by clicking Start>Run>type *regsvr32 msvbvm60.dll* (note the space between the 32 and msv)>OK.


OK, I ran the utility VBRun60 and when it was done, I checked in explorer and msvbvm60.dll is now in the list under System32. However it is black font, while MSVBVM50.dll is blue font. Not sure if that matters, but I thought I would mention it. I figured I would see if I could run HJT and was successful and posted the results here.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:14:28 AM, on 12/8/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (file missing)
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (file missing)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus NX430"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.aol.com and https
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/download/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} - http://aol.skilljam.com/ssp/SkillJamLoader.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1118701430265
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1345548205328
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} - https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} (CPlayFirstzenerchiControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - http://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://24.97.152.19/activex/AMC.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: TomTomHOMEService - Unknown owner - C:\Documents and Settings\Alexandra Jachimczyk\Desktop\TomTom HOME 2\TomTomHOMEService.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 13370 bytes


----------



## throoper (Jan 20, 2007)

The file color doesn't matter. Blue just means it was compressed at some point.
Hopefully things that need Visual Basic will now run.

Try running the Norton removal tool again to finish cleaning it up and then get an AV installed.

If the removal tool fails again, you may have to go through and manually delete the remnants of Norton.
I'll post a list of what to get rid of and where it's located if you need to do that.

If for some reason you can't install MSE (it may not let you if remnants of another AV are present), give Avira a try. http://www.avira.com/en/downloads


----------



## olabola (May 20, 2012)

Before leaving for work this AM, I tried to use the removal tool and again received the message that norton utilities had to first be removed. A search of windows using Revo uninstalled showed no remnants of any norton products the only things left are some icons that don't work. Nothing is listed in the add/remove so I'm not sure what to do. I have not tried to install MSE yet because I figured that I should wait until norton is gone.


----------



## Macboatmaster (Jan 15, 2010)

I have read through the topic again, but if it is there I must have missed it
Is it Norton - purchased from Norton
or is it Norton provided by your ISP or some other program


----------



## olabola (May 20, 2012)

I purchased Internet security , ghost, and utilities seperatly on disks.


----------



## throoper (Jan 20, 2007)

Let's make sure the program files are gone.
In Windows Explorer, navigate to the following places and delete any Norton or Symantec folders you find.
C:\Documents and Settings\All Users\Application Data
C:\Documents and Settings\username\Application Data
C:\Documents and Settings\username\Local Settings
C:\Program Files

Go into your Registry (Start>Run>type regedit>OK) and expand the HKEY_CURRENT_USER/SOFTWARE key. Right click on any Symantec keys and click delete.
Expand HKEY_LOCAL_MACHINE/SOFTWARE and do the same.

Now go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Select the Run key in the left pane (Do not delete this key) to display the data in the right pane. Right click on any Norton or Symantec entries in the right pane and click Delete.

Reboot and try installing MSE.


----------



## Macboatmaster (Jan 15, 2010)

PLEASE continue as advised by my colleague
I am offline from now until 2330
I have known the Norton removal tool fail when it was not downloaded and saved to the DESKTOP
See the instructions here
https://www-secure.symantec.com/nor...roduct=home&pvid=f-home&version=1&lg=en&ct=us

YOU may well have saved yours to the desktop - I do not know, but if NOT you may find that is the problem

PLEASE ONLY run this that way if *throoper *so agrees.


----------



## throoper (Jan 20, 2007)

Macboatmaster said:


> YOU may well have saved yours to the desktop - I do not know, but if NOT you may find that is the problem
> 
> PLEASE ONLY run this that way if *throoper *so agrees.


It seems sensible to me. 
If it's not being run from the desktop, move the file there and then run it.
If it fails again, boot into Safe Mode and give it a try.
If that also fails, follow the manual removal instructions I posted. The removal tool is the best way to get rid of all traces of Norton, but the manual way should at least allow another AV to be installed and run.


----------



## olabola (May 20, 2012)

throoper said:


> Let's make sure the program files are gone.
> In Windows Explorer, navigate to the following places and delete any Norton or Symantec folders you find.
> C:\Documents and Settings\All Users\Application Data
> C:\Documents and Settings\username\Application Data
> ...


C:\Documents and Settings\All Users\Application Data
Here I found folders: Norton, Norton Installer, NortonInstaller, and Symantec....Interestingly I also had a McAfee folder which is odd since I havnt used that application in a very long time. McAfee was the preloaded antivirus software. Nonetheless I removed all the folders except for McAfee and Symantec. The Symantec folder said cannot delet quarantine: access denied.

C:\Documents and Settings\username\Application Data
Here I found Norton Utilities and again Symantec folders. Both were easily deleted.

C:\Documents and Settings\username\Local Settings
Here I found one folder that I deleted called Symantec Corporation.

C:\Program Files
Here I found Norton Ghost and Norton Internet Security, both of which I deleted.


----------



## olabola (May 20, 2012)

throoper said:


> Go into your Registry (Start>Run>type regedit>OK) and expand the HKEY_CURRENT_USER/SOFTWARE key. Right click on any Symantec keys and click delete.
> Expand HKEY_LOCAL_MACHINE/SOFTWARE and do the same.
> 
> Now go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Select the Run key in the left pane (Do not delete this key) to display the data in the right pane. Right click on any Norton or Symantec entries in the right pane and click Delete.
> ...


I found Symantec and Norton folders within both sets of the first keys. There were no entires under the "run" tab that displayed anything to the right that would denote symantec or norton. (note: there were several things associated with my old printer that I am guessing should not be there, but I know that is for another time and place).

I rebooted and installed MSE successfully except for the fact that it could not update itself. It cautioned against having more than one antispyware. I still have Malwarebytes and SuperAntiSpyware on my PC should I remove that?


----------



## Phantom010 (Mar 9, 2009)

MSE is mainly an antivirus (with anti-spyware capabilities), as opposed to MBAM and SAS who are essentially anti-spyware programs. You should keep them all, as long as you haven't installed the Pro versions of MBAM and SAS (real-time).


----------



## olabola (May 20, 2012)

throoper said:


> It seems sensible to me.
> If it's not being run from the desktop, move the file there and then run it.
> If it fails again, boot into Safe Mode and give it a try.
> If that also fails, follow the manual removal instructions I posted. The removal tool is the best way to get rid of all traces of Norton, but the manual way should at least allow another AV to be installed and run.


I may have done things backwards but I removed the Norton products individually then went back and used the Norton removal tool to remove the bits and pieces. It seemed to have worked and I turned on my firewall as instructed by windows.

However, I received a blue screen when it rebooted saying...a problem has been detected and windows has been shut down to prevent damage to your computer. If this is the first time you've seenthis stop error screen, restart your computer. If this screen appears again, follow these steps:

Check to be sure you have adequate disk space. If a driver is identified in the stop message , disable the drier or check with teh manufacturer for driver updates. Try changing video adapters.

Check with your hardware vendor for any BIOS updates. Disable BIOS memory options such as caching or shadowing. If you need to use Safe Mode to remove or disable components, restart your computer, press F8 to select advanced startup options, and then selct safe mode.

Technical information:
STOP: 0xooooooo8E (0xC0000005, 0xB9E48864, 0xBA522B6C, 0x00000000)
iaStor.sys - Address B9E48864 base at B9E36000, DateStamp 42b2df42


----------



## olabola (May 20, 2012)

The blue screen scares me so Im not comfortable with doing anything until I get the ok from one of you folks that actually knows what you are doing. I will be up for a short while longer, but will be home all day tomorrow...hoping for a miracle. Thanks for all your help thus far!


----------



## throoper (Jan 20, 2007)

Try booting normally again to see if the BSOD comes back.
If it does, try booting into Safe Mode.


----------



## olabola (May 20, 2012)

throoper said:


> Try booting normally again to see if the BSOD comes back.
> If it does, try booting into Safe Mode.


I tried to reboot by using the power button and pressing F8 then I used the up down arrows and chose safe mode and I still got the blue screen. But the message is a little different...

the technical information numbers at the bottom are different, do you need them?


----------



## throoper (Jan 20, 2007)

What's the message?


----------



## olabola (May 20, 2012)

throoper said:


> What's the message?


STOP: 0x0000007E (0xC0000005, 0xF7898160, 0xF78FE86C, 0xF78FE568)
kdcom.dll - Address F7898160 base at F7897000, DateStamp 4f8f0f42


----------



## throoper (Jan 20, 2007)

One last ditch thing to try.
Instead of booting into Safe Mode, select "Last known good configuration" and see if it will boot.

If that doesn't work, at this point, I don't see an alternative to reinstalling Windows. There's just been too much damage to critical files and I suspect you still have active malware. 
Since you don't have an install disc or recovery discs, best option, IMO, would be to take it to a computer shop and have your data recovered and the OS reinstalled.


----------



## olabola (May 20, 2012)

throoper said:


> One last ditch thing to try.
> Instead of booting into Safe Mode, select "Last known good configuration" and see if it will boot.
> 
> If that doesn't work, at this point, I don't see an alternative to reinstalling Windows. There's just been too much damage to critical files and I suspect you still have active malware.
> Since you don't have an install disc or recovery discs, best option, IMO, would be to take it to a computer shop and have your data recovered and the OS reinstalled.


UGH!!!!!!!!!!!!!!!!!!!!!

I dont understand what I did wrong? I removed all the norton pieces and ran HJT and everything seemed ok? I rebooted and chose the safe mode option because I didnt see the other option you mentioned and still got a blue screen.


----------



## olabola (May 20, 2012)

OOPS...I hadnt realized that I wasnt supposed to press F8, so I treid to restart without pressing F8 and saw the last know configuration option and it restarted in normal mode and it seems ok (ish).

Windows tried to open the browser but could not connect, and I received a baloon saying that my computer is at risk because no firewall is turned on and MSE is out of date.


----------



## Cookiegal (Aug 27, 2003)

Let's investigate if malware is still present.

Please run DDS again and post both logs.

Please download GMER from: http://gmer.net/index.php

Click on the "Download EXE" button and save the randomly named .exe file to your desktop.

*Note: You must uninstall any CD Emulation programs that you have before running GMER as they can cause conflicts and give false results.*

Double click the GMER .exe file on your desktop to run the tool and it will automatically do a quick scan.

If the tool warns of rootkit activity and asks if you want to run a full scan, click on No and make sure the following are *unchecked *on the right-hand side:

IAT/EAT
Any drive letter other than the primary system drive (which is generally C).

Click the *Scan *button and when the scan is finished, click *Save* and save the log in Notepad with the name ark.txt to your desktop.

*Note: It's important that all other windows be closed and that you don't touch the mouse or do anything with the computer during the scan as it may cause it to freeze. You should disable your screen saver as if it comes on it may cause the program to freeze.*

Open the ark.txt file and copy and paste the contents of the log here please.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Let's investigate if malware is still present.
> 
> Please run DDS again and post both logs.
> 
> ...


Since I cant get online with my PC is it ok for me to use my netbook to download the program onto a flash drive then trasfer to the PC? Also, what is DDS? I know it has something to do with HighjackThis but I am not exactly sure and Dont want to simply guess.

And, CD emulation programs? Is that a virtual drive? I do not believe I have that...just in case, how would I know?


----------



## Cookiegal (Aug 27, 2003)

Yes, you can transfer these programs by flash drive. They don't have to update so they don't need an Internet connection.

DDS is just a diagnostic tool and GMER is a rootkit detector.

Don't worry about emulation programs That would be something like Daemon Tools. I'm sure you don't have any.


----------



## olabola (May 20, 2012)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:55:09 PM, on 12/9/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"
O4 - HKLM\..\Run: [DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus NX430"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - Trusted Zone: http://*.aol.com and https
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://www.activation.rr.com/install/download/tgctlcm.cab
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} (SysProWmi Class) - http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} - http://aol.skilljam.com/ssp/SkillJamLoader.cab
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1118701430265
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} (CPlayFirstDoggieDashControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} (Symantec Download Manager) - https://webdl.symantec.com/activex/symdlmgr.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1345548205328
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} - https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} (CPlayFirstzenerchiControl Object) - http://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - http://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://24.97.152.19/activex/AMC.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.popcap.com/webgames/popcaploader_v10.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - 
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: TomTomHOMEService - Unknown owner - C:\Documents and Settings\Alexandra Jachimczyk\Desktop\TomTom HOME 2\TomTomHOMEService.exe (file missing)
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
--
End of file - 13337 bytes


----------



## olabola (May 20, 2012)

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_32
Run by Alexandra Jachimczyk at 15:05:38 on 2012-12-09
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_fatihba.exe /ept "epltarget\P0000000000000000" /M "Epson Stylus NX430"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [CTSysVol] "c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe" /r
mRun: [CTHelper] CTHELPER.EXE
mRun: [tgcmd] "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Dell Photo AIO Printer 942] "c:\program files\dell photo aio printer 942\dlbubmgr.exe"
mRun: [DellMCM] "c:\program files\dell photo aio printer 942\memcard.exe"
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://www.activation.rr.com/install/download/tgctlcm.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} - hxxp://aol.skilljam.com/ssp/SkillJamLoader.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118701430265
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345548205328
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {6F750200-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {94B82441-A413-4E43-8422-D49930E69764} - hxxps://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - hxxp://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://24.97.152.19/activex/AMC.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - 
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EC07AD45-4B6C-41AA-BD45-9ECA4D349186} : DHCPNameServer = 209.18.47.61 209.18.47.62
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\alexandra jachimczyk\application data\mozilla\firefox\profiles\3i92dirc.default\
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? IntuitUpdateServiceV4;Intuit Update Service v4
R? ManyCam;ManyCam Virtual Webcam
R? mcaudrv_simple;ManyCam Virtual Microphone
R? TomTomHOMEService;TomTomHOMEService
R? Viewpoint Manager Service;Viewpoint Manager Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? !SASCORE;SAS Core Service
S? EpsonCustomerParticipation;EpsonCustomerParticipation
S? McrdSvc;Media Center Extender Service
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2012-12-09 02:22:44 -------- d-----w- c:\windows\LastGood.Tmp
2012-12-09 02:22:30 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-07 21:24:35 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2012-12-07 21:24:23 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-12-07 21:24:13 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2012-12-07 21:24:13 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2012-12-07 21:24:12 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2012-12-07 21:24:11 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2012-12-07 21:24:11 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2012-12-07 21:24:10 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2012-11-30 04:16:08 -------- d-----w- c:\documents and settings\alexandra jachimczyk\local settings\application data\Mozilla
2012-11-30 04:15:05 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-11-23 15:25:44 -------- d-----w- c:\program files\common files\EPSON
2012-11-23 15:17:16 -------- d-----w- c:\program files\Epson America Inc
2012-11-23 15:16:34 95232 ----a-w- c:\windows\system32\E_FLBHBA.DLL
2012-11-23 15:16:34 81408 ----a-w- c:\windows\system32\E_FD4BHBA.DLL
2012-11-23 15:16:24 -------- d-----w- c:\documents and settings\all users\application data\EPSON
2012-11-23 15:16:05 -------- d-----w- c:\program files\Epson Software
2012-11-23 15:15:36 342016 ----a-w- c:\windows\system32\eswiaud.dll
2012-11-23 15:15:36 132560 ----a-w- c:\windows\system32\esdevapp.exe
2012-11-23 15:15:36 12800 ----a-w- c:\windows\system32\escdev.dll
2012-11-23 15:15:32 -------- d-----w- c:\program files\epson
2012-11-23 14:46:39 -------- d-----w- c:\program files\Dell Photo AIO Printer 942
2012-11-22 03:02:14 -------- d-----w- c:\program files\Google Books Downloader
2012-11-19 09:58:53 -------- d-----w- c:\windows\system32\searchplugins
2012-11-19 09:58:53 -------- d-----w- c:\windows\system32\Extensions
2012-11-19 09:58:50 -------- d-----w- c:\program files\VS Revo Group
2012-11-19 09:58:10 -------- d-----w- c:\documents and settings\all users\application data\Babylon
2012-11-19 09:58:10 -------- d-----w- c:\documents and settings\alexandra jachimczyk\application data\Babylon
2012-11-14 02:34:52 -------- d-----w- c:\documents and settings\alexandra jachimczyk\local settings\application data\Adobe_Systems_Incorporate
.
==================== Find3M ====================
.
2012-11-08 21:13:11 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-11-08 21:13:11 697272 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-22 08:37:31 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04:21 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-30 00:54:26 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2006-01-09 01:09:34 774144 -c--a-w- c:\program files\RngInterstitial.dll
2005-10-19 05:17:35 353298 -c--a-w- c:\program files\LimeWireWin.exe
2005-10-17 02:31:15 4077184 -c--a-w- c:\program files\winzip90.exe
.
============= FINISH: 15:07:11.62 ===============


----------



## olabola (May 20, 2012)

.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Connect Add-in
Adobe Digital Editions 2.0
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.4)
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AOL Toolbar
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
AXIS Media Control Embedded
Bonjour
Broadcom Advanced Control Suite 2
CardRd81
CCScore
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Creative MediaSource
Dell Digital Jukebox Driver
Dell Driver Download Manager
Dell Driver Reset Tool
Dell Support 5.0.0 (630)
Dell System Restore
Digital Line Detect
Download Navigator
Download Updater (AOL LLC)
Epson Connect
Epson Customer Participation
Epson Event Manager
EPSON NX430 Series Printer Uninstall
EPSON Scan
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
G21942EN
GearDrvs
GenoPro 2.5.4.1
Google Books Downloader version 2.2
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB959765)
Intel Matrix Storage Manager
Internet Explorer Default Page
iTunes
Java Auto Updater
Java(TM) 6 Update 32
Junk Mail filter update
kgcbase
KODAK EASYSHARE Gallery Upload ActiveX Control
Kodak EasyShare software
Learn2 Player (Uninstall Only)
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.65.1.1000
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office 2000 SR-1 Professional
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works 6-9 Converter
MobileMe Control Panel
Modem Helper
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 16.0.2 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Way Search Assistant
netbrdg
NetWaiting
NVIDIA Drivers
OfotoXMI
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Otto
Photo Story 3 for Windows
PowerDVD 5.9
PrintMaster Gold 4.00
Qualxserve Service Agreement
QuickBooks Simple Start Special Edition
QuickTime
RealArcade
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Revo Uninstaller 1.94
Road Runner Medic 5.4
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2761226)
Segoe UI
SFR
SHASTA
skin0001
SKINXSDK
Sonic Audio module
Sonic Copy Module
Sonic DLA
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Data
Sonic Update Manager
Sound Blaster Audigy 2 ZS
staticcr
SUPERAntiSpyware
TomTom HOME 2.8.2.2264
tooltips
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wnyiper
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnyiper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wnyiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnyiper
TurboTax 2011 wrapper
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005
TWC Customer Controls
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB971029)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual Studio C++ 10.0 Runtime
VLC media player 1.1.8
VPRINTOL
WebEx Support Manager for Internet Explorer
WebFldrs XP
WexTech AnswerWorks
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Service Pack 3
WinRAR 4.00 (32-bit)
WIRELESS
.
==== End Of File ===========================


----------



## olabola (May 20, 2012)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-12-09 15:37:07
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\iaStor0 ST316002 rev.8.12
Running: GMER Rootkit Detector.exe; Driver: C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\fgryapod.sys

---- Kernel code sections - GMER 1.0.15 ----
? C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !
---- User code sections - GMER 1.0.15 ----
.text C:\WINDOWS\System32\svchost.exe[820] ntdll.dll!NtWriteFile 7C90DF7E 5 Bytes JMP 001A3AA9 
.text C:\WINDOWS\System32\svchost.exe[820] ntdll.dll!RtlRaiseException 7C90E528 5 Bytes JMP 001A3CC9 
.text C:\WINDOWS\System32\svchost.exe[820] kernel32.dll!SetUnhandledExceptionFilter 7C84495D 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}
.text C:\WINDOWS\System32\svchost.exe[820] USER32.dll!GetCursorPos 7E42974E 5 Bytes JMP 001A45B6 
.text C:\WINDOWS\System32\svchost.exe[820] USER32.dll!WindowFromPoint 7E429766 5 Bytes JMP 001A4617 
.text C:\WINDOWS\System32\svchost.exe[820] USER32.dll!GetForegroundWindow 7E429823 5 Bytes JMP 001A4687 
.text C:\WINDOWS\System32\svchost.exe[820] USER32.dll!IsWindowVisible 7E429E3D 5 Bytes JMP 001A46BA 
.text C:\WINDOWS\System32\svchost.exe[820] USER32.dll!MessageBoxIndirectW 7E4664D5 6 Bytes [33, C0, 40, C2, 04, 00] {XOR EAX, EAX; INC EAX; RET 0x4}
.text C:\WINDOWS\System32\svchost.exe[820] ole32.dll!CoCreateInstance 774FF1BC 5 Bytes JMP 001A4820 
.text C:\WINDOWS\System32\svchost.exe[820] ole32.dll!CoGetClassObject 77515205 5 Bytes JMP 001A47F6 
.text C:\WINDOWS\System32\svchost.exe[820] WS2_32.dll!GetAddrInfoW 71AB2899 5 Bytes JMP 001A4518 
.text C:\WINDOWS\system32\SearchIndexer.exe[1560] kernel32.dll!WriteFile 7C810E27 7 Bytes JMP 00585C0C C:\WINDOWS\system32\MSSRCH.DLL (mssrch.dll/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
Device \FileSystem\Cdfs \Cdfs tfsnifs.sys (Drive Letter Access Component/Sonic Solutions)
---- Disk sectors - GMER 1.0.15 ----
Disk \Device\Harddisk0\DR0 sector 00: rootkit-like behavior
---- EOF - GMER 1.0.15 ----


----------



## Cookiegal (Aug 27, 2003)

This can also be transferred via flash drive.

Please go  here and download the *TDSSKiller.exe* to your desktop.

Double-click to TDSSKiller.exe on your desktop to run it.
Click on *Start Scan*
As we don't want to fix anything yet, if any malicious objects are detected, *do NOT select Cure* but select *Skip* instead.
It will produce a log once it finishes in the root drive which should look like this example:

C:\TDSSKiller.<version_date_time>log.txt

Please copy and paste the contents of that log in your next reply.


----------



## olabola (May 20, 2012)

16:21:11.0468 3540 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:21:11.0468 3540 ============================================================
16:21:11.0468 3540 Current date / time: 2012/12/09 16:21:11.0468
16:21:11.0468 3540 SystemInfo:
16:21:11.0468 3540 
16:21:11.0468 3540 OS Version: 5.1.2600 ServicePack: 3.0
16:21:11.0468 3540 Product type: Workstation
16:21:11.0468 3540 ComputerName: D16M9M71
16:21:11.0468 3540 UserName: Alexandra Jachimczyk
16:21:11.0468 3540 Windows directory: C:\WINDOWS
16:21:11.0468 3540 System windows directory: C:\WINDOWS
16:21:11.0468 3540 Processor architecture: Intel x86
16:21:11.0468 3540 Number of processors: 2
16:21:11.0468 3540 Page size: 0x1000
16:21:11.0468 3540 Boot type: Normal boot
16:21:11.0468 3540 ============================================================
16:21:11.0828 3540 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:21:11.0828 3540 ============================================================
16:21:11.0828 3540 \Device\Harddisk0\DR0:
16:21:11.0828 3540 MBR partitions:
16:21:11.0828 3540 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A0CD7
16:21:11.0828 3540 ============================================================
16:21:11.0875 3540 C: <-> \Device\Harddisk0\DR0\Partition1
16:21:11.0875 3540 ============================================================
16:21:11.0875 3540 Initialize success
16:21:11.0875 3540 ============================================================
16:21:16.0203 2028 ============================================================
16:21:16.0203 2028 Scan started
16:21:16.0203 2028 Mode: Manual; 
16:21:16.0203 2028 ============================================================
16:21:16.0500 2028 ================ Scan system memory ========================
16:21:16.0500 2028 System memory - ok
16:21:16.0500 2028 ================ Scan services =============================
16:21:16.0593 2028 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
16:21:16.0593 2028 !SASCORE - ok
16:21:16.0734 2028 Abiosdsk - ok
16:21:16.0750 2028 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:21:16.0750 2028 abp480n5 - ok
16:21:16.0875 2028 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:21:16.0875 2028 ACDaemon - ok
16:21:16.0906 2028 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:21:16.0906 2028 ACPI - ok
16:21:16.0921 2028 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:21:16.0921 2028 ACPIEC - ok
16:21:16.0984 2028 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:21:16.0984 2028 AdobeFlashPlayerUpdateSvc - ok
16:21:17.0000 2028 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:21:17.0000 2028 adpu160m - ok
16:21:17.0015 2028 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:21:17.0031 2028 aec - ok
16:21:17.0062 2028 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:21:17.0062 2028 AFD - ok
16:21:17.0109 2028 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:21:17.0109 2028 agp440 - ok
16:21:17.0125 2028 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:21:17.0125 2028 agpCPQ - ok
16:21:17.0140 2028 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:21:17.0140 2028 Aha154x - ok
16:21:17.0156 2028 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:21:17.0156 2028 aic78u2 - ok
16:21:17.0171 2028 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:21:17.0171 2028 aic78xx - ok
16:21:17.0203 2028 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:21:17.0203 2028 Alerter - ok
16:21:17.0218 2028 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
16:21:17.0218 2028 ALG - ok
16:21:17.0234 2028 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
16:21:17.0234 2028 AliIde - ok
16:21:17.0250 2028 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541  C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:21:17.0250 2028 alim1541 - ok
16:21:17.0250 2028 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:21:17.0250 2028 amdagp - ok
16:21:17.0265 2028 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
16:21:17.0265 2028 amsint - ok
16:21:17.0359 2028 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:17.0359 2028 Apple Mobile Device - ok
16:21:17.0406 2028 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:21:17.0406 2028 AppMgmt - ok
16:21:17.0437 2028 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:21:17.0437 2028 Arp1394 - ok
16:21:17.0453 2028 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
16:21:17.0453 2028 asc - ok
16:21:17.0484 2028 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:21:17.0484 2028 asc3350p - ok
16:21:17.0500 2028 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:21:17.0500 2028 asc3550 - ok
16:21:17.0609 2028 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:21:17.0609 2028 aspnet_state - ok
16:21:17.0625 2028 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:21:17.0625 2028 AsyncMac - ok
16:21:17.0640 2028 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:21:17.0640 2028 atapi - ok
16:21:17.0640 2028 Atdisk - ok
16:21:17.0671 2028 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:21:17.0687 2028 Atmarpc - ok
16:21:17.0718 2028 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:21:17.0718 2028 AudioSrv - ok
16:21:17.0734 2028 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:21:17.0734 2028 audstub - ok
16:21:17.0765 2028 [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:21:17.0765 2028 b57w2k - ok
16:21:17.0781 2028 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:21:17.0781 2028 Beep - ok
16:21:17.0828 2028 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
16:21:17.0843 2028 BITS - ok
16:21:17.0906 2028 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:17.0906 2028 Bonjour Service - ok
16:21:17.0953 2028 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
16:21:17.0953 2028 Browser - ok
16:21:17.0953 2028 bvrp_pci - ok
16:21:17.0984 2028 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:21:17.0984 2028 cbidf - ok
16:21:17.0984 2028 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:21:17.0984 2028 cbidf2k - ok
16:21:18.0015 2028 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:21:18.0015 2028 CCDECODE - ok
16:21:18.0031 2028 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:21:18.0031 2028 cd20xrnt - ok
16:21:18.0062 2028 [ 841CEFAB8228EE691705D059E7F21C47 ] CdaD10BA C:\WINDOWS\system32\drivers\CdaD10BA.SYS
16:21:18.0062 2028 CdaD10BA - ok
16:21:18.0078 2028 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:21:18.0078 2028 Cdaudio - ok
16:21:18.0093 2028 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:21:18.0093 2028 Cdfs - ok
16:21:18.0125 2028 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:21:18.0125 2028 Cdrom - ok
16:21:18.0140 2028 Changer - ok
16:21:18.0171 2028 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:21:18.0171 2028 CiSvc - ok
16:21:18.0203 2028 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:21:18.0203 2028 ClipSrv - ok
16:21:18.0250 2028 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:18.0250 2028 clr_optimization_v2.0.50727_32 - ok
16:21:18.0328 2028 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:21:18.0328 2028 clr_optimization_v4.0.30319_32 - ok
16:21:18.0375 2028 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:21:18.0375 2028 CmdIde - ok
16:21:18.0406 2028 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL
16:21:18.0406 2028 COMMONFX.DLL - ok
16:21:18.0406 2028 COMSysApp - ok
16:21:18.0437 2028 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:21:18.0437 2028 Cpqarray - ok
16:21:18.0468 2028 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
16:21:18.0468 2028 Creative Service for CDROM Access - ok
16:21:18.0500 2028 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:21:18.0500 2028 CryptSvc - ok
16:21:18.0531 2028 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL
16:21:18.0531 2028 CT20XUT.DLL - ok
16:21:18.0609 2028 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
16:21:18.0609 2028 ctac32k - ok
16:21:18.0656 2028 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
16:21:18.0656 2028 ctaud2k - ok
16:21:18.0687 2028 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL
16:21:18.0703 2028 CTAUDFX.DLL - ok
16:21:18.0734 2028 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
16:21:18.0734 2028 ctdvda2k - ok
16:21:18.0781 2028 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL
16:21:18.0781 2028 CTEAPSFX.DLL - ok
16:21:18.0812 2028 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL
16:21:18.0828 2028 CTEDSPFX.DLL - ok
16:21:18.0859 2028 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL
16:21:18.0875 2028 CTEDSPIO.DLL - ok
16:21:18.0906 2028 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL
16:21:18.0906 2028 CTEDSPSY.DLL - ok
16:21:18.0937 2028 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL
16:21:18.0937 2028 CTERFXFX.DLL - ok
16:21:18.0984 2028 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL
16:21:19.0015 2028 CTEXFIFX.DLL - ok
16:21:19.0062 2028 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL
16:21:19.0062 2028 CTHWIUT.DLL - ok
16:21:19.0093 2028 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
16:21:19.0093 2028 ctprxy2k - ok
16:21:19.0140 2028 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL
16:21:19.0140 2028 CTSBLFX.DLL - ok
16:21:19.0171 2028 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
16:21:19.0171 2028 ctsfm2k - ok
16:21:19.0203 2028 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:21:19.0203 2028 dac2w2k - ok
16:21:19.0218 2028 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:21:19.0218 2028 dac960nt - ok
16:21:19.0265 2028 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:21:19.0265 2028 DcomLaunch - ok
16:21:19.0312 2028 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:21:19.0312 2028 Dhcp - ok
16:21:19.0343 2028 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:21:19.0343 2028 Disk - ok
16:21:19.0359 2028 dmadmin - ok
16:21:19.0406 2028 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:21:19.0421 2028 dmboot - ok
16:21:19.0453 2028 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:21:19.0453 2028 dmio - ok
16:21:19.0484 2028 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:21:19.0484 2028 dmload - ok
16:21:19.0515 2028 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:21:19.0515 2028 dmserver - ok
16:21:19.0515 2028 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:21:19.0531 2028 DMusic - ok
16:21:19.0546 2028 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:21:19.0546 2028 Dnscache - ok
16:21:19.0609 2028 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:21:19.0609 2028 Dot3svc - ok
16:21:19.0625 2028 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:21:19.0625 2028 dpti2o - ok
16:21:19.0656 2028 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:21:19.0656 2028 drmkaud - ok
16:21:19.0687 2028 [ 24646242310499D75C6DB4B32768A3B3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
16:21:19.0703 2028 drvmcdb - ok
16:21:19.0718 2028 [ 2FF629C1C443E25D0149B9DFB77E43A8 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
16:21:19.0718 2028 drvnddm - ok
16:21:19.0750 2028 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:21:19.0750 2028 E100B - ok
16:21:19.0796 2028 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:21:19.0796 2028 EapHost - ok
16:21:19.0843 2028 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
16:21:19.0843 2028 ehRecvr - ok
16:21:19.0890 2028 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
16:21:19.0890 2028 ehSched - ok
16:21:19.0921 2028 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
16:21:19.0921 2028 emupia - ok
16:21:20.0046 2028 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
16:21:20.0046 2028 EpsonCustomerParticipation - ok
16:21:20.0078 2028 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:21:20.0078 2028 ERSvc - ok
16:21:20.0125 2028 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:21:20.0125 2028 Eventlog - ok
16:21:20.0156 2028 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
16:21:20.0171 2028 EventSystem - ok
16:21:20.0203 2028 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:21:20.0203 2028 Fastfat - ok
16:21:20.0234 2028 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:21:20.0234 2028 FastUserSwitchingCompatibility - ok
16:21:20.0281 2028 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
16:21:20.0296 2028 Fax - ok
16:21:20.0328 2028 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:21:20.0328 2028 Fdc - ok
16:21:20.0343 2028 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:21:20.0343 2028 Fips - ok
16:21:20.0359 2028 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:21:20.0359 2028 Flpydisk - ok
16:21:20.0390 2028 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:21:20.0390 2028 FltMgr - ok
16:21:20.0453 2028 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:21:20.0453 2028 FontCache3.0.0.0 - ok
16:21:20.0468 2028 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:21:20.0468 2028 Fs_Rec - ok
16:21:20.0484 2028 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:21:20.0484 2028 Ftdisk - ok
16:21:20.0531 2028 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:21:20.0531 2028 gameenum - ok
16:21:20.0562 2028 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
16:21:20.0562 2028 GEARAspiWDM - ok
16:21:20.0593 2028 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:21:20.0593 2028 Gpc - ok
16:21:20.0687 2028 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:20.0687 2028 gupdate - ok
16:21:20.0687 2028 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:21:20.0687 2028 gupdatem - ok
16:21:20.0765 2028 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:21:20.0765 2028 gusvc - ok
16:21:20.0812 2028 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
16:21:20.0812 2028 ha10kx2k - ok
16:21:20.0843 2028 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
16:21:20.0843 2028 hap16v2k - ok
16:21:20.0875 2028 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
16:21:20.0875 2028 hap17v2k - ok
16:21:20.0921 2028 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:21:20.0921 2028 helpsvc - ok
16:21:20.0953 2028 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:21:20.0968 2028 HidServ - ok
16:21:21.0000 2028 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:21:21.0000 2028 HidUsb - ok
16:21:21.0031 2028 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:21:21.0046 2028 hkmsvc - ok
16:21:21.0062 2028 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
16:21:21.0062 2028 hpn - ok
16:21:21.0078 2028 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
16:21:21.0078 2028 HSFHWBS2 - ok
16:21:21.0125 2028 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
16:21:21.0140 2028 HSF_DP - ok
16:21:21.0171 2028 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:21:21.0171 2028 HTTP - ok
16:21:21.0187 2028 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:21:21.0187 2028 HTTPFilter - ok
16:21:21.0203 2028 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
16:21:21.0203 2028 i2omgmt - ok
16:21:21.0234 2028 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:21:21.0234 2028 i2omp - ok
16:21:21.0250 2028 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:21:21.0250 2028 i8042prt - ok
16:21:21.0312 2028 [ 3277CF101AE78C38B00702D688E37D44 ] IAANTMon C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
16:21:21.0312 2028 IAANTMon - ok
16:21:21.0359 2028 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
16:21:21.0375 2028 iaStor - ok
16:21:21.0453 2028 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:21:21.0453 2028 IDriverT - ok
16:21:21.0531 2028 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:21:21.0562 2028 idsvc - ok
16:21:21.0578 2028 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:21:21.0578 2028 Imapi - ok
16:21:21.0609 2028 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:21:21.0625 2028 ImapiService - ok
16:21:21.0640 2028 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:21:21.0640 2028 ini910u - ok
16:21:21.0656 2028 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:21:21.0656 2028 IntelIde - ok
16:21:21.0687 2028 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:21:21.0687 2028 intelppm - ok
16:21:21.0750 2028 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
16:21:21.0750 2028 IntuitUpdateService - ok
16:21:21.0812 2028 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
16:21:21.0812 2028 IntuitUpdateServiceV4 - ok
16:21:21.0828 2028 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:21:21.0828 2028 Ip6Fw - ok
16:21:21.0859 2028 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:21:21.0859 2028 IpFilterDriver - ok
16:21:21.0890 2028 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:21:21.0890 2028 IpInIp - ok
16:21:21.0921 2028 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:21:21.0921 2028 IpNat - ok
16:21:22.0000 2028 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:21:22.0015 2028 iPod Service - ok
16:21:22.0031 2028 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:21:22.0031 2028 IPSec - ok
16:21:22.0062 2028 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:21:22.0062 2028 IRENUM - ok
16:21:22.0093 2028 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:21:22.0093 2028 isapnp - ok
16:21:22.0218 2028 [ A38441ED570F190CC041A7BE49488FA7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
16:21:22.0218 2028 JavaQuickStarterService - ok
16:21:22.0234 2028 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:21:22.0234 2028 Kbdclass - ok
16:21:22.0265 2028 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:21:22.0265 2028 kbdhid - ok
16:21:22.0296 2028 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:21:22.0296 2028 kmixer - ok
16:21:22.0343 2028 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:21:22.0343 2028 KSecDD - ok
16:21:22.0375 2028 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:21:22.0375 2028 lanmanserver - ok
16:21:22.0421 2028 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:21:22.0421 2028 lanmanworkstation - ok
16:21:22.0437 2028 lbrtfdc - ok
16:21:22.0468 2028 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:21:22.0468 2028 LmHosts - ok
16:21:22.0500 2028 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
16:21:22.0500 2028 ManyCam - ok
16:21:22.0546 2028 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv.sys
16:21:22.0546 2028 mcaudrv_simple - ok
16:21:22.0578 2028 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
16:21:22.0578 2028 McrdSvc - ok
16:21:22.0609 2028 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:21:22.0609 2028 mdmxsdk - ok
16:21:22.0640 2028 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:21:22.0640 2028 Messenger - ok
16:21:22.0671 2028 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
16:21:22.0671 2028 MHN - ok
16:21:22.0687 2028 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
16:21:22.0703 2028 MHNDRV - ok
16:21:22.0718 2028 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:21:22.0718 2028 mnmdd - ok
16:21:22.0750 2028 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:21:22.0750 2028 mnmsrvc - ok
16:21:22.0781 2028 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:21:22.0781 2028 Modem - ok
16:21:22.0796 2028 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
16:21:22.0796 2028 MODEMCSA - ok
16:21:22.0828 2028 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
16:21:22.0828 2028 motmodem - ok
16:21:22.0843 2028 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:21:22.0843 2028 Mouclass - ok
16:21:22.0875 2028 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:21:22.0875 2028 mouhid - ok
16:21:22.0921 2028 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:21:22.0921 2028 MountMgr - ok
16:21:22.0953 2028 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:21:22.0953 2028 MozillaMaintenance - ok
16:21:22.0968 2028 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:21:22.0968 2028 mraid35x - ok
16:21:22.0984 2028 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:21:22.0984 2028 MRxDAV - ok
16:21:23.0031 2028 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:21:23.0031 2028 MRxSmb - ok
16:21:23.0093 2028 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
16:21:23.0093 2028 MSCSPTISRV - ok
16:21:23.0125 2028 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:21:23.0125 2028 MSDTC - ok
16:21:23.0140 2028 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:21:23.0140 2028 Msfs - ok
16:21:23.0156 2028 MSIServer - ok
16:21:23.0156 2028 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:21:23.0156 2028 MSKSSRV - ok
16:21:23.0171 2028 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:21:23.0171 2028 MSPCLOCK - ok
16:21:23.0171 2028 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:21:23.0171 2028 MSPQM - ok
16:21:23.0203 2028 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:21:23.0203 2028 mssmbios - ok
16:21:23.0234 2028 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:21:23.0234 2028 MSTEE - ok
16:21:23.0265 2028 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:21:23.0265 2028 Mup - ok
16:21:23.0296 2028 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:21:23.0296 2028 NABTSFEC - ok
16:21:23.0328 2028 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:21:23.0343 2028 napagent - ok
16:21:23.0375 2028 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:21:23.0375 2028 NDIS - ok
16:21:23.0406 2028 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:21:23.0406 2028 NdisIP - ok
16:21:23.0437 2028 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:21:23.0437 2028 NdisTapi - ok
16:21:23.0453 2028 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:21:23.0453 2028 Ndisuio - ok
16:21:23.0468 2028 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:21:23.0468 2028 NdisWan - ok
16:21:23.0500 2028 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:21:23.0500 2028 NDProxy - ok
16:21:23.0515 2028 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:21:23.0515 2028 NetBIOS - ok
16:21:23.0546 2028 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:21:23.0546 2028 NetBT - ok
16:21:23.0578 2028 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:21:23.0578 2028 NetDDE - ok
16:21:23.0593 2028 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:21:23.0593 2028 NetDDEdsdm - ok
16:21:23.0640 2028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:21:23.0640 2028 Netlogon - ok
16:21:23.0656 2028 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:21:23.0656 2028 Netman - ok
16:21:23.0703 2028 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:21:23.0703 2028 NetTcpPortSharing - ok
16:21:23.0734 2028 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:21:23.0734 2028 NIC1394 - ok
16:21:23.0765 2028 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:21:23.0765 2028 Nla - ok
16:21:23.0781 2028 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:21:23.0796 2028 Npfs - ok
16:21:23.0812 2028 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:21:23.0828 2028 Ntfs - ok
16:21:23.0828 2028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:21:23.0828 2028 NtLmSsp - ok
16:21:23.0859 2028 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:21:23.0875 2028 NtmsSvc - ok
16:21:23.0890 2028 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:21:23.0890 2028 Null - ok
16:21:23.0984 2028 [ AAA6DAAC20C08FDA35498515AD6C69C3 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:21:24.0000 2028 nv - ok
16:21:24.0031 2028 [ 5C554286925944E5EF1B0105AB9B59E8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
16:21:24.0046 2028 NVSvc - ok
16:21:24.0062 2028 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:21:24.0062 2028 NwlnkFlt - ok
16:21:24.0062 2028 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:21:24.0078 2028 NwlnkFwd - ok
16:21:24.0109 2028 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:21:24.0109 2028 ohci1394 - ok
16:21:24.0125 2028 [ 53D5F1278D9EDB21689BBBCECC09108D ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
16:21:24.0140 2028 omci - ok
16:21:24.0171 2028 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
16:21:24.0171 2028 ossrv - ok
16:21:24.0203 2028 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
16:21:24.0203 2028 PACSPTISVR - ok
16:21:24.0218 2028 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:21:24.0218 2028 Parport - ok
16:21:24.0234 2028 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:21:24.0250 2028 PartMgr - ok
16:21:24.0265 2028 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:21:24.0265 2028 ParVdm - ok
16:21:24.0281 2028 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:21:24.0281 2028 PCI - ok
16:21:24.0281 2028 PCIDump - ok
16:21:24.0312 2028 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:21:24.0312 2028 PCIIde - ok
16:21:24.0343 2028 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:21:24.0343 2028 Pcmcia - ok
16:21:24.0343 2028 PDCOMP - ok
16:21:24.0359 2028 PDFRAME - ok
16:21:24.0359 2028 PDRELI - ok
16:21:24.0359 2028 PDRFRAME - ok
16:21:24.0390 2028 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
16:21:24.0390 2028 perc2 - ok
16:21:24.0406 2028 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:21:24.0406 2028 perc2hib - ok
16:21:24.0437 2028 [ 6DABB70783EF470492ADB7B9A6E60BF3 ] PfModNT C:\WINDOWS\system32\drivers\PfModNT.sys
16:21:24.0437 2028 PfModNT - ok
16:21:24.0453 2028 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:21:24.0468 2028 PlugPlay - ok
16:21:24.0484 2028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:21:24.0484 2028 PolicyAgent - ok
16:21:24.0515 2028 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:21:24.0515 2028 PptpMiniport - ok
16:21:24.0515 2028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:21:24.0515 2028 ProtectedStorage - ok
16:21:24.0546 2028 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:21:24.0546 2028 PSched - ok
16:21:24.0562 2028 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:21:24.0562 2028 Ptilink - ok
16:21:24.0593 2028 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:21:24.0593 2028 PxHelp20 - ok
16:21:24.0625 2028 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:21:24.0625 2028 ql1080 - ok
16:21:24.0640 2028 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:21:24.0640 2028 Ql10wnt - ok
16:21:24.0656 2028 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:21:24.0656 2028 ql12160 - ok
16:21:24.0671 2028 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:21:24.0671 2028 ql1240 - ok
16:21:24.0687 2028 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:21:24.0687 2028 ql1280 - ok
16:21:24.0718 2028 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:21:24.0718 2028 RasAcd - ok
16:21:24.0765 2028 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:21:24.0765 2028 RasAuto - ok
16:21:24.0781 2028 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:21:24.0781 2028 Rasl2tp - ok
16:21:24.0812 2028 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:21:24.0812 2028 RasMan - ok
16:21:24.0828 2028 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:21:24.0828 2028 RasPppoe - ok
16:21:24.0843 2028 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:21:24.0843 2028 Raspti - ok
16:21:24.0859 2028 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:21:24.0859 2028 Rdbss - ok
16:21:24.0890 2028 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:21:24.0890 2028 RDPCDD - ok
16:21:24.0906 2028 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:21:24.0906 2028 rdpdr - ok
16:21:24.0953 2028 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:21:24.0953 2028 RDPWD - ok
16:21:25.0000 2028 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:21:25.0000 2028 RDSessMgr - ok
16:21:25.0015 2028 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:21:25.0015 2028 redbook - ok
16:21:25.0046 2028 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:21:25.0046 2028 RemoteAccess - ok
16:21:25.0078 2028 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:21:25.0078 2028 RemoteRegistry - ok
16:21:25.0093 2028 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:21:25.0093 2028 RpcLocator - ok
16:21:25.0125 2028 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:21:25.0125 2028 RpcSs - ok
16:21:25.0156 2028 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:21:25.0171 2028 RSVP - ok
16:21:25.0187 2028 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:21:25.0187 2028 SamSs - ok
16:21:25.0250 2028 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:21:25.0250 2028 SASDIFSV - ok
16:21:25.0265 2028 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:21:25.0265 2028 SASKUTIL - ok
16:21:25.0296 2028 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:21:25.0296 2028 SCardSvr - ok
16:21:25.0343 2028 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:21:25.0359 2028 Schedule - ok
16:21:25.0390 2028 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:21:25.0390 2028 Secdrv - ok
16:21:25.0421 2028 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:21:25.0421 2028 seclogon - ok
16:21:25.0453 2028 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:21:25.0468 2028 SENS - ok
16:21:25.0500 2028 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:21:25.0500 2028 serenum - ok
16:21:25.0515 2028 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:21:25.0515 2028 Serial - ok
16:21:25.0562 2028 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:21:25.0562 2028 Sfloppy - ok
16:21:25.0593 2028 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:21:25.0609 2028 SharedAccess - ok
16:21:25.0625 2028 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:21:25.0640 2028 ShellHWDetection - ok
16:21:25.0640 2028 Simbad - ok
16:21:25.0671 2028 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:21:25.0671 2028 sisagp - ok
16:21:25.0687 2028 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:21:25.0687 2028 SLIP - ok
16:21:25.0734 2028 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:21:25.0734 2028 Sparrow - ok
16:21:25.0765 2028 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:21:25.0765 2028 splitter - ok
16:21:25.0796 2028 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:21:25.0796 2028 Spooler - ok
16:21:25.0828 2028 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
16:21:25.0828 2028 SPTISRV - ok
16:21:25.0843 2028 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:21:25.0843 2028 sr - ok
16:21:25.0875 2028 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:21:25.0890 2028 srservice - ok
16:21:25.0921 2028 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:21:25.0937 2028 Srv - ok
16:21:25.0968 2028 [ 1CBD1B58A32DE97899F5290B05F856DB ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
16:21:25.0968 2028 sscdbhk5 - ok
16:21:25.0984 2028 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:21:25.0984 2028 SSDPSRV - ok
16:21:26.0015 2028 [ 7FB07AC152D7A87E66204860002BD9A4 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
16:21:26.0015 2028 ssrtln - ok
16:21:26.0062 2028 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:21:26.0078 2028 stisvc - ok
16:21:26.0093 2028 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:21:26.0093 2028 streamip - ok
16:21:26.0156 2028 [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
16:21:26.0156 2028 SupportSoft RemoteAssist - ok
16:21:26.0203 2028 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:21:26.0203 2028 swenum - ok
16:21:26.0218 2028 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:21:26.0218 2028 swmidi - ok
16:21:26.0234 2028 SwPrv - ok
16:21:26.0250 2028 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
16:21:26.0250 2028 symc810 - ok
16:21:26.0281 2028 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:21:26.0281 2028 symc8xx - ok
16:21:26.0281 2028 SymIM - ok
16:21:26.0296 2028 SymIMMP - ok
16:21:26.0343 2028 SYMTDI - ok
16:21:26.0359 2028 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:21:26.0359 2028 sym_hi - ok
16:21:26.0375 2028 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:21:26.0375 2028 sym_u3 - ok
16:21:26.0390 2028 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:21:26.0390 2028 sysaudio - ok
16:21:26.0421 2028 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:21:26.0421 2028 SysmonLog - ok
16:21:26.0468 2028 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:21:26.0484 2028 TapiSrv - ok
16:21:26.0515 2028 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:21:26.0531 2028 Tcpip - ok
16:21:26.0546 2028 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:21:26.0546 2028 TDPIPE - ok
16:21:26.0593 2028 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:21:26.0593 2028 TDTCP - ok
16:21:26.0625 2028 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:21:26.0625 2028 TermDD - ok
16:21:26.0640 2028 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:21:26.0656 2028 TermService - ok
16:21:26.0718 2028 [ C89DAABDFF5BD984181F45ADF6DDB24A ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
16:21:26.0718 2028 tfsnboio - ok
16:21:26.0734 2028 [ F093906C27FC9C59BD03D84807266107 ] tfsncofs  C:\WINDOWS\system32\dla\tfsncofs.sys
16:21:26.0734 2028 tfsncofs - ok
16:21:26.0750 2028 [ 9294575CDAD17D1DADFCD98A2CA26E7A ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
16:21:26.0750 2028 tfsndrct - ok
16:21:26.0765 2028 [ CDCC394CBAAC183F9BDEBF6D2F97C5C6 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
16:21:26.0765 2028 tfsndres - ok
16:21:26.0781 2028 [ 0A6C7C989DD76BB8989FD958AC5601D0 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
16:21:26.0781 2028 tfsnifs - ok
16:21:26.0812 2028 [ 92A17C0D73500F9B9C3028DA9E4CDBA6 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
16:21:26.0812 2028 tfsnopio - ok
16:21:26.0812 2028 [ 15AB1A2BB2B35EB1DCDA39405114AFC6 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
16:21:26.0812 2028 tfsnpool - ok
16:21:26.0843 2028 [ 370D2779668BF3B8D14F34356C41AB9C ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
16:21:26.0843 2028 tfsnudf - ok
16:21:26.0859 2028 [ 4564799868C4BCDF28C8EFC6D4C48C4B ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
16:21:26.0859 2028 tfsnudfa - ok
16:21:26.0875 2028 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
16:21:26.0875 2028 Themes - ok
16:21:26.0906 2028 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:21:26.0906 2028 TlntSvr - ok
16:21:26.0953 2028 TomTomHOMEService - ok
16:21:26.0968 2028 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
16:21:26.0968 2028 TosIde - ok
16:21:27.0015 2028 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:21:27.0015 2028 TrkWks - ok
16:21:27.0031 2028 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:21:27.0031 2028 Udfs - ok
16:21:27.0046 2028 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
16:21:27.0046 2028 ultra - ok
16:21:27.0093 2028 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:21:27.0093 2028 Update - ok
16:21:27.0125 2028 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:21:27.0140 2028 upnphost - ok
16:21:27.0156 2028 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:21:27.0156 2028 UPS - ok
16:21:27.0187 2028 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
16:21:27.0187 2028 USBAAPL - ok
16:21:27.0218 2028 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:21:27.0218 2028 usbaudio - ok
16:21:27.0265 2028 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:21:27.0265 2028 usbccgp - ok
16:21:27.0281 2028 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:21:27.0281 2028 usbehci - ok
16:21:27.0281 2028 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:21:27.0296 2028 usbhub - ok
16:21:27.0312 2028 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:21:27.0312 2028 usbprint - ok
16:21:27.0328 2028 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:21:27.0328 2028 usbscan - ok
16:21:27.0359 2028 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:21:27.0359 2028 USBSTOR - ok
16:21:27.0359 2028 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:21:27.0359 2028 usbuhci - ok
16:21:27.0406 2028 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
16:21:27.0406 2028 usbvideo - ok
16:21:27.0421 2028 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:21:27.0421 2028 VgaSave - ok
16:21:27.0437 2028 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:21:27.0437 2028 viaagp - ok
16:21:27.0453 2028 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:21:27.0453 2028 ViaIde - ok
16:21:27.0500 2028 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
16:21:27.0500 2028 Viewpoint Manager Service - ok
16:21:27.0515 2028 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:21:27.0515 2028 VolSnap - ok
16:21:27.0562 2028 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:21:27.0562 2028 VSS - ok
16:21:27.0609 2028 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
16:21:27.0609 2028 w32time - ok
16:21:27.0640 2028 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:21:27.0640 2028 Wanarp - ok
16:21:27.0671 2028 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
16:21:27.0671 2028 wanatw - ok
16:21:27.0718 2028 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
16:21:27.0734 2028 Wdf01000 - ok
16:21:27.0734 2028 WDICA - ok
16:21:27.0765 2028 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:21:27.0765 2028 wdmaud - ok
16:21:27.0812 2028 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:21:27.0812 2028 WebClient - ok
16:21:27.0843 2028 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:21:27.0843 2028 winachsf - ok
16:21:27.0906 2028 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:21:27.0921 2028 winmgmt - ok
16:21:28.0046 2028 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:21:28.0078 2028 wlidsvc - ok
16:21:28.0125 2028 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:21:28.0125 2028 WmdmPmSN - ok
16:21:28.0156 2028 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:21:28.0171 2028 Wmi - ok
16:21:28.0203 2028 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:21:28.0203 2028 WmiApSrv - ok
16:21:28.0281 2028 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:21:28.0296 2028 WMPNetworkSvc - ok
16:21:28.0328 2028 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:21:28.0328 2028 WpdUsb - ok
16:21:28.0421 2028 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:21:28.0437 2028 WPFFontCache_v0400 - ok
16:21:28.0484 2028 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:21:28.0484 2028 wscsvc - ok
16:21:28.0484 2028 WSearch - ok
16:21:28.0515 2028 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:21:28.0515 2028 WSTCODEC - ok
16:21:28.0531 2028 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:21:28.0531 2028 wuauserv - ok
16:21:28.0578 2028 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:21:28.0578 2028 WudfPf - ok
16:21:28.0593 2028 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:21:28.0593 2028 WudfSvc - ok
16:21:28.0656 2028 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:21:28.0671 2028 WZCSVC - ok
16:21:28.0687 2028 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:21:28.0703 2028 xmlprov - ok
16:21:28.0703 2028 ================ Scan global ===============================
16:21:28.0734 2028 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:21:28.0781 2028 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:21:28.0781 2028 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:21:28.0812 2028 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:21:28.0812 2028 [Global] - ok
16:21:28.0812 2028 ================ Scan MBR ==================================
16:21:28.0828 2028 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
16:21:28.0828 2028 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:21:28.0843 2028 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:21:28.0843 2028 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:21:28.0843 2028 ================ Scan VBR ==================================
16:21:28.0875 2028 [ 2E547BAAEB94F4B5F2CE05172163CB89 ] \Device\Harddisk0\DR0\Partition1
16:21:28.0875 2028 \Device\Harddisk0\DR0\Partition1 - ok
16:21:28.0875 2028 ============================================================
16:21:28.0875 2028 Scan finished
16:21:28.0875 2028 ============================================================
16:21:28.0875 2412 Detected object count: 1
16:21:28.0875 2412 Actual detected object count: 1
16:21:45.0203 2412 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
16:21:45.0203 2412 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip 
16:22:03.0515 3792 ============================================================
16:22:03.0515 3792 Scan started
16:22:03.0515 3792 Mode: Manual; 
16:22:03.0515 3792 ============================================================
16:22:03.0812 3792 ================ Scan system memory ========================
16:22:03.0843 3792 System memory - ok
16:22:03.0843 3792 ================ Scan services =============================
16:22:03.0890 3792 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
16:22:03.0890 3792 !SASCORE - ok
16:22:04.0000 3792 Abiosdsk - ok
16:22:04.0031 3792 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
16:22:04.0031 3792 abp480n5 - ok
16:22:04.0140 3792 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
16:22:04.0140 3792 ACDaemon - ok
16:22:04.0171 3792 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:22:04.0171 3792 ACPI - ok
16:22:04.0203 3792 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
16:22:04.0203 3792 ACPIEC - ok
16:22:04.0250 3792 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:22:04.0250 3792 AdobeFlashPlayerUpdateSvc - ok
16:22:04.0265 3792 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
16:22:04.0265 3792 adpu160m - ok
16:22:04.0281 3792 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
16:22:04.0281 3792 aec - ok
16:22:04.0312 3792 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
16:22:04.0312 3792 AFD - ok
16:22:04.0359 3792 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
16:22:04.0359 3792 agp440 - ok
16:22:04.0375 3792 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
16:22:04.0375 3792 agpCPQ - ok
16:22:04.0375 3792 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
16:22:04.0375 3792 Aha154x - ok
16:22:04.0390 3792 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
16:22:04.0390 3792 aic78u2 - ok
16:22:04.0406 3792 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
16:22:04.0406 3792 aic78xx - ok
16:22:04.0437 3792 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
16:22:04.0437 3792 Alerter - ok
16:22:04.0453 3792 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
16:22:04.0453 3792 ALG - ok
16:22:04.0468 3792 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
16:22:04.0468 3792 AliIde - ok
16:22:04.0484 3792 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
16:22:04.0484 3792 alim1541 - ok
16:22:04.0500 3792 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
16:22:04.0500 3792 amdagp - ok
16:22:04.0515 3792 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
16:22:04.0515 3792 amsint - ok
16:22:04.0640 3792 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:22:04.0640 3792 Apple Mobile Device - ok
16:22:04.0671 3792 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
16:22:04.0671 3792 AppMgmt - ok
16:22:04.0734 3792 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
16:22:04.0734 3792 Arp1394 - ok
16:22:04.0765 3792 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
16:22:04.0765 3792 asc - ok
16:22:04.0781 3792 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
16:22:04.0781 3792 asc3350p - ok
16:22:04.0796 3792 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
16:22:04.0796 3792 asc3550 - ok
16:22:04.0875 3792 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:22:04.0890 3792 aspnet_state - ok
16:22:04.0890 3792 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:22:04.0890 3792 AsyncMac - ok
16:22:04.0921 3792 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
16:22:04.0921 3792 atapi - ok
16:22:04.0921 3792 Atdisk - ok
16:22:04.0953 3792 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:22:04.0953 3792 Atmarpc - ok
16:22:04.0984 3792 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
16:22:04.0984 3792 AudioSrv - ok
16:22:05.0015 3792 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
16:22:05.0015 3792 audstub - ok
16:22:05.0031 3792 [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
16:22:05.0046 3792 b57w2k - ok
16:22:05.0062 3792 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
16:22:05.0062 3792 Beep - ok
16:22:05.0109 3792 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
16:22:05.0109 3792 BITS - ok
16:22:05.0171 3792 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:22:05.0171 3792 Bonjour Service - ok
16:22:05.0203 3792 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
16:22:05.0203 3792 Browser - ok
16:22:05.0203 3792 bvrp_pci - ok
16:22:05.0234 3792 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
16:22:05.0234 3792 cbidf - ok
16:22:05.0234 3792 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
16:22:05.0234 3792 cbidf2k - ok
16:22:05.0265 3792 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:22:05.0265 3792 CCDECODE - ok
16:22:05.0281 3792 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
16:22:05.0281 3792 cd20xrnt - ok
16:22:05.0312 3792 [ 841CEFAB8228EE691705D059E7F21C47 ] CdaD10BA C:\WINDOWS\system32\drivers\CdaD10BA.SYS
16:22:05.0312 3792 CdaD10BA - ok
16:22:05.0328 3792 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
16:22:05.0328 3792 Cdaudio - ok
16:22:05.0343 3792 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
16:22:05.0343 3792 Cdfs - ok
16:22:05.0375 3792 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:22:05.0375 3792 Cdrom - ok
16:22:05.0390 3792 Changer - ok
16:22:05.0421 3792 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
16:22:05.0421 3792 CiSvc - ok
16:22:05.0453 3792 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
16:22:05.0453 3792 ClipSrv - ok
16:22:05.0500 3792 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:05.0500 3792 clr_optimization_v2.0.50727_32 - ok
16:22:05.0562 3792 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:22:05.0562 3792 clr_optimization_v4.0.30319_32 - ok
16:22:05.0578 3792 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
16:22:05.0578 3792 CmdIde - ok
16:22:05.0656 3792 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL
16:22:05.0656 3792 COMMONFX.DLL - ok
16:22:05.0656 3792 COMSysApp - ok
16:22:05.0687 3792 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
16:22:05.0687 3792 Cpqarray - ok
16:22:05.0703 3792 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
16:22:05.0703 3792 Creative Service for CDROM Access - ok
16:22:05.0734 3792 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
16:22:05.0734 3792 CryptSvc - ok
16:22:05.0781 3792 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL
16:22:05.0781 3792 CT20XUT.DLL - ok
16:22:05.0812 3792 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
16:22:05.0828 3792 ctac32k - ok
16:22:05.0859 3792 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
16:22:05.0875 3792 ctaud2k - ok
16:22:05.0890 3792 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL
16:22:05.0890 3792 CTAUDFX.DLL - ok
16:22:05.0937 3792 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
16:22:05.0937 3792 ctdvda2k - ok
16:22:05.0968 3792 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL
16:22:05.0984 3792 CTEAPSFX.DLL - ok
16:22:06.0015 3792 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL
16:22:06.0015 3792 CTEDSPFX.DLL - ok
16:22:06.0062 3792 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL
16:22:06.0062 3792 CTEDSPIO.DLL - ok
16:22:06.0093 3792 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL
16:22:06.0109 3792 CTEDSPSY.DLL - ok
16:22:06.0140 3792 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL
16:22:06.0140 3792 CTERFXFX.DLL - ok
16:22:06.0187 3792 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL
16:22:06.0203 3792 CTEXFIFX.DLL - ok
16:22:06.0234 3792 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL
16:22:06.0234 3792 CTHWIUT.DLL - ok
16:22:06.0265 3792 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
16:22:06.0265 3792 ctprxy2k - ok
16:22:06.0296 3792 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL
16:22:06.0296 3792 CTSBLFX.DLL - ok
16:22:06.0312 3792 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
16:22:06.0312 3792 ctsfm2k - ok
16:22:06.0328 3792 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
16:22:06.0328 3792 dac2w2k - ok
16:22:06.0359 3792 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
16:22:06.0359 3792 dac960nt - ok
16:22:06.0390 3792 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
16:22:06.0406 3792 DcomLaunch - ok
16:22:06.0437 3792 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
16:22:06.0437 3792 Dhcp - ok
16:22:06.0468 3792 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
16:22:06.0468 3792 Disk - ok
16:22:06.0484 3792 dmadmin - ok
16:22:06.0531 3792 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
16:22:06.0531 3792 dmboot - ok
16:22:06.0562 3792 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
16:22:06.0562 3792 dmio - ok
16:22:06.0593 3792 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
16:22:06.0593 3792 dmload - ok
16:22:06.0625 3792 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
16:22:06.0625 3792 dmserver - ok
16:22:06.0640 3792 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
16:22:06.0640 3792 DMusic - ok
16:22:06.0671 3792 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
16:22:06.0671 3792 Dnscache - ok
16:22:06.0703 3792 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
16:22:06.0703 3792 Dot3svc - ok
16:22:06.0718 3792 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
16:22:06.0718 3792 dpti2o - ok
16:22:06.0718 3792 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
16:22:06.0734 3792 drmkaud - ok
16:22:06.0765 3792 [ 24646242310499D75C6DB4B32768A3B3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
16:22:06.0765 3792 drvmcdb - ok
16:22:06.0781 3792 [ 2FF629C1C443E25D0149B9DFB77E43A8 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
16:22:06.0781 3792 drvnddm - ok
16:22:06.0796 3792 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:22:06.0796 3792 E100B - ok
16:22:06.0828 3792 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
16:22:06.0828 3792 EapHost - ok
16:22:06.0890 3792 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
16:22:06.0890 3792 ehRecvr - ok
16:22:06.0921 3792 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
16:22:06.0921 3792 ehSched - ok
16:22:06.0953 3792 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
16:22:06.0953 3792 emupia - ok
16:22:07.0062 3792 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
16:22:07.0062 3792 EpsonCustomerParticipation - ok
16:22:07.0093 3792 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
16:22:07.0093 3792 ERSvc - ok
16:22:07.0140 3792 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
16:22:07.0140 3792 Eventlog - ok
16:22:07.0171 3792 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
16:22:07.0171 3792 EventSystem - ok
16:22:07.0218 3792 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
16:22:07.0218 3792 Fastfat - ok
16:22:07.0250 3792 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:22:07.0250 3792 FastUserSwitchingCompatibility - ok
16:22:07.0281 3792 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
16:22:07.0281 3792 Fax - ok
16:22:07.0312 3792 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
16:22:07.0312 3792 Fdc - ok
16:22:07.0328 3792 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
16:22:07.0328 3792 Fips - ok
16:22:07.0343 3792 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:22:07.0343 3792 Flpydisk - ok
16:22:07.0375 3792 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
16:22:07.0390 3792 FltMgr - ok
16:22:07.0437 3792 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:22:07.0437 3792 FontCache3.0.0.0 - ok
16:22:07.0453 3792 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:22:07.0453 3792 Fs_Rec - ok
16:22:07.0484 3792 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:22:07.0484 3792 Ftdisk - ok
16:22:07.0515 3792 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:22:07.0515 3792 gameenum - ok
16:22:07.0546 3792 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
16:22:07.0546 3792 GEARAspiWDM - ok
16:22:07.0578 3792 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:22:07.0578 3792 Gpc - ok
16:22:07.0687 3792 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:07.0687 3792 gupdate - ok
16:22:07.0687 3792 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
16:22:07.0687 3792 gupdatem - ok
16:22:07.0765 3792 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:22:07.0765 3792 gusvc - ok
16:22:07.0828 3792 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
16:22:07.0828 3792 ha10kx2k - ok
16:22:07.0875 3792 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
16:22:07.0875 3792 hap16v2k - ok
16:22:07.0875 3792 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
16:22:07.0875 3792 hap17v2k - ok
16:22:07.0937 3792 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:22:07.0937 3792 helpsvc - ok
16:22:07.0968 3792 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
16:22:07.0968 3792 HidServ - ok
16:22:08.0000 3792 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:22:08.0000 3792 HidUsb - ok
16:22:08.0046 3792 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
16:22:08.0046 3792 hkmsvc - ok
16:22:08.0062 3792 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
16:22:08.0062 3792 hpn - ok
16:22:08.0093 3792 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
16:22:08.0093 3792 HSFHWBS2 - ok
16:22:08.0140 3792 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
16:22:08.0140 3792 HSF_DP - ok
16:22:08.0187 3792 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
16:22:08.0187 3792 HTTP - ok
16:22:08.0203 3792 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
16:22:08.0203 3792 HTTPFilter - ok
16:22:08.0218 3792 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
16:22:08.0218 3792 i2omgmt - ok
16:22:08.0250 3792 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
16:22:08.0250 3792 i2omp - ok
16:22:08.0265 3792 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:22:08.0265 3792 i8042prt - ok
16:22:08.0328 3792 [ 3277CF101AE78C38B00702D688E37D44 ] IAANTMon C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
16:22:08.0328 3792 IAANTMon - ok
16:22:08.0375 3792 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
16:22:08.0390 3792 iaStor - ok
16:22:08.0468 3792 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
16:22:08.0468 3792 IDriverT - ok
16:22:08.0546 3792 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:22:08.0562 3792 idsvc - ok
16:22:08.0593 3792 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
16:22:08.0593 3792 Imapi - ok
16:22:08.0625 3792 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
16:22:08.0625 3792 ImapiService - ok
16:22:08.0640 3792 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
16:22:08.0656 3792 ini910u - ok
16:22:08.0671 3792 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
16:22:08.0671 3792 IntelIde - ok
16:22:08.0703 3792 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:22:08.0703 3792 intelppm - ok
16:22:08.0750 3792 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
16:22:08.0750 3792 IntuitUpdateService - ok
16:22:08.0812 3792 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
16:22:08.0812 3792 IntuitUpdateServiceV4 - ok
16:22:08.0828 3792 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
16:22:08.0828 3792 Ip6Fw - ok
16:22:08.0859 3792 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:22:08.0859 3792 IpFilterDriver - ok
16:22:08.0890 3792 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:22:08.0890 3792 IpInIp - ok
16:22:08.0906 3792 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:22:08.0921 3792 IpNat - ok
16:22:08.0984 3792 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:22:09.0000 3792 iPod Service - ok
16:22:09.0015 3792 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:22:09.0015 3792 IPSec - ok
16:22:09.0031 3792 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
16:22:09.0031 3792 IRENUM - ok
16:22:09.0062 3792 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:22:09.0062 3792 isapnp - ok
16:22:09.0187 3792 [ A38441ED570F190CC041A7BE49488FA7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
16:22:09.0187 3792 JavaQuickStarterService - ok
16:22:09.0203 3792 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:22:09.0203 3792 Kbdclass - ok
16:22:09.0250 3792 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:22:09.0250 3792 kbdhid - ok
16:22:09.0265 3792 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
16:22:09.0265 3792 kmixer - ok
16:22:09.0312 3792 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
16:22:09.0312 3792 KSecDD - ok
16:22:09.0343 3792 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
16:22:09.0343 3792 lanmanserver - ok
16:22:09.0375 3792 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:22:09.0390 3792 lanmanworkstation - ok
16:22:09.0390 3792 lbrtfdc - ok
16:22:09.0421 3792 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
16:22:09.0437 3792 LmHosts - ok
16:22:09.0453 3792 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
16:22:09.0453 3792 ManyCam - ok
16:22:09.0500 3792 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv.sys
16:22:09.0500 3792 mcaudrv_simple - ok
16:22:09.0546 3792 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
16:22:09.0546 3792 McrdSvc - ok
16:22:09.0562 3792 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
16:22:09.0562 3792 mdmxsdk - ok
16:22:09.0593 3792 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
16:22:09.0609 3792 Messenger - ok
16:22:09.0625 3792 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
16:22:09.0625 3792 MHN - ok
16:22:09.0656 3792 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
16:22:09.0656 3792 MHNDRV - ok
16:22:09.0687 3792 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
16:22:09.0687 3792 mnmdd - ok
16:22:09.0718 3792 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
16:22:09.0718 3792 mnmsrvc - ok
16:22:09.0750 3792 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
16:22:09.0750 3792 Modem - ok
16:22:09.0765 3792 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
16:22:09.0765 3792 MODEMCSA - ok
16:22:09.0796 3792 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
16:22:09.0796 3792 motmodem - ok
16:22:09.0812 3792 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:22:09.0812 3792 Mouclass - ok
16:22:09.0843 3792 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:22:09.0843 3792 mouhid - ok
16:22:09.0875 3792 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
16:22:09.0890 3792 MountMgr - ok
16:22:09.0921 3792 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:22:09.0921 3792 MozillaMaintenance - ok
16:22:09.0968 3792 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
16:22:09.0968 3792 mraid35x - ok
16:22:09.0984 3792 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:22:09.0984 3792 MRxDAV - ok
16:22:10.0031 3792 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:22:10.0031 3792 MRxSmb - ok
16:22:10.0093 3792 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
16:22:10.0093 3792 MSCSPTISRV - ok
16:22:10.0125 3792 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
16:22:10.0125 3792 MSDTC - ok
16:22:10.0140 3792 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
16:22:10.0140 3792 Msfs - ok
16:22:10.0140 3792 MSIServer - ok
16:22:10.0156 3792 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:22:10.0156 3792 MSKSSRV - ok
16:22:10.0156 3792 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:22:10.0156 3792 MSPCLOCK - ok
16:22:10.0171 3792 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
16:22:10.0171 3792 MSPQM - ok
16:22:10.0203 3792 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:22:10.0203 3792 mssmbios - ok
16:22:10.0234 3792 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
16:22:10.0234 3792 MSTEE - ok
16:22:10.0265 3792 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
16:22:10.0265 3792 Mup - ok
16:22:10.0296 3792 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:22:10.0296 3792 NABTSFEC - ok
16:22:10.0328 3792 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
16:22:10.0328 3792 napagent - ok
16:22:10.0375 3792 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
16:22:10.0375 3792 NDIS - ok
16:22:10.0406 3792 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:22:10.0406 3792 NdisIP - ok
16:22:10.0437 3792 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:22:10.0437 3792 NdisTapi - ok
16:22:10.0453 3792 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:22:10.0453 3792 Ndisuio - ok
16:22:10.0468 3792 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:22:10.0468 3792 NdisWan - ok
16:22:10.0500 3792 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
16:22:10.0500 3792 NDProxy - ok
16:22:10.0515 3792 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
16:22:10.0515 3792 NetBIOS - ok
16:22:10.0546 3792 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
16:22:10.0546 3792 NetBT - ok
16:22:10.0593 3792 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
16:22:10.0593 3792 NetDDE - ok
16:22:10.0593 3792 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
16:22:10.0609 3792 NetDDEdsdm - ok
16:22:10.0625 3792 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
16:22:10.0625 3792 Netlogon - ok
16:22:10.0671 3792 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
16:22:10.0671 3792 Netman - ok
16:22:10.0703 3792 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:22:10.0703 3792 NetTcpPortSharing - ok
16:22:10.0734 3792 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
16:22:10.0734 3792 NIC1394 - ok
16:22:10.0781 3792 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
16:22:10.0781 3792 Nla - ok
16:22:10.0796 3792 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
16:22:10.0796 3792 Npfs - ok
16:22:10.0828 3792 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
16:22:10.0828 3792 Ntfs - ok
16:22:10.0843 3792 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
16:22:10.0843 3792 NtLmSsp - ok
16:22:10.0875 3792 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
16:22:10.0875 3792 NtmsSvc - ok
16:22:10.0890 3792 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
16:22:10.0890 3792 Null - ok
16:22:10.0984 3792 [ AAA6DAAC20C08FDA35498515AD6C69C3 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:22:11.0015 3792 nv - ok
16:22:11.0046 3792 [ 5C554286925944E5EF1B0105AB9B59E8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
16:22:11.0046 3792 NVSvc - ok
16:22:11.0062 3792 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:22:11.0062 3792 NwlnkFlt - ok
16:22:11.0078 3792 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:22:11.0078 3792 NwlnkFwd - ok
16:22:11.0125 3792 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
16:22:11.0125 3792 ohci1394 - ok
16:22:11.0140 3792 [ 53D5F1278D9EDB21689BBBCECC09108D ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
16:22:11.0140 3792 omci - ok
16:22:11.0171 3792 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
16:22:11.0171 3792 ossrv - ok
16:22:11.0218 3792 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
16:22:11.0218 3792 PACSPTISVR - ok
16:22:11.0234 3792 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
16:22:11.0234 3792 Parport - ok
16:22:11.0250 3792 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
16:22:11.0250 3792 PartMgr - ok
16:22:11.0265 3792 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
16:22:11.0265 3792 ParVdm - ok
16:22:11.0281 3792 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
16:22:11.0281 3792 PCI - ok
16:22:11.0281 3792 PCIDump - ok
16:22:11.0312 3792 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
16:22:11.0312 3792 PCIIde - ok
16:22:11.0343 3792 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
16:22:11.0343 3792 Pcmcia - ok
16:22:11.0343 3792 PDCOMP - ok
16:22:11.0359 3792 PDFRAME - ok
16:22:11.0359 3792 PDRELI - ok
16:22:11.0375 3792 PDRFRAME - ok
16:22:11.0390 3792 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
16:22:11.0390 3792 perc2 - ok
16:22:11.0406 3792 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
16:22:11.0406 3792 perc2hib - ok
16:22:11.0437 3792 [ 6DABB70783EF470492ADB7B9A6E60BF3 ] PfModNT C:\WINDOWS\system32\drivers\PfModNT.sys
16:22:11.0437 3792 PfModNT - ok
16:22:11.0453 3792 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
16:22:11.0468 3792 PlugPlay - ok
16:22:11.0484 3792 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
16:22:11.0484 3792 PolicyAgent - ok
16:22:11.0515 3792 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:22:11.0515 3792 PptpMiniport - ok
16:22:11.0515 3792 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:22:11.0515 3792 ProtectedStorage - ok
16:22:11.0562 3792 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
16:22:11.0562 3792 PSched - ok
16:22:11.0578 3792 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:22:11.0578 3792 Ptilink - ok
16:22:11.0609 3792 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:22:11.0609 3792 PxHelp20 - ok
16:22:11.0640 3792 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
16:22:11.0640 3792 ql1080 - ok
16:22:11.0656 3792 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
16:22:11.0656 3792 Ql10wnt - ok
16:22:11.0671 3792 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
16:22:11.0671 3792 ql12160 - ok
16:22:11.0687 3792 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
16:22:11.0687 3792 ql1240 - ok
16:22:11.0703 3792 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
16:22:11.0703 3792 ql1280 - ok
16:22:11.0718 3792 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:22:11.0718 3792 RasAcd - ok
16:22:11.0765 3792 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
16:22:11.0765 3792 RasAuto - ok
16:22:11.0781 3792 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:22:11.0781 3792 Rasl2tp - ok
16:22:11.0828 3792 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
16:22:11.0828 3792 RasMan - ok
16:22:11.0828 3792 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:22:11.0828 3792 RasPppoe - ok
16:22:11.0843 3792 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
16:22:11.0843 3792 Raspti - ok
16:22:11.0875 3792 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:22:11.0875 3792 Rdbss - ok
16:22:11.0890 3792 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:22:11.0890 3792 RDPCDD - ok
16:22:11.0906 3792 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:22:11.0921 3792 rdpdr - ok
16:22:11.0953 3792 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
16:22:11.0953 3792 RDPWD - ok
16:22:12.0000 3792 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
16:22:12.0000 3792 RDSessMgr - ok
16:22:12.0031 3792 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
16:22:12.0031 3792 redbook - ok
16:22:12.0062 3792 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
16:22:12.0062 3792 RemoteAccess - ok
16:22:12.0093 3792 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
16:22:12.0109 3792 RemoteRegistry - ok
16:22:12.0125 3792 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
16:22:12.0125 3792 RpcLocator - ok
16:22:12.0140 3792 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
16:22:12.0156 3792 RpcSs - ok
16:22:12.0187 3792 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
16:22:12.0187 3792 RSVP - ok
16:22:12.0203 3792 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
16:22:12.0203 3792 SamSs - ok
16:22:12.0265 3792 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:22:12.0265 3792 SASDIFSV - ok
16:22:12.0281 3792 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
16:22:12.0281 3792 SASKUTIL - ok
16:22:12.0312 3792 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
16:22:12.0312 3792 SCardSvr - ok
16:22:12.0359 3792 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
16:22:12.0359 3792 Schedule - ok
16:22:12.0390 3792 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:22:12.0390 3792 Secdrv - ok
16:22:12.0421 3792 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
16:22:12.0421 3792 seclogon - ok
16:22:12.0453 3792 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
16:22:12.0468 3792 SENS - ok
16:22:12.0500 3792 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
16:22:12.0500 3792 serenum - ok
16:22:12.0515 3792 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
16:22:12.0515 3792 Serial - ok
16:22:12.0546 3792 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
16:22:12.0546 3792 Sfloppy - ok
16:22:12.0593 3792 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
16:22:12.0593 3792 SharedAccess - ok
16:22:12.0609 3792 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:22:12.0625 3792 ShellHWDetection - ok
16:22:12.0625 3792 Simbad - ok
16:22:12.0671 3792 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
16:22:12.0671 3792 sisagp - ok
16:22:12.0687 3792 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:22:12.0687 3792 SLIP - ok
16:22:12.0734 3792 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
16:22:12.0734 3792 Sparrow - ok
16:22:12.0765 3792 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
16:22:12.0765 3792 splitter - ok
16:22:12.0796 3792 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
16:22:12.0812 3792 Spooler - ok
16:22:12.0843 3792 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
16:22:12.0843 3792 SPTISRV - ok
16:22:12.0859 3792 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
16:22:12.0859 3792 sr - ok
16:22:12.0906 3792 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
16:22:12.0906 3792 srservice - ok
16:22:12.0953 3792 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
16:22:12.0953 3792 Srv - ok
16:22:13.0000 3792 [ 1CBD1B58A32DE97899F5290B05F856DB ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
16:22:13.0000 3792 sscdbhk5 - ok
16:22:13.0015 3792 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
16:22:13.0031 3792 SSDPSRV - ok
16:22:13.0062 3792 [ 7FB07AC152D7A87E66204860002BD9A4 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
16:22:13.0062 3792 ssrtln - ok
16:22:13.0093 3792 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
16:22:13.0093 3792 stisvc - ok
16:22:13.0125 3792 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:22:13.0125 3792 streamip - ok
16:22:13.0187 3792 [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
16:22:13.0187 3792 SupportSoft RemoteAssist - ok
16:22:13.0218 3792 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
16:22:13.0234 3792 swenum - ok
16:22:13.0234 3792 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
16:22:13.0250 3792 swmidi - ok
16:22:13.0250 3792 SwPrv - ok
16:22:13.0265 3792 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
16:22:13.0281 3792 symc810 - ok
16:22:13.0296 3792 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
16:22:13.0296 3792 symc8xx - ok
16:22:13.0312 3792 SymIM - ok
16:22:13.0312 3792 SymIMMP - ok
16:22:13.0375 3792 SYMTDI - ok
16:22:13.0406 3792 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
16:22:13.0406 3792 sym_hi - ok
16:22:13.0421 3792 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
16:22:13.0421 3792 sym_u3 - ok
16:22:13.0453 3792 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
16:22:13.0453 3792 sysaudio - ok
16:22:13.0484 3792 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
16:22:13.0500 3792 SysmonLog - ok
16:22:13.0562 3792 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
16:22:13.0562 3792 TapiSrv - ok
16:22:13.0609 3792 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:22:13.0609 3792 Tcpip - ok
16:22:13.0671 3792 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
16:22:13.0671 3792 TDPIPE - ok
16:22:13.0687 3792 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
16:22:13.0687 3792 TDTCP - ok
16:22:13.0703 3792 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
16:22:13.0703 3792 TermDD - ok
16:22:13.0718 3792 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
16:22:13.0718 3792 TermService - ok
16:22:13.0781 3792 [ C89DAABDFF5BD984181F45ADF6DDB24A ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
16:22:13.0781 3792 tfsnboio - ok
16:22:13.0796 3792 [ F093906C27FC9C59BD03D84807266107 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
16:22:13.0796 3792 tfsncofs - ok
16:22:13.0828 3792 [ 9294575CDAD17D1DADFCD98A2CA26E7A ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
16:22:13.0828 3792 tfsndrct - ok
16:22:13.0843 3792 [ CDCC394CBAAC183F9BDEBF6D2F97C5C6 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
16:22:13.0843 3792 tfsndres - ok
16:22:13.0890 3792 [ 0A6C7C989DD76BB8989FD958AC5601D0 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
16:22:13.0890 3792 tfsnifs - ok
16:22:13.0890 3792 [ 92A17C0D73500F9B9C3028DA9E4CDBA6 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
16:22:13.0890 3792 tfsnopio - ok
16:22:13.0906 3792 [ 15AB1A2BB2B35EB1DCDA39405114AFC6 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
16:22:13.0906 3792 tfsnpool - ok
16:22:13.0921 3792 [ 370D2779668BF3B8D14F34356C41AB9C ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
16:22:13.0937 3792 tfsnudf - ok
16:22:13.0953 3792 [ 4564799868C4BCDF28C8EFC6D4C48C4B ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
16:22:13.0953 3792 tfsnudfa - ok
16:22:13.0968 3792 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
16:22:13.0984 3792 Themes - ok
16:22:14.0015 3792 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
16:22:14.0015 3792 TlntSvr - ok
16:22:14.0093 3792 TomTomHOMEService - ok
16:22:14.0109 3792 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
16:22:14.0109 3792 TosIde - ok
16:22:14.0156 3792 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
16:22:14.0156 3792 TrkWks - ok
16:22:14.0187 3792 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
16:22:14.0187 3792 Udfs - ok
16:22:14.0218 3792 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
16:22:14.0218 3792 ultra - ok
16:22:14.0250 3792 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
16:22:14.0265 3792 Update - ok
16:22:14.0296 3792 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
16:22:14.0296 3792 upnphost - ok
16:22:14.0312 3792 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
16:22:14.0328 3792 UPS - ok
16:22:14.0375 3792 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
16:22:14.0375 3792 USBAAPL - ok
16:22:14.0406 3792 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
16:22:14.0406 3792 usbaudio - ok
16:22:14.0437 3792 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:22:14.0437 3792 usbccgp - ok
16:22:14.0453 3792 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:22:14.0453 3792 usbehci - ok
16:22:14.0484 3792 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:22:14.0484 3792 usbhub - ok
16:22:14.0500 3792 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:22:14.0500 3792 usbprint - ok
16:22:14.0531 3792 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:22:14.0531 3792 usbscan - ok
16:22:14.0546 3792 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:22:14.0546 3792 USBSTOR - ok
16:22:14.0562 3792 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:22:14.0562 3792 usbuhci - ok
16:22:14.0593 3792 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
16:22:14.0593 3792 usbvideo - ok
16:22:14.0609 3792 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
16:22:14.0609 3792 VgaSave - ok
16:22:14.0625 3792 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
16:22:14.0625 3792 viaagp - ok
16:22:14.0640 3792 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
16:22:14.0640 3792 ViaIde - ok
16:22:14.0703 3792 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
16:22:14.0703 3792 Viewpoint Manager Service - ok
16:22:14.0718 3792 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
16:22:14.0718 3792 VolSnap - ok
16:22:14.0781 3792 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
16:22:14.0781 3792 VSS - ok
16:22:14.0796 3792 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
16:22:14.0796 3792 w32time - ok
16:22:14.0812 3792 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:22:14.0812 3792 Wanarp - ok
16:22:14.0859 3792 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
16:22:14.0859 3792 wanatw - ok
16:22:14.0906 3792 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
16:22:14.0906 3792 Wdf01000 - ok
16:22:14.0906 3792 WDICA - ok
16:22:14.0937 3792 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
16:22:14.0937 3792 wdmaud - ok
16:22:14.0953 3792 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
16:22:14.0953 3792 WebClient - ok
16:22:15.0000 3792 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
16:22:15.0000 3792 winachsf - ok
16:22:15.0062 3792 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
16:22:15.0062 3792 winmgmt - ok
16:22:15.0187 3792 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:22:15.0203 3792 wlidsvc - ok
16:22:15.0250 3792 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
16:22:15.0250 3792 WmdmPmSN - ok
16:22:15.0281 3792 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
16:22:15.0296 3792 Wmi - ok
16:22:15.0312 3792 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
16:22:15.0312 3792 WmiApSrv - ok
16:22:15.0390 3792 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
16:22:15.0390 3792 WMPNetworkSvc - ok
16:22:15.0437 3792 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:22:15.0437 3792 WpdUsb - ok
16:22:15.0531 3792 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
16:22:15.0546 3792 WPFFontCache_v0400 - ok
16:22:15.0578 3792 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
16:22:15.0578 3792 wscsvc - ok
16:22:15.0593 3792 WSearch - ok
16:22:15.0625 3792 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:22:15.0625 3792 WSTCODEC - ok
16:22:15.0656 3792 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
16:22:15.0656 3792 wuauserv - ok
16:22:15.0703 3792 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:22:15.0703 3792 WudfPf - ok
16:22:15.0718 3792 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
16:22:15.0718 3792 WudfSvc - ok
16:22:15.0765 3792 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
16:22:15.0765 3792 WZCSVC - ok
16:22:15.0781 3792 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
16:22:15.0781 3792 xmlprov - ok
16:22:15.0796 3792 ================ Scan global ===============================
16:22:15.0828 3792 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:22:15.0859 3792 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:22:15.0875 3792 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
16:22:15.0890 3792 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:22:15.0890 3792 [Global] - ok
16:22:15.0890 3792 ================ Scan MBR ==================================
16:22:15.0906 3792 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
16:22:15.0906 3792 Suspicious mbr (Forged): \Device\Harddisk0\DR0
16:22:15.0921 3792 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
16:22:15.0921 3792 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
16:22:15.0921 3792 ================ Scan VBR ==================================
16:22:15.0937 3792 [ 2E547BAAEB94F4B5F2CE05172163CB89 ] \Device\Harddisk0\DR0\Partition1
16:22:15.0953 3792 \Device\Harddisk0\DR0\Partition1 - ok
16:22:15.0953 3792 ============================================================
16:22:15.0953 3792 Scan finished
16:22:15.0953 3792 ============================================================
16:22:15.0953 4084 Detected object count: 1
16:22:15.0953 4084 Actual detected object count: 1
16:22:24.0781 4084 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - skipped by user
16:22:24.0781 4084 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Skip


----------



## Cookiegal (Aug 27, 2003)

This rootkit is difficult to remove at times so before we run the fix we are going to install a progrm that will create a backup of the registry as a precaution.

*Backing Up Your Registry*
Download *ERUNT*
_(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)_
Install *ERUNT* by following the prompts
_(use the default install settings but say no to the portion that asks you to add *ERUNT* to the start-up folder, if you like you can enable this option later)_
Start *ERUNT*
_(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)_
Choose a location for the backup
_(the default location is C:\WINDOWS\ERDNT which is acceptable)._
Make sure that at least the first two check boxes are ticked
Press *OK*
Press *YES* to create the folder.










Once you've done the above, run TDSSKiller again and this time select the option to "cure" the infection and post the new log please.


----------



## olabola (May 20, 2012)

*It seems to have created to log files so I will post both.*

18:28:57.0937 0932 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:28:57.0953 0932 ============================================================
18:28:57.0953 0932 Current date / time: 2012/12/09 18:28:57.0953
18:28:57.0953 0932 SystemInfo:
18:28:57.0953 0932 
18:28:57.0953 0932 OS Version: 5.1.2600 ServicePack: 3.0
18:28:57.0953 0932 Product type: Workstation
18:28:57.0953 0932 ComputerName: D16M9M71
18:28:57.0953 0932 UserName: Alexandra Jachimczyk
18:28:57.0953 0932 Windows directory: C:\WINDOWS
18:28:57.0953 0932 System windows directory: C:\WINDOWS
18:28:57.0953 0932 Processor architecture: Intel x86
18:28:57.0953 0932 Number of processors: 2
18:28:57.0953 0932 Page size: 0x1000
18:28:57.0953 0932 Boot type: Normal boot
18:28:57.0953 0932 ============================================================
18:28:58.0281 0932 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:28:58.0296 0932 Drive \Device\Harddisk2\DR24 - Size: 0x3E80000 (0.06 Gb), SectorSize: 0x200, Cylinders: 0x7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:28:58.0312 0932 ============================================================
18:28:58.0312 0932 \Device\Harddisk0\DR0:
18:28:58.0312 0932 MBR partitions:
18:28:58.0312 0932 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A0CD7
18:28:58.0312 0932 \Device\Harddisk2\DR24:
18:28:58.0312 0932 MBR partitions:
18:28:58.0312 0932 \Device\Harddisk2\DR24\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1F1E0
18:28:58.0312 0932 ============================================================
18:28:58.0359 0932 C: <-> \Device\Harddisk0\DR0\Partition1
18:28:58.0359 0932 ============================================================
18:28:58.0359 0932 Initialize success
18:28:58.0359 0932 ============================================================
18:29:02.0109 0504 ============================================================
18:29:02.0109 0504 Scan started
18:29:02.0109 0504 Mode: Manual; 
18:29:02.0109 0504 ============================================================
18:29:02.0437 0504 ================ Scan system memory ========================
18:29:02.0437 0504 System memory - ok
18:29:02.0453 0504 ================ Scan services =============================
18:29:02.0546 0504 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:29:02.0546 0504 !SASCORE - ok
18:29:02.0671 0504 Abiosdsk - ok
18:29:02.0703 0504 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
18:29:02.0703 0504 abp480n5 - ok
18:29:02.0812 0504 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:29:02.0812 0504 ACDaemon - ok
18:29:02.0843 0504 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:29:02.0859 0504 ACPI - ok
18:29:02.0890 0504 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
18:29:02.0890 0504 ACPIEC - ok
18:29:02.0937 0504 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:29:02.0953 0504 AdobeFlashPlayerUpdateSvc - ok
18:29:02.0968 0504 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
18:29:02.0968 0504 adpu160m - ok
18:29:02.0984 0504 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
18:29:02.0984 0504 aec - ok
18:29:03.0015 0504 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
18:29:03.0015 0504 AFD - ok
18:29:03.0046 0504 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
18:29:03.0046 0504 agp440 - ok
18:29:03.0062 0504 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
18:29:03.0062 0504 agpCPQ - ok
18:29:03.0093 0504 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
18:29:03.0093 0504 Aha154x - ok
18:29:03.0109 0504 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
18:29:03.0109 0504 aic78u2 - ok
18:29:03.0140 0504 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
18:29:03.0140 0504 aic78xx - ok
18:29:03.0171 0504 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
18:29:03.0171 0504 Alerter - ok
18:29:03.0187 0504 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
18:29:03.0187 0504 ALG - ok
18:29:03.0203 0504 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
18:29:03.0203 0504 AliIde - ok
18:29:03.0218 0504 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
18:29:03.0218 0504 alim1541 - ok
18:29:03.0234 0504 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
18:29:03.0234 0504 amdagp - ok
18:29:03.0250 0504 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
18:29:03.0250 0504 amsint - ok
18:29:03.0343 0504 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:29:03.0343 0504 Apple Mobile Device - ok
18:29:03.0390 0504 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
18:29:03.0390 0504 AppMgmt - ok
18:29:03.0421 0504 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:29:03.0421 0504 Arp1394 - ok
18:29:03.0437 0504 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
18:29:03.0437 0504 asc - ok
18:29:03.0453 0504 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
18:29:03.0453 0504 asc3350p - ok
18:29:03.0468 0504 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
18:29:03.0468 0504 asc3550 - ok
18:29:03.0562 0504 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:29:03.0562 0504 aspnet_state - ok
18:29:03.0578 0504 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:29:03.0578 0504 AsyncMac - ok
18:29:03.0593 0504 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
18:29:03.0593 0504 atapi - ok
18:29:03.0609 0504 Atdisk - ok
18:29:03.0640 0504 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:29:03.0640 0504 Atmarpc - ok
18:29:03.0687 0504 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
18:29:03.0687 0504 AudioSrv - ok
18:29:03.0703 0504 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
18:29:03.0703 0504 audstub - ok
18:29:03.0734 0504 [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
18:29:03.0734 0504 b57w2k - ok
18:29:03.0750 0504 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
18:29:03.0750 0504 Beep - ok
18:29:03.0796 0504 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
18:29:03.0812 0504 BITS - ok
18:29:03.0890 0504 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:29:03.0890 0504 Bonjour Service - ok
18:29:03.0921 0504 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
18:29:03.0921 0504 Browser - ok
18:29:03.0921 0504 bvrp_pci - ok
18:29:03.0968 0504 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
18:29:03.0968 0504 cbidf - ok
18:29:03.0968 0504 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
18:29:03.0968 0504 cbidf2k - ok
18:29:04.0015 0504 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:29:04.0015 0504 CCDECODE - ok
18:29:04.0031 0504 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
18:29:04.0031 0504 cd20xrnt - ok
18:29:04.0062 0504 [ 841CEFAB8228EE691705D059E7F21C47 ] CdaD10BA C:\WINDOWS\system32\drivers\CdaD10BA.SYS
18:29:04.0062 0504 CdaD10BA - ok
18:29:04.0078 0504 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
18:29:04.0078 0504 Cdaudio - ok
18:29:04.0093 0504 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
18:29:04.0093 0504 Cdfs - ok
18:29:04.0140 0504 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:29:04.0140 0504 Cdrom - ok
18:29:04.0140 0504 Changer - ok
18:29:04.0187 0504 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
18:29:04.0187 0504 CiSvc - ok
18:29:04.0218 0504 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
18:29:04.0234 0504 ClipSrv - ok
18:29:04.0265 0504 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:04.0265 0504 clr_optimization_v2.0.50727_32 - ok
18:29:04.0328 0504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:04.0328 0504 clr_optimization_v4.0.30319_32 - ok
18:29:04.0343 0504 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
18:29:04.0359 0504 CmdIde - ok
18:29:04.0390 0504 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL
18:29:04.0390 0504 COMMONFX.DLL - ok
18:29:04.0406 0504 COMSysApp - ok
18:29:04.0437 0504 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
18:29:04.0437 0504 Cpqarray - ok
18:29:04.0453 0504 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
18:29:04.0453 0504 Creative Service for CDROM Access - ok
18:29:04.0484 0504 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
18:29:04.0484 0504 CryptSvc - ok
18:29:04.0531 0504 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL
18:29:04.0531 0504 CT20XUT.DLL - ok
18:29:04.0562 0504 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
18:29:04.0578 0504 ctac32k - ok
18:29:04.0625 0504 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
18:29:04.0625 0504 ctaud2k - ok
18:29:04.0671 0504 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL
18:29:04.0687 0504 CTAUDFX.DLL - ok
18:29:04.0718 0504 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
18:29:04.0718 0504 ctdvda2k - ok
18:29:04.0750 0504 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL
18:29:04.0750 0504 CTEAPSFX.DLL - ok
18:29:04.0796 0504 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL
18:29:04.0796 0504 CTEDSPFX.DLL - ok
18:29:04.0828 0504 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL
18:29:04.0828 0504 CTEDSPIO.DLL - ok
18:29:04.0875 0504 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL
18:29:04.0875 0504 CTEDSPSY.DLL - ok
18:29:04.0906 0504 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL
18:29:04.0906 0504 CTERFXFX.DLL - ok
18:29:04.0953 0504 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL
18:29:04.0953 0504 CTEXFIFX.DLL - ok
18:29:04.0984 0504 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL
18:29:05.0000 0504 CTHWIUT.DLL - ok
18:29:05.0031 0504 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
18:29:05.0031 0504 ctprxy2k - ok
18:29:05.0078 0504 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL
18:29:05.0078 0504 CTSBLFX.DLL - ok
18:29:05.0093 0504 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
18:29:05.0093 0504 ctsfm2k - ok
18:29:05.0109 0504 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
18:29:05.0109 0504 dac2w2k - ok
18:29:05.0125 0504 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
18:29:05.0125 0504 dac960nt - ok
18:29:05.0171 0504 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
18:29:05.0171 0504 DcomLaunch - ok
18:29:05.0218 0504 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
18:29:05.0218 0504 Dhcp - ok
18:29:05.0250 0504 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
18:29:05.0250 0504 Disk - ok
18:29:05.0250 0504 dmadmin - ok
18:29:05.0281 0504 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
18:29:05.0296 0504 dmboot - ok
18:29:05.0312 0504 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
18:29:05.0312 0504 dmio - ok
18:29:05.0343 0504 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
18:29:05.0343 0504 dmload - ok
18:29:05.0375 0504 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
18:29:05.0375 0504 dmserver - ok
18:29:05.0390 0504 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
18:29:05.0390 0504 DMusic - ok
18:29:05.0421 0504 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
18:29:05.0421 0504 Dnscache - ok
18:29:05.0453 0504 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
18:29:05.0453 0504 Dot3svc - ok
18:29:05.0468 0504 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
18:29:05.0468 0504 dpti2o - ok
18:29:05.0500 0504 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
18:29:05.0500 0504 drmkaud - ok
18:29:05.0546 0504 [ 24646242310499D75C6DB4B32768A3B3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
18:29:05.0546 0504 drvmcdb - ok
18:29:05.0562 0504 [ 2FF629C1C443E25D0149B9DFB77E43A8 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
18:29:05.0562 0504 drvnddm - ok
18:29:05.0578 0504 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
18:29:05.0578 0504 E100B - ok
18:29:05.0625 0504 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
18:29:05.0625 0504 EapHost - ok
18:29:05.0671 0504 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
18:29:05.0671 0504 ehRecvr - ok
18:29:05.0703 0504 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
18:29:05.0703 0504 ehSched - ok
18:29:05.0750 0504 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
18:29:05.0750 0504 emupia - ok
18:29:05.0843 0504 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
18:29:05.0843 0504 EpsonCustomerParticipation - ok
18:29:05.0875 0504 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
18:29:05.0875 0504 ERSvc - ok
18:29:05.0921 0504 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
18:29:05.0921 0504 Eventlog - ok
18:29:05.0953 0504 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
18:29:05.0953 0504 EventSystem - ok
18:29:05.0968 0504 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
18:29:05.0968 0504 Fastfat - ok
18:29:06.0015 0504 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:29:06.0015 0504 FastUserSwitchingCompatibility - ok
18:29:06.0031 0504 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
18:29:06.0046 0504 Fax - ok
18:29:06.0078 0504 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
18:29:06.0078 0504 Fdc - ok
18:29:06.0093 0504 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
18:29:06.0093 0504 Fips - ok
18:29:06.0125 0504 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:29:06.0125 0504 Flpydisk - ok
18:29:06.0171 0504 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
18:29:06.0171 0504 FltMgr - ok
18:29:06.0234 0504 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:29:06.0234 0504 FontCache3.0.0.0 - ok
18:29:06.0234 0504 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:29:06.0234 0504 Fs_Rec - ok
18:29:06.0265 0504 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:29:06.0265 0504 Ftdisk - ok
18:29:06.0296 0504 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
18:29:06.0296 0504 gameenum - ok
18:29:06.0328 0504 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
18:29:06.0328 0504 GEARAspiWDM - ok
18:29:06.0359 0504 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:29:06.0359 0504 Gpc - ok
18:29:06.0453 0504 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
18:29:06.0453 0504 gupdate - ok
18:29:06.0468 0504 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
18:29:06.0468 0504 gupdatem - ok
18:29:06.0531 0504 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:29:06.0531 0504 gusvc - ok
18:29:06.0593 0504 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
18:29:06.0593 0504 ha10kx2k - ok
18:29:06.0625 0504 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
18:29:06.0625 0504 hap16v2k - ok
18:29:06.0640 0504 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
18:29:06.0640 0504 hap17v2k - ok
18:29:06.0703 0504 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:29:06.0703 0504 helpsvc - ok
18:29:06.0734 0504 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
18:29:06.0734 0504 HidServ - ok
18:29:06.0765 0504 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:29:06.0765 0504 HidUsb - ok
18:29:06.0812 0504 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
18:29:06.0812 0504 hkmsvc - ok
18:29:06.0828 0504 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
18:29:06.0828 0504 hpn - ok
18:29:06.0843 0504 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
18:29:06.0843 0504 HSFHWBS2 - ok
18:29:06.0906 0504 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
18:29:06.0906 0504 HSF_DP - ok
18:29:06.0953 0504 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
18:29:06.0953 0504 HTTP - ok
18:29:06.0984 0504 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
18:29:06.0984 0504 HTTPFilter - ok
18:29:07.0000 0504 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
18:29:07.0000 0504 i2omgmt - ok
18:29:07.0031 0504 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
18:29:07.0031 0504 i2omp - ok
18:29:07.0046 0504 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:29:07.0046 0504 i8042prt - ok
18:29:07.0109 0504 [ 3277CF101AE78C38B00702D688E37D44 ] IAANTMon C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
18:29:07.0109 0504 IAANTMon - ok
18:29:07.0203 0504 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
18:29:07.0203 0504 iaStor - ok
18:29:07.0296 0504 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
18:29:07.0296 0504 IDriverT - ok
18:29:07.0375 0504 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:29:07.0390 0504 idsvc - ok
18:29:07.0406 0504 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
18:29:07.0406 0504 Imapi - ok
18:29:07.0437 0504 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
18:29:07.0437 0504 ImapiService - ok
18:29:07.0468 0504 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
18:29:07.0468 0504 ini910u - ok
18:29:07.0468 0504 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
18:29:07.0468 0504 IntelIde - ok
18:29:07.0500 0504 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:29:07.0500 0504 intelppm - ok
18:29:07.0562 0504 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
18:29:07.0562 0504 IntuitUpdateService - ok
18:29:07.0625 0504 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
18:29:07.0625 0504 IntuitUpdateServiceV4 - ok
18:29:07.0640 0504 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
18:29:07.0640 0504 Ip6Fw - ok
18:29:07.0671 0504 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:29:07.0671 0504 IpFilterDriver - ok
18:29:07.0703 0504 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:29:07.0703 0504 IpInIp - ok
18:29:07.0718 0504 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:29:07.0718 0504 IpNat - ok
18:29:07.0796 0504 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:29:07.0796 0504 iPod Service - ok
18:29:07.0843 0504 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:29:07.0843 0504 IPSec - ok
18:29:07.0859 0504 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
18:29:07.0859 0504 IRENUM - ok
18:29:07.0890 0504 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:29:07.0890 0504 isapnp - ok
18:29:08.0015 0504 [ A38441ED570F190CC041A7BE49488FA7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
18:29:08.0015 0504 JavaQuickStarterService - ok
18:29:08.0031 0504 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:29:08.0031 0504 Kbdclass - ok
18:29:08.0062 0504 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:29:08.0062 0504 kbdhid - ok
18:29:08.0078 0504 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
18:29:08.0078 0504 kmixer - ok
18:29:08.0125 0504 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
18:29:08.0125 0504 KSecDD - ok
18:29:08.0156 0504 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
18:29:08.0156 0504 lanmanserver - ok
18:29:08.0203 0504 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:29:08.0203 0504 lanmanworkstation - ok
18:29:08.0218 0504 lbrtfdc - ok
18:29:08.0250 0504 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
18:29:08.0250 0504 LmHosts - ok
18:29:08.0281 0504 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
18:29:08.0281 0504 ManyCam - ok
18:29:08.0312 0504 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv.sys
18:29:08.0312 0504 mcaudrv_simple - ok
18:29:08.0359 0504 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
18:29:08.0359 0504 McrdSvc - ok
18:29:08.0375 0504 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
18:29:08.0375 0504 mdmxsdk - ok
18:29:08.0406 0504 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
18:29:08.0406 0504 Messenger - ok
18:29:08.0437 0504 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
18:29:08.0453 0504 MHN - ok
18:29:08.0468 0504 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
18:29:08.0468 0504 MHNDRV - ok
18:29:08.0484 0504 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
18:29:08.0484 0504 mnmdd - ok
18:29:08.0515 0504 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
18:29:08.0515 0504 mnmsrvc - ok
18:29:08.0546 0504 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
18:29:08.0546 0504 Modem - ok
18:29:08.0562 0504 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
18:29:08.0562 0504 MODEMCSA - ok
18:29:08.0609 0504 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
18:29:08.0609 0504 motmodem - ok
18:29:08.0625 0504 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:29:08.0625 0504 Mouclass - ok
18:29:08.0656 0504 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:29:08.0656 0504 mouhid - ok
18:29:08.0687 0504 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
18:29:08.0687 0504 MountMgr - ok
18:29:08.0734 0504 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:29:08.0734 0504 MozillaMaintenance - ok
18:29:08.0750 0504 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
18:29:08.0750 0504 mraid35x - ok
18:29:08.0765 0504 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:29:08.0765 0504 MRxDAV - ok
18:29:08.0828 0504 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:29:08.0828 0504 MRxSmb - ok
18:29:08.0906 0504 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
18:29:08.0906 0504 MSCSPTISRV - ok
18:29:08.0921 0504 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
18:29:08.0921 0504 MSDTC - ok
18:29:08.0953 0504 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
18:29:08.0953 0504 Msfs - ok
18:29:08.0968 0504 MSIServer - ok
18:29:08.0984 0504 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:29:08.0984 0504 MSKSSRV - ok
18:29:09.0000 0504 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:29:09.0000 0504 MSPCLOCK - ok
18:29:09.0000 0504 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
18:29:09.0000 0504 MSPQM - ok
18:29:09.0046 0504 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:29:09.0046 0504 mssmbios - ok
18:29:09.0078 0504 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
18:29:09.0078 0504 MSTEE - ok
18:29:09.0109 0504 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
18:29:09.0109 0504 Mup - ok
18:29:09.0140 0504 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:29:09.0140 0504 NABTSFEC - ok
18:29:09.0187 0504 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
18:29:09.0187 0504 napagent - ok
18:29:09.0234 0504 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
18:29:09.0234 0504 NDIS - ok
18:29:09.0250 0504 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:29:09.0250 0504 NdisIP - ok
18:29:09.0296 0504 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:29:09.0296 0504 NdisTapi - ok
18:29:09.0296 0504 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:29:09.0296 0504 Ndisuio - ok
18:29:09.0359 0504 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:29:09.0359 0504 NdisWan - ok
18:29:09.0375 0504 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
18:29:09.0375 0504 NDProxy - ok
18:29:09.0390 0504 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
18:29:09.0390 0504 NetBIOS - ok
18:29:09.0421 0504 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
18:29:09.0421 0504 NetBT - ok
18:29:09.0468 0504 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
18:29:09.0468 0504 NetDDE - ok
18:29:09.0468 0504 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
18:29:09.0468 0504 NetDDEdsdm - ok
18:29:09.0500 0504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
18:29:09.0500 0504 Netlogon - ok
18:29:09.0515 0504 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
18:29:09.0531 0504 Netman - ok
18:29:09.0562 0504 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:29:09.0562 0504 NetTcpPortSharing - ok
18:29:09.0593 0504 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:29:09.0593 0504 NIC1394 - ok
18:29:09.0625 0504 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
18:29:09.0625 0504 Nla - ok
18:29:09.0640 0504 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
18:29:09.0640 0504 Npfs - ok
18:29:09.0671 0504 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
18:29:09.0671 0504 Ntfs - ok
18:29:09.0671 0504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
18:29:09.0687 0504 NtLmSsp - ok
18:29:09.0703 0504 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
18:29:09.0718 0504 NtmsSvc - ok
18:29:09.0734 0504 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
18:29:09.0734 0504 Null - ok
18:29:09.0828 0504 [ AAA6DAAC20C08FDA35498515AD6C69C3 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:29:09.0843 0504 nv - ok
18:29:09.0890 0504 [ 5C554286925944E5EF1B0105AB9B59E8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
18:29:09.0906 0504 NVSvc - ok
18:29:09.0921 0504 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:29:09.0921 0504 NwlnkFlt - ok
18:29:09.0921 0504 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:29:09.0921 0504 NwlnkFwd - ok
18:29:09.0968 0504 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:29:09.0968 0504 ohci1394 - ok
18:29:09.0984 0504 [ 53D5F1278D9EDB21689BBBCECC09108D ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
18:29:09.0984 0504 omci - ok
18:29:10.0031 0504 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
18:29:10.0031 0504 ossrv - ok
18:29:10.0062 0504 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
18:29:10.0062 0504 PACSPTISVR - ok
18:29:10.0078 0504 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
18:29:10.0078 0504 Parport - ok
18:29:10.0093 0504 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
18:29:10.0093 0504 PartMgr - ok
18:29:10.0109 0504 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
18:29:10.0125 0504 ParVdm - ok
18:29:10.0125 0504 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
18:29:10.0140 0504 PCI - ok
18:29:10.0140 0504 PCIDump - ok
18:29:10.0171 0504 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
18:29:10.0171 0504 PCIIde - ok
18:29:10.0187 0504 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
18:29:10.0187 0504 Pcmcia - ok
18:29:10.0187 0504 PDCOMP - ok
18:29:10.0203 0504 PDFRAME - ok
18:29:10.0203 0504 PDRELI - ok
18:29:10.0218 0504 PDRFRAME - ok
18:29:10.0250 0504 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
18:29:10.0250 0504 perc2 - ok
18:29:10.0265 0504 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
18:29:10.0265 0504 perc2hib - ok
18:29:10.0312 0504 [ 6DABB70783EF470492ADB7B9A6E60BF3 ] PfModNT C:\WINDOWS\system32\drivers\PfModNT.sys
18:29:10.0312 0504 PfModNT - ok
18:29:10.0328 0504 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
18:29:10.0328 0504 PlugPlay - ok
18:29:10.0359 0504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
18:29:10.0359 0504 PolicyAgent - ok
18:29:10.0390 0504 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:29:10.0390 0504 PptpMiniport - ok
18:29:10.0390 0504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:29:10.0390 0504 ProtectedStorage - ok
18:29:10.0437 0504 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
18:29:10.0437 0504 PSched - ok
18:29:10.0453 0504 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:29:10.0453 0504 Ptilink - ok
18:29:10.0484 0504 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:29:10.0484 0504 PxHelp20 - ok
18:29:10.0515 0504 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
18:29:10.0515 0504 ql1080 - ok
18:29:10.0546 0504 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
18:29:10.0546 0504 Ql10wnt - ok
18:29:10.0593 0504 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
18:29:10.0593 0504 ql12160 - ok
18:29:10.0609 0504 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
18:29:10.0609 0504 ql1240 - ok
18:29:10.0625 0504 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
18:29:10.0625 0504 ql1280 - ok
18:29:10.0640 0504 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:29:10.0640 0504 RasAcd - ok
18:29:10.0687 0504 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
18:29:10.0687 0504 RasAuto - ok
18:29:10.0718 0504 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:29:10.0718 0504 Rasl2tp - ok
18:29:10.0765 0504 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
18:29:10.0781 0504 RasMan - ok
18:29:10.0781 0504 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:29:10.0781 0504 RasPppoe - ok
18:29:10.0812 0504 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
18:29:10.0812 0504 Raspti - ok
18:29:10.0843 0504 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:29:10.0843 0504 Rdbss - ok
18:29:10.0859 0504 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:29:10.0859 0504 RDPCDD - ok
18:29:10.0875 0504 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:29:10.0875 0504 rdpdr - ok
18:29:10.0921 0504 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
18:29:10.0921 0504 RDPWD - ok
18:29:10.0953 0504 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
18:29:10.0968 0504 RDSessMgr - ok
18:29:11.0000 0504 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
18:29:11.0000 0504 redbook - ok
18:29:11.0031 0504 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
18:29:11.0031 0504 RemoteAccess - ok
18:29:11.0062 0504 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
18:29:11.0078 0504 RemoteRegistry - ok
18:29:11.0093 0504 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
18:29:11.0093 0504 RpcLocator - ok
18:29:11.0109 0504 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
18:29:11.0125 0504 RpcSs - ok
18:29:11.0156 0504 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
18:29:11.0171 0504 RSVP - ok
18:29:11.0187 0504 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
18:29:11.0187 0504 SamSs - ok
18:29:11.0250 0504 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:29:11.0250 0504 SASDIFSV - ok
18:29:11.0265 0504 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:29:11.0265 0504 SASKUTIL - ok
18:29:11.0296 0504 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
18:29:11.0296 0504 SCardSvr - ok
18:29:11.0343 0504 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
18:29:11.0359 0504 Schedule - ok
18:29:11.0390 0504 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:29:11.0390 0504 Secdrv - ok
18:29:11.0421 0504 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
18:29:11.0421 0504 seclogon - ok
18:29:11.0453 0504 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
18:29:11.0468 0504 SENS - ok
18:29:11.0500 0504 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
18:29:11.0500 0504 serenum - ok
18:29:11.0515 0504 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
18:29:11.0515 0504 Serial - ok
18:29:11.0546 0504 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
18:29:11.0546 0504 Sfloppy - ok
18:29:11.0593 0504 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
18:29:11.0593 0504 SharedAccess - ok
18:29:11.0609 0504 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:29:11.0609 0504 ShellHWDetection - ok
18:29:11.0625 0504 Simbad - ok
18:29:11.0656 0504 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
18:29:11.0656 0504 sisagp - ok
18:29:11.0671 0504 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:29:11.0671 0504 SLIP - ok
18:29:11.0703 0504 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
18:29:11.0703 0504 Sparrow - ok
18:29:11.0734 0504 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
18:29:11.0734 0504 splitter - ok
18:29:11.0765 0504 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
18:29:11.0765 0504 Spooler - ok
18:29:11.0812 0504 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
18:29:11.0812 0504 SPTISRV - ok
18:29:11.0828 0504 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
18:29:11.0828 0504 sr - ok
18:29:11.0859 0504 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
18:29:11.0859 0504 srservice - ok
18:29:11.0906 0504 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
18:29:11.0906 0504 Srv - ok
18:29:11.0937 0504 [ 1CBD1B58A32DE97899F5290B05F856DB ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
18:29:11.0937 0504 sscdbhk5 - ok
18:29:11.0953 0504 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
18:29:11.0953 0504 SSDPSRV - ok
18:29:12.0000 0504 [ 7FB07AC152D7A87E66204860002BD9A4 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
18:29:12.0000 0504 ssrtln - ok
18:29:12.0031 0504 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
18:29:12.0046 0504 stisvc - ok
18:29:12.0062 0504 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:29:12.0062 0504 streamip - ok
18:29:12.0109 0504 [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
18:29:12.0125 0504 SupportSoft RemoteAssist - ok
18:29:12.0156 0504 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
18:29:12.0156 0504 swenum - ok
18:29:12.0187 0504 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
18:29:12.0187 0504 swmidi - ok
18:29:12.0187 0504 SwPrv - ok
18:29:12.0203 0504 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
18:29:12.0203 0504 symc810 - ok
18:29:12.0218 0504 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
18:29:12.0234 0504 symc8xx - ok
18:29:12.0234 0504 SymIM - ok
18:29:12.0234 0504 SymIMMP - ok
18:29:12.0296 0504 SYMTDI - ok
18:29:12.0312 0504 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
18:29:12.0312 0504 sym_hi - ok
18:29:12.0328 0504 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
18:29:12.0328 0504 sym_u3 - ok
18:29:12.0343 0504 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
18:29:12.0343 0504 sysaudio - ok
18:29:12.0375 0504 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
18:29:12.0375 0504 SysmonLog - ok
18:29:12.0406 0504 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
18:29:12.0421 0504 TapiSrv - ok
18:29:12.0453 0504 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:29:12.0453 0504 Tcpip - ok
18:29:12.0484 0504 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
18:29:12.0484 0504 TDPIPE - ok
18:29:12.0515 0504 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
18:29:12.0531 0504 TDTCP - ok
18:29:12.0562 0504 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
18:29:12.0562 0504 TermDD - ok
18:29:12.0578 0504 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
18:29:12.0593 0504 TermService - ok
18:29:12.0640 0504 [ C89DAABDFF5BD984181F45ADF6DDB24A ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
18:29:12.0640 0504 tfsnboio - ok
18:29:12.0656 0504 [ F093906C27FC9C59BD03D84807266107 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
18:29:12.0656 0504 tfsncofs - ok
18:29:12.0671 0504 [ 9294575CDAD17D1DADFCD98A2CA26E7A ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
18:29:12.0671 0504 tfsndrct - ok
18:29:12.0687 0504 [ CDCC394CBAAC183F9BDEBF6D2F97C5C6 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
18:29:12.0687 0504 tfsndres - ok
18:29:12.0703 0504 [ 0A6C7C989DD76BB8989FD958AC5601D0 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
18:29:12.0703 0504 tfsnifs - ok
18:29:12.0718 0504 [ 92A17C0D73500F9B9C3028DA9E4CDBA6 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
18:29:12.0718 0504 tfsnopio - ok
18:29:12.0734 0504 [ 15AB1A2BB2B35EB1DCDA39405114AFC6 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
18:29:12.0734 0504 tfsnpool - ok
18:29:12.0750 0504 [ 370D2779668BF3B8D14F34356C41AB9C ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
18:29:12.0750 0504 tfsnudf - ok
18:29:12.0765 0504 [ 4564799868C4BCDF28C8EFC6D4C48C4B ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
18:29:12.0781 0504 tfsnudfa - ok
18:29:12.0796 0504 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
18:29:12.0796 0504 Themes - ok
18:29:12.0828 0504 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
18:29:12.0828 0504 TlntSvr - ok
18:29:12.0875 0504 TomTomHOMEService - ok
18:29:12.0875 0504 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
18:29:12.0875 0504 TosIde - ok
18:29:12.0921 0504 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
18:29:12.0921 0504 TrkWks - ok
18:29:12.0937 0504 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
18:29:12.0937 0504 Udfs - ok
18:29:12.0953 0504 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
18:29:12.0953 0504 ultra - ok
18:29:13.0000 0504 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
18:29:13.0000 0504 Update - ok
18:29:13.0046 0504 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
18:29:13.0046 0504 upnphost - ok
18:29:13.0078 0504 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
18:29:13.0093 0504 UPS - ok
18:29:13.0125 0504 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
18:29:13.0125 0504 USBAAPL - ok
18:29:13.0156 0504 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
18:29:13.0156 0504 usbaudio - ok
18:29:13.0203 0504 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:29:13.0203 0504 usbccgp - ok
18:29:13.0218 0504 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:29:13.0218 0504 usbehci - ok
18:29:13.0234 0504 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:29:13.0234 0504 usbhub - ok
18:29:13.0250 0504 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
18:29:13.0250 0504 usbprint - ok
18:29:13.0281 0504 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:29:13.0281 0504 usbscan - ok
18:29:13.0296 0504 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:29:13.0296 0504 USBSTOR - ok
18:29:13.0312 0504 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:29:13.0312 0504 usbuhci - ok
18:29:13.0343 0504 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
18:29:13.0343 0504 usbvideo - ok
18:29:13.0359 0504 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
18:29:13.0359 0504 VgaSave - ok
18:29:13.0390 0504 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
18:29:13.0390 0504 viaagp - ok
18:29:13.0390 0504 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
18:29:13.0390 0504 ViaIde - ok
18:29:13.0437 0504 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
18:29:13.0437 0504 Viewpoint Manager Service - ok
18:29:13.0453 0504 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
18:29:13.0453 0504 VolSnap - ok
18:29:13.0484 0504 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
18:29:13.0500 0504 VSS - ok
18:29:13.0531 0504 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
18:29:13.0531 0504 w32time - ok
18:29:13.0546 0504 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:29:13.0546 0504 Wanarp - ok
18:29:13.0593 0504 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
18:29:13.0593 0504 wanatw - ok
18:29:13.0640 0504 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
18:29:13.0640 0504 Wdf01000 - ok
18:29:13.0640 0504 WDICA - ok
18:29:13.0671 0504 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
18:29:13.0671 0504 wdmaud - ok
18:29:13.0703 0504 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
18:29:13.0703 0504 WebClient - ok
18:29:13.0750 0504 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
18:29:13.0750 0504 winachsf - ok
18:29:13.0828 0504 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
18:29:13.0828 0504 winmgmt - ok
18:29:13.0953 0504 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:29:13.0968 0504 wlidsvc - ok
18:29:14.0015 0504 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
18:29:14.0015 0504 WmdmPmSN - ok
18:29:14.0046 0504 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
18:29:14.0062 0504 Wmi - ok
18:29:14.0093 0504 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:29:14.0093 0504 WmiApSrv - ok
18:29:14.0203 0504 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
18:29:14.0218 0504 WMPNetworkSvc - ok
18:29:14.0250 0504 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
18:29:14.0250 0504 WpdUsb - ok
18:29:14.0343 0504 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:29:14.0343 0504 WPFFontCache_v0400 - ok
18:29:14.0390 0504 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
18:29:14.0390 0504 wscsvc - ok
18:29:14.0390 0504 WSearch - ok
18:29:14.0421 0504 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:29:14.0421 0504 WSTCODEC - ok
18:29:14.0468 0504 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
18:29:14.0468 0504 wuauserv - ok
18:29:14.0500 0504 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
18:29:14.0500 0504 WudfPf - ok
18:29:14.0515 0504 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
18:29:14.0531 0504 WudfSvc - ok
18:29:14.0562 0504 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
18:29:14.0578 0504 WZCSVC - ok
18:29:14.0609 0504 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
18:29:14.0609 0504 xmlprov - ok
18:29:14.0625 0504 ================ Scan global ===============================
18:29:14.0656 0504 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
18:29:14.0703 0504 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:29:14.0703 0504 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
18:29:14.0718 0504 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
18:29:14.0734 0504 [Global] - ok
18:29:14.0734 0504 ================ Scan MBR ==================================
18:29:14.0734 0504 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
18:29:14.0734 0504 Suspicious mbr (Forged): \Device\Harddisk0\DR0
18:29:14.0750 0504 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
18:29:14.0750 0504 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
18:29:14.0796 0504 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk2\DR24
18:29:17.0687 0504 \Device\Harddisk2\DR24 - ok
18:29:17.0687 0504 ================ Scan VBR ==================================
18:29:17.0703 0504 [ 2E547BAAEB94F4B5F2CE05172163CB89 ] \Device\Harddisk0\DR0\Partition1
18:29:17.0703 0504 \Device\Harddisk0\DR0\Partition1 - ok
18:29:17.0718 0504 [ 188304D9876029D849C8B1B20C3C580D ] \Device\Harddisk2\DR24\Partition1
18:29:17.0734 0504 \Device\Harddisk2\DR24\Partition1 - ok
18:29:17.0734 0504 ============================================================
18:29:17.0734 0504 Scan finished
18:29:17.0734 0504 ============================================================
18:29:17.0734 2684 Detected object count: 1
18:29:17.0734 2684 Actual detected object count: 1
18:29:23.0375 2684 \Device\Harddisk0\DR0\# - copied to quarantine
18:29:23.0390 2684 \Device\Harddisk0\DR0 - copied to quarantine
18:29:23.0421 2684 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
18:29:23.0437 2684 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:29:23.0437 2684 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:29:23.0453 2684 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:29:23.0468 2684 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:29:23.0468 2684 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
18:29:23.0468 2684 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
18:29:23.0468 2684 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:29:23.0468 2684 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:29:23.0468 2684 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
18:29:23.0484 2684 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
18:29:23.0484 2684 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
18:29:23.0500 2684 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
18:29:23.0515 2684 \Device\Harddisk0\DR0 - ok
18:29:24.0546 2684 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure 
18:29:31.0390 3900 Deinitialize success

18:31:12.0562 0156 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:31:13.0234 0156 ============================================================
18:31:13.0234 0156 Current date / time: 2012/12/09 18:31:13.0234
18:31:13.0234 0156 SystemInfo:
18:31:13.0234 0156 
18:31:13.0234 0156 OS Version: 5.1.2600 ServicePack: 3.0
18:31:13.0234 0156 Product type: Workstation
18:31:13.0234 0156 ComputerName: D16M9M71
18:31:13.0234 0156 UserName: Alexandra Jachimczyk
18:31:13.0234 0156 Windows directory: C:\WINDOWS
18:31:13.0234 0156 System windows directory: C:\WINDOWS
18:31:13.0234 0156 Processor architecture: Intel x86
18:31:13.0234 0156 Number of processors: 2
18:31:13.0234 0156 Page size: 0x1000
18:31:13.0234 0156 Boot type: Normal boot
18:31:13.0234 0156 ============================================================
18:31:27.0921 0156 BG loaded
18:31:29.0000 0156 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:31:29.0015 0156 Drive \Device\Harddisk1\DR4 - Size: 0x3E80000 (0.06 Gb), SectorSize: 0x200, Cylinders: 0x7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:31:29.0031 0156 ============================================================
18:31:29.0031 0156 \Device\Harddisk0\DR0:
18:31:29.0046 0156 MBR partitions:
18:31:29.0046 0156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A0CD7
18:31:29.0046 0156 \Device\Harddisk1\DR4:
18:31:29.0062 0156 MBR partitions:
18:31:29.0062 0156 \Device\Harddisk1\DR4\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1F1E0
18:31:29.0062 0156 ============================================================
18:31:30.0093 0156 C: <-> \Device\Harddisk0\DR0\Partition1
18:31:31.0140 0156 ============================================================
18:31:31.0140 0156 Initialize success
18:31:31.0140 0156 ============================================================


----------



## Cookiegal (Aug 27, 2003)

Is that the entire second log? If it is please run the tool again and post the new log so I can see that the infection was indeed cleared on reboot.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Is that the entire second log? If it is please run the tool again and post the new log so I can see that the infection was indeed cleared on reboot.


I ran the TDSSKiller tool again but for some reason the log did not automatically appear in teh same place as the others. Is there some other place it could have went?


----------



## Cookiegal (Aug 27, 2003)

There's nothing in C:\ that looks like it would be related to TDSSKiller? That's where it should have gone. But look on the desktop too.


----------



## olabola (May 20, 2012)

Cookiegal said:


> There's nothing in C:\ that looks like it would be related to TDSSKiller? That's where it should have gone. But look on the desktop too.


Yes, there is a quarentine folder and the old logs that I posted already.


----------



## olabola (May 20, 2012)

I found this log, but the name looked like one of the old ones, but I am not sure:

18:31:12.0562 0156 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:31:13.0234 0156 ============================================================
18:31:13.0234 0156 Current date / time: 2012/12/09 18:31:13.0234
18:31:13.0234 0156 SystemInfo:
18:31:13.0234 0156 
18:31:13.0234 0156 OS Version: 5.1.2600 ServicePack: 3.0
18:31:13.0234 0156 Product type: Workstation
18:31:13.0234 0156 ComputerName: D16M9M71
18:31:13.0234 0156 UserName: Alexandra Jachimczyk
18:31:13.0234 0156 Windows directory: C:\WINDOWS
18:31:13.0234 0156 System windows directory: C:\WINDOWS
18:31:13.0234 0156 Processor architecture: Intel x86
18:31:13.0234 0156 Number of processors: 2
18:31:13.0234 0156 Page size: 0x1000
18:31:13.0234 0156 Boot type: Normal boot
18:31:13.0234 0156 ============================================================
18:31:27.0921 0156 BG loaded
18:31:29.0000 0156 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:31:29.0015 0156 Drive \Device\Harddisk1\DR4 - Size: 0x3E80000 (0.06 Gb), SectorSize: 0x200, Cylinders: 0x7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:31:29.0031 0156 ============================================================
18:31:29.0031 0156 \Device\Harddisk0\DR0:
18:31:29.0046 0156 MBR partitions:
18:31:29.0046 0156 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A0CD7
18:31:29.0046 0156 \Device\Harddisk1\DR4:
18:31:29.0062 0156 MBR partitions:
18:31:29.0062 0156 \Device\Harddisk1\DR4\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x1F1E0
18:31:29.0062 0156 ============================================================
18:31:30.0093 0156 C: <-> \Device\Harddisk0\DR0\Partition1
18:31:31.0140 0156 ============================================================
18:31:31.0140 0156 Initialize success
18:31:31.0140 0156 ============================================================
19:00:51.0015 2924 ============================================================
19:00:51.0015 2924 Scan started
19:00:51.0015 2924 Mode: Manual; 
19:00:51.0015 2924 ============================================================
19:00:51.0125 2924 ================ Scan system memory ========================
19:00:51.0125 2924 System memory - ok
19:00:51.0125 2924 ================ Scan services =============================
19:00:51.0234 2924 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
19:00:51.0234 2924 !SASCORE - ok
19:00:51.0343 2924 Abiosdsk - ok
19:00:51.0375 2924 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
19:00:51.0375 2924 abp480n5 - ok
19:00:51.0500 2924 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:00:51.0515 2924 ACDaemon - ok
19:00:51.0546 2924 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:00:51.0546 2924 ACPI - ok
19:00:51.0562 2924 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:00:51.0562 2924 ACPIEC - ok
19:00:51.0625 2924 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:00:51.0625 2924 AdobeFlashPlayerUpdateSvc - ok
19:00:51.0656 2924 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
19:00:51.0656 2924 adpu160m - ok
19:00:51.0671 2924 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:00:51.0671 2924 aec - ok
19:00:51.0703 2924 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:00:51.0718 2924 AFD - ok
19:00:51.0750 2924 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
19:00:51.0750 2924 agp440 - ok
19:00:51.0765 2924 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
19:00:51.0765 2924 agpCPQ - ok
19:00:51.0781 2924 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
19:00:51.0781 2924 Aha154x - ok
19:00:51.0812 2924 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
19:00:51.0812 2924 aic78u2 - ok
19:00:51.0828 2924 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
19:00:51.0843 2924 aic78xx - ok
19:00:51.0859 2924 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:00:51.0859 2924 Alerter - ok
19:00:51.0875 2924 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:00:51.0875 2924 ALG - ok
19:00:51.0890 2924 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
19:00:51.0890 2924 AliIde - ok
19:00:51.0906 2924 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
19:00:51.0906 2924 alim1541 - ok
19:00:51.0921 2924 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
19:00:51.0921 2924 amdagp - ok
19:00:51.0953 2924 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
19:00:51.0953 2924 amsint - ok
19:00:52.0046 2924 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:00:52.0046 2924 Apple Mobile Device - ok
19:00:52.0093 2924 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:00:52.0093 2924 AppMgmt - ok
19:00:52.0140 2924 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:00:52.0140 2924 Arp1394 - ok
19:00:52.0156 2924 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
19:00:52.0156 2924 asc - ok
19:00:52.0171 2924 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
19:00:52.0171 2924 asc3350p - ok
19:00:52.0203 2924 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
19:00:52.0203 2924 asc3550 - ok
19:00:52.0296 2924 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:00:52.0343 2924 aspnet_state - ok
19:00:52.0359 2924 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:00:52.0359 2924 AsyncMac - ok
19:00:52.0375 2924 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:00:52.0375 2924 atapi - ok
19:00:52.0390 2924 Atdisk - ok
19:00:52.0421 2924 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:00:52.0421 2924 Atmarpc - ok
19:00:52.0468 2924 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:00:52.0468 2924 AudioSrv - ok
19:00:52.0484 2924 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:00:52.0484 2924 audstub - ok
19:00:52.0515 2924 [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
19:00:52.0515 2924 b57w2k - ok
19:00:52.0546 2924 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:00:52.0546 2924 Beep - ok
19:00:52.0593 2924 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:00:52.0812 2924 BITS - ok
19:00:52.0875 2924 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:00:52.0875 2924 Bonjour Service - ok
19:00:52.0906 2924 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
19:00:52.0906 2924 Browser - ok
19:00:52.0921 2924 bvrp_pci - ok
19:00:52.0953 2924 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
19:00:52.0953 2924 cbidf - ok
19:00:52.0953 2924 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:00:52.0953 2924 cbidf2k - ok
19:00:52.0984 2924 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:00:53.0000 2924 CCDECODE - ok
19:00:53.0015 2924 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
19:00:53.0015 2924 cd20xrnt - ok
19:00:53.0046 2924 [ 841CEFAB8228EE691705D059E7F21C47 ] CdaD10BA C:\WINDOWS\system32\drivers\CdaD10BA.SYS
19:00:53.0046 2924 CdaD10BA - ok
19:00:53.0062 2924 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:00:53.0062 2924 Cdaudio - ok
19:00:53.0078 2924 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:00:53.0078 2924 Cdfs - ok
19:00:53.0109 2924 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:00:53.0125 2924 Cdrom - ok
19:00:53.0125 2924 Changer - ok
19:00:53.0156 2924 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:00:53.0156 2924 CiSvc - ok
19:00:53.0203 2924 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:00:53.0203 2924 ClipSrv - ok
19:00:53.0234 2924 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:00:53.0312 2924 clr_optimization_v2.0.50727_32 - ok
19:00:53.0375 2924 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:00:53.0375 2924 clr_optimization_v4.0.30319_32 - ok
19:00:53.0406 2924 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
19:00:53.0406 2924 CmdIde - ok
19:00:53.0437 2924 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL
19:00:53.0437 2924 COMMONFX.DLL - ok
19:00:53.0437 2924 COMSysApp - ok
19:00:53.0468 2924 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
19:00:53.0468 2924 Cpqarray - ok
19:00:53.0484 2924 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
19:00:53.0484 2924 Creative Service for CDROM Access - ok
19:00:53.0515 2924 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:00:53.0515 2924 CryptSvc - ok
19:00:53.0562 2924 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL
19:00:53.0562 2924 CT20XUT.DLL - ok
19:00:53.0593 2924 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
19:00:53.0609 2924 ctac32k - ok
19:00:53.0640 2924 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
19:00:53.0656 2924 ctaud2k - ok
19:00:53.0703 2924 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL
19:00:53.0703 2924 CTAUDFX.DLL - ok
19:00:53.0750 2924 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
19:00:53.0750 2924 ctdvda2k - ok
19:00:53.0796 2924 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL
19:00:53.0796 2924 CTEAPSFX.DLL - ok
19:00:53.0828 2924 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL
19:00:53.0843 2924 CTEDSPFX.DLL - ok
19:00:53.0875 2924 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL
19:00:53.0890 2924 CTEDSPIO.DLL - ok
19:00:53.0921 2924 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL
19:00:53.0937 2924 CTEDSPSY.DLL - ok
19:00:53.0968 2924 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL
19:00:53.0968 2924 CTERFXFX.DLL - ok
19:00:54.0015 2924 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL
19:00:54.0046 2924 CTEXFIFX.DLL - ok
19:00:54.0078 2924 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL
19:00:54.0078 2924 CTHWIUT.DLL - ok
19:00:54.0109 2924 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
19:00:54.0125 2924 ctprxy2k - ok
19:00:54.0171 2924 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL
19:00:54.0171 2924 CTSBLFX.DLL - ok
19:00:54.0187 2924 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
19:00:54.0187 2924 ctsfm2k - ok
19:00:54.0203 2924 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
19:00:54.0203 2924 dac2w2k - ok
19:00:54.0218 2924 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
19:00:54.0218 2924 dac960nt - ok
19:00:54.0265 2924 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:00:54.0265 2924 DcomLaunch - ok
19:00:54.0312 2924 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:00:54.0312 2924 Dhcp - ok
19:00:54.0343 2924 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:00:54.0343 2924 Disk - ok
19:00:54.0343 2924 dmadmin - ok
19:00:54.0375 2924 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:00:54.0390 2924 dmboot - ok
19:00:54.0406 2924 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:00:54.0406 2924 dmio - ok
19:00:54.0437 2924 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:00:54.0437 2924 dmload - ok
19:00:54.0468 2924 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:00:54.0468 2924 dmserver - ok
19:00:54.0484 2924 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:00:54.0484 2924 DMusic - ok
19:00:54.0515 2924 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:00:54.0515 2924 Dnscache - ok
19:00:54.0546 2924 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:00:54.0562 2924 Dot3svc - ok
19:00:54.0578 2924 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
19:00:54.0578 2924 dpti2o - ok
19:00:54.0593 2924 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:00:54.0593 2924 drmkaud - ok
19:00:54.0625 2924 [ 24646242310499D75C6DB4B32768A3B3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
19:00:54.0625 2924 drvmcdb - ok
19:00:54.0656 2924 [ 2FF629C1C443E25D0149B9DFB77E43A8 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
19:00:54.0656 2924 drvnddm - ok
19:00:54.0671 2924 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:00:54.0671 2924 E100B - ok
19:00:54.0703 2924 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:00:54.0703 2924 EapHost - ok
19:00:54.0765 2924 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
19:00:54.0765 2924 ehRecvr - ok
19:00:54.0796 2924 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
19:00:54.0796 2924 ehSched - ok
19:00:54.0828 2924 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
19:00:54.0828 2924 emupia - ok
19:00:54.0921 2924 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
19:00:54.0921 2924 EpsonCustomerParticipation - ok
19:00:54.0953 2924 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:00:54.0953 2924 ERSvc - ok
19:00:54.0984 2924 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:00:55.0000 2924 Eventlog - ok
19:00:55.0031 2924 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
19:00:55.0031 2924 EventSystem - ok
19:00:55.0046 2924 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:00:55.0046 2924 Fastfat - ok
19:00:55.0078 2924 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:00:55.0093 2924 FastUserSwitchingCompatibility - ok
19:00:55.0109 2924 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
19:00:55.0125 2924 Fax - ok
19:00:55.0156 2924 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:00:55.0156 2924 Fdc - ok
19:00:55.0171 2924 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:00:55.0171 2924 Fips - ok
19:00:55.0187 2924 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:00:55.0187 2924 Flpydisk - ok
19:00:55.0218 2924 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:00:55.0218 2924 FltMgr - ok
19:00:55.0296 2924 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:00:55.0296 2924 FontCache3.0.0.0 - ok
19:00:55.0296 2924 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:00:55.0312 2924 Fs_Rec - ok
19:00:55.0328 2924 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:00:55.0328 2924 Ftdisk - ok
19:00:55.0375 2924 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:00:55.0375 2924 gameenum - ok
19:00:55.0390 2924 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
19:00:55.0390 2924 GEARAspiWDM - ok
19:00:55.0437 2924 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:00:55.0437 2924 Gpc - ok
19:00:55.0531 2924 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:00:55.0531 2924 gupdate - ok
19:00:55.0531 2924 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:00:55.0546 2924 gupdatem - ok
19:00:55.0593 2924 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:00:55.0609 2924 gusvc - ok
19:00:55.0656 2924 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
19:00:55.0656 2924 ha10kx2k - ok
19:00:55.0687 2924 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
19:00:55.0687 2924 hap16v2k - ok
19:00:55.0703 2924 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
19:00:55.0703 2924 hap17v2k - ok
19:00:55.0750 2924 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:00:55.0750 2924 helpsvc - ok
19:00:55.0796 2924 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:00:55.0796 2924 HidServ - ok
19:00:55.0828 2924 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:00:55.0828 2924 HidUsb - ok
19:00:55.0875 2924 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:00:55.0875 2924 hkmsvc - ok
19:00:55.0890 2924 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
19:00:55.0890 2924 hpn - ok
19:00:55.0921 2924 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:00:55.0921 2924 HSFHWBS2 - ok
19:00:55.0968 2924 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:00:55.0984 2924 HSF_DP - ok
19:00:56.0015 2924 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:00:56.0015 2924 HTTP - ok
19:00:56.0031 2924 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:00:56.0031 2924 HTTPFilter - ok
19:00:56.0046 2924 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
19:00:56.0046 2924 i2omgmt - ok
19:00:56.0078 2924 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
19:00:56.0078 2924 i2omp - ok
19:00:56.0093 2924 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:00:56.0093 2924 i8042prt - ok
19:00:56.0156 2924 [ 3277CF101AE78C38B00702D688E37D44 ] IAANTMon C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
19:00:56.0156 2924 IAANTMon - ok
19:00:56.0203 2924 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
19:00:56.0218 2924 iaStor - ok
19:00:56.0296 2924 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:00:56.0312 2924 IDriverT - ok
19:00:56.0406 2924 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:00:56.0421 2924 idsvc - ok
19:00:56.0437 2924 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
19:00:56.0437 2924 Imapi - ok
19:00:56.0468 2924 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
19:00:56.0484 2924 ImapiService - ok
19:00:56.0500 2924 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
19:00:56.0500 2924 ini910u - ok
19:00:56.0515 2924 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
19:00:56.0515 2924 IntelIde - ok
19:00:56.0546 2924 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:00:56.0546 2924 intelppm - ok
19:00:56.0593 2924 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
19:00:56.0609 2924 IntuitUpdateService - ok
19:00:56.0656 2924 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
19:00:56.0671 2924 IntuitUpdateServiceV4 - ok
19:00:56.0687 2924 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:00:56.0687 2924 Ip6Fw - ok
19:00:56.0703 2924 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:00:56.0718 2924 IpFilterDriver - ok
19:00:56.0750 2924 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:00:56.0750 2924 IpInIp - ok
19:00:56.0781 2924 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:00:56.0781 2924 IpNat - ok
19:00:56.0859 2924 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:00:56.0859 2924 iPod Service - ok
19:00:56.0890 2924 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:00:56.0890 2924 IPSec - ok
19:00:56.0890 2924 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:00:56.0890 2924 IRENUM - ok
19:00:56.0937 2924 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:00:56.0937 2924 isapnp - ok
19:00:57.0046 2924 [ A38441ED570F190CC041A7BE49488FA7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:00:57.0062 2924 JavaQuickStarterService - ok
19:00:57.0078 2924 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:00:57.0078 2924 Kbdclass - ok
19:00:57.0109 2924 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:00:57.0109 2924 kbdhid - ok
19:00:57.0125 2924 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:00:57.0140 2924 kmixer - ok
19:00:57.0171 2924 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:00:57.0171 2924 KSecDD - ok
19:00:57.0218 2924 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:00:57.0218 2924 lanmanserver - ok
19:00:57.0265 2924 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:00:57.0265 2924 lanmanworkstation - ok
19:00:57.0265 2924 lbrtfdc - ok
19:00:57.0296 2924 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:00:57.0296 2924 LmHosts - ok
19:00:57.0328 2924 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
19:00:57.0359 2924 ManyCam - ok
19:00:57.0406 2924 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv.sys
19:00:57.0406 2924 mcaudrv_simple - ok
19:00:57.0437 2924 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
19:00:57.0437 2924 McrdSvc - ok
19:00:57.0453 2924 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:00:57.0453 2924 mdmxsdk - ok
19:00:57.0484 2924 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:00:57.0500 2924 Messenger - ok
19:00:57.0515 2924 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
19:00:57.0515 2924 MHN - ok
19:00:57.0531 2924 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
19:00:57.0531 2924 MHNDRV - ok
19:00:57.0562 2924 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:00:57.0562 2924 mnmdd - ok
19:00:57.0593 2924 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
19:00:57.0593 2924 mnmsrvc - ok
19:00:57.0625 2924 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:00:57.0625 2924 Modem - ok
19:00:57.0640 2924 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:00:57.0640 2924 MODEMCSA - ok
19:00:57.0671 2924 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
19:00:57.0671 2924 motmodem - ok
19:00:57.0687 2924 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:00:57.0687 2924 Mouclass - ok
19:00:57.0734 2924 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:00:57.0734 2924 mouhid - ok
19:00:57.0765 2924 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:00:57.0765 2924 MountMgr - ok
19:00:57.0812 2924 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:00:57.0812 2924 MozillaMaintenance - ok
19:00:57.0828 2924 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
19:00:57.0828 2924 mraid35x - ok
19:00:57.0843 2924 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:00:57.0843 2924 MRxDAV - ok
19:00:57.0890 2924 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:00:57.0890 2924 MRxSmb - ok
19:00:57.0953 2924 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
19:00:57.0953 2924 MSCSPTISRV - ok
19:00:57.0984 2924 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
19:00:57.0984 2924 MSDTC - ok
19:00:58.0000 2924 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:00:58.0000 2924 Msfs - ok
19:00:58.0000 2924 MSIServer - ok
19:00:58.0015 2924 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:00:58.0015 2924 MSKSSRV - ok
19:00:58.0015 2924 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:00:58.0031 2924 MSPCLOCK - ok
19:00:58.0031 2924 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:00:58.0031 2924 MSPQM - ok
19:00:58.0078 2924 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:00:58.0078 2924 mssmbios - ok
19:00:58.0093 2924 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:00:58.0093 2924 MSTEE - ok
19:00:58.0140 2924 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:00:58.0140 2924 Mup - ok
19:00:58.0171 2924 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:00:58.0187 2924 NABTSFEC - ok
19:00:58.0218 2924 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:00:58.0218 2924 napagent - ok
19:00:58.0265 2924 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:00:58.0265 2924 NDIS - ok
19:00:58.0281 2924 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:00:58.0296 2924 NdisIP - ok
19:00:58.0328 2924 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:00:58.0328 2924 NdisTapi - ok
19:00:58.0343 2924 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:00:58.0343 2924 Ndisuio - ok
19:00:58.0375 2924 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:00:58.0375 2924 NdisWan - ok
19:00:58.0406 2924 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:00:58.0406 2924 NDProxy - ok
19:00:58.0421 2924 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:00:58.0421 2924 NetBIOS - ok
19:00:58.0453 2924 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:00:58.0453 2924 NetBT - ok
19:00:58.0484 2924 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:00:58.0484 2924 NetDDE - ok
19:00:58.0515 2924 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:00:58.0515 2924 NetDDEdsdm - ok
19:00:58.0546 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:00:58.0546 2924 Netlogon - ok
19:00:58.0562 2924 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:00:58.0562 2924 Netman - ok
19:00:58.0609 2924 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:00:58.0609 2924 NetTcpPortSharing - ok
19:00:58.0640 2924 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:00:58.0640 2924 NIC1394 - ok
19:00:58.0671 2924 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:00:58.0671 2924 Nla - ok
19:00:58.0687 2924 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:00:58.0687 2924 Npfs - ok
19:00:58.0718 2924 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:00:58.0734 2924 Ntfs - ok
19:00:58.0734 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
19:00:58.0734 2924 NtLmSsp - ok
19:00:58.0765 2924 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:00:58.0781 2924 NtmsSvc - ok
19:00:58.0796 2924 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:00:58.0796 2924 Null - ok
19:00:58.0890 2924 [ AAA6DAAC20C08FDA35498515AD6C69C3 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:00:58.0906 2924 nv - ok
19:00:58.0937 2924 [ 5C554286925944E5EF1B0105AB9B59E8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
19:00:58.0953 2924 NVSvc - ok
19:00:58.0968 2924 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:00:58.0968 2924 NwlnkFlt - ok
19:00:58.0968 2924 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:00:58.0984 2924 NwlnkFwd - ok
19:00:59.0015 2924 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:00:59.0015 2924 ohci1394 - ok
19:00:59.0046 2924  [ 53D5F1278D9EDB21689BBBCECC09108D ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
19:00:59.0046 2924 omci - ok
19:00:59.0078 2924 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
19:00:59.0078 2924 ossrv - ok
19:00:59.0109 2924 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:00:59.0125 2924 PACSPTISVR - ok
19:00:59.0140 2924 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:00:59.0140 2924 Parport - ok
19:00:59.0156 2924 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:00:59.0156 2924 PartMgr - ok
19:00:59.0171 2924 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:00:59.0171 2924 ParVdm - ok
19:00:59.0187 2924 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:00:59.0187 2924 PCI - ok
19:00:59.0203 2924 PCIDump - ok
19:00:59.0218 2924 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:00:59.0218 2924 PCIIde - ok
19:00:59.0265 2924 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:00:59.0265 2924 Pcmcia - ok
19:00:59.0265 2924 PDCOMP - ok
19:00:59.0281 2924 PDFRAME - ok
19:00:59.0281 2924 PDRELI - ok
19:00:59.0296 2924 PDRFRAME - ok
19:00:59.0312 2924 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
19:00:59.0312 2924 perc2 - ok
19:00:59.0328 2924 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
19:00:59.0328 2924 perc2hib - ok
19:00:59.0359 2924 [ 6DABB70783EF470492ADB7B9A6E60BF3 ] PfModNT C:\WINDOWS\system32\drivers\PfModNT.sys
19:00:59.0359 2924 PfModNT - ok
19:00:59.0375 2924 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:00:59.0390 2924 PlugPlay - ok
19:00:59.0406 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
19:00:59.0406 2924 PolicyAgent - ok
19:00:59.0437 2924 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:00:59.0437 2924 PptpMiniport - ok
19:00:59.0437 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:00:59.0453 2924 ProtectedStorage - ok
19:00:59.0468 2924 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:00:59.0468 2924 PSched - ok
19:00:59.0484 2924 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:00:59.0484 2924 Ptilink - ok
19:00:59.0515 2924 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
19:00:59.0531 2924 PxHelp20 - ok
19:00:59.0546 2924 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
19:00:59.0546 2924 ql1080 - ok
19:00:59.0562 2924 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
19:00:59.0562 2924 Ql10wnt - ok
19:00:59.0578 2924 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
19:00:59.0578 2924 ql12160 - ok
19:00:59.0593 2924 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
19:00:59.0593 2924 ql1240 - ok
19:00:59.0609 2924 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
19:00:59.0609 2924 ql1280 - ok
19:00:59.0625 2924 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:00:59.0625 2924 RasAcd - ok
19:00:59.0671 2924 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:00:59.0671 2924 RasAuto - ok
19:00:59.0687 2924 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:00:59.0687 2924 Rasl2tp - ok
19:00:59.0718 2924 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:00:59.0718 2924 RasMan - ok
19:00:59.0734 2924 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:00:59.0734 2924 RasPppoe - ok
19:00:59.0750 2924 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:00:59.0750 2924 Raspti - ok
19:00:59.0765 2924 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:00:59.0765 2924 Rdbss - ok
19:00:59.0796 2924 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:00:59.0796 2924 RDPCDD - ok
19:00:59.0812 2924 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:00:59.0812 2924 rdpdr - ok
19:00:59.0859 2924 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:00:59.0859 2924 RDPWD - ok
19:00:59.0906 2924 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:00:59.0906 2924 RDSessMgr - ok
19:00:59.0921 2924 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:00:59.0921 2924 redbook - ok
19:00:59.0953 2924 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:00:59.0953 2924 RemoteAccess - ok
19:00:59.0984 2924 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:00:59.0984 2924 RemoteRegistry - ok
19:01:00.0000 2924 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
19:01:00.0000 2924 RpcLocator - ok
19:01:00.0031 2924 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:01:00.0031 2924 RpcSs - ok
19:01:00.0062 2924 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
19:01:00.0078 2924 RSVP - ok
19:01:00.0093 2924 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:01:00.0093 2924 SamSs - ok
19:01:00.0156 2924 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
19:01:00.0156 2924 SASDIFSV - ok
19:01:00.0171 2924 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
19:01:00.0171 2924 SASKUTIL - ok
19:01:00.0203 2924 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:01:00.0218 2924 SCardSvr - ok
19:01:00.0250 2924 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:01:00.0265 2924 Schedule - ok
19:01:00.0281 2924 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:01:00.0296 2924 Secdrv - ok
19:01:00.0328 2924 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:01:00.0328 2924 seclogon - ok
19:01:00.0343 2924 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:01:00.0359 2924 SENS - ok
19:01:00.0390 2924 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:01:00.0390 2924 serenum - ok
19:01:00.0406 2924 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:01:00.0406 2924 Serial - ok
19:01:00.0421 2924 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:01:00.0421 2924 Sfloppy - ok
19:01:00.0468 2924 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:01:00.0468 2924 SharedAccess - ok
19:01:00.0484 2924 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:01:00.0484 2924 ShellHWDetection - ok
19:01:00.0500 2924 Simbad - ok
19:01:00.0531 2924 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
19:01:00.0531 2924 sisagp - ok
19:01:00.0546 2924 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:01:00.0546 2924 SLIP - ok
19:01:00.0578 2924 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
19:01:00.0578 2924 Sparrow - ok
19:01:00.0609 2924 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:01:00.0609 2924 splitter - ok
19:01:00.0656 2924 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:01:00.0656 2924 Spooler - ok
19:01:00.0687 2924 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
19:01:00.0687 2924 SPTISRV - ok
19:01:00.0718 2924 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:01:00.0718 2924 sr - ok
19:01:00.0750 2924 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
19:01:00.0750 2924 srservice - ok
19:01:00.0796 2924 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:01:00.0796 2924 Srv - ok
19:01:00.0843 2924 [ 1CBD1B58A32DE97899F5290B05F856DB ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
19:01:00.0843 2924 sscdbhk5 - ok
19:01:00.0859 2924 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:01:00.0859 2924 SSDPSRV - ok
19:01:00.0890 2924 [ 7FB07AC152D7A87E66204860002BD9A4 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
19:01:00.0890 2924 ssrtln - ok
19:01:00.0921 2924 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:01:00.0921 2924 stisvc - ok
19:01:00.0937 2924 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:01:00.0953 2924 streamip - ok
19:01:01.0000 2924 [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
19:01:01.0000 2924 SupportSoft RemoteAssist - ok
19:01:01.0046 2924 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:01:01.0046 2924 swenum - ok
19:01:01.0062 2924 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:01:01.0062 2924 swmidi - ok
19:01:01.0062 2924 SwPrv - ok
19:01:01.0093 2924 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
19:01:01.0093 2924 symc810 - ok
19:01:01.0109 2924 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
19:01:01.0109 2924 symc8xx - ok
19:01:01.0109 2924 SymIM - ok
19:01:01.0125 2924 SymIMMP - ok
19:01:01.0203 2924 SYMTDI - ok
19:01:01.0203 2924 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
19:01:01.0218 2924 sym_hi - ok
19:01:01.0218 2924 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
19:01:01.0218 2924 sym_u3 - ok
19:01:01.0234 2924 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:01:01.0234 2924 sysaudio - ok
19:01:01.0281 2924 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:01:01.0296 2924 SysmonLog - ok
19:01:01.0312 2924 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:01:01.0312 2924 TapiSrv - ok
19:01:01.0359 2924 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:01:01.0359 2924 Tcpip - ok
19:01:01.0375 2924 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:01:01.0375 2924 TDPIPE - ok
19:01:01.0421 2924 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:01:01.0421 2924 TDTCP - ok
19:01:01.0437 2924 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:01:01.0437 2924 TermDD - ok
19:01:01.0453 2924 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:01:01.0468 2924 TermService - ok
19:01:01.0531 2924 [ C89DAABDFF5BD984181F45ADF6DDB24A ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
19:01:01.0531 2924 tfsnboio - ok
19:01:01.0531 2924 [ F093906C27FC9C59BD03D84807266107 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
19:01:01.0531 2924 tfsncofs - ok
19:01:01.0546 2924 [ 9294575CDAD17D1DADFCD98A2CA26E7A ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
19:01:01.0546 2924 tfsndrct - ok
19:01:01.0562 2924 [ CDCC394CBAAC183F9BDEBF6D2F97C5C6 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
19:01:01.0562 2924 tfsndres - ok
19:01:01.0578 2924 [ 0A6C7C989DD76BB8989FD958AC5601D0 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
19:01:01.0578 2924 tfsnifs - ok
19:01:01.0593 2924 [ 92A17C0D73500F9B9C3028DA9E4CDBA6 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
19:01:01.0593 2924 tfsnopio - ok
19:01:01.0609 2924 [ 15AB1A2BB2B35EB1DCDA39405114AFC6 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
19:01:01.0609 2924 tfsnpool - ok
19:01:01.0625 2924 [ 370D2779668BF3B8D14F34356C41AB9C ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
19:01:01.0625 2924 tfsnudf - ok
19:01:01.0640 2924 [ 4564799868C4BCDF28C8EFC6D4C48C4B ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
19:01:01.0640 2924 tfsnudfa - ok
19:01:01.0656 2924 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:01:01.0671 2924 Themes - ok
19:01:01.0703 2924 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
19:01:01.0703 2924 TlntSvr - ok
19:01:01.0750 2924 TomTomHOMEService - ok
19:01:01.0750 2924 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
19:01:01.0750 2924 TosIde - ok
19:01:01.0796 2924 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:01:01.0796 2924 TrkWks - ok
19:01:01.0812 2924 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:01:01.0828 2924 Udfs - ok
19:01:01.0843 2924 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
19:01:01.0843 2924 ultra - ok
19:01:01.0890 2924 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:01:01.0890 2924 Update - ok
19:01:01.0921 2924 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:01:01.0937 2924 upnphost - ok
19:01:01.0953 2924 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:01:01.0953 2924 UPS - ok
19:01:01.0984 2924 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
19:01:01.0984 2924 USBAAPL - ok
19:01:02.0015 2924 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:01:02.0015 2924 usbaudio - ok
19:01:02.0046 2924 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:01:02.0046 2924 usbccgp - ok
19:01:02.0062 2924 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:01:02.0062 2924 usbehci - ok
19:01:02.0078 2924 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:01:02.0078 2924 usbhub - ok
19:01:02.0093 2924 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:01:02.0093 2924 usbprint - ok
19:01:02.0125 2924 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:01:02.0125 2924 usbscan - ok
19:01:02.0140 2924 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:01:02.0140 2924 USBSTOR - ok
19:01:02.0187 2924 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:01:02.0187 2924 usbuhci - ok
19:01:02.0218 2924 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
19:01:02.0218 2924 usbvideo - ok
19:01:02.0234 2924 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:01:02.0234 2924 VgaSave - ok
19:01:02.0250 2924 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
19:01:02.0250 2924 viaagp - ok
19:01:02.0265 2924 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
19:01:02.0265 2924 ViaIde - ok
19:01:02.0328 2924 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
19:01:02.0328 2924 Viewpoint Manager Service - ok
19:01:02.0343 2924 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:01:02.0343 2924 VolSnap - ok
19:01:02.0375 2924 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:01:02.0390 2924 VSS - ok
19:01:02.0406 2924 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
19:01:02.0406 2924 w32time - ok
19:01:02.0437 2924 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:01:02.0437 2924 Wanarp - ok
19:01:02.0468 2924 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
19:01:02.0468 2924 wanatw - ok
19:01:02.0515 2924 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
19:01:02.0531 2924 Wdf01000 - ok
19:01:02.0531 2924 WDICA - ok
19:01:02.0546 2924 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:01:02.0546 2924 wdmaud - ok
19:01:02.0562 2924 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:01:02.0562 2924 WebClient - ok
19:01:02.0609 2924 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:01:02.0625 2924 winachsf - ok
19:01:02.0687 2924 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:01:02.0687 2924 winmgmt - ok
19:01:02.0812 2924 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:01:02.0859 2924 wlidsvc - ok
19:01:02.0890 2924 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:01:02.0906 2924 WmdmPmSN - ok
19:01:02.0937 2924 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
19:01:02.0937 2924 Wmi - ok
19:01:02.0968 2924 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
19:01:02.0968 2924 WmiApSrv - ok
19:01:03.0046 2924 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
19:01:03.0046 2924 WMPNetworkSvc - ok
19:01:03.0078 2924 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
19:01:03.0078 2924 WpdUsb - ok
19:01:03.0171 2924 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:01:03.0187 2924 WPFFontCache_v0400 - ok
19:01:03.0234 2924 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:01:03.0234 2924 wscsvc - ok
19:01:03.0234 2924 WSearch - ok
19:01:03.0265 2924 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:01:03.0265 2924 WSTCODEC - ok
19:01:03.0296 2924 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:01:03.0312 2924 wuauserv - ok
19:01:03.0359 2924 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:01:03.0359 2924 WudfPf - ok
19:01:03.0375 2924 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
19:01:03.0375 2924 WudfSvc - ok
19:01:03.0421 2924 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:01:03.0437 2924 WZCSVC - ok
19:01:03.0453 2924 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:01:03.0546 2924 xmlprov - ok
19:01:03.0562 2924 ================ Scan global ===============================
19:01:03.0578 2924 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:01:03.0625 2924 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:01:03.0640 2924 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:01:03.0640 2924 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:01:03.0656 2924 [Global] - ok
19:01:03.0656 2924 ================ Scan MBR ==================================
19:01:03.0656 2924 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
19:01:03.0812 2924 \Device\Harddisk0\DR0 - ok
19:01:03.0828 2924 ================ Scan VBR ==================================
19:01:03.0828 2924 [ 2E547BAAEB94F4B5F2CE05172163CB89 ] \Device\Harddisk0\DR0\Partition1
19:01:03.0828 2924 \Device\Harddisk0\DR0\Partition1 - ok
19:01:03.0843 2924 ============================================================
19:01:03.0843 2924 Scan finished
19:01:03.0843 2924 ============================================================
19:01:03.0843 0856 Detected object count: 0
19:01:03.0843 0856 Actual detected object count: 0
19:05:54.0921 1900 Deinitialize success


----------



## Cookiegal (Aug 27, 2003)

OK, we'll find out other ways if it's removed the infection.

Please try your Internet connection and see if you can connect.


----------



## olabola (May 20, 2012)

Should I scan again to be safe?


----------



## olabola (May 20, 2012)

Cookiegal said:


> OK, we'll find out other ways if it's removed the infection.
> 
> Please try your Internet connection and see if you can connect.


Neither IE or Firefox are connecting to the internet.


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Should I scan again to be safe?


Try TDSSKiller one more time and then we'll move on to something else.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Try TDSSKiller one more time and then we'll move on to something else.


20:04:16.0406 2268 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
20:04:16.0421 2268 ============================================================
20:04:16.0421 2268 Current date / time: 2012/12/09 20:04:16.0421
20:04:16.0421 2268 SystemInfo:
20:04:16.0421 2268 
20:04:16.0421 2268 OS Version: 5.1.2600 ServicePack: 3.0
20:04:16.0421 2268 Product type: Workstation
20:04:16.0421 2268 ComputerName: D16M9M71
20:04:16.0421 2268 UserName: Alexandra Jachimczyk
20:04:16.0421 2268 Windows directory: C:\WINDOWS
20:04:16.0421 2268 System windows directory: C:\WINDOWS
20:04:16.0421 2268 Processor architecture: Intel x86
20:04:16.0421 2268 Number of processors: 2
20:04:16.0421 2268 Page size: 0x1000
20:04:16.0421 2268 Boot type: Normal boot
20:04:16.0421 2268 ============================================================
20:04:16.0484 2268 BG loaded
20:04:16.0796 2268 Drive \Device\Harddisk0\DR0 - Size: 0x2540BE4000 (149.01 Gb), SectorSize: 0x200, Cylinders: 0x4BFC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:04:16.0812 2268 ============================================================
20:04:16.0812 2268 \Device\Harddisk0\DR0:
20:04:16.0812 2268 MBR partitions:
20:04:16.0812 2268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x120A0CD7
20:04:16.0812 2268 ============================================================
20:04:16.0843 2268 C: <-> \Device\Harddisk0\DR0\Partition1
20:04:16.0843 2268 ============================================================
20:04:16.0843 2268 Initialize success
20:04:16.0843 2268 ============================================================
20:04:18.0140 2372 ============================================================
20:04:18.0140 2372 Scan started
20:04:18.0140 2372 Mode: Manual; 
20:04:18.0140 2372 ============================================================
20:04:18.0406 2372 ================ Scan system memory ========================
20:04:18.0421 2372 System memory - ok
20:04:18.0421 2372 ================ Scan services =============================
20:04:18.0515 2372 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:04:18.0515 2372 !SASCORE - ok
20:04:18.0656 2372 Abiosdsk - ok
20:04:18.0687 2372 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:04:18.0687 2372 abp480n5 - ok
20:04:18.0796 2372 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:04:18.0796 2372 ACDaemon - ok
20:04:18.0828 2372 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:04:18.0828 2372 ACPI - ok
20:04:18.0859 2372 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
20:04:18.0859 2372 ACPIEC - ok
20:04:18.0906 2372 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:04:18.0906 2372 AdobeFlashPlayerUpdateSvc - ok
20:04:18.0921 2372 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:04:18.0937 2372 adpu160m - ok
20:04:18.0953 2372 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
20:04:18.0953 2372 aec - ok
20:04:19.0000 2372 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
20:04:19.0000 2372 AFD - ok
20:04:19.0031 2372 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
20:04:19.0031 2372 agp440 - ok
20:04:19.0046 2372 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:04:19.0046 2372 agpCPQ - ok
20:04:19.0062 2372 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:04:19.0062 2372 Aha154x - ok
20:04:19.0078 2372 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:04:19.0078 2372 aic78u2 - ok
20:04:19.0093 2372 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:04:19.0093 2372 aic78xx - ok
20:04:19.0125 2372 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
20:04:19.0125 2372 Alerter - ok
20:04:19.0140 2372 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
20:04:19.0140 2372 ALG - ok
20:04:19.0156 2372 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
20:04:19.0156 2372 AliIde - ok
20:04:19.0171 2372 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:04:19.0171 2372 alim1541 - ok
20:04:19.0187 2372 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:04:19.0187 2372 amdagp - ok
20:04:19.0203 2372 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
20:04:19.0203 2372 amsint - ok
20:04:19.0296 2372 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:04:19.0296 2372 Apple Mobile Device - ok
20:04:19.0328 2372 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
20:04:19.0328 2372 AppMgmt - ok
20:04:19.0375 2372 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:04:19.0375 2372 Arp1394 - ok
20:04:19.0390 2372 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
20:04:19.0390 2372 asc - ok
20:04:19.0406 2372 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:04:19.0406 2372 asc3350p - ok
20:04:19.0421 2372 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:04:19.0437 2372 asc3550 - ok
20:04:19.0531 2372 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:04:19.0531 2372 aspnet_state - ok
20:04:19.0546 2372 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:04:19.0546 2372 AsyncMac - ok
20:04:19.0562 2372 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
20:04:19.0562 2372 atapi - ok
20:04:19.0562 2372 Atdisk - ok
20:04:19.0609 2372 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:04:19.0609 2372 Atmarpc - ok
20:04:19.0640 2372 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
20:04:19.0640 2372 AudioSrv - ok
20:04:19.0656 2372 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
20:04:19.0656 2372 audstub - ok
20:04:19.0687 2372 [ 4826FCF97C47B361A2E2F68CD487A19E ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
20:04:19.0687 2372 b57w2k - ok
20:04:19.0703 2372 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
20:04:19.0703 2372 Beep - ok
20:04:19.0750 2372 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
20:04:19.0750 2372 BITS - ok
20:04:19.0812 2372 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:04:19.0828 2372 Bonjour Service - ok
20:04:19.0843 2372 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
20:04:19.0859 2372 Browser - ok
20:04:19.0859 2372 bvrp_pci - ok
20:04:19.0875 2372 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:04:19.0875 2372 cbidf - ok
20:04:19.0890 2372 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
20:04:19.0890 2372 cbidf2k - ok
20:04:19.0906 2372 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:04:19.0906 2372 CCDECODE - ok
20:04:19.0921 2372 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:04:19.0921 2372 cd20xrnt - ok
20:04:19.0953 2372 [ 841CEFAB8228EE691705D059E7F21C47 ] CdaD10BA C:\WINDOWS\system32\drivers\CdaD10BA.SYS
20:04:19.0953 2372 CdaD10BA - ok
20:04:19.0968 2372 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
20:04:19.0968 2372 Cdaudio - ok
20:04:19.0984 2372 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
20:04:19.0984 2372 Cdfs - ok
20:04:20.0015 2372 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:04:20.0015 2372 Cdrom - ok
20:04:20.0015 2372 Changer - ok
20:04:20.0062 2372 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
20:04:20.0062 2372 CiSvc - ok
20:04:20.0093 2372 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
20:04:20.0093 2372 ClipSrv - ok
20:04:20.0125 2372 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:04:20.0140 2372 clr_optimization_v2.0.50727_32 - ok
20:04:20.0203 2372 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:04:20.0203 2372 clr_optimization_v4.0.30319_32 - ok
20:04:20.0234 2372 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:04:20.0234 2372 CmdIde - ok
20:04:20.0265 2372 [ 1EF05B641E9A67DED74AC8AD40055DBF ] COMMONFX.DLL C:\WINDOWS\system32\COMMONFX.DLL
20:04:20.0265 2372 COMMONFX.DLL - ok
20:04:20.0296 2372 COMSysApp - ok
20:04:20.0296 2372 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:04:20.0296 2372 Cpqarray - ok
20:04:20.0328 2372 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
20:04:20.0328 2372 Creative Service for CDROM Access - ok
20:04:20.0359 2372 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
20:04:20.0359 2372 CryptSvc - ok
20:04:20.0406 2372 [ 6191A973461852A09D643609E1D5F7C6 ] CT20XUT.DLL C:\WINDOWS\system32\CT20XUT.DLL
20:04:20.0406 2372 CT20XUT.DLL - ok
20:04:20.0437 2372 [ 8AC5F77E30E37D2D11BD99EFF0C53D8C ] ctac32k C:\WINDOWS\system32\drivers\ctac32k.sys
20:04:20.0437 2372 ctac32k - ok
20:04:20.0484 2372 [ 673241D314E932F4890509AE8EBF26DB ] ctaud2k C:\WINDOWS\system32\drivers\ctaud2k.sys
20:04:20.0484 2372 ctaud2k - ok
20:04:20.0531 2372 [ 472B82D7E549E7FAB428852E4D16F21D ] CTAUDFX.DLL C:\WINDOWS\system32\CTAUDFX.DLL
20:04:20.0531 2372 CTAUDFX.DLL - ok
20:04:20.0578 2372 [ ED316D4C3D39C5B6C23DE067E275C183 ] ctdvda2k C:\WINDOWS\system32\drivers\ctdvda2k.sys
20:04:20.0578 2372 ctdvda2k - ok
20:04:20.0593 2372 [ 6A57F82009563AEE8826F117E1D3C72C ] CTEAPSFX.DLL C:\WINDOWS\system32\CTEAPSFX.DLL
20:04:20.0593 2372 CTEAPSFX.DLL - ok
20:04:20.0625 2372 [ C8AC1FFAEADD655193D7B1811A572D8D ] CTEDSPFX.DLL C:\WINDOWS\system32\CTEDSPFX.DLL
20:04:20.0625 2372 CTEDSPFX.DLL - ok
20:04:20.0640 2372 [ 44495D9DAF675257D00B25B041EE6667 ] CTEDSPIO.DLL C:\WINDOWS\system32\CTEDSPIO.DLL
20:04:20.0640 2372 CTEDSPIO.DLL - ok
20:04:20.0671 2372 [ 8E90B1762CB42E2FC76DAC9210C83C66 ] CTEDSPSY.DLL C:\WINDOWS\system32\CTEDSPSY.DLL
20:04:20.0671 2372 CTEDSPSY.DLL - ok
20:04:20.0687 2372 [ D3FBD9983325435B06795F29CB57ED3D ] CTERFXFX.DLL C:\WINDOWS\system32\CTERFXFX.DLL
20:04:20.0687 2372 CTERFXFX.DLL - ok
20:04:20.0734 2372 [ 2C48E9D8CA703964463F27AE341115B7 ] CTEXFIFX.DLL C:\WINDOWS\system32\CTEXFIFX.DLL
20:04:20.0734 2372 CTEXFIFX.DLL - ok
20:04:20.0765 2372 [ F7657C598E7C29C6683C1E4A8DD68884 ] CTHWIUT.DLL C:\WINDOWS\system32\CTHWIUT.DLL
20:04:20.0781 2372 CTHWIUT.DLL - ok
20:04:20.0812 2372 [ 34E7F8A499FD8361DF14FEDB724C0AD3 ] ctprxy2k C:\WINDOWS\system32\drivers\ctprxy2k.sys
20:04:20.0812 2372 ctprxy2k - ok
20:04:20.0859 2372 [ 679AE21EB7F48A08184813AEBABDEC7C ] CTSBLFX.DLL C:\WINDOWS\system32\CTSBLFX.DLL
20:04:20.0859 2372 CTSBLFX.DLL - ok
20:04:20.0890 2372 [ 32098497CB4DFE9EA7660FA62DD91060 ] ctsfm2k C:\WINDOWS\system32\drivers\ctsfm2k.sys
20:04:20.0906 2372 ctsfm2k - ok
20:04:20.0906 2372 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:04:20.0906 2372 dac2w2k - ok
20:04:20.0921 2372 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:04:20.0921 2372 dac960nt - ok
20:04:20.0984 2372 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
20:04:21.0000 2372 DcomLaunch - ok
20:04:21.0031 2372 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
20:04:21.0031 2372 Dhcp - ok
20:04:21.0062 2372 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
20:04:21.0062 2372 Disk - ok
20:04:21.0062 2372 dmadmin - ok
20:04:21.0125 2372 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
20:04:21.0125 2372 dmboot - ok
20:04:21.0171 2372 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
20:04:21.0171 2372 dmio - ok
20:04:21.0187 2372 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
20:04:21.0187 2372 dmload - ok
20:04:21.0218 2372 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
20:04:21.0218 2372 dmserver - ok
20:04:21.0234 2372 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
20:04:21.0234 2372 DMusic - ok
20:04:21.0265 2372 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
20:04:21.0265 2372 Dnscache - ok
20:04:21.0296 2372 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
20:04:21.0296 2372 Dot3svc - ok
20:04:21.0328 2372 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:04:21.0328 2372 dpti2o - ok
20:04:21.0359 2372 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
20:04:21.0359 2372 drmkaud - ok
20:04:21.0406 2372 [ 24646242310499D75C6DB4B32768A3B3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
20:04:21.0406 2372 drvmcdb - ok
20:04:21.0421 2372 [ 2FF629C1C443E25D0149B9DFB77E43A8 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
20:04:21.0421 2372 drvnddm - ok
20:04:21.0437 2372 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:04:21.0437 2372 E100B - ok
20:04:21.0468 2372 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
20:04:21.0468 2372 EapHost - ok
20:04:21.0531 2372 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
20:04:21.0531 2372 ehRecvr - ok
20:04:21.0562 2372 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
20:04:21.0562 2372 ehSched - ok
20:04:21.0625 2372 [ 2885F72D2DAFFD0329272F12E16D6579 ] emupia C:\WINDOWS\system32\drivers\emupia2k.sys
20:04:21.0625 2372 emupia - ok
20:04:21.0765 2372 [ B78436CA173FF723A1EACE5CD4900375 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
20:04:21.0765 2372 EpsonCustomerParticipation - ok
20:04:21.0796 2372 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
20:04:21.0796 2372 ERSvc - ok
20:04:21.0828 2372 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
20:04:21.0828 2372 Eventlog - ok
20:04:21.0875 2372 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
20:04:21.0875 2372 EventSystem - ok
20:04:21.0890 2372 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
20:04:21.0890 2372 Fastfat - ok
20:04:21.0921 2372 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:04:21.0921 2372 FastUserSwitchingCompatibility - ok
20:04:21.0953 2372 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
20:04:21.0953 2372 Fax - ok
20:04:21.0984 2372 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
20:04:22.0000 2372 Fdc - ok
20:04:22.0015 2372 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
20:04:22.0015 2372 Fips - ok
20:04:22.0031 2372 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:04:22.0031 2372 Flpydisk - ok
20:04:22.0062 2372 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
20:04:22.0062 2372 FltMgr - ok
20:04:22.0125 2372 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:04:22.0125 2372 FontCache3.0.0.0 - ok
20:04:22.0140 2372 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:04:22.0140 2372 Fs_Rec - ok
20:04:22.0156 2372 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:04:22.0171 2372 Ftdisk - ok
20:04:22.0203 2372 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
20:04:22.0203 2372 gameenum - ok
20:04:22.0234 2372 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
20:04:22.0234 2372 GEARAspiWDM - ok
20:04:22.0265 2372 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:04:22.0265 2372 Gpc - ok
20:04:22.0359 2372 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
20:04:22.0359 2372 gupdate - ok
20:04:22.0359 2372 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
20:04:22.0359 2372 gupdatem - ok
20:04:22.0437 2372 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:04:22.0437 2372 gusvc - ok
20:04:22.0484 2372 [ DA2C735B66D2E7B739F9A46146581A9D ] ha10kx2k C:\WINDOWS\system32\drivers\ha10kx2k.sys
20:04:22.0484 2372 ha10kx2k - ok
20:04:22.0515 2372 [ 5C7D6D68796E4621B4168C879908DAE0 ] hap16v2k C:\WINDOWS\system32\drivers\hap16v2k.sys
20:04:22.0515 2372 hap16v2k - ok
20:04:22.0546 2372 [ A595B88AD16D8B5693DDF08113CAF30E ] hap17v2k C:\WINDOWS\system32\drivers\hap17v2k.sys
20:04:22.0546 2372 hap17v2k - ok
20:04:22.0593 2372 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:04:22.0593 2372 helpsvc - ok
20:04:22.0640 2372 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
20:04:22.0640 2372 HidServ - ok
20:04:22.0671 2372 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:04:22.0671 2372 HidUsb - ok
20:04:22.0703 2372 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
20:04:22.0718 2372 hkmsvc - ok
20:04:22.0734 2372 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
20:04:22.0734 2372 hpn - ok
20:04:22.0750 2372 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
20:04:22.0750 2372 HSFHWBS2 - ok
20:04:22.0812 2372 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
20:04:22.0828 2372 HSF_DP - ok
20:04:22.0875 2372 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
20:04:22.0875 2372 HTTP - ok
20:04:22.0906 2372 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
20:04:22.0906 2372 HTTPFilter - ok
20:04:22.0921 2372 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
20:04:22.0921 2372 i2omgmt - ok
20:04:22.0953 2372 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:04:22.0953 2372 i2omp - ok
20:04:22.0968 2372 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:04:22.0968 2372 i8042prt - ok
20:04:23.0031 2372 [ 3277CF101AE78C38B00702D688E37D44 ] IAANTMon C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe
20:04:23.0031 2372 IAANTMon - ok
20:04:23.0078 2372 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
20:04:23.0093 2372 iaStor - ok
20:04:23.0187 2372 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
20:04:23.0187 2372 IDriverT - ok
20:04:23.0265 2372 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:04:23.0265 2372 idsvc - ok
20:04:23.0296 2372 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
20:04:23.0296 2372 Imapi - ok
20:04:23.0328 2372 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
20:04:23.0328 2372 ImapiService - ok
20:04:23.0359 2372 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:04:23.0359 2372 ini910u - ok
20:04:23.0375 2372 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
20:04:23.0375 2372 IntelIde - ok
20:04:23.0406 2372 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:04:23.0406 2372 intelppm - ok
20:04:23.0453 2372 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
20:04:23.0453 2372 IntuitUpdateService - ok
20:04:23.0515 2372 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
20:04:23.0515 2372 IntuitUpdateServiceV4 - ok
20:04:23.0531 2372 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
20:04:23.0546 2372 Ip6Fw - ok
20:04:23.0562 2372 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:04:23.0562 2372 IpFilterDriver - ok
20:04:23.0593 2372 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:04:23.0609 2372 IpInIp - ok
20:04:23.0625 2372 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:04:23.0625 2372 IpNat - ok
20:04:23.0703 2372 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:04:23.0703 2372 iPod Service - ok
20:04:23.0718 2372 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:04:23.0734 2372 IPSec - ok
20:04:23.0734 2372 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
20:04:23.0734 2372 IRENUM - ok
20:04:23.0781 2372 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:04:23.0781 2372 isapnp - ok
20:04:23.0890 2372 [ A38441ED570F190CC041A7BE49488FA7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:04:23.0890 2372 JavaQuickStarterService - ok
20:04:23.0921 2372 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:04:23.0921 2372 Kbdclass - ok
20:04:23.0953 2372 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:04:23.0953 2372 kbdhid - ok
20:04:23.0968 2372 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
20:04:23.0968 2372 kmixer - ok
20:04:24.0015 2372 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
20:04:24.0015 2372 KSecDD - ok
20:04:24.0046 2372 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
20:04:24.0046 2372 lanmanserver - ok
20:04:24.0093 2372 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:04:24.0093 2372 lanmanworkstation - ok
20:04:24.0093 2372 lbrtfdc - ok
20:04:24.0140 2372 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
20:04:24.0140 2372 LmHosts - ok
20:04:24.0171 2372 [ 8E17D513D8011B0EE03C355EAAB0E0CC ] ManyCam C:\WINDOWS\system32\DRIVERS\mcvidrv.sys
20:04:24.0171 2372 ManyCam - ok
20:04:24.0203 2372 [ 562D95E00E14A944DEBE655DECBD3F5B ] mcaudrv_simple C:\WINDOWS\system32\drivers\mcaudrv.sys
20:04:24.0203 2372 mcaudrv_simple - ok
20:04:24.0250 2372 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
20:04:24.0250 2372 McrdSvc - ok
20:04:24.0265 2372 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:04:24.0265 2372 mdmxsdk - ok
20:04:24.0312 2372 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
20:04:24.0312 2372 Messenger - ok
20:04:24.0312 2372 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
20:04:24.0312 2372 MHN - ok
20:04:24.0328 2372 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:04:24.0328 2372 MHNDRV - ok
20:04:24.0359 2372 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
20:04:24.0359 2372 mnmdd - ok
20:04:24.0406 2372 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
20:04:24.0406 2372 mnmsrvc - ok
20:04:24.0437 2372 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
20:04:24.0437 2372 Modem - ok
20:04:24.0453 2372 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
20:04:24.0453 2372 MODEMCSA - ok
20:04:24.0484 2372 [ FE80C18BA448DDD76B7BEAD9EB203D37 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys
20:04:24.0484 2372 motmodem - ok
20:04:24.0500 2372 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:04:24.0500 2372 Mouclass - ok
20:04:24.0531 2372 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:04:24.0531 2372 mouhid - ok
20:04:24.0562 2372 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
20:04:24.0562 2372 MountMgr - ok
20:04:24.0593 2372 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:04:24.0593 2372 MozillaMaintenance - ok
20:04:24.0609 2372 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:04:24.0609 2372 mraid35x - ok
20:04:24.0625 2372 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:04:24.0625 2372 MRxDAV - ok
20:04:24.0671 2372 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:04:24.0671 2372 MRxSmb - ok
20:04:24.0750 2372 [ 8E46A7BAC823DD82D4FB2A34C3DF4C1D ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
20:04:24.0750 2372 MSCSPTISRV - ok
20:04:24.0781 2372 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
20:04:24.0781 2372 MSDTC - ok
20:04:24.0796 2372 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
20:04:24.0796 2372 Msfs - ok
20:04:24.0796 2372 MSIServer - ok
20:04:24.0812 2372 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:04:24.0812 2372 MSKSSRV - ok
20:04:24.0828 2372 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:04:24.0828 2372 MSPCLOCK - ok
20:04:24.0828 2372 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
20:04:24.0828 2372 MSPQM - ok
20:04:24.0859 2372 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:04:24.0859 2372 mssmbios - ok
20:04:24.0890 2372 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
20:04:24.0890 2372 MSTEE - ok
20:04:24.0921 2372 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
20:04:24.0921 2372 Mup - ok
20:04:24.0953 2372 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:04:24.0953 2372 NABTSFEC - ok
20:04:24.0984 2372 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
20:04:24.0984 2372 napagent - ok
20:04:25.0031 2372 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
20:04:25.0031 2372 NDIS - ok
20:04:25.0062 2372 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:04:25.0062 2372 NdisIP - ok
20:04:25.0093 2372 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:04:25.0093 2372 NdisTapi - ok
20:04:25.0125 2372 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:04:25.0140 2372 Ndisuio - ok
20:04:25.0171 2372 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:04:25.0171 2372 NdisWan - ok
20:04:25.0203 2372 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
20:04:25.0218 2372 NDProxy - ok
20:04:25.0234 2372 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
20:04:25.0234 2372 NetBIOS - ok
20:04:25.0250 2372 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
20:04:25.0250 2372 NetBT - ok
20:04:25.0296 2372 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
20:04:25.0296 2372 NetDDE - ok
20:04:25.0312 2372 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
20:04:25.0312 2372 NetDDEdsdm - ok
20:04:25.0343 2372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
20:04:25.0343 2372 Netlogon - ok
20:04:25.0359 2372 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
20:04:25.0359 2372 Netman - ok
20:04:25.0390 2372 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:04:25.0390 2372 NetTcpPortSharing - ok
20:04:25.0437 2372 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:04:25.0437 2372 NIC1394 - ok
20:04:25.0468 2372 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
20:04:25.0468 2372 Nla - ok
20:04:25.0500 2372 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
20:04:25.0500 2372 Npfs - ok
20:04:25.0531 2372 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
20:04:25.0531 2372 Ntfs - ok
20:04:25.0531 2372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
20:04:25.0531 2372 NtLmSsp - ok
20:04:25.0562 2372 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
20:04:25.0578 2372 NtmsSvc - ok
20:04:25.0593 2372 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
20:04:25.0593 2372 Null - ok
20:04:25.0703 2372 [ AAA6DAAC20C08FDA35498515AD6C69C3 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:04:25.0718 2372 nv - ok
20:04:25.0765 2372 [ 5C554286925944E5EF1B0105AB9B59E8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
20:04:25.0765 2372 NVSvc - ok
20:04:25.0796 2372 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:04:25.0796 2372 NwlnkFlt - ok
20:04:25.0796 2372 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:04:25.0796 2372 NwlnkFwd - ok
20:04:25.0843 2372 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:04:25.0843 2372 ohci1394 - ok
20:04:25.0875 2372 [ 53D5F1278D9EDB21689BBBCECC09108D ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
20:04:25.0875 2372 omci - ok
20:04:25.0921 2372 [ 61C85AFEAA6EF0C1B32D43F84F7BFBCF ] ossrv C:\WINDOWS\system32\drivers\ctoss2k.sys
20:04:25.0921 2372 ossrv - ok
20:04:25.0953 2372 [ 753A8F339F231D2B857E2CCD51A6E6CA ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
20:04:25.0953 2372 PACSPTISVR - ok
20:04:25.0984 2372 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
20:04:25.0984 2372 Parport - ok
20:04:26.0000 2372 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
20:04:26.0000 2372 PartMgr - ok
20:04:26.0015 2372 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
20:04:26.0031 2372 ParVdm - ok
20:04:26.0062 2372 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
20:04:26.0062 2372 PCI - ok
20:04:26.0062 2372 PCIDump - ok
20:04:26.0078 2372 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
20:04:26.0078 2372 PCIIde - ok
20:04:26.0093 2372 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
20:04:26.0093 2372 Pcmcia - ok
20:04:26.0093 2372 PDCOMP - ok
20:04:26.0109 2372 PDFRAME - ok
20:04:26.0125 2372 PDRELI - ok
20:04:26.0125 2372 PDRFRAME - ok
20:04:26.0156 2372 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
20:04:26.0156 2372 perc2 - ok
20:04:26.0171 2372 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:04:26.0171 2372 perc2hib - ok
20:04:26.0203 2372 [ 6DABB70783EF470492ADB7B9A6E60BF3 ] PfModNT C:\WINDOWS\system32\drivers\PfModNT.sys
20:04:26.0203 2372 PfModNT - ok
20:04:26.0234 2372 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
20:04:26.0250 2372 PlugPlay - ok
20:04:26.0265 2372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
20:04:26.0265 2372 PolicyAgent - ok
20:04:26.0296 2372 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:04:26.0296 2372 PptpMiniport - ok
20:04:26.0296 2372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:04:26.0296 2372 ProtectedStorage - ok
20:04:26.0343 2372 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
20:04:26.0343 2372 PSched - ok
20:04:26.0375 2372 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:04:26.0375 2372 Ptilink - ok
20:04:26.0406 2372 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:04:26.0406 2372 PxHelp20 - ok
20:04:26.0437 2372 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:04:26.0437 2372 ql1080 - ok
20:04:26.0453 2372 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:04:26.0453 2372 Ql10wnt - ok
20:04:26.0468 2372 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:04:26.0468 2372 ql12160 - ok
20:04:26.0484 2372 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:04:26.0484 2372 ql1240 - ok
20:04:26.0484 2372 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:04:26.0484 2372 ql1280 - ok
20:04:26.0531 2372 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:04:26.0531 2372 RasAcd - ok
20:04:26.0578 2372 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
20:04:26.0578 2372 RasAuto - ok
20:04:26.0593 2372 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:04:26.0593 2372 Rasl2tp - ok
20:04:26.0640 2372 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
20:04:26.0640 2372 RasMan - ok
20:04:26.0640 2372 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:04:26.0640 2372 RasPppoe - ok
20:04:26.0656 2372 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
20:04:26.0656 2372 Raspti - ok
20:04:26.0687 2372 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:04:26.0687 2372 Rdbss - ok
20:04:26.0703 2372 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:04:26.0703 2372 RDPCDD - ok
20:04:26.0734 2372 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:04:26.0734 2372 rdpdr - ok
20:04:26.0765 2372 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
20:04:26.0765 2372 RDPWD - ok
20:04:26.0812 2372 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
20:04:26.0812 2372 RDSessMgr - ok
20:04:26.0843 2372 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
20:04:26.0843 2372 redbook - ok
20:04:26.0875 2372 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
20:04:26.0875 2372 RemoteAccess - ok
20:04:26.0906 2372 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
20:04:26.0906 2372 RemoteRegistry - ok
20:04:26.0921 2372 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
20:04:26.0921 2372 RpcLocator - ok
20:04:26.0953 2372 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
20:04:26.0953 2372 RpcSs - ok
20:04:26.0984 2372 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
20:04:27.0000 2372 RSVP - ok
20:04:27.0000 2372 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
20:04:27.0000 2372 SamSs - ok
20:04:27.0062 2372 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:04:27.0062 2372 SASDIFSV - ok
20:04:27.0078 2372 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:04:27.0078 2372 SASKUTIL - ok
20:04:27.0125 2372 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
20:04:27.0125 2372 SCardSvr - ok
20:04:27.0156 2372 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
20:04:27.0171 2372 Schedule - ok
20:04:27.0203 2372 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:04:27.0203 2372 Secdrv - ok
20:04:27.0234 2372 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
20:04:27.0234 2372 seclogon - ok
20:04:27.0265 2372 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
20:04:27.0265 2372 SENS - ok
20:04:27.0296 2372 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
20:04:27.0296 2372 serenum - ok
20:04:27.0312 2372 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
20:04:27.0312 2372 Serial - ok
20:04:27.0375 2372 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
20:04:27.0375 2372 Sfloppy - ok
20:04:27.0406 2372 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
20:04:27.0406 2372 SharedAccess - ok
20:04:27.0421 2372 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:04:27.0437 2372 ShellHWDetection - ok
20:04:27.0437 2372 Simbad - ok
20:04:27.0468 2372 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:04:27.0468 2372 sisagp - ok
20:04:27.0484 2372 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:04:27.0484 2372 SLIP - ok
20:04:27.0546 2372 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:04:27.0546 2372 Sparrow - ok
20:04:27.0578 2372 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
20:04:27.0578 2372 splitter - ok
20:04:27.0609 2372 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
20:04:27.0609 2372 Spooler - ok
20:04:27.0640 2372 [ E3E6C96B0EF4492C3C8FD0DEEF4E35A1 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
20:04:27.0640 2372 SPTISRV - ok
20:04:27.0656 2372 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
20:04:27.0656 2372 sr - ok
20:04:27.0703 2372 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
20:04:27.0703 2372 srservice - ok
20:04:27.0750 2372 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
20:04:27.0750 2372 Srv - ok
20:04:27.0781 2372 [ 1CBD1B58A32DE97899F5290B05F856DB ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
20:04:27.0781 2372 sscdbhk5 - ok
20:04:27.0796 2372 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
20:04:27.0812 2372 SSDPSRV - ok
20:04:27.0843 2372 [ 7FB07AC152D7A87E66204860002BD9A4 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
20:04:27.0843 2372 ssrtln - ok
20:04:27.0890 2372 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
20:04:27.0890 2372 stisvc - ok
20:04:27.0906 2372 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:04:27.0906 2372 streamip - ok
20:04:27.0968 2372 [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
20:04:27.0968 2372 SupportSoft RemoteAssist - ok
20:04:28.0000 2372 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
20:04:28.0015 2372 swenum - ok
20:04:28.0015 2372 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
20:04:28.0015 2372 swmidi - ok
20:04:28.0031 2372 SwPrv - ok
20:04:28.0046 2372 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
20:04:28.0046 2372 symc810 - ok
20:04:28.0062 2372 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:04:28.0062 2372 symc8xx - ok
20:04:28.0078 2372 SymIM - ok
20:04:28.0078 2372 SymIMMP - ok
20:04:28.0140 2372 SYMTDI - ok
20:04:28.0156 2372 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:04:28.0156 2372 sym_hi - ok
20:04:28.0156 2372 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:04:28.0156 2372 sym_u3 - ok
20:04:28.0171 2372 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
20:04:28.0187 2372 sysaudio - ok
20:04:28.0218 2372 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
20:04:28.0218 2372 SysmonLog - ok
20:04:28.0250 2372 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
20:04:28.0250 2372 TapiSrv - ok
20:04:28.0296 2372 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:04:28.0296 2372 Tcpip - ok
20:04:28.0328 2372 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
20:04:28.0328 2372 TDPIPE - ok
20:04:28.0359 2372 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
20:04:28.0359 2372 TDTCP - ok
20:04:28.0375 2372 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
20:04:28.0375 2372 TermDD - ok
20:04:28.0406 2372 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
20:04:28.0406 2372 TermService - ok
20:04:28.0468 2372 [ C89DAABDFF5BD984181F45ADF6DDB24A ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
20:04:28.0468 2372 tfsnboio - ok
20:04:28.0484 2372 [ F093906C27FC9C59BD03D84807266107 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
20:04:28.0484 2372 tfsncofs - ok
20:04:28.0500 2372 [ 9294575CDAD17D1DADFCD98A2CA26E7A ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
20:04:28.0500 2372 tfsndrct - ok
20:04:28.0515 2372 [ CDCC394CBAAC183F9BDEBF6D2F97C5C6 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
20:04:28.0515 2372 tfsndres - ok
20:04:28.0562 2372 [ 0A6C7C989DD76BB8989FD958AC5601D0 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
20:04:28.0562 2372 tfsnifs - ok
20:04:28.0578 2372 [ 92A17C0D73500F9B9C3028DA9E4CDBA6 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
20:04:28.0578 2372 tfsnopio - ok
20:04:28.0593 2372 [ 15AB1A2BB2B35EB1DCDA39405114AFC6 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
20:04:28.0593 2372 tfsnpool - ok
20:04:28.0609 2372 [ 370D2779668BF3B8D14F34356C41AB9C ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
20:04:28.0609 2372 tfsnudf - ok
20:04:28.0625 2372 [ 4564799868C4BCDF28C8EFC6D4C48C4B ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
20:04:28.0625 2372 tfsnudfa - ok
20:04:28.0640 2372 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
20:04:28.0656 2372 Themes - ok
20:04:28.0687 2372 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
20:04:28.0687 2372 TlntSvr - ok
20:04:28.0734 2372 TomTomHOMEService - ok
20:04:28.0734 2372 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
20:04:28.0734 2372 TosIde - ok
20:04:28.0765 2372 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
20:04:28.0781 2372 TrkWks - ok
20:04:28.0796 2372 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
20:04:28.0796 2372 Udfs - ok
20:04:28.0812 2372 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
20:04:28.0812 2372 ultra - ok
20:04:28.0859 2372 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
20:04:28.0859 2372 Update - ok
20:04:28.0890 2372 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
20:04:28.0906 2372 upnphost - ok
20:04:28.0921 2372 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
20:04:28.0921 2372 UPS - ok
20:04:28.0953 2372 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
20:04:28.0953 2372 USBAAPL - ok
20:04:28.0984 2372 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
20:04:28.0984 2372 usbaudio - ok
20:04:29.0031 2372 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:04:29.0031 2372 usbccgp - ok
20:04:29.0046 2372 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:04:29.0046 2372 usbehci - ok
20:04:29.0046 2372 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:04:29.0046 2372 usbhub - ok
20:04:29.0062 2372 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:04:29.0062 2372 usbprint - ok
20:04:29.0093 2372 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:04:29.0093 2372 usbscan - ok
20:04:29.0125 2372 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:04:29.0125 2372 USBSTOR - ok
20:04:29.0125 2372 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:04:29.0125 2372 usbuhci - ok
20:04:29.0171 2372 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
20:04:29.0171 2372 usbvideo - ok
20:04:29.0187 2372 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
20:04:29.0187 2372 VgaSave - ok
20:04:29.0203 2372 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:04:29.0203 2372 viaagp - ok
20:04:29.0218 2372 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
20:04:29.0218 2372 ViaIde - ok
20:04:29.0265 2372 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
20:04:29.0265 2372 Viewpoint Manager Service - ok
20:04:29.0281 2372 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
20:04:29.0281 2372 VolSnap - ok
20:04:29.0312 2372 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
20:04:29.0312 2372 VSS - ok
20:04:29.0328 2372 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
20:04:29.0343 2372 w32time - ok
20:04:29.0375 2372 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:04:29.0390 2372 Wanarp - ok
20:04:29.0421 2372 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
20:04:29.0421 2372 wanatw - ok
20:04:29.0468 2372 [ D918617B46457B9AC28027722E30F647 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
20:04:29.0468 2372 Wdf01000 - ok
20:04:29.0484 2372 WDICA - ok
20:04:29.0500 2372 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
20:04:29.0500 2372 wdmaud - ok
20:04:29.0531 2372 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
20:04:29.0546 2372 WebClient - ok
20:04:29.0578 2372 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:04:29.0593 2372 winachsf - ok
20:04:29.0656 2372 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
20:04:29.0656 2372 winmgmt - ok
20:04:29.0781 2372 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:04:29.0796 2372 wlidsvc - ok
20:04:29.0828 2372 [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
20:04:29.0828 2372 WmdmPmSN - ok
20:04:29.0875 2372 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
20:04:29.0875 2372 Wmi - ok
20:04:29.0890 2372 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:04:29.0890 2372 WmiApSrv - ok
20:04:29.0968 2372 [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
20:04:29.0984 2372 WMPNetworkSvc - ok
20:04:30.0015 2372 [ C60DC16D4E406810FAD54B98DC92D5EC ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:04:30.0015 2372 WpdUsb - ok
20:04:30.0125 2372 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:04:30.0125 2372 WPFFontCache_v0400 - ok
20:04:30.0156 2372 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
20:04:30.0171 2372 wscsvc - ok
20:04:30.0171 2372 WSearch - ok
20:04:30.0203 2372 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:04:30.0203 2372 WSTCODEC - ok
20:04:30.0218 2372 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
20:04:30.0218 2372 wuauserv - ok
20:04:30.0265 2372 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:04:30.0265 2372 WudfPf - ok
20:04:30.0281 2372 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
20:04:30.0281 2372 WudfSvc - ok
20:04:30.0328 2372 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
20:04:30.0343 2372 WZCSVC - ok
20:04:30.0375 2372 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
20:04:30.0390 2372 xmlprov - ok
20:04:30.0390 2372 ================ Scan global ===============================
20:04:30.0437 2372 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
20:04:30.0468 2372 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:04:30.0484 2372 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
20:04:30.0515 2372 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
20:04:30.0531 2372 [Global] - ok
20:04:30.0531 2372 ================ Scan MBR ==================================
20:04:30.0531 2372 [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
20:04:30.0687 2372 \Device\Harddisk0\DR0 - ok
20:04:30.0687 2372 ================ Scan VBR ==================================
20:04:30.0703 2372 [ 2E547BAAEB94F4B5F2CE05172163CB89 ] \Device\Harddisk0\DR0\Partition1
20:04:30.0703 2372 \Device\Harddisk0\DR0\Partition1 - ok
20:04:30.0703 2372 ============================================================
20:04:30.0703 2372 Scan finished
20:04:30.0703 2372 ============================================================
20:04:30.0703 3984 Detected object count: 0
20:04:30.0703 3984 Actual detected object count: 0


----------



## Cookiegal (Aug 27, 2003)

OK, that's good.

Please download *Farbar Service Scanner* and transfer it to the desktop of the computer with the issue.
Make sure only the following option is checked:
*Internet Services*

Press "*Scan*".
It will create a log (FSS.txt) in the same directory the tool is run (which should be on the desktop.)
Please copy and paste the log to your reply.


----------



## olabola (May 20, 2012)

Cookiegal said:


> OK, that's good.
> 
> Please download *Farbar Service Scanner* and transfer it to the desktop of the computer with the issue.
> 
> ...


Farbar Service Scanner Version: 07-12-2012
Ran by Alexandra Jachimczyk (administrator) on 10-12-2012 at 07:13:19
Running from "C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
There is no connection to network.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Other errors
Attempt to access Yahoo IP returned error. Yahoo IP is unreachable
Attempt to access Yahoo.com returned error: Other errors

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) SYMTDI(11) Tcpip(3) 
0x0B000000040000000100000002000000030000000B00000009000000080000000A000000050000000600000007000000
IpSec Tag value is correct.
**** End of log ****


----------



## Cookiegal (Aug 27, 2003)

Go to *Start *- *Run *- type in *cmd *and click OK.

At the command prompt type in:

*netsh winsock reset catalog*

Press enter.

then type in:

*netsh int ip reset resetlog.txt*

Press enter.

You will need to reboot afterwards.

Let me know if this restores your connection.


----------



## olabola (May 20, 2012)

Wow, connection to the internet restored! It took a while for my homepage to load but IE loaded and connected to the internet. I also got warnings about not having my firewall turned on and that MSE was out of date.


----------



## Cookiegal (Aug 27, 2003)

Please be sure the firewall is back on and that MSE updates.

Please visit *Combofix Guide & Instructions * for instructions for installing the Recovery Console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.

Post the log from ComboFix when you've accomplished that.

Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices (don't worry, the keyboard and mouse will still function) to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read  *HERE * for an article written by dvk01 on why we disable autoruns.


----------



## olabola (May 20, 2012)

I received an error message from MSE...that it couldnt start the security essentials service, the specified service does not exist as an installed service. Error code 0x80070424.

When I googled the error code I found a lot on this error that mentioned having remnants of old virus programs interfering with MSE. Not sure if you remember but during one of the scans or directions you gave me, I did see a McAfee folder which is the original preinstalled antivirus program that was on the computer. Also, I am still not sure that all of Norton was removed.


----------



## Cookiegal (Aug 27, 2003)

You may have to uninstall and reinstall MSE. For now, please proceed with ComboFix.


----------



## olabola (May 20, 2012)

Cookiegal said:


> You may have to uninstall and reinstall MSE. For now, please proceed with ComboFix.


OK, its running through the stages now...


----------



## olabola (May 20, 2012)

ComboFix 12-12-10.01 - Alexandra Jachimczyk 12/10/2012 20:46:05.1.2 - x86
Running from: c:\documents and settings\Alexandra Jachimczyk\Desktop\Security\Puppy.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\All Users\SPLD6.tmp
c:\documents and settings\All Users\SPLDA.tmp
c:\windows\system32\SET34.tmp
c:\windows\system32\SET35.tmp
c:\windows\system32\SET77.tmp
c:\windows\system32\SET79.tmp
c:\windows\system32\SET82.tmp
c:\windows\system32\SET88.tmp
c:\windows\system32\SET8E.tmp
c:\windows\system32\SET97.tmp
c:\windows\system32\SET98.tmp
c:\windows\system32\SET99.tmp
c:\windows\system32\SET9A.tmp
c:\windows\system32\SET9C.tmp
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\FUSION.DLL
c:\windows\system32\URTTemp\MSCOREE.DLL
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\MSCORSN.DLL
c:\windows\system32\URTTemp\MSCORWKS.DLL
c:\windows\system32\URTTemp\MSVCR71.DLL
c:\windows\system32\URTTemp\REGTLIB.EXE
.
.
((((((((((((((((((((((((( Files Created from 2012-11-11 to 2012-12-11 )))))))))))))))))))))))))))))))
.
.
2012-12-09 02:22 . 2012-12-09 02:22 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-12-09 02:22 . 2012-12-09 02:22 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-07 21:24 . 2004-08-10 10:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2012-12-07 21:24 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-12-07 21:24 . 2004-08-10 10:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2012-12-07 21:24 . 2004-08-10 10:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2012-12-07 21:24 . 2004-08-10 10:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2012-12-07 21:24 . 2004-08-10 10:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2012-12-07 21:24 . 2004-08-10 10:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2012-12-07 21:24 . 2004-08-10 10:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2012-12-01 01:48 . 2012-12-01 01:48 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Application Data\Epson
2012-11-30 04:16 . 2012-11-30 04:16 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Local Settings\Application Data\Mozilla
2012-11-30 04:15 . 2012-12-05 01:49 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-11-23 15:25 . 2012-11-23 15:25 -------- d-----w- c:\program files\Common Files\EPSON
2012-11-23 15:17 . 2012-11-23 15:17 -------- d-----w- c:\program files\Epson America Inc
2012-11-23 15:16 . 2011-04-20 08:03 95232 ----a-w- c:\windows\system32\E_FLBHBA.DLL
2012-11-23 15:16 . 2011-03-15 08:03 81408 ----a-w- c:\windows\system32\E_FD4BHBA.DLL
2012-11-23 15:16 . 2012-11-27 01:40 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2012-11-23 15:16 . 2012-11-23 15:18 -------- d-----w- c:\program files\Epson Software
2012-11-23 15:15 . 2009-10-16 05:00 132560 ----a-w- c:\windows\system32\esdevapp.exe
2012-11-23 15:15 . 2009-10-16 05:00 12800 ----a-w- c:\windows\system32\escdev.dll
2012-11-23 15:15 . 2009-09-17 05:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2012-11-23 15:15 . 2012-11-23 15:17 -------- d-----w- c:\program files\epson
2012-11-23 14:46 . 2012-11-23 14:46 -------- d-----w- c:\program files\Dell Photo AIO Printer 942
2012-11-22 03:02 . 2012-11-22 16:08 -------- d-----w- c:\program files\Google Books Downloader
2012-11-19 09:58 . 2012-11-19 09:58 -------- d-----w- c:\windows\system32\searchplugins
2012-11-19 09:58 . 2012-11-19 09:58 -------- d-----w- c:\windows\system32\Extensions
2012-11-19 09:58 . 2012-11-19 09:58 -------- d-----w- c:\program files\VS Revo Group
2012-11-19 09:58 . 2012-11-19 09:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon
2012-11-19 09:58 . 2012-11-19 09:58 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Application Data\Babylon
2012-11-14 02:34 . 2012-11-14 02:34 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Local Settings\Application Data\Adobe_Systems_Incorporate
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-08 21:13 . 2012-04-04 01:01 697272 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-08 21:13 . 2011-05-17 22:15 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 08:37 . 2004-08-10 10:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04 . 2004-08-10 10:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-30 00:54 . 2012-05-24 12:18 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2006-01-09 01:09 . 2006-01-09 01:09 774144 -c--a-w- c:\program files\RngInterstitial.dll
2005-10-19 05:17 . 2005-10-19 05:17 353298 -c--a-w- c:\program files\LimeWireWin.exe
2005-10-17 02:31 . 2005-10-17 02:31 4077184 -c--a-w- c:\program files\winzip90.exe
2012-12-05 00:54 . 2012-12-05 00:54 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-12 39408]
"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE" [2012-02-29 249440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-30 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTHelper"="CTHELPER.EXE" [2007-04-09 19456]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2005-10-18 1921024]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-03-16 127037]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-17 47392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"Dell Photo AIO Printer 942"="c:\program files\Dell Photo AIO Printer 942\dlbubmgr.exe" [2005-02-03 294912]
"DellMCM"="c:\program files\Dell Photo AIO Printer 942\memcard.exe" [2004-07-27 262144]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\39244166.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
2003-06-18 06:00 45056 -c--a-w- c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Photo AIO Printer 942]
2005-02-03 13:08 294912 ----a-w- c:\program files\Dell Photo AIO Printer 942\dlbubmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellMCM]
2004-07-27 19:08 262144 ----a-w- c:\program files\Dell Photo AIO Printer 942\memcard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2006-04-06 14:51 49152 -c----w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2005-06-17 12:56 139264 -c--a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 21:50 221184 -c--a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 21:50 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-10 03:30 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-09-30 00:54 766536 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2004-11-11 22:10 4583424 -c--a-w- c:\windows\SYSTEM32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 19:02 254696 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-11-08 21:06 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-02-12 01:02 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-05-20 18:51 296056 ----a-w- c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 06:00 90112 -c----w- c:\windows\Updreg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 22:46 204288 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
.
R3 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [x]
R3 TomTomHOMEService;TomTomHOMEService;c:\documents and settings\Alexandra Jachimczyk\Desktop\TomTom HOME 2\TomTomHOMEService.exe [x]
R3 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:13]
.
2012-12-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 12:15]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 12:15]
.
2012-12-11 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 17:40]
.
2012-12-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 17:40]
.
2012-12-10 c:\windows\Tasks\User_Feed_Synchronization-{99BE4562-DD15-4050-9103-AA7BC77B85E8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: aol.com%20and%20https
Trusted Zone: intuit.com\ttlc
Trusted Zone: microsoft.com\www
Trusted Zone: shareasale.com\www
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} - hxxp://aol.skilljam.com/ssp/SkillJamLoader.cab
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - hxxp://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://24.97.152.19/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Alexandra Jachimczyk\Application Data\Mozilla\Firefox\Profiles\3i92dirc.default\
.
- - - - ORPHANS REMOVED - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
SafeBoot-AVG Anti-Spyware Guard
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-10 20:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2012-12-10 20:54:59
ComboFix-quarantined-files.txt 2012-12-11 01:54
.
Pre-Run: 60,752,576,512 bytes free
Post-Run: 61,101,113,344 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - BB40E786F9A23B0272D326DCEC8FCFCB


----------



## Cookiegal (Aug 27, 2003)

Open Notepad and copy and paste the text in the code box below into it:


```
Folder::
c:\windows\system32\searchplugins
c:\windows\system32\Extensions
c:\documents and settings\All Users\Application Data\Babylon
c:\documents and settings\Alexandra Jachimczyk\Application Data\Babylon

Registry::
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\39244166.sys]
[-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AVG Anti-Spyware Driver]
```
Save the file to your desktop and name it CFScript.txt

Referring to the picture below, drag CFScript.txt into ComboFix.exe










This will start ComboFix again. It may ask to reboot. Post the contents of Combofix.txt in your next reply.

*Note: These instructions and script were created specifically for this user. If you are not this user, do NOT follow these instructions or use this script as it could damage the workings of your system.*


----------



## olabola (May 20, 2012)

I have been transferring everything from the netbook to the desktop via the USB all this time, should I keep doing that? or, should I be online using the desktop, and downloading the information directly?


----------



## olabola (May 20, 2012)

ComboFix 12-12-10.01 - Alexandra Jachimczyk 12/10/2012 21:35:15.2.2 - x86
Running from: c:\documents and settings\Alexandra Jachimczyk\Desktop\Security\Puppy.exe
Command switches used :: c:\documents and settings\Alexandra Jachimczyk\Desktop\Security\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Alexandra Jachimczyk\Application Data\Babylon
c:\documents and settings\Alexandra Jachimczyk\Application Data\Babylon\log_file.txt
c:\documents and settings\All Users\Application Data\Babylon
c:\windows\system32\Extensions
c:\windows\system32\searchplugins
.
.
((((((((((((((((((((((((( Files Created from 2012-11-11 to 2012-12-11 )))))))))))))))))))))))))))))))
.
.
2012-12-09 23:29 . 2012-12-09 23:29 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-09 02:22 . 2012-12-09 02:22 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\PCHealth
2012-12-09 02:22 . 2012-12-09 02:22 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-07 21:24 . 2004-08-10 10:00 7168 ----a-w- c:\windows\system32\dllcache\wamregps.dll
2012-12-07 21:24 . 2001-08-17 19:56 66048 ----a-w- c:\windows\system32\dllcache\s3legacy.dll
2012-12-07 21:24 . 2004-08-10 10:00 7680 ----a-w- c:\windows\system32\dllcache\inetmgr.exe
2012-12-07 21:24 . 2004-08-10 10:00 19968 ----a-w- c:\windows\system32\dllcache\inetsloc.dll
2012-12-07 21:24 . 2004-08-10 10:00 169984 ----a-w- c:\windows\system32\dllcache\iisui.dll
2012-12-07 21:24 . 2004-08-10 10:00 5632 ----a-w- c:\windows\system32\dllcache\iisrstap.dll
2012-12-07 21:24 . 2004-08-10 10:00 14336 ----a-w- c:\windows\system32\dllcache\iisreset.exe
2012-12-07 21:24 . 2004-08-10 10:00 6144 ----a-w- c:\windows\system32\dllcache\ftpsapi2.dll
2012-12-01 01:48 . 2012-12-01 01:48 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Application Data\Epson
2012-11-30 04:16 . 2012-11-30 04:16 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Local Settings\Application Data\Mozilla
2012-11-30 04:15 . 2012-12-05 01:49 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-11-23 15:25 . 2012-11-23 15:25 -------- d-----w- c:\program files\Common Files\EPSON
2012-11-23 15:17 . 2012-11-23 15:17 -------- d-----w- c:\program files\Epson America Inc
2012-11-23 15:16 . 2011-04-20 08:03 95232 ----a-w- c:\windows\system32\E_FLBHBA.DLL
2012-11-23 15:16 . 2011-03-15 08:03 81408 ----a-w- c:\windows\system32\E_FD4BHBA.DLL
2012-11-23 15:16 . 2012-11-27 01:40 -------- d-----w- c:\documents and settings\All Users\Application Data\EPSON
2012-11-23 15:16 . 2012-11-23 15:18 -------- d-----w- c:\program files\Epson Software
2012-11-23 15:15 . 2009-10-16 05:00 132560 ----a-w- c:\windows\system32\esdevapp.exe
2012-11-23 15:15 . 2009-10-16 05:00 12800 ----a-w- c:\windows\system32\escdev.dll
2012-11-23 15:15 . 2009-09-17 05:00 342016 ----a-w- c:\windows\system32\eswiaud.dll
2012-11-23 15:15 . 2012-11-23 15:17 -------- d-----w- c:\program files\epson
2012-11-23 14:46 . 2012-11-23 14:46 -------- d-----w- c:\program files\Dell Photo AIO Printer 942
2012-11-22 03:02 . 2012-11-22 16:08 -------- d-----w- c:\program files\Google Books Downloader
2012-11-19 09:58 . 2012-11-19 09:58 -------- d-----w- c:\program files\VS Revo Group
2012-11-14 02:34 . 2012-11-14 02:34 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Local Settings\Application Data\Adobe_Systems_Incorporate
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-08 21:13 . 2012-04-04 01:01 697272 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-08 21:13 . 2011-05-17 22:15 73656 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-22 08:37 . 2004-08-10 10:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04 . 2004-08-10 10:00 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-30 00:54 . 2012-05-24 12:18 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2006-01-09 01:09 . 2006-01-09 01:09 774144 -c--a-w- c:\program files\RngInterstitial.dll
2005-10-19 05:17 . 2005-10-19 05:17 353298 -c--a-w- c:\program files\LimeWireWin.exe
2005-10-17 02:31 . 2005-10-17 02:31 4077184 -c--a-w- c:\program files\winzip90.exe
2012-12-05 00:54 . 2012-12-05 00:54 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-12 39408]
"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE" [2012-02-29 249440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-30 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTHelper"="CTHELPER.EXE" [2007-04-09 19456]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2005-10-18 1921024]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-28 59280]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-03-16 127037]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-17 47392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"Dell Photo AIO Printer 942"="c:\program files\Dell Photo AIO Printer 942\dlbubmgr.exe" [2005-02-03 294912]
"DellMCM"="c:\program files\Dell Photo AIO Printer 942\memcard.exe" [2004-07-27 262144]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51 919008 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
2003-06-18 06:00 45056 -c--a-w- c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Photo AIO Printer 942]
2005-02-03 13:08 294912 ----a-w- c:\program files\Dell Photo AIO Printer 942\dlbubmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellMCM]
2004-07-27 19:08 262144 ----a-w- c:\program files\Dell Photo AIO Printer 942\memcard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2006-04-06 14:51 49152 -c----w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2005-06-17 12:56 139264 -c--a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 21:50 221184 -c--a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 21:50 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-09-10 03:30 421776 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-09-30 00:54 766536 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2004-11-11 22:10 4583424 -c--a-w- c:\windows\SYSTEM32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 19:02 254696 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-11-08 21:06 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-02-12 01:02 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-05-20 18:51 296056 ----a-w- c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 06:00 90112 -c----w- c:\windows\Updreg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 22:46 204288 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
.
R3 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [x]
R3 TomTomHOMEService;TomTomHOMEService;c:\documents and settings\Alexandra Jachimczyk\Desktop\TomTom HOME 2\TomTomHOMEService.exe [x]
R3 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\Viewpoint\Common\ViewpointService.exe [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:13]
.
2012-12-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 12:15]
.
2012-12-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 12:15]
.
2012-12-11 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 17:40]
.
2012-12-09 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 17:40]
.
2012-12-10 c:\windows\Tasks\User_Feed_Synchronization-{99BE4562-DD15-4050-9103-AA7BC77B85E8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: aol.com%20and%20https
Trusted Zone: intuit.com\ttlc
Trusted Zone: microsoft.com\www
Trusted Zone: shareasale.com\www
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} - hxxp://aol.skilljam.com/ssp/SkillJamLoader.cab
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - hxxp://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://24.97.152.19/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Alexandra Jachimczyk\Application Data\Mozilla\Firefox\Profiles\3i92dirc.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-10 21:39
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_110_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2012-12-10 21:41:30
ComboFix-quarantined-files.txt 2012-12-11 02:41
ComboFix2.txt 2012-12-11 01:54
.
Pre-Run: 61,122,408,448 bytes free
Post-Run: 61,099,634,688 bytes free
.
- - End Of File - - FC3150E0CD5B64F69C0F4BC7044A92C8


----------



## Cookiegal (Aug 27, 2003)

You can use the computer we're working on now.


----------



## Cookiegal (Aug 27, 2003)

Please try to uninstall MSE now and reinstall it so you have a working anti-virus program.

Did the Windows firewall start without any problems?


----------



## olabola (May 20, 2012)

Cookiegal said:


> Please try to uninstall MSE now and reinstall it so you have a working anti-virus program.
> 
> Did the Windows firewall start without any problems?


I uninstalled MSE and downloaded the program again and tried to reinstall it, but received an installation error. Cannont complete the Security Essentials installation. Please restart your computer an dtry again.
Error Code:0x80070643


----------



## olabola (May 20, 2012)

I rebooted and tried again and compled the installation of MSE. However, I received an error that Windwos firewall is still turned off for some unknown error. Try turning it on manually from Windows Security Center. But, when I looked in the security center the firewall was on. I proceeded with installing updates and performing a quick scan.


----------



## Cookiegal (Aug 27, 2003)

OK, that's good. Let me know if MSE detects anything. I'm signing off for the night so I'll leave you with another program to run and I'll check back tomorrow.

Please download *OTL* to your Desktop. 

Double-click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted. 
Under Custom Scans/Fixes type in *Netsvcs*
Click the Run Scan button. Do not change any other settings unless otherwise instructed. The scan won't take long. 
When the scan completes, it will open two Notepad windows called *OTL.Txt* and *Extras.Txt*. These are saved in the same location as OTL. 
Please copy and paste the contents of both of these files here in your next reply.


----------



## olabola (May 20, 2012)

OTL logfile created on: 12/10/2012 10:30:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 79.93% Memory free
4.34 Gb Paging File | 3.76 Gb Available in Paging File | 86.54% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 56.72 Gb Free Space | 39.30% Space Free | Partition Type: NTFS

Computer Name: D16M9M71 | User Name: Alexandra Jachimczyk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/10 22:19:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\OTL.exe
PRC - [2012/11/08 16:06:48 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/02/29 07:03:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_FATIHBA.EXE
PRC - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
PRC - [2011/02/23 16:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CtHelper.exe
PRC - [2005/10/18 14:33:12 | 001,921,024 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Support.com\bin\tgcmd.exe
PRC - [2005/02/03 15:35:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
PRC - [2005/02/03 08:08:54 | 000,294,912 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
PRC - [2004/07/27 14:08:22 | 000,262,144 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
PRC - [2003/09/17 10:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

========== Modules (No Company Name) ==========

MOD - [2012/11/15 09:50:33 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2012/10/05 22:16:02 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2012/10/05 22:16:02 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2012/10/05 22:16:02 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2012/10/05 22:16:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2012/10/05 22:16:02 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2012/10/05 22:16:01 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2012/10/05 22:16:01 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2012/10/05 22:16:01 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2012/10/05 22:16:01 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2012/10/05 22:16:01 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2012/10/05 22:16:01 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2012/10/05 22:15:59 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2012/10/05 22:15:59 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2012/10/05 22:15:59 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2012/10/05 22:15:59 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2012/10/05 22:15:58 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2012/10/05 22:15:58 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2012/10/05 22:15:58 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2012/10/05 22:15:58 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2012/10/05 22:15:58 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2012/10/05 22:15:58 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2012/10/05 22:15:58 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2012/10/05 22:15:58 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2012/10/05 22:15:58 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2012/10/05 22:15:58 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2012/10/05 22:15:58 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2012/10/05 22:15:57 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2012/10/05 22:15:57 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2012/10/05 22:15:57 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2012/10/05 22:15:57 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2012/10/05 22:15:57 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2012/10/05 22:15:57 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2012/10/05 22:15:56 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2012/10/05 22:15:56 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011/11/03 10:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\SYSTEM32\quartz.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\SYSTEM32\sbe.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\SYSTEM32\devenum.dll
MOD - [2005/02/03 15:35:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
MOD - [2005/02/03 08:08:54 | 000,294,912 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
MOD - [2005/02/03 08:07:18 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetPrint.dll
MOD - [2005/02/03 08:06:52 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetScan.dll
MOD - [2005/02/03 08:05:56 | 000,135,168 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetDecmp.dll
MOD - [2005/02/03 08:05:42 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetImage.dll
MOD - [2005/02/03 08:05:22 | 000,028,672 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetPDF.dll
MOD - [2005/02/03 08:05:06 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetFunc.dll
MOD - [2004/07/29 21:54:20 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\ConvDIB.dll
MOD - [2004/07/27 14:08:22 | 000,262,144 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Documents and Settings\Alexandra Jachimczyk\Desktop\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/12/04 19:54:50 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/08 16:13:12 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/08 16:06:48 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/07/15 17:38:32 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [On_Demand | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2004/03/23 12:15:40 | 000,073,852 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS -- (SYMTDI)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2012/12/10 22:07:44 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{2C9FFDE7-2C82-44DB-AFE0-52F67B88B99F}\MpKsl323a7462.sys -- (MpKsl323a7462)
DRV - [2012/02/22 05:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 01:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mcvidrv.sys -- (ManyCam)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2007/06/18 19:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -- (motmodem)
DRV - [2007/04/18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 04:32:34 | 000,016,168 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfmodnt.sys -- (PfModNT)
DRV - [2007/04/10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia)
DRV - [2007/04/10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k)
DRV - [2007/04/10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k)
DRV - [2005/07/06 18:51:17 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CdaD10BA.SYS -- (CdaD10BA)
DRV - [2004/05/29 17:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com...}&invocationType=tb50-ie-aol-chromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {BCD9DC71-4486-4BA8-A119-6D2ECB664D16}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
IE - HKCU\..\SearchScopes\{BCD9DC71-4486-4BA8-A119-6D2ECB664D16}: "URL" = http://www.google.com/search?q={sea...={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/04 19:54:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/04 19:54:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/10/30 22:59:36 | 000,000,000 | ---D | M]

[2012/08/27 21:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Mozilla\Extensions
[2012/12/04 19:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/04 19:54:50 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 12:33:21 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2006/01/08 20:09:39 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npgcplug.dll
[2011/03/18 12:33:22 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2005/04/27 15:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2012/05/20 13:51:16 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2012/11/20 01:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/20 01:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.claro-search.com/?affID=...HP_ss&mntrId=6c1d4e3200000000000000132017bce0
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.claro-search.com/?affID=...HP_ss&mntrId=6c1d4e3200000000000000132017bce0
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: Google Drive = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/10 21:39:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Dell Photo AIO Printer 942] C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe ()
O4 - HKLM..\Run: [DellMCM] C:\Program Files\Dell Photo AIO Printer 942\memcard.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: aol.com%20and%20https ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: shareasale.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://www.activation.rr.com/install/download/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} http://aol.skilljam.com/ssp/SkillJamLoader.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (Reg Error: Key error.)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1118701430265 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Reg Error: Key error.)
O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} http://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab (CPlayFirstDoggieDashControl Object)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1345548205328 (MUWebControl Class)
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} http://support.dell.com/systemprofiler/DellSystemLite.CAB (Reg Error: Key error.)
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab (Reg Error: Key error.)
O16 - DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab (Reg Error: Key error.)
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB (Reg Error: Key error.)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab (GoBit Games Player)
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} http://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab (CPlayFirstzenerchiControl Object)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} http://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab (Reg Error: Key error.)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://24.97.152.19/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/webgames/popcaploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC07AD45-4B6C-41AA-BD45-9ECA4D349186}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/19 16:07:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

NetSvcs: 6to4 - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

========== Files/Folders - Created Within 30 Days ==========

[2012/12/10 21:59:44 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MpSigStub.exe
[2012/12/10 21:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/12/10 21:41:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/12/10 20:42:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/12/10 20:40:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/12/10 20:40:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/12/10 20:40:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/12/10 20:40:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/12/10 20:40:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/09 18:29:22 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/12/09 18:28:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/12/09 18:27:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNIT
[2012/12/08 21:22:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2012/12/07 16:24:35 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2012/12/07 16:24:23 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\s3legacy.dll
[2012/12/07 16:24:13 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2012/12/07 16:24:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2012/12/07 16:24:12 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2012/12/07 16:24:11 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2012/12/07 16:24:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2012/12/07 16:24:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2012/12/07 16:24:04 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2012/12/04 19:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/12/04 18:45:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/11/30 22:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/11/30 20:48:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Epson
[2012/11/29 23:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Mozilla
[2012/11/29 23:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/11/29 23:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/11/23 10:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2012/11/23 10:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Start Menu\Programs\EPSON Software
[2012/11/23 10:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Epson America Inc
[2012/11/23 10:16:34 | 000,095,232 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FLBHBA.DLL
[2012/11/23 10:16:34 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\System32\E_FD4BHBA.DLL
[2012/11/23 10:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2012/11/23 10:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Epson Software
[2012/11/23 10:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2012/11/23 10:15:36 | 000,342,016 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\eswiaud.dll
[2012/11/23 10:15:36 | 000,132,560 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\esdevapp.exe
[2012/11/23 10:15:36 | 000,012,800 | ---- | C] (Seiko Epson Corporation) -- C:\WINDOWS\System32\escdev.dll
[2012/11/23 10:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON
[2012/11/23 10:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2012/11/23 09:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Photo AIO Printer 942
[2012/11/21 22:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google Books Downloader
[2012/11/19 04:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Start Menu\Programs\Revo Uninstaller
[2012/11/19 04:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/11/13 21:34:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Adobe_Systems_Incorporate
[2012/11/13 21:34:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\My Documents\My Digital Editions
[2006/01/08 20:09:49 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012/12/10 22:35:59 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{99BE4562-DD15-4050-9103-AA7BC77B85E8}.job
[2012/12/10 22:32:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/10 22:17:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/10 22:06:29 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/10 22:06:28 | 000,000,366 | -H-- | M] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/12/10 21:58:31 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/12/10 21:56:05 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/12/10 21:54:41 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
[2012/12/10 21:54:40 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/10 21:54:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/12/10 21:54:35 | 3219,296,256 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/10 21:53:40 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/10 21:53:40 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/10 21:53:40 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/10 21:53:40 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/10 21:53:40 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/10 21:39:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2012/12/10 20:42:47 | 000,000,325 | RHS- | M] () -- C:\BOOT.INI
[2012/12/10 18:12:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/12/09 14:53:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
[2012/12/06 18:49:08 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/04 08:00:30 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/12/01 08:26:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI
[2012/11/30 22:33:10 | 004,935,331 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-20061102}.CDF
[2012/11/30 22:33:10 | 004,935,331 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-20061102}.BAK
[2012/11/29 23:15:15 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/29 23:15:15 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/11/27 22:57:00 | 000,055,928 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/11/26 08:01:13 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\Cache.db
[2012/11/23 13:28:35 | 007,933,952 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2012/11/23 13:28:35 | 004,398,080 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2012/11/23 10:22:51 | 000,000,071 | ---- | M] () -- C:\WINDOWS\ENX430.ini
[2012/11/23 10:15:37 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2012/11/21 22:02:15 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Books Downloader.lnk
[2012/11/16 06:21:02 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/11/15 09:50:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/11/15 09:49:27 | 000,504,048 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012/11/15 09:49:27 | 000,087,462 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012/11/12 14:54:03 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012/12/10 22:06:28 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/10 22:06:28 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\tasks\MpIdleTask.job
[2012/12/10 21:56:29 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/12/10 20:42:46 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2012/12/10 20:42:43 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/12/10 20:40:59 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/12/10 20:40:59 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/12/10 20:40:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/12/10 20:40:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/12/10 20:40:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/12/07 16:17:45 | 3219,296,256 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/04 20:53:49 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/12/04 08:00:30 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/12/01 08:26:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012/11/29 23:15:15 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/29 23:15:14 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/11/29 23:15:14 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/11/23 10:15:37 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2012/11/23 10:14:58 | 000,000,071 | ---- | C] () -- C:\WINDOWS\ENX430.ini
[2012/11/21 22:02:14 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Books Downloader.lnk
[2012/06/22 18:07:45 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\HamsterAudioConverterSettings.cfg
[2012/06/22 18:05:21 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\installLang.ini
[2012/06/03 07:33:03 | 000,002,297 | ---- | C] () -- C:\Program Files\show_all_body_parts-1.2-tb.xpi
[2012/05/09 17:50:55 | 005,899,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/02/21 03:33:44 | 003,616,534 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2885659742-3719046469-1376452676-1005-0.dat
[2012/02/21 03:33:43 | 000,282,758 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/20 11:21:39 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/16 00:27:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/25 12:52:50 | 000,000,216 | ---- | C] () -- C:\WINDOWS\youtube2mp3.ini
[2011/05/21 18:19:33 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2011/05/18 18:13:38 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/18 18:08:35 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/01/24 19:48:51 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\usb001
[2007/12/29 17:20:08 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/10/19 00:17:25 | 000,353,298 | ---- | C] () -- C:\Program Files\LimeWireWin.exe
[2005/10/16 21:31:03 | 004,077,184 | ---- | C] () -- C:\Program Files\winzip90.exe
[2005/07/08 18:35:21 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2005/06/18 14:14:51 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/13 18:59:50 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\PFP120JPR.{PB
[2005/06/13 18:59:50 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\PFP120JCM.{PB
[2005/06/13 17:14:42 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/19 16:03:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
< End of report >


----------



## olabola (May 20, 2012)

OTL Extras logfile created on: 12/10/2012 10:30:54 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 79.93% Memory free
4.34 Gb Paging File | 3.76 Gb Available in Paging File | 86.54% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 56.72 Gb Free Space | 39.30% Space Free | Partition Type: NTFS

Computer Name: D16M9M71 | User Name: Alexandra Jachimczyk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office\msohtmed.exe" %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"2869:TCP" = 2869:TCP:LocalSubNet:Enabledxpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect
"1900:UDP" = 1900:UDP:LocalSubNet:Enabledxpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare -- (Eastman Kodak Company)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" = C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL -- (America Online, Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax -- (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" = C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager -- (Intuit, Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNetisabled:Intuit Update Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe" = C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe:LocalSubNetisabled:Intuit Update v4 Shared Downloads Server -- (Intuit Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" = C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application -- (SEIKO EPSON CORPORATION)

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00010409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Professional
"{00040409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 SR-1 Disc 2
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{03DF638A-D61C-4893-B8B9-845900C03163}" = TurboTax 2010 wnyiper
"{0456ebd7-5f67-4ab6-852e-63781e3f389c}" = Macromedia Flash Player
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{073F22CE-9A5B-4A40-A604-C7270AC6BF34}" = ESSSONIC
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}" = Microsoft Plus! Photo Story 2 LE
"{0F6F6876-6334-4977-B5DD-CFC12E193420}" = iTunes
"{0F756CD9-4A1E-409B-B101-601DDC4C03AA}" = Qualxserve Service Agreement
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{14374619-0900-4056-BA06-C87C900AF9E6}" = QuickBooks Simple Start Special Edition
"{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}" = ESSPCD
"{172423F9-522A-483A-AD65-03600CE4CA4F}" = Microsoft Works 6-9 Converter
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1D0C8FEA-F9E6-4272-8465-58903F1946D0}" = TurboTax 2011 wnyiper
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{206FD69B-F9FE-4164-81BD-D52552BC9C23}" = GearDrvs
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{216729B6-014A-F413-814F-F17F74FBA113}_is1" = Google Books Downloader version 2.2
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29521505-F489-4822-ADFA-32C6DEE4F114}" = TurboTax 2008 WinPerUserEducation
"{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}" = essvatgt
"{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"{2E7595EC-4FB1-4E29-93D4-9083C8A9B107}" = TurboTax ItsDeductible 2005
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{33BB4982-DC52-4886-A03B-F4C5C80BEE89}" = Windows Media Player 10
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35BDEFF1-A610-4956-A00D-15453C116395}" = Internet Explorer Default Page
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3881DB80-EAA2-012B-ADAE-000000000000}" = TurboTax 2009 WinPerFedFormset
"{38975F50-EAA2-012B-ADB4-000000000000}" = TurboTax 2009 WinPerReleaseEngine
"{38A34630-EAA2-012B-ADB6-000000000000}" = TurboTax 2009 WinPerTaxSupport
"{3A3A3B34-6EA2-4031-8580-D66D29533E89}" = Download Navigator
"{3B8186F0-EAA2-012B-AE69-000000000000}" = TurboTax 2009 wnyiper
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C5A81D0-EAA2-012B-AE9F-000000000000}" = TurboTax 2009 wrapper
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{42938595-0D83-404D-9F73-F8177FDD531A}" = ESScore
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{4537EA4B-F603-4181-89FB-2953FC695AB1}" = netbrdg
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}" = Bonjour
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{51F96AEC-D902-4434-A0DC-B9692A21AE7C}" = MobileMe Control Panel
"{5316DFC9-CE99-4458-9AB3-E8726EDE0210}" = skin0001
"{54C8FE84-89C4-40E8-976C-439EB0729BD6}" = CardRd81
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56F3E1FF-54FE-4384-A153-6CCABA097814}" = Creative MediaSource
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{605A4E39-613C-4A12-B56F-DEFBE6757237}" = SHASTA
"{62BD0AE0-4EB1-4BBB-8F43-B6400C8FEB2C}" = AOLIcon
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail
"{643EAE81-920C-4931-9F0B-4B343B225CA6}" = ESSBrwr
"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD 5.9
"{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}" = Microsoft Plus! Digital Media Edition Installer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74F7662C-B1DB-489E-A8AC-07A06B24978B}" = Dell System Restore
"{7570F1CA-016D-46AC-B586-CD74645EFB52}" = TurboTax 2008 WinPerFedFormset
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78D944D7-A97B-4004-AB0A-B5AD06839940}" = My Way Search Assistant
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7DD9A065-2C86-4A9F-A5FF-796EC1B99DCA}" = AnswerWorks 4.0 Runtime - English
"{7F142D56-3326-11D5-B229-002078017FBF}" = Modem Helper
"{7FCC4EDC-6EE2-4309-ABD7-85F2667A7B90}" = WebEx Support Manager for Internet Explorer
"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88214092-836F-4E22-A5AC-569AC9EE6A0F}" = TurboTax 2008 WinPerReleaseEngine
"{8943CE61-53BD-475E-90E1-A580869E98A2}" = staticcr
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A502E38-29C9-49FA-BCFA-D727CA062589}" = ESSTOOLS
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8E92D746-CD9F-4B90-9668-42B74C14F765}" = ESSini
"{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}" = Epson Event Manager
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel Matrix Storage Manager
"{91517631-A9F3-4B7C-B482-43E0068FD55A}" = ESSgui
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9941F0AA-B903-4AF4-A055-83A9815CC011}" = Sonic Encoders
"{999D43F4-9709-4887-9B1A-83EBB15A8370}" = VPRINTOL
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2514D9-DC24-4634-B348-61F3EF0F1628}" = Sound Blaster Audigy 2 ZS
"{9E5A03E3-6246-4920-9630-0527D5DA9B07}" = AnswerWorks 5.0 English Runtime
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}" = Windows Defender Signatures
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio module
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.4)
"{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}" = ESSCDBK
"{B00EBEC1-D693-4B4D-93BD-610EDBA9B0DF}" = G21942EN
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B10914FD-8812-47A4-85A1-50FCDE7F1F33}" = Windows Live Sync
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}" = OfotoXMI
"{B1DB1AD8-C07E-4052-81A1-D2930232BA70}" = TurboTax 2008 wrapper
"{B23726CF-68BF-41A6-A4EB-72F12F87FE05}" = TurboTax 2008 WinPerTaxSupport
"{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}" = CCScore
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C3DE07CB-036F-45BC-85BD-D6FFC5D33603}" = TurboTax 2008 wnyiper
"{C4124E95-5061-4776-8D5D-E3D931C778E1}" = Microsoft VC9 runtime libraries
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{CAE8A0F1-B498-4C23-95FA-55047E730C8F}" = ArcSoft Print Creations
"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB84F0F2-927B-458D-9DC5-87832E3DC653}" = GearDrvs
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D32470A1-B10C-4059-BA53-CF0486F68EBC}" = Kodak EasyShare software
"{D4DDFAA1-EC37-4529-AD5B-A433ADE68662}" = Apple Mobile Device Support
"{DB02F716-6275-42E9-B8D2-83BA2BF5100B}" = SFR
"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E6D9BC25-0DBC-4368-8E4A-7DEE80661CD9}" = TurboTax 2008 WinPerProgramHelp
"{E79987F0-0E34-42CC-B8FF-6C860AEEB26A}" = tooltips
"{EA2BEBD6-87B9-41E5-95AC-7E4C165A9475}" = WexTech AnswerWorks
"{ECA1A3B6-898F-4DCE-9F04-714CF3BA126B}" = Adobe Flash Player 10 Plugin
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F22C222C-3CE2-4A4B-A83F-AF4681371ABE}" = kgcbase
"{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}" = SKINXSDK
"{F8722041-B63A-47FB-82A8-5F0977E1CF45}" = TWC Customer Controls
"{F9593CFB-D836-49BC-BFF1-0E669A411D9F}" = WIRELESS
"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset
"{FCDB1C92-03C6-4C76-8625-371224256091}" = ESSPDock
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT Extension to Microsoft Windows XP CD Writing Wizard
"Adobe AIR" = Adobe AIR
"Adobe Atmosphere Player" = Adobe Atmosphere Player for Acrobat and Adobe Reader
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"AOL Toolbar" = AOL Toolbar
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1" = Conexant D850 56K V.9x DFVc Modem
"Dell Digital Jukebox Driver" = Dell Digital Jukebox Driver
"DellSupport" = Dell Support 5.0.0 (630)
"EPSON NX430 Series" = EPSON NX430 Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"ERUNT_is1" = ERUNT 1.1j
"GenoPro" = GenoPro 2.5.4.1
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{2E086814-7392-4E0F-ADB8-54A81E47406C}" = Broadcom Advanced Control Suite 2
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.65.1.1000
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 17.0.1 (x86 en-US)" = Mozilla Firefox 17.0.1 (x86 en-US)
"Mozilla Thunderbird 16.0.2 (x86 en-US)" = Mozilla Thunderbird 16.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MyWaySearchAssistantDE" = My Way Search Assistant
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"OfotoEZUpload" = KODAK EASYSHARE Gallery Upload ActiveX Control
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"PrintMaster Gold 4.00" = PrintMaster Gold 4.00
"RealArcade 1.2" = RealArcade
"RealPlayer 15.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.94
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"StreetPlugin" = Learn2 Player (Uninstall Only)
"TomTom HOME" = TomTom HOME 2.8.2.2264
"TurboTax 2008" = TurboTax 2008
"TurboTax 2009" = TurboTax 2009
"TurboTax 2010" = TurboTax 2010
"TurboTax 2011" = TurboTax 2011
"TurboTax Deluxe 2005" = TurboTax Deluxe 2005
"TurboTax Deluxe 2007" = TurboTax Deluxe 2007
"TurboTax Deluxe Deduction Maximizer 2006" = TurboTax Deluxe Deduction Maximizer 2006
"TWC_RoadRunnerMedic" = Road Runner Medic 5.4
"Uninstall_is1" = Uninstall 1.0.0.1
"uTorrent" = µTorrent
"Viewpoint Manager" = Viewpoint Manager (Remove Only)
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VLC media player 1.1.8
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"WMCSetup" = Windows Media Connect
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Adobe Connect Add-in" = Adobe Connect Add-in
"f031ef6ac137efc5" = Dell Driver Download Manager

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 12/10/2012 8:49:51 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 12/10/2012 8:53:20 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 12/10/2012 9:01:18 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 12/10/2012 9:06:22 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 12/10/2012 9:11:39 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 12/10/2012 10:51:38 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 12/10/2012 10:53:24 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client Setup | ID = 100
Description = HRESULT:0x80070643 Description:. 0x80070643. Fatal error during installation.

Error - 12/10/2012 10:53:25 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

Error - 12/10/2012 10:56:24 PM | Computer Name = D16M9M71 | Source = MPSampleSubmission | ID = 5000
Description = EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0,
P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Error - 12/10/2012 10:56:31 PM | Computer Name = D16M9M71 | Source = Microsoft Security Client | ID = 5000
Description =

[ System Events ]
Error - 12/10/2012 8:35:00 PM | Computer Name = D16M9M71 | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.

Error - 12/10/2012 8:58:32 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SYMTDI

Error - 12/10/2012 9:00:20 PM | Computer Name = D16M9M71 | Source = DCOM | ID = 10010
Description = The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register
with DCOM within the required timeout.

Error - 12/10/2012 9:42:09 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 12/10/2012 9:45:57 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 12/10/2012 9:48:38 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 12/10/2012 10:34:09 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 12/10/2012 10:35:05 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 12/10/2012 10:37:09 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7031
Description = The Windows Media Player Network Sharing Service service terminated
unexpectedly. It has done this 1 time(s). The following corrective action will
be taken in 30000 milliseconds: Restart the service.

Error - 12/10/2012 10:55:00 PM | Computer Name = D16M9M71 | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
SYMTDI

< End of report >


----------



## olabola (May 20, 2012)

I will be heading off to bed for the evening but I will be home again tomorrow so I will be available for the day. Should I be careful about using my desktop? I guess I am wondering if I should not be "surfing" the web just yet? Thanks for your help!


----------



## olabola (May 20, 2012)

I noticed in the last log that there was mention of uninstalling adobe connect? I REALLY need that software installed on my desktop, I use it for school to connect to my online classes.


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> I noticed in the last log that there was mention of uninstalling adobe connect? I REALLY need that software installed on my desktop, I use it for school to connect to my online classes.


Don't worry about that. It's just showing what's called an "uninstall list" to show what programs are installed and under which branch in the registry. We won't be removing that.

You mentioned that you were running a scan with MSE after it updated. Did it find anything?

I'm reviewing the logs now but it will take some time.


----------



## Cookiegal (Aug 27, 2003)

Do you recognize this site and did you add it to your Trusted Sites zone intentionally?

shareasale.com


----------



## Cookiegal (Aug 27, 2003)

Also, did you have Norton as your anti-virus previously?

Do you still have any Symantec products installed? - Edit: Sorry, of course you did. I had read back through the thread before but forgot.


----------



## Cookiegal (Aug 27, 2003)

Please run OTL again. Under the *Custom Scans/Fixes* box at the bottom paste in the following:


```
:OTL
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt...ctid=CT2790392
CHR - homepage: http://www.claro-search.com/?affID=1...0000132017bce0
CHR - homepage: http://www.claro-search.com/?affID=1...0000132017bce0
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O16 - DPF: {0A50726E-51A2-42BB-8392-98F050C40A10} http://aol.skilljam.com/ssp/SkillJamLoader.cab (Reg Error: Key error.)
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (Reg Error: Value error.)
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
```

Then click the *Run Fix* button at the top
Let the program run unhindered, reboot the PC when it is done
Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Don't worry about that. It's just showing what's called an "uninstall list" to show what programs are installed and under which branch in the registry. We won't be removing that.
> 
> You mentioned that you were running a scan with MSE after it updated. Did it find anything?
> 
> I'm reviewing the logs now but it will take some time.


MSE didnt find anything after it scanned, but it was just the quick scan.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Do you recognize this site and did you add it to your Trusted Sites zone intentionally?
> 
> shareasale.com


I dont believe I did, but I cant be sure...I dont remeber ever visiting that site and I dont remember how to add something to trusted sites so probably not.


----------



## olabola (May 20, 2012)

========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
Use Chrome's Settings page to change the HomePage.
Use Chrome's Settings page to change the HomePage.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}\ not found.
Starting removal of ActiveX control {0A50726E-51A2-42BB-8392-98F050C40A10}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0A50726E-51A2-42BB-8392-98F050C40A10}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{0A50726E-51A2-42BB-8392-98F050C40A10}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A50726E-51A2-42BB-8392-98F050C40A10}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{0A50726E-51A2-42BB-8392-98F050C40A10}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A50726E-51A2-42BB-8392-98F050C40A10}\ not found.
Starting removal of ActiveX control {E06E2E99-0AA1-11D4-ABA6-0060082AA75C}
C:\Program Files\WebEx\ieatgpc.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E06E2E99-0AA1-11D4-ABA6-0060082AA75C}\ not found.
C:\WINDOWS\System32\CONFIG.TMP deleted successfully.
C:\WINDOWS\System32\SET41.tmp deleted successfully.
C:\WINDOWS\003030_.tmp deleted successfully.
C:\WINDOWS\msdownld.tmp folder deleted successfully.

OTL by OldTimer - Version 3.2.69.0 log created on 12112012_144143

OTL logfile created on: 12/11/2012 2:45:44 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.33 Gb Available Physical Memory | 77.56% Memory free
4.34 Gb Paging File | 3.77 Gb Available in Paging File | 86.80% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 56.76 Gb Free Space | 39.33% Space Free | Partition Type: NTFS

Computer Name: D16M9M71 | User Name: Alexandra Jachimczyk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/12/10 22:19:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\OTL.exe
PRC - [2012/11/08 16:06:48 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
PRC - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
PRC - [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
PRC - [2012/02/29 07:03:02 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_FATIHBA.EXE
PRC - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe
PRC - [2011/02/23 16:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd) -- C:\WINDOWS\SYSTEM32\CtHelper.exe
PRC - [2005/10/18 14:33:12 | 001,921,024 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Support.com\bin\tgcmd.exe
PRC - [2005/02/03 15:35:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
PRC - [2005/02/03 08:08:54 | 000,294,912 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
PRC - [2004/07/27 14:08:22 | 000,262,144 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe
PRC - [2003/09/17 10:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd) -- C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

========== Modules (No Company Name) ==========

MOD - [2012/11/15 09:50:33 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2012/10/05 22:16:02 | 000,847,872 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2012/10/05 22:16:02 | 000,688,128 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2012/10/05 22:16:02 | 000,237,568 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2012/10/05 22:16:02 | 000,155,648 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2012/10/05 22:16:02 | 000,143,360 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2012/10/05 22:16:01 | 002,236,416 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2012/10/05 22:16:01 | 001,396,736 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2012/10/05 22:16:01 | 000,868,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2012/10/05 22:16:01 | 000,782,336 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2012/10/05 22:16:01 | 000,528,384 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2012/10/05 22:16:01 | 000,462,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2012/10/05 22:15:59 | 000,129,536 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2012/10/05 22:15:59 | 000,090,112 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2012/10/05 22:15:59 | 000,044,544 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2012/10/05 22:15:59 | 000,010,240 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2012/10/05 22:15:58 | 001,564,672 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2012/10/05 22:15:58 | 000,471,040 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2012/10/05 22:15:58 | 000,406,016 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2012/10/05 22:15:58 | 000,356,352 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2012/10/05 22:15:58 | 000,315,392 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2012/10/05 22:15:58 | 000,264,192 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2012/10/05 22:15:58 | 000,234,496 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2012/10/05 22:15:58 | 000,098,304 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2012/10/05 22:15:58 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2012/10/05 22:15:58 | 000,062,464 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2012/10/05 22:15:58 | 000,052,224 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2012/10/05 22:15:57 | 011,503,616 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2012/10/05 22:15:57 | 000,684,032 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2012/10/05 22:15:57 | 000,339,968 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2012/10/05 22:15:57 | 000,171,520 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2012/10/05 22:15:57 | 000,152,576 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2012/10/05 22:15:57 | 000,084,480 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2012/10/05 22:15:56 | 000,761,856 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2012/10/05 22:15:56 | 000,078,848 | ---- | M] () -- C:\Program Files\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2011/11/03 10:28:36 | 001,292,288 | ---- | M] () -- C:\WINDOWS\SYSTEM32\quartz.dll
MOD - [2011/11/01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/04 17:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\SYSTEM32\sbe.dll
MOD - [2008/04/13 19:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\SYSTEM32\msdmo.dll
MOD - [2008/04/13 19:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\SYSTEM32\devenum.dll
MOD - [2005/02/03 15:35:00 | 000,102,400 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmon.exe
MOD - [2005/02/03 08:08:54 | 000,294,912 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe
MOD - [2005/02/03 08:07:18 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetPrint.dll
MOD - [2005/02/03 08:06:52 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetScan.dll
MOD - [2005/02/03 08:05:56 | 000,135,168 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetDecmp.dll
MOD - [2005/02/03 08:05:42 | 000,065,536 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetImage.dll
MOD - [2005/02/03 08:05:22 | 000,028,672 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetPDF.dll
MOD - [2005/02/03 08:05:06 | 000,036,864 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\JetFunc.dll
MOD - [2004/07/29 21:54:20 | 000,061,440 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\ConvDIB.dll
MOD - [2004/07/27 14:08:22 | 000,262,144 | ---- | M] () -- C:\Program Files\Dell Photo AIO Printer 942\memcard.exe

========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\Documents and Settings\Alexandra Jachimczyk\Desktop\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012/12/04 19:54:50 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/08 16:13:12 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/11/08 16:06:48 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
SRV - [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2008/07/15 17:38:32 | 000,394,608 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2007/01/04 16:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [On_Demand | Stopped] -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV)
SRV - [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV)
SRV - [2006/12/14 01:46:16 | 000,057,344 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR)
SRV - [2004/03/23 12:15:40 | 000,073,852 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -- (IAANTMon)

========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | System | Stopped] -- C:\WINDOWS\System32\Drivers\NIS\1309000.009\SYMTDI.SYS -- (SYMTDI)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\SymIM.sys -- (SymIM)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (bvrp_pci)
DRV - [2012/02/22 05:34:36 | 000,022,400 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mcaudrv.sys -- (mcaudrv_simple)
DRV - [2012/01/11 01:11:20 | 000,032,000 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\mcvidrv.sys -- (ManyCam)
DRV - [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -- (gameenum)
DRV - [2007/06/18 19:18:26 | 000,023,680 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -- (motmodem)
DRV - [2007/04/18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -- (ossrv)
DRV - [2007/04/10 04:32:34 | 000,016,168 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\pfmodnt.sys -- (PfModNT)
DRV - [2007/04/10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -- (emupia)
DRV - [2007/04/10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -- (ctaud2k)
DRV - [2007/04/10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -- (ctac32k)
DRV - [2005/07/06 18:51:17 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\CdaD10BA.SYS -- (CdaD10BA)
DRV - [2004/05/29 17:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -- (b57w2k)
DRV - [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -- (winachsf)
DRV - [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -- (HSF_DP)
DRV - [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -- (omci)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com...}&invocationType=tb50-ie-aol-chromesbox-en-us
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope = {BCD9DC71-4486-4BA8-A119-6D2ECB664D16}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={sea...putEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{BCD9DC71-4486-4BA8-A119-6D2ECB664D16}: "URL" = http://www.google.com/search?q={sea...={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/npracplug;version=1.0.0.0: C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@macromedia.com/FlashPlayer8: C:\WINDOWS\SYSTEM32\Macromed\Flash\NPSWF32.dll ()

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/12/04 19:54:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/12/04 19:54:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012/10/30 22:59:36 | 000,000,000 | ---D | M]

[2012/08/27 21:01:53 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Mozilla\Extensions
[2012/12/04 19:54:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012/12/04 19:54:50 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/03/18 12:33:21 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2006/01/08 20:09:39 | 000,024,576 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npgcplug.dll
[2011/03/18 12:33:22 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2005/04/27 15:10:49 | 000,102,400 | ---- | M] (RealNetworks) -- C:\Program Files\mozilla firefox\plugins\npracplug.dll
[2012/05/20 13:51:16 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2007/04/16 12:07:12 | 000,180,293 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npViewpoint.dll
[2012/11/20 01:17:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/11/20 01:17:14 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.claro-search.com/?affID=...HP_ss&mntrId=6c1d4e3200000000000000132017bce0
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.claro-search.com/?affID=...HP_ss&mntrId=6c1d4e3200000000000000132017bce0
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.320.5 (Enabled) = C:\WINDOWS\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: Google Drive = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Norton Identity Protection = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
CHR - Extension: Gmail = C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/12/10 21:39:35 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (DriveLetterAccess) - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll (Sonic Solutions)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (AOL Toolbar) - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - Reg Error: Value error. File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [CTHelper] C:\WINDOWS\System32\CtHelper.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Dell Photo AIO Printer 942] C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe ()
O4 - HKLM..\Run: [DellMCM] C:\Program Files\Dell Photo AIO Printer 942\memcard.exe ()
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [tgcmd] C:\Program Files\Support.com\bin\tgcmd.exe (SupportSoft, Inc.)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE (SEIKO EPSON CORPORATION)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: aol.com%20and%20https ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: microsoft.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: shareasale.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: turbotax.com ([]https in Trusted sites)
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} http://www.activation.rr.com/install/download/tgctlcm.cab (Support.com Configuration Class)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/sites/production/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downl...-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab (Reg Error: Key error.)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab (Office Update Installation Engine)
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} http://aolcc.aol.com/computercheckup/qdiagcc.cab (Reg Error: Key error.)
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1118701430265 (WUWebControl Class)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Reg Error: Key error.)
O16 - DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} http://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab (CPlayFirstDoggieDashControl Object)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1345548205328 (MUWebControl Class)
O16 - DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} http://support.dell.com/systemprofiler/DellSystemLite.CAB (Reg Error: Key error.)
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab (Reg Error: Key error.)
O16 - DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab (Reg Error: Key error.)
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB (Reg Error: Key error.)
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab (GoBit Games Player)
O16 - DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} http://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab (CPlayFirstzenerchiControl Object)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} http://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab (Reg Error: Key error.)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://24.97.152.19/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://www.popcap.com/webgames/popcaploader_v10.cab (PopCapLoader Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC07AD45-4B6C-41AA-BD45-9ECA4D349186}: DhcpNameServer = 209.18.47.61 209.18.47.62
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/19 16:07:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012/12/11 14:41:43 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/12/10 21:56:10 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/12/10 21:41:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2012/12/10 20:42:39 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2012/12/10 20:40:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2012/12/10 20:40:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2012/12/10 20:40:59 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2012/12/10 20:40:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2012/12/10 20:40:47 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/12/09 18:29:22 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012/12/09 18:28:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2012/12/09 18:27:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ERUNIT
[2012/12/08 21:22:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\PCHealth
[2012/12/04 19:54:42 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012/12/04 18:45:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2012/11/30 22:24:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Adobe
[2012/11/30 20:48:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Epson
[2012/11/29 23:16:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Mozilla
[2012/11/29 23:15:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Mozilla
[2012/11/29 23:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012/11/23 10:25:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2012/11/23 10:18:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Start Menu\Programs\EPSON Software
[2012/11/23 10:17:16 | 000,000,000 | ---D | C] -- C:\Program Files\Epson America Inc
[2012/11/23 10:16:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2012/11/23 10:16:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Epson Software
[2012/11/23 10:16:05 | 000,000,000 | ---D | C] -- C:\Program Files\Epson Software
[2012/11/23 10:15:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\EPSON
[2012/11/23 10:15:32 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2012/11/23 09:46:39 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Photo AIO Printer 942
[2012/11/21 22:02:14 | 000,000,000 | ---D | C] -- C:\Program Files\Google Books Downloader
[2012/11/19 04:58:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Start Menu\Programs\Revo Uninstaller
[2012/11/19 04:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012/11/13 21:34:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Adobe_Systems_Incorporate
[2012/11/13 21:34:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Alexandra Jachimczyk\My Documents\My Digital Editions
[2006/01/08 20:09:49 | 000,774,144 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files\RngInterstitial.dll

========== Files - Modified Within 30 Days ==========

[2012/12/11 14:44:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\WPA.DBL
[2012/12/11 14:43:49 | 000,000,308 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
[2012/12/11 14:43:48 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/11 14:43:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\BOOTSTAT.DAT
[2012/12/11 14:43:43 | 3219,296,256 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/11 14:42:49 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/11 14:42:49 | 000,031,056 | ---- | M] () -- C:\WINDOWS\System32\BMXState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/11 14:42:49 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/11 14:42:49 | 000,030,528 | ---- | M] () -- C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/11 14:42:49 | 000,011,564 | ---- | M] () -- C:\WINDOWS\System32\DVCState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx
[2012/12/11 14:32:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/11 14:17:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/12/10 22:35:59 | 000,000,452 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{99BE4562-DD15-4050-9103-AA7BC77B85E8}.job
[2012/12/10 22:06:29 | 000,000,384 | -H-- | M] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/10 21:58:31 | 000,001,945 | ---- | M] () -- C:\WINDOWS\epplauncher.mif
[2012/12/10 21:39:35 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\ETC\hosts
[2012/12/10 20:42:47 | 000,000,325 | RHS- | M] () -- C:\BOOT.INI
[2012/12/10 18:12:00 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2012/12/09 14:53:00 | 000,000,316 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
[2012/12/06 18:49:08 | 000,030,720 | ---- | M] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/04 08:00:30 | 000,000,552 | ---- | M] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/12/01 08:26:19 | 000,000,000 | ---- | M] () -- C:\WINDOWS\EEventManager.INI
[2012/11/30 22:33:10 | 004,935,331 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-20061102}.CDF
[2012/11/30 22:33:10 | 004,935,331 | ---- | M] () -- C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-20061102}.BAK
[2012/11/29 23:15:15 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/29 23:15:15 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/11/27 22:57:00 | 000,055,928 | -H-- | M] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/11/26 08:01:13 | 000,003,072 | ---- | M] () -- C:\WINDOWS\System32\Cache.db
[2012/11/23 13:28:35 | 007,933,952 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mbb
[2012/11/23 13:28:35 | 004,398,080 | R--- | M] () -- C:\Documents and Settings\All Users\Documents\ESBK.mb
[2012/11/23 10:22:51 | 000,000,071 | ---- | M] () -- C:\WINDOWS\ENX430.ini
[2012/11/23 10:15:37 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2012/11/21 22:02:15 | 000,000,775 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Books Downloader.lnk
[2012/11/16 06:21:02 | 000,272,576 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/11/15 09:50:34 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012/11/15 09:49:27 | 000,504,048 | ---- | M] () -- C:\WINDOWS\System32\PERFH009.DAT
[2012/11/15 09:49:27 | 000,087,462 | ---- | M] () -- C:\WINDOWS\System32\PERFC009.DAT
[2012/11/12 14:54:03 | 000,001,791 | ---- | M] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

========== Files Created - No Company Name ==========

[2012/12/10 22:06:28 | 000,000,384 | -H-- | C] () -- C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job
[2012/12/10 21:56:29 | 000,001,698 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/12/10 20:42:46 | 000,000,209 | ---- | C] () -- C:\Boot.bak
[2012/12/10 20:42:43 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2012/12/10 20:40:59 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2012/12/10 20:40:59 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2012/12/10 20:40:59 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2012/12/10 20:40:59 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2012/12/10 20:40:59 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2012/12/07 16:17:45 | 3219,296,256 | -HS- | C] () -- C:\hiberfil.sys
[2012/12/04 20:53:49 | 000,001,945 | ---- | C] () -- C:\WINDOWS\epplauncher.mif
[2012/12/04 08:00:30 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/12/01 08:26:19 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012/11/29 23:15:15 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2012/11/29 23:15:14 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2012/11/29 23:15:14 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2012/11/23 10:15:37 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk
[2012/11/23 10:14:58 | 000,000,071 | ---- | C] () -- C:\WINDOWS\ENX430.ini
[2012/11/21 22:02:14 | 000,000,775 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Books Downloader.lnk
[2012/06/22 18:07:45 | 000,000,275 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\HamsterAudioConverterSettings.cfg
[2012/06/22 18:05:21 | 000,000,035 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\installLang.ini
[2012/06/03 07:33:03 | 000,002,297 | ---- | C] () -- C:\Program Files\show_all_body_parts-1.2-tb.xpi
[2012/05/09 17:50:55 | 005,899,576 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2012/02/21 03:33:44 | 003,616,534 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2885659742-3719046469-1376452676-1005-0.dat
[2012/02/21 03:33:43 | 000,282,758 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2012/02/20 11:21:39 | 000,000,590 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc
[2012/02/16 00:27:26 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/07/25 12:52:50 | 000,000,216 | ---- | C] () -- C:\WINDOWS\youtube2mp3.ini
[2011/05/21 18:19:33 | 008,892,928 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\atscie.msi
[2011/05/18 18:13:38 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/05/18 18:08:35 | 000,001,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/01/24 19:48:51 | 000,000,010 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\usb001
[2007/12/29 17:20:08 | 000,001,763 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/10/19 00:17:25 | 000,353,298 | ---- | C] () -- C:\Program Files\LimeWireWin.exe
[2005/10/16 21:31:03 | 004,077,184 | ---- | C] () -- C:\Program Files\winzip90.exe
[2005/07/08 18:35:21 | 000,000,251 | ---- | C] () -- C:\Program Files\wt3d.ini
[2005/06/18 14:14:51 | 000,030,720 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/13 18:59:50 | 000,061,678 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\PFP120JPR.{PB
[2005/06/13 18:59:50 | 000,012,358 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\PFP120JCM.{PB
[2005/06/13 17:14:42 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\fusioncache.dat

========== ZeroAccess Check ==========

[2004/08/19 16:03:36 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 19:12:05 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 19:12:08 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2010/10/18 18:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\AVG10
[2008/10/07 19:36:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Big Fish Games
[2011/07/21 18:32:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\DVDVideoSoft
[2011/05/07 09:16:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\DVDVideoSoftIEHelpers
[2012/05/01 21:14:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\ElevatedDiagnostics
[2012/11/30 20:48:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Epson
[2010/12/18 20:22:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\FrostWire
[2012/06/22 18:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\HamsterSoft
[2005/06/14 19:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Leadertech
[2011/08/05 21:11:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\MP3Rocket
[2008/09/01 18:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Sahmon Games
[2005/10/11 23:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Simple Star
[2012/10/05 22:19:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Skinux
[2012/08/27 21:01:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Thunderbird
[2011/06/05 12:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\TomTom
[2012/11/28 18:47:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\uTorrent
[2007/02/08 20:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Viewpoint
[2011/11/30 22:12:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Walgreens
[2010/01/24 08:15:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Windows Desktop Search
[2010/01/24 08:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Windows Search
[2012/05/13 08:41:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Alexandra Jachimczyk\Application Data\YourFileDownloader
[2012/10/22 20:05:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2009/01/27 18:51:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2012/04/06 18:48:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ask
[2011/02/02 10:50:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/18 18:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2010/10/18 18:20:54 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012/11/26 20:40:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\EPSON
[2008/06/14 15:46:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2008/03/26 18:33:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GoBit Games
[2007/06/28 19:29:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grisoft
[2012/08/20 06:09:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallMate
[2010/10/18 18:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/09/26 14:27:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCSettings
[2008/10/07 19:26:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Playrix Entertainment
[2008/02/02 13:19:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2012/05/13 08:21:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Premium
[2005/06/13 17:55:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBT
[2005/07/06 18:51:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SkillJam
[2011/06/05 12:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TomTom
[2009/01/27 18:51:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2011/06/20 23:11:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/03/15 12:58:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2012/03/08 06:47:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{1C6FDDD8-FC9E-4C12-9FA5-1AAD377097B3}
[2008/10/06 18:24:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/04/25 18:50:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/03 13:47:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/28 20:10:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}

========== Purity Check ==========

< End of report >


----------



## Cookiegal (Aug 27, 2003)

Please open the Chrome browser and see if you can change your homepage from Claro to Google or whatever else you want please. Let me know if that is successful.

Also, please open Internet Explorer and click on Tools - Internet Options - Security Tab - highlight the Trusted Zone and then click on Sites and remove the shareasale.com site from there.

Let me know if that was successful as well please.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Please open the Chrome browser and see if you can change your homepage from Claro to Google or whatever else you want please. Let me know if that is successful.
> 
> Also, please open Internet Explorer and click on Tools - Internet Options - Security Tab - highlight the Trusted Zone and then click on Sites and remove the shareasale.com site from there.
> 
> Let me know if that was successful as well please.


I dont have Chrome anymore on my desktop, I got rid of it...that is around the time stuff started to go bad with my computer. Isee in the log a bunch of files listed under the chrome browser which actually shocks me because I did some extensive research on how to remove the browser completely because I was having trouble getting rid of the toolbar that came with it. I actually looked on TSG and found solutions to removing chrome and the toolbar, but I guess it didnt work, or I did something incorrectly.

However, I was easily able to get rid of sharesale.com by removing it from the trusted zone list.

I currently have Firefox and IE installed and functioning on my desktop.


----------



## olabola (May 20, 2012)

I received a windows update notification to download and install an automatic update. I am assuming that its ok for me to proceed?


----------



## olabola (May 20, 2012)

I noticed this morning that after I tried to check my email on the desktop I kept receiving a message from windows installer to install something called Microsoft 2000 SR1, it would start on its own saying that it was preparing to install. I hit cancel each time because I was not sure what it was.


----------



## Cookiegal (Aug 27, 2003)

I looked back and it seems you're still using Microsoft Office 2000, is that correct?

Do you still have the installation CD for that version of Office?

Please go to *Start *- *Run *- type in *eventvwr.msc* to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.


----------



## olabola (May 20, 2012)

Cookiegal said:


> I looked back and it seems you're still using Microsoft Office 2000, is that correct?
> 
> Do you still have the installation CD for that version of Office?


Yes, I have the disks, there are 2, and I do have Microsoft office 2000.


----------



## Cookiegal (Aug 27, 2003)

Would you please carry out the rest of the instructions so I can see if there's anything related to this in the Event Viewer?


----------



## olabola (May 20, 2012)

Cookiegal said:


> Would you please carry out the rest of the instructions so I can see if there's anything related to this in the Event Viewer?


 Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 9:56:31 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, setup.exe, 4.1.522.0, 0x80004002, morrobootstraper__cinstallflow__internalrun - getenablefirewallaction, morrobootstraper__cflow__processflowactionresult, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 73 00 65 00 ,. .s.e.
0028: 74 00 75 00 70 00 2e 00 t.u.p...
0030: 65 00 78 00 65 00 2c 00 e.x.e.,.
0038: 20 00 34 00 2e 00 31 00 .4...1.
0040: 2e 00 35 00 32 00 32 00 ..5.2.2.
0048: 2e 00 30 00 2c 00 20 00 ..0.,. .
0050: 30 00 78 00 38 00 30 00 0.x.8.0.
0058: 30 00 30 00 34 00 30 00 0.0.4.0.
0060: 30 00 32 00 2c 00 20 00 0.2.,. .
0068: 6d 00 6f 00 72 00 72 00 m.o.r.r.
0070: 6f 00 62 00 6f 00 6f 00 o.b.o.o.
0078: 74 00 73 00 74 00 72 00 t.s.t.r.
0080: 61 00 70 00 65 00 72 00 a.p.e.r.
0088: 5f 00 5f 00 63 00 69 00 _._.c.i.
0090: 6e 00 73 00 74 00 61 00 n.s.t.a.
0098: 6c 00 6c 00 66 00 6c 00 l.l.f.l.
00a0: 6f 00 77 00 5f 00 5f 00 o.w._._.
00a8: 69 00 6e 00 74 00 65 00 i.n.t.e.
00b0: 72 00 6e 00 61 00 6c 00 r.n.a.l.
00b8: 72 00 75 00 6e 00 20 00 r.u.n. .
00c0: 2d 00 20 00 67 00 65 00 -. .g.e.
00c8: 74 00 65 00 6e 00 61 00 t.e.n.a.
00d0: 62 00 6c 00 65 00 66 00 b.l.e.f.
00d8: 69 00 72 00 65 00 77 00 i.r.e.w.
00e0: 61 00 6c 00 6c 00 61 00 a.l.l.a.
00e8: 63 00 74 00 69 00 6f 00 c.t.i.o.
00f0: 6e 00 2c 00 20 00 6d 00 n.,. .m.
00f8: 6f 00 72 00 72 00 6f 00 o.r.r.o.
0100: 62 00 6f 00 6f 00 74 00 b.o.o.t.
0108: 73 00 74 00 72 00 61 00 s.t.r.a.
0110: 70 00 65 00 72 00 5f 00 p.e.r._.
0118: 5f 00 63 00 66 00 6c 00 _.c.f.l.
0120: 6f 00 77 00 5f 00 5f 00 o.w._._.
0128: 70 00 72 00 6f 00 63 00 p.r.o.c.
0130: 65 00 73 00 73 00 66 00 e.s.s.f.
0138: 6c 00 6f 00 77 00 61 00 l.o.w.a.
0140: 63 00 74 00 69 00 6f 00 c.t.i.o.
0148: 6e 00 72 00 65 00 73 00 n.r.e.s.
0150: 75 00 6c 00 74 00 2c 00 u.l.t.,.
0158: 20 00 30 00 2c 00 20 00 .0.,. .
0160: 73 00 65 00 63 00 75 00 s.e.c.u.
0168: 72 00 69 00 74 00 79 00 r.i.t.y.
0170: 20 00 65 00 73 00 73 00 .e.s.s.
0178: 65 00 6e 00 74 00 69 00 e.n.t.i.
0180: 61 00 6c 00 73 00 2c 00 a.l.s.,.
0188: 20 00 4e 00 49 00 4c 00 .N.I.L.
0190: 2c 00 20 00 4e 00 49 00 ,. .N.I.
0198: 4c 00 20 00 4e 00 49 00 L. .N.I.
01a0: 4c 00 0d 00 0a 00 L..... 
Event Type: Error
Event Source: MPSampleSubmission
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 9:56:24 PM
User: N/A
Computer: D16M9M71
Description:
EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 70 00 74 00 65 00 m.p.t.e.
0008: 6c 00 65 00 6d 00 65 00 l.e.m.e.
0010: 74 00 72 00 79 00 2c 00 t.r.y.,.
0018: 20 00 30 00 78 00 38 00 .0.x.8.
0020: 30 00 30 00 37 00 30 00 0.0.7.0.
0028: 30 00 30 00 33 00 2c 00 0.0.3.,.
0030: 20 00 6d 00 6f 00 61 00 .m.o.a.
0038: 63 00 2c 00 20 00 63 00 c.,. .c.
0040: 61 00 63 00 68 00 65 00 a.c.h.e.
0048: 72 00 65 00 73 00 65 00 r.e.s.e.
0050: 74 00 2c 00 20 00 34 00 t.,. .4.
0058: 2e 00 31 00 2e 00 35 00 ..1...5.
0060: 32 00 32 00 2e 00 30 00 2.2...0.
0068: 2c 00 20 00 75 00 6e 00 ,. .u.n.
0070: 73 00 70 00 65 00 63 00 s.p.e.c.
0078: 69 00 66 00 69 00 65 00 i.f.i.e.
0080: 64 00 2c 00 20 00 75 00 d.,. .u.
0088: 6e 00 73 00 70 00 65 00 n.s.p.e.
0090: 63 00 69 00 66 00 69 00 c.i.f.i.
0098: 65 00 64 00 2c 00 20 00 e.d.,. .
00a0: 75 00 6e 00 73 00 70 00 u.n.s.p.
00a8: 65 00 63 00 69 00 66 00 e.c.i.f.
00b0: 69 00 65 00 64 00 2c 00 i.e.d.,.
00b8: 20 00 4e 00 49 00 4c 00 .N.I.L.
00c0: 2c 00 20 00 4e 00 49 00 ,. .N.I.
00c8: 4c 00 20 00 4e 00 49 00 L. .N.I.
00d0: 4c 00 0d 00 0a 00 L..... 
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 9:53:25 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, setup.exe, 4.1.522.0, 0x80070643, common client setup outcome, setresultdatapoints, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 73 00 65 00 ,. .s.e.
0028: 74 00 75 00 70 00 2e 00 t.u.p...
0030: 65 00 78 00 65 00 2c 00 e.x.e.,.
0038: 20 00 34 00 2e 00 31 00 .4...1.
0040: 2e 00 35 00 32 00 32 00 ..5.2.2.
0048: 2e 00 30 00 2c 00 20 00 ..0.,. .
0050: 30 00 78 00 38 00 30 00 0.x.8.0.
0058: 30 00 37 00 30 00 36 00 0.7.0.6.
0060: 34 00 33 00 2c 00 20 00 4.3.,. .
0068: 63 00 6f 00 6d 00 6d 00 c.o.m.m.
0070: 6f 00 6e 00 20 00 63 00 o.n. .c.
0078: 6c 00 69 00 65 00 6e 00 l.i.e.n.
0080: 74 00 20 00 73 00 65 00 t. .s.e.
0088: 74 00 75 00 70 00 20 00 t.u.p. .
0090: 6f 00 75 00 74 00 63 00 o.u.t.c.
0098: 6f 00 6d 00 65 00 2c 00 o.m.e.,.
00a0: 20 00 73 00 65 00 74 00 .s.e.t.
00a8: 72 00 65 00 73 00 75 00 r.e.s.u.
00b0: 6c 00 74 00 64 00 61 00 l.t.d.a.
00b8: 74 00 61 00 70 00 6f 00 t.a.p.o.
00c0: 69 00 6e 00 74 00 73 00 i.n.t.s.
00c8: 2c 00 20 00 30 00 2c 00 ,. .0.,.
00d0: 20 00 73 00 65 00 63 00 .s.e.c.
00d8: 75 00 72 00 69 00 74 00 u.r.i.t.
00e0: 79 00 20 00 65 00 73 00 y. .e.s.
00e8: 73 00 65 00 6e 00 74 00 s.e.n.t.
00f0: 69 00 61 00 6c 00 73 00 i.a.l.s.
00f8: 2c 00 20 00 4e 00 49 00 ,. .N.I.
0100: 4c 00 2c 00 20 00 4e 00 L.,. .N.
0108: 49 00 4c 00 20 00 4e 00 I.L. .N.
0110: 49 00 4c 00 0d 00 0a 00 I.L.....
Event Type: Error
Event Source: Microsoft Security Client Setup
Event Category: None
Event ID: 100
Date: 12/10/2012
Time: 9:53:24 PM
User: N/A
Computer: D16M9M71
Description:
HRESULT:0x80070643
Description:. 0x80070643. Fatal error during installation.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 9:51:38 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, setup.exe, 4.1.522.0, 0x80070643, morrobootstraper__cinstallflow__internalrun - geteppinstallaction, morrobootstraper__cflow__processflowactionresult, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 73 00 65 00 ,. .s.e.
0028: 74 00 75 00 70 00 2e 00 t.u.p...
0030: 65 00 78 00 65 00 2c 00 e.x.e.,.
0038: 20 00 34 00 2e 00 31 00 .4...1.
0040: 2e 00 35 00 32 00 32 00 ..5.2.2.
0048: 2e 00 30 00 2c 00 20 00 ..0.,. .
0050: 30 00 78 00 38 00 30 00 0.x.8.0.
0058: 30 00 37 00 30 00 36 00 0.7.0.6.
0060: 34 00 33 00 2c 00 20 00 4.3.,. .
0068: 6d 00 6f 00 72 00 72 00 m.o.r.r.
0070: 6f 00 62 00 6f 00 6f 00 o.b.o.o.
0078: 74 00 73 00 74 00 72 00 t.s.t.r.
0080: 61 00 70 00 65 00 72 00 a.p.e.r.
0088: 5f 00 5f 00 63 00 69 00 _._.c.i.
0090: 6e 00 73 00 74 00 61 00 n.s.t.a.
0098: 6c 00 6c 00 66 00 6c 00 l.l.f.l.
00a0: 6f 00 77 00 5f 00 5f 00 o.w._._.
00a8: 69 00 6e 00 74 00 65 00 i.n.t.e.
00b0: 72 00 6e 00 61 00 6c 00 r.n.a.l.
00b8: 72 00 75 00 6e 00 20 00 r.u.n. .
00c0: 2d 00 20 00 67 00 65 00 -. .g.e.
00c8: 74 00 65 00 70 00 70 00 t.e.p.p.
00d0: 69 00 6e 00 73 00 74 00 i.n.s.t.
00d8: 61 00 6c 00 6c 00 61 00 a.l.l.a.
00e0: 63 00 74 00 69 00 6f 00 c.t.i.o.
00e8: 6e 00 2c 00 20 00 6d 00 n.,. .m.
00f0: 6f 00 72 00 72 00 6f 00 o.r.r.o.
00f8: 62 00 6f 00 6f 00 74 00 b.o.o.t.
0100: 73 00 74 00 72 00 61 00 s.t.r.a.
0108: 70 00 65 00 72 00 5f 00 p.e.r._.
0110: 5f 00 63 00 66 00 6c 00 _.c.f.l.
0118: 6f 00 77 00 5f 00 5f 00 o.w._._.
0120: 70 00 72 00 6f 00 63 00 p.r.o.c.
0128: 65 00 73 00 73 00 66 00 e.s.s.f.
0130: 6c 00 6f 00 77 00 61 00 l.o.w.a.
0138: 63 00 74 00 69 00 6f 00 c.t.i.o.
0140: 6e 00 72 00 65 00 73 00 n.r.e.s.
0148: 75 00 6c 00 74 00 2c 00 u.l.t.,.
0150: 20 00 30 00 2c 00 20 00 .0.,. .
0158: 73 00 65 00 63 00 75 00 s.e.c.u.
0160: 72 00 69 00 74 00 79 00 r.i.t.y.
0168: 20 00 65 00 73 00 73 00 .e.s.s.
0170: 65 00 6e 00 74 00 69 00 e.n.t.i.
0178: 61 00 6c 00 73 00 2c 00 a.l.s.,.
0180: 20 00 4e 00 49 00 4c 00 .N.I.L.
0188: 2c 00 20 00 4e 00 49 00 ,. .N.I.
0190: 4c 00 20 00 4e 00 49 00 L. .N.I.
0198: 4c 00 0d 00 0a 00 L..... 
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 8:11:39 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, msseces.exe, 4.1.522.0, 0x80070424, startservice, cmainwindow__onantimalwareenabled, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 6d 00 73 00 ,. .m.s.
0028: 73 00 65 00 63 00 65 00 s.e.c.e.
0030: 73 00 2e 00 65 00 78 00 s...e.x.
0038: 65 00 2c 00 20 00 34 00 e.,. .4.
0040: 2e 00 31 00 2e 00 35 00 ..1...5.
0048: 32 00 32 00 2e 00 30 00 2.2...0.
0050: 2c 00 20 00 30 00 78 00 ,. .0.x.
0058: 38 00 30 00 30 00 37 00 8.0.0.7.
0060: 30 00 34 00 32 00 34 00 0.4.2.4.
0068: 2c 00 20 00 73 00 74 00 ,. .s.t.
0070: 61 00 72 00 74 00 73 00 a.r.t.s.
0078: 65 00 72 00 76 00 69 00 e.r.v.i.
0080: 63 00 65 00 2c 00 20 00 c.e.,. .
0088: 63 00 6d 00 61 00 69 00 c.m.a.i.
0090: 6e 00 77 00 69 00 6e 00 n.w.i.n.
0098: 64 00 6f 00 77 00 5f 00 d.o.w._.
00a0: 5f 00 6f 00 6e 00 61 00 _.o.n.a.
00a8: 6e 00 74 00 69 00 6d 00 n.t.i.m.
00b0: 61 00 6c 00 77 00 61 00 a.l.w.a.
00b8: 72 00 65 00 65 00 6e 00 r.e.e.n.
00c0: 61 00 62 00 6c 00 65 00 a.b.l.e.
00c8: 64 00 2c 00 20 00 30 00 d.,. .0.
00d0: 2c 00 20 00 73 00 65 00 ,. .s.e.
00d8: 63 00 75 00 72 00 69 00 c.u.r.i.
00e0: 74 00 79 00 20 00 65 00 t.y. .e.
00e8: 73 00 73 00 65 00 6e 00 s.s.e.n.
00f0: 74 00 69 00 61 00 6c 00 t.i.a.l.
00f8: 73 00 2c 00 20 00 4e 00 s.,. .N.
0100: 49 00 4c 00 2c 00 20 00 I.L.,. .
0108: 4e 00 49 00 4c 00 20 00 N.I.L. .
0110: 4e 00 49 00 4c 00 0d 00 N.I.L...
0118: 0a 00 .. 
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 8:06:22 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, msseces.exe, 4.1.522.0, 0x80070424, startservice, cmainwindow__onantimalwareenabled, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 6d 00 73 00 ,. .m.s.
0028: 73 00 65 00 63 00 65 00 s.e.c.e.
0030: 73 00 2e 00 65 00 78 00 s...e.x.
0038: 65 00 2c 00 20 00 34 00 e.,. .4.
0040: 2e 00 31 00 2e 00 35 00 ..1...5.
0048: 32 00 32 00 2e 00 30 00 2.2...0.
0050: 2c 00 20 00 30 00 78 00 ,. .0.x.
0058: 38 00 30 00 30 00 37 00 8.0.0.7.
0060: 30 00 34 00 32 00 34 00 0.4.2.4.
0068: 2c 00 20 00 73 00 74 00 ,. .s.t.
0070: 61 00 72 00 74 00 73 00 a.r.t.s.
0078: 65 00 72 00 76 00 69 00 e.r.v.i.
0080: 63 00 65 00 2c 00 20 00 c.e.,. .
0088: 63 00 6d 00 61 00 69 00 c.m.a.i.
0090: 6e 00 77 00 69 00 6e 00 n.w.i.n.
0098: 64 00 6f 00 77 00 5f 00 d.o.w._.
00a0: 5f 00 6f 00 6e 00 61 00 _.o.n.a.
00a8: 6e 00 74 00 69 00 6d 00 n.t.i.m.
00b0: 61 00 6c 00 77 00 61 00 a.l.w.a.
00b8: 72 00 65 00 65 00 6e 00 r.e.e.n.
00c0: 61 00 62 00 6c 00 65 00 a.b.l.e.
00c8: 64 00 2c 00 20 00 30 00 d.,. .0.
00d0: 2c 00 20 00 73 00 65 00 ,. .s.e.
00d8: 63 00 75 00 72 00 69 00 c.u.r.i.
00e0: 74 00 79 00 20 00 65 00 t.y. .e.
00e8: 73 00 73 00 65 00 6e 00 s.s.e.n.
00f0: 74 00 69 00 61 00 6c 00 t.i.a.l.
00f8: 73 00 2c 00 20 00 4e 00 s.,. .N.
0100: 49 00 4c 00 2c 00 20 00 I.L.,. .
0108: 4e 00 49 00 4c 00 20 00 N.I.L. .
0110: 4e 00 49 00 4c 00 0d 00 N.I.L...
0118: 0a 00 .. 
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 8:01:18 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, msseces.exe, 4.1.522.0, 0x80070424, startservice, cmainwindow__onantimalwareenabled, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 6d 00 73 00 ,. .m.s.
0028: 73 00 65 00 63 00 65 00 s.e.c.e.
0030: 73 00 2e 00 65 00 78 00 s...e.x.
0038: 65 00 2c 00 20 00 34 00 e.,. .4.
0040: 2e 00 31 00 2e 00 35 00 ..1...5.
0048: 32 00 32 00 2e 00 30 00 2.2...0.
0050: 2c 00 20 00 30 00 78 00 ,. .0.x.
0058: 38 00 30 00 30 00 37 00 8.0.0.7.
0060: 30 00 34 00 32 00 34 00 0.4.2.4.
0068: 2c 00 20 00 73 00 74 00 ,. .s.t.
0070: 61 00 72 00 74 00 73 00 a.r.t.s.
0078: 65 00 72 00 76 00 69 00 e.r.v.i.
0080: 63 00 65 00 2c 00 20 00 c.e.,. .
0088: 63 00 6d 00 61 00 69 00 c.m.a.i.
0090: 6e 00 77 00 69 00 6e 00 n.w.i.n.
0098: 64 00 6f 00 77 00 5f 00 d.o.w._.
00a0: 5f 00 6f 00 6e 00 61 00 _.o.n.a.
00a8: 6e 00 74 00 69 00 6d 00 n.t.i.m.
00b0: 61 00 6c 00 77 00 61 00 a.l.w.a.
00b8: 72 00 65 00 65 00 6e 00 r.e.e.n.
00c0: 61 00 62 00 6c 00 65 00 a.b.l.e.
00c8: 64 00 2c 00 20 00 30 00 d.,. .0.
00d0: 2c 00 20 00 73 00 65 00 ,. .s.e.
00d8: 63 00 75 00 72 00 69 00 c.u.r.i.
00e0: 74 00 79 00 20 00 65 00 t.y. .e.
00e8: 73 00 73 00 65 00 6e 00 s.s.e.n.
00f0: 74 00 69 00 61 00 6c 00 t.i.a.l.
00f8: 73 00 2c 00 20 00 4e 00 s.,. .N.
0100: 49 00 4c 00 2c 00 20 00 I.L.,. .
0108: 4e 00 49 00 4c 00 20 00 N.I.L. .
0110: 4e 00 49 00 4c 00 0d 00 N.I.L...
0118: 0a 00 .. 
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 7:53:20 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, msseces.exe, 4.1.522.0, 0x80070424, startservice, cmainwindow__onantimalwareenabled, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 6d 00 73 00 ,. .m.s.
0028: 73 00 65 00 63 00 65 00 s.e.c.e.
0030: 73 00 2e 00 65 00 78 00 s...e.x.
0038: 65 00 2c 00 20 00 34 00 e.,. .4.
0040: 2e 00 31 00 2e 00 35 00 ..1...5.
0048: 32 00 32 00 2e 00 30 00 2.2...0.
0050: 2c 00 20 00 30 00 78 00 ,. .0.x.
0058: 38 00 30 00 30 00 37 00 8.0.0.7.
0060: 30 00 34 00 32 00 34 00 0.4.2.4.
0068: 2c 00 20 00 73 00 74 00 ,. .s.t.
0070: 61 00 72 00 74 00 73 00 a.r.t.s.
0078: 65 00 72 00 76 00 69 00 e.r.v.i.
0080: 63 00 65 00 2c 00 20 00 c.e.,. .
0088: 63 00 6d 00 61 00 69 00 c.m.a.i.
0090: 6e 00 77 00 69 00 6e 00 n.w.i.n.
0098: 64 00 6f 00 77 00 5f 00 d.o.w._.
00a0: 5f 00 6f 00 6e 00 61 00 _.o.n.a.
00a8: 6e 00 74 00 69 00 6d 00 n.t.i.m.
00b0: 61 00 6c 00 77 00 61 00 a.l.w.a.
00b8: 72 00 65 00 65 00 6e 00 r.e.e.n.
00c0: 61 00 62 00 6c 00 65 00 a.b.l.e.
00c8: 64 00 2c 00 20 00 30 00 d.,. .0.
00d0: 2c 00 20 00 73 00 65 00 ,. .s.e.
00d8: 63 00 75 00 72 00 69 00 c.u.r.i.
00e0: 74 00 79 00 20 00 65 00 t.y. .e.
00e8: 73 00 73 00 65 00 6e 00 s.s.e.n.
00f0: 74 00 69 00 61 00 6c 00 t.i.a.l.
00f8: 73 00 2c 00 20 00 4e 00 s.,. .N.
0100: 49 00 4c 00 2c 00 20 00 I.L.,. .
0108: 4e 00 49 00 4c 00 20 00 N.I.L. .
0110: 4e 00 49 00 4c 00 0d 00 N.I.L...
0118: 0a 00 .. 
Event Type: Error
Event Source: Microsoft Security Client
Event Category: None
Event ID: 5000
Date: 12/10/2012
Time: 7:49:51 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( Microsoft Security Client ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: mssecurityclient, msseces.exe, 4.1.522.0, 0x80070424, startservice, cmainwindow__onantimalwareenabled, 0, security essentials, NIL, NIL, NIL.
Data:
0000: 6d 00 73 00 73 00 65 00 m.s.s.e.
0008: 63 00 75 00 72 00 69 00 c.u.r.i.
0010: 74 00 79 00 63 00 6c 00 t.y.c.l.
0018: 69 00 65 00 6e 00 74 00 i.e.n.t.
0020: 2c 00 20 00 6d 00 73 00 ,. .m.s.
0028: 73 00 65 00 63 00 65 00 s.e.c.e.
0030: 73 00 2e 00 65 00 78 00 s...e.x.
0038: 65 00 2c 00 20 00 34 00 e.,. .4.
0040: 2e 00 31 00 2e 00 35 00 ..1...5.
0048: 32 00 32 00 2e 00 30 00 2.2...0.
0050: 2c 00 20 00 30 00 78 00 ,. .0.x.
0058: 38 00 30 00 30 00 37 00 8.0.0.7.
0060: 30 00 34 00 32 00 34 00 0.4.2.4.
0068: 2c 00 20 00 73 00 74 00 ,. .s.t.
0070: 61 00 72 00 74 00 73 00 a.r.t.s.
0078: 65 00 72 00 76 00 69 00 e.r.v.i.
0080: 63 00 65 00 2c 00 20 00 c.e.,. .
0088: 63 00 6d 00 61 00 69 00 c.m.a.i.
0090: 6e 00 77 00 69 00 6e 00 n.w.i.n.
0098: 64 00 6f 00 77 00 5f 00 d.o.w._.
00a0: 5f 00 6f 00 6e 00 61 00 _.o.n.a.
00a8: 6e 00 74 00 69 00 6d 00 n.t.i.m.
00b0: 61 00 6c 00 77 00 61 00 a.l.w.a.
00b8: 72 00 65 00 65 00 6e 00 r.e.e.n.
00c0: 61 00 62 00 6c 00 65 00 a.b.l.e.
00c8: 64 00 2c 00 20 00 30 00 d.,. .0.
00d0: 2c 00 20 00 73 00 65 00 ,. .s.e.
00d8: 63 00 75 00 72 00 69 00 c.u.r.i.
00e0: 74 00 79 00 20 00 65 00 t.y. .e.
00e8: 73 00 73 00 65 00 6e 00 s.s.e.n.
00f0: 74 00 69 00 61 00 6c 00 t.i.a.l.
00f8: 73 00 2c 00 20 00 4e 00 s.,. .N.
0100: 49 00 4c 00 2c 00 20 00 I.L.,. .
0108: 4e 00 49 00 4c 00 20 00 N.I.L. .
0110: 4e 00 49 00 4c 00 0d 00 N.I.L...
0118: 0a 00 .. 
Event Type: Error
Event Source: MPSampleSubmission
Event Category: None
Event ID: 5000
Date: 12/8/2012
Time: 9:22:46 PM
User: N/A
Computer: D16M9M71
Description:
EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 70 00 74 00 65 00 m.p.t.e.
0008: 6c 00 65 00 6d 00 65 00 l.e.m.e.
0010: 74 00 72 00 79 00 2c 00 t.r.y.,.
0018: 20 00 30 00 78 00 38 00 .0.x.8.
0020: 30 00 30 00 37 00 30 00 0.0.7.0.
0028: 30 00 30 00 33 00 2c 00 0.0.3.,.
0030: 20 00 6d 00 6f 00 61 00 .m.o.a.
0038: 63 00 2c 00 20 00 63 00 c.,. .c.
0040: 61 00 63 00 68 00 65 00 a.c.h.e.
0048: 72 00 65 00 73 00 65 00 r.e.s.e.
0050: 74 00 2c 00 20 00 34 00 t.,. .4.
0058: 2e 00 31 00 2e 00 35 00 ..1...5.
0060: 32 00 32 00 2e 00 30 00 2.2...0.
0068: 2c 00 20 00 75 00 6e 00 ,. .u.n.
0070: 73 00 70 00 65 00 63 00 s.p.e.c.
0078: 69 00 66 00 69 00 65 00 i.f.i.e.
0080: 64 00 2c 00 20 00 75 00 d.,. .u.
0088: 6e 00 73 00 70 00 65 00 n.s.p.e.
0090: 63 00 69 00 66 00 69 00 c.i.f.i.
0098: 65 00 64 00 2c 00 20 00 e.d.,. .
00a0: 75 00 6e 00 73 00 70 00 u.n.s.p.
00a8: 65 00 63 00 69 00 66 00 e.c.i.f.
00b0: 69 00 65 00 64 00 2c 00 i.e.d.,.
00b8: 20 00 4e 00 49 00 4c 00 .N.I.L.
00c0: 2c 00 20 00 4e 00 49 00 ,. .N.I.
00c8: 4c 00 20 00 4e 00 49 00 L. .N.I.
00d0: 4c 00 0d 00 0a 00 L..... 
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 12/12/2012
Time: 11:06:14 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 12/12/2012
Time: 11:04:40 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 12/11/2012
Time: 6:46:12 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 12/11/2012
Time: 2:46:00 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 12/11/2012
Time: 2:44:15 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 12/10/2012
Time: 9:55:00 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 12/10/2012
Time: 9:37:09 PM
User: N/A
Computer: D16M9M71
Description:
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 12/10/2012
Time: 9:35:05 PM
User: N/A
Computer: D16M9M71
Description:
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 12/10/2012
Time: 9:34:09 PM
User: N/A
Computer: D16M9M71
Description:
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 12/10/2012
Time: 8:48:38 PM
User: N/A
Computer: D16M9M71
Description:
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 12/10/2012
Time: 8:45:57 PM
User: N/A
Computer: D16M9M71
Description:
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date: 12/10/2012
Time: 8:42:09 PM
User: N/A
Computer: D16M9M71
Description:
The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 12/10/2012
Time: 8:00:20 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 12/10/2012
Time: 7:58:32 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 12/10/2012
Time: 7:35:00 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 12/10/2012
Time: 7:33:12 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Error
Event Source: Windows Update Agent
Event Category: Software Sync 
Event ID: 16
Date: 12/10/2012
Time: 7:01:13 AM
User: N/A
Computer: D16M9M71
Description:
Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 30 sult=0x0
0010: 30 30 30 30 30 30 30 20 0000000 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 30 30 30 30 30 30 ={000000
0028: 30 30 2d 30 30 30 30 2d 00-0000-
0030: 30 30 30 30 2d 30 30 30 0000-000
0038: 30 2d 30 30 30 30 30 30 0-000000
0040: 30 30 30 30 30 30 7d 20 000000} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 30 Number=0
0058: 20 00 .


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> I noticed this morning that after I tried to check my email on the desktop I kept receiving a message from windows installer to install something called Microsoft 2000 SR1, it would start on its own saying that it was preparing to install. I hit cancel each time because I was not sure what it was.


Are you still getting this? If so, please give the exact wording or post a screenshot.

Also, are you e-mail and other Office programs working properly?


----------



## olabola (May 20, 2012)

Cookiegal said:


> Are you still getting this? If so, please give the exact wording or post a screenshot.
> 
> Also, are you e-mail and other Office programs working properly?


Yes, I just opened up my email account (AOL) and received the same message. I dont believe its the email account itself thats triggering the message because I have seen this message in the past, before having computer trouble and have inserted my disk as prompted and the message woudl go away.

My other Microsoft programs seem to be working ok, I have been using word for a paper all week long with no issues. I posted a screen shot of the message.


----------



## Cookiegal (Aug 27, 2003)

OK. I thought you meant that this just started happening. I believe it has something to do with running such an old program and updates that occur. If you've inserted the disk and it took care of it before then I would try that again.


----------



## olabola (May 20, 2012)

Cookiegal said:


> OK. I thought you meant that this just started happening. I believe it has something to do with running such an old program and updates that occur. If you've inserted the disk and it took care of it before then I would try that again.


OK, that seems to have taken care of it. Any ideas why it pops up out of nowhere? It used to happen all the time, but it was much more random than when I opened my email. Regardless, I will continue to pop in the disks right?


----------



## Cookiegal (Aug 27, 2003)

I'm not sure why but it hasn't been supported by Microsoft for over three years. It would be wise to upgrade to a more recent version that's supported.

You could try the repair option (it would be either in Add or Remove Programs where you may have the option to "repair" rather than remove) or under Help in the menu bar at the top.


----------



## olabola (May 20, 2012)

Cookiegal said:


> I'm not sure why but it hasn't been supported by Microsoft for over three years. It would be wise to upgrade to a more recent version that's supported.
> 
> You could try the repair option (it would be either in Add or Remove Programs where you may have the option to "repair" rather than remove) or under Help in the menu bar at the top.


How would I upgrade? Would that mean I would have to purchase a new package?


----------



## Cookiegal (Aug 27, 2003)

Yes, unfortunately. 

Have you tried the repair?


----------



## olabola (May 20, 2012)

Cookiegal said:


> Yes, unfortunately.
> 
> Have you tried the repair?


OK, I understand. And yes, I did the repair and so far so good. However, I was on Amazon today and received a script message that I took a screenshot of and wanted you to see. I clicked yes because that was the choice indicated as preferred.


----------



## Cookiegal (Aug 27, 2003)

That can happen from time to time and is generally a problem with the web page. However, the time before IE times out and delivers this message can be increased with a registry fix. But if it's not happening often I would just leave it.


----------



## olabola (May 20, 2012)

Cookiegal said:


> That can happen from time to time and is generally a problem with the web page. However, the time before IE times out and delivers this message can be increased with a registry fix. But if it's not happening often I would just leave it.


No, I think its the first time I have seen this.

Also, am I all set or are you still looking over the logs? No rush, just wanted to know if I am supposed to keep watch on the thread. Thanks so much!


----------



## Cookiegal (Aug 27, 2003)

I wanted to ask you if you still have any Norton/Symantec products other than the anti-virus program you were trying to remove. Because there is a service still trying to start in those error messages and we can eliminate that.


----------



## olabola (May 20, 2012)

Cookiegal said:


> I wanted to ask you if you still have any Norton/Symantec products other than the anti-virus program you were trying to remove. Because there is a service still trying to start in those error messages and we can eliminate that.


McAafee was preinstalled when I purchased the computer and I noticed a McAafee folder during one of the procedures you walked me through. I though Norton uninstalled it when I installed the Norton programs. I have been using Norton and Symantec software for years so there is certainly a possibility that there is still something leftover.


----------



## Cookiegal (Aug 27, 2003)

Thanks for the information. But I really wanted to know if there are any Norton/Symantec programs that you are using, not leftovers from attempted uninstallations (they have other programs besides anti-virus software such as Norton Ghost and other backup or encrytpion software). Because I want to remove all remants I can see in the logs.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Thanks for the information. But I really wanted to know if there are any Norton/Symantec programs that you are using, not leftovers from attempted uninstallations (they have other programs besides anti-virus software such as Norton Ghost and other backup or encrytpion software). Because I want to remove all remants I can see in the logs.


Oh, sorry I guess I didn't understand. Yes, I have had several Norton products over the years and I will list them all because I keep the disks. Interestingly, Norton Ghost is the only disk I do not have because I recall trying to install it and having trouble. Once I realized what the program actually did, I figured that it was not necessary and uninstalled (or so I thought) and sold the disk with the keycodes on ebay. I also have:
Norton Internet Security 2005 Antispyware Edition
Norton Antivirus 2006
Norton 360
Norton 360 Version 2.0
Norton Internet Security 2012
Norton Utilities


----------



## Cookiegal (Aug 27, 2003)

But none of those are currently installed and needed, correct?


----------



## olabola (May 20, 2012)

No, none are needed or wanted, as for whether they are installed you would know better. They are not listed in the add/remove list in the control panel.


----------



## olabola (May 20, 2012)

I was trying to buy a gift online today on HarryandDavid.com, and the web page closed saying that there was a DEP. There was a link to find out what that meant and it said that there was Data Execution Prevention for Internet Explorer???


----------



## Cookiegal (Aug 27, 2003)

Does that happen every time you visit the site?

It could be an add-on that is causing conflicts. Try disabling add-ons and see if the problem persists.

To do that, close all windows - click *Start *- *All Programs* - *Accessories* - *System Tools* then select "*Internet Explorer (no add-ons.)*"


----------



## olabola (May 20, 2012)

Cookiegal said:


> Does that happen every time you visit the site?
> 
> It could be an add-on that is causing conflicts. Try disabling add-ons and see if the problem persists.
> 
> To do that, close all windows - click *Start *- *All Programs* - *Accessories* - *System Tools* then select "*Internet Explorer (no add-ons.)*"


It is the first time I have ever used that website, and the first time I have seen such an error so I simply closed out of it and made the purchase at work. Should I still bother with trying?


----------



## Cookiegal (Aug 27, 2003)

Not if it doesn't occur frequently but I would like you to try that site again just to see if it happens again. I assume you were also using Internet Explorer at work?


----------



## olabola (May 20, 2012)

Cookiegal said:


> Not if it doesn't occur frequently but I would like you to try that site again just to see if it happens again. I assume you were also using Internet Explorer at work?


Yes, I use IE at work as well. I tried useing IE without addons and it seemed to have worked but I wont really know the difference because the problem occurred at checkout and I didnt want to proceed with the complete checkout process again (making a full purchase). But, like I said, I have never experienced this before, execpt for this website.


----------



## Cookiegal (Aug 27, 2003)

Go to the *Control Panel* - *System *- on the *Advanced tab*, under *Performance*, click *Settings *then click on the *Data Execution Prevention* tab and let me know which of the two options is selected there please.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Go to the *Control Panel* - *System *- on the *Advanced tab*, under *Performance*, click *Settings *then click on the *Data Execution Prevention* tab and let me know which of the two options is selected there please.


The first tab is selected, it says to turn on DEP for essential windows programs and services only.


----------



## Cookiegal (Aug 27, 2003)

Try running chkdsk.

Click Start and My Computer. Right-click the hard drive you want to check, and click Properties. Select the Tools tab and click Check Now. Check both boxes. Click Start. You'll get a message that the computer must be rebooted to run a complete check. Click Yes and reboot. Chkdsk will take a while, so run it when you don't need to use the computer for something else.

To view results log:

Go to *Start *- *Run *and type in *eventvwr.msc*, and hit enter.
When Event Viewer opens, click on "Application", then scroll down to "Winlogon" and double-click on it to open it up. This is the log created after running chkdsk. Click on the icon that looks like two pieces of paper to copy it and then paste it here please.


----------



## olabola (May 20, 2012)

Event Type: Information
Event Source: Winlogon
Event Category: None
Event ID: 1001
Date: 12/21/2012
Time: 9:38:49 AM
User: N/A
Computer: D16M9M71
Description:
Checking file system on C:
The type of the file system is NTFS.
Cleaning up minor inconsistencies on the drive.
Cleaning up 5361 unused index entries from index $SII of file 0x9.
Cleaning up 5361 unused index entries from index $SDH of file 0x9.
Cleaning up 5361 unused security descriptors.
CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
Free space verification is complete.
CHKDSK discovered free space marked as allocated in the volume bitmap.
Windows has made corrections to the file system.
151324267 KB total disk space.
92200312 KB in 148448 files.
70636 KB in 18561 indexes.
0 KB in bad sectors.
637491 KB in use by the system.
65536 KB occupied by the log file.
58415828 KB available on disk.
4096 bytes in each allocation unit.
37831066 total allocation units on disk.
14603957 allocation units available on disk.
Internal Info:
a0 ab 02 00 6d 8c 02 00 8c d7 03 00 00 00 00 00 ....m...........
ef 54 00 00 0b 00 00 00 e5 1c 00 00 00 00 00 00 .T..............
d6 a6 38 0e 00 00 00 00 12 c3 9a c6 00 00 00 00 ..8.............
f4 9a 52 b4 00 00 00 00 c6 c0 fb ce 08 00 00 00 ..R.............
ba 9d ef 31 04 00 00 00 00 7e 7b 8e 0e 00 00 00 ...1.....~{.....
60 89 5e b2 00 00 00 00 b8 39 07 00 e0 43 02 00 `.^......9...C..
00 00 00 00 00 e0 75 fb 15 00 00 00 81 48 00 00 ......u......H..
Windows has finished checking your disk.
Please wait while your computer restarts.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.


----------



## Cookiegal (Aug 27, 2003)

Can you check the DEP settings on your computer at work? Perhaps DEP is disabled on that one.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Can you check the DEP settings on your computer at work? Perhaps DEP is disabled on that one.


I can try, but they usually dont let us into any of the settings.

Also, I was still wondering about the stability of my system in general? Have you been able to look over the previous logs? Thanks so much, I really appreciate it.


----------



## Cookiegal (Aug 27, 2003)

I'm surprised that you're allowed to make personal purchases on-line at work. Perhaps you can just ask your IT department if DEP is enabled in the browser? I've looked at the logs but this alert intrigues me because if the settings are identical and you only get the alert on your home computer then there could still be a problem that I haven't been able to find yet.


----------



## olabola (May 20, 2012)

Cookiegal said:


> I'm surprised that you're allowed to make personal purchases on-line at work. Perhaps you can just ask your IT department if DEP is enabled in the browser? I've looked at the logs but this alert intrigues me because if the settings are identical and you only get the alert on your home computer then there could still be a problem that I haven't been able to find yet.


OK, I can ask...Oh, and I was just as surprised that I was able to make the purchase. Most websites are blocked by something called websense, but for some reason that particular one was not.

How would I phrase the question?


----------



## Cookiegal (Aug 27, 2003)

Ask if "Data Execution Protection" (DEP) is enabled in Internet Explorer (you could elaborate to say that you got a DEP alert at home that you didn't get at work for the same site and we're trying to troubleshoot why). I assume the personal use won't get you into trouble with your employer but only you would know the answer to that.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Ask if "Data Execution Protection" (DEP) is enabled in Internet Explorer (you could elaborate to say that you got a DEP alert at home that you didn't get at work for the same site and we're trying to troubleshoot why). I assume the personal use won't get you into trouble with your employer but only you would know the answer to that.


ok, I havn't been able to get an answer yet because of the holiday...most of the building is pretty empty. But as soon as I see one of the IT people I will find out.


----------



## Cookiegal (Aug 27, 2003)

No problem.


----------



## olabola (May 20, 2012)

for some reason my IT department looks at me funny when I ask about DEP settings and I sent them the email, but maybe I am not high on the priority list. However, in the meantime...I wanted to ask about a popup that I continue to get all the time at various websites.


----------



## olabola (May 20, 2012)

I was given permission to access the DEP settings on my work computer and attached a screen shot:


----------



## Cookiegal (Aug 27, 2003)

The first screenshot is normal behaviour because ComboFix reset IE to default setting. It's a security warning.

The second one is not the correct place to check the DEP settings.

Go to the *Control Pane*l - *System *- on the *Advanced tab*, under *Performance*, click *Settings *then click on the *Data Execution Prevention tab* and let me know which of the two options is selected there please.


----------



## olabola (May 20, 2012)

Cookiegal said:


> The first screenshot is normal behaviour because ComboFix reset IE to default setting. It's a security warning.
> 
> The second one is not the correct place to check the DEP settings.
> 
> Go to the *Control Pane*l - *System *- on the *Advanced tab*, under *Performance*, click *Settings *then click on the *Data Execution Prevention tab* and let me know which of the two options is selected there please.


Interesting, because I received specific directions from IT department (which i include here). I also took a screenshot of the results of your directions.


----------



## Cookiegal (Aug 27, 2003)

OK, that's the correct one. It shows that they don't have DEP enabled so that explains why you didn't get that warning when making the purchase at work. 

Is everything running fine now with your computer?


----------



## Cookiegal (Aug 27, 2003)

If you want to disable the alert you're getting in post no. 164 you can do the following:

Go to *Control Panel* - *Internet Options* - click on the *Security Tab *- highlight the *Internet *zone - click on *Custom Level* - scroll down to the *Miscellaneous *section (it's about half way down the scroll bar) and change "Prompt" to "Enable" under *Display Mixed Content*. Note that this could be a security risk as you will no longer receive alerts when accessing items that are unsecure on a secure page but often it's only something like an image on the page.


----------



## olabola (May 20, 2012)

Cookiegal said:


> OK, that's the correct one. It shows that they don't have DEP enabled so that explains why you didn't get that warning when making the purchase at work.
> 
> Is everything running fine now with your computer?


Yes, it has been working fine. But I have been very careful about the websites I visit. Are all the threats gone?


----------



## Cookiegal (Aug 27, 2003)

Everything was fine with the last scans but let's do an on-line scan for good measure.

Please run the following on-line scanner. Note that you must use Internet Explorer to perform the scan.

Note: If you're running a 64-bit system you have to choose the 32-bit option in IE. To do that, go to the Start Menu and right-click the Internet Explorer (32-bit) icon and then select 'Run as administrator' from the right-click menu.

http://www.eset.com/online-scanner

Accept the Terms of Use and then press the Start button

Allow the ActiveX control to be installed.

Put a check by Remove found threats and then run the scan.

When the scan is finished, you will see the results in a window.

A log.txt file is created here: C:\Program Files\ESET\ESET Online Scanner\log.txt.

Open the log file with Notepad and copy and paste the contents here please.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Everything was fine with the last scans but let's do an on-line scan for good measure.
> 
> Please run the following on-line scanner. Note that you must use Internet Explorer to perform the scan.
> 
> ...


How do I know how many bits I have? I think I have 32, but I am not sure.


----------



## olabola (May 20, 2012)

Cookiegal said:


> If you want to disable the alert you're getting in post no. 164 you can do the following:
> 
> Go to *Control Panel* - *Internet Options* - click on the *Security Tab *- highlight the *Internet *zone - click on *Custom Level* - scroll down to the *Miscellaneous *section (it's about half way down the scroll bar) and change "Prompt" to "Enable" under *Display Mixed Content*. Note that this could be a security risk as you will no longer receive alerts when accessing items that are unsecure on a secure page but often it's only something like an image on the page.


What would you suggest regarding this security alert? One of the IT people at work stated that IE tends to have very high security settings so disabling this should not pose too much of a threat. I usually allow the mixed content because Im usually on a site I am familiar with. Just curious what your thoughts are. Thanks


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> How do I know how many bits I have? I think I have 32, but I am not sure.


Yes, yours is 32-bit.


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> What would you suggest regarding this security alert? One of the IT people at work stated that IE tends to have very high security settings so disabling this should not pose too much of a threat. I usually allow the mixed content because Im usually on a site I am familiar with. Just curious what your thoughts are. Thanks


This from a Microsoft article:
[WEBQUOTE="http://support.microsoft.com/kb/2625928"]The risk of displaying mixed content is that a non-secure webpage or script might be able to access information from the secure content.[/WEBQUOTE]All I can say is it may not be a huge security risk but it is nevertheless safer to have the alert than to disable it so it's really a choice that you have to make.


----------



## olabola (May 20, 2012)

Cookiegal said:


> This from a Microsoft article:
> [WEBQUOTE="http://support.microsoft.com/kb/2625928"]The risk of displaying mixed content is that a non-secure webpage or script might be able to access information from the secure content.[/WEBQUOTE]All I can say is it may not be a huge security risk but it is nevertheless safer to have the alert than to disable it so it's really a choice that you have to make.


Hmmm, what does it mean for a non-secure webpage or script to have access from the secure content? I dont understand what that means exactly. I have always allowed it, thinking that I wanted to see all of the page, but maybe that was wrong?

Also, another thing that was never resolved is my webcam issue. When all of this started, the web cam all of a sudden was not recognized by the computer. It was working for months with no problems and one day I went to turn it on and the computer popup said the device was not recognized. I thought maybe something was wrong with it so I took it to work to see what would happen and just as I suspected, no problems, it loaded and then worked immediatly. Hmmmmm?


----------



## olabola (May 20, 2012)

Here are the results of the virus scan. It took a while to run so I went to bed while it ran. When I checked this morning I had a strange popup from microsoft that said that there was an unexpected error and they created an error report to send to microsoft. I THOUGHT I took a screen shot, but somehow I can not find it...uugghhh!

[email protected] as CAB hook log:
OnlineScanner.ocx - registred OK
# version=8
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6844
# api_version=3.0.2
# EOSSerial=57ee009257adb14eb54359e41bef59ad
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-01-09 03:21:59
# local_time=2013-01-08 10:21:59 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=5892 16777213 88 94 1585529 10397891 0 0
# scanned=146550
# found=1
# cleaned=1
# scan_time=7658
C:\TDSSKiller_Quarantine\09.12.2012_18.28.57\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AM trojan (cleaned by deleting - quarantined) 4781EFFAD9D0938135EF5BA6626A8E482D3B0440 C


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Hmmm, what does it mean for a non-secure webpage or script to have access from the secure content? I dont understand what that means exactly. I have always allowed it, thinking that I wanted to see all of the page, but maybe that was wrong?


It's my understanding that when this occurs it's generally because of a flawed or poorly designed web page. If it's a site you visit often and trust, it shouldn't be a problem but technically, a malicious script could access the secure information shared on the page.


----------



## Cookiegal (Aug 27, 2003)

The Eset scan is fine. The only detection has already been quarantined by TDSSKiller.

As for the webcam, let's see if there are any errors from the last time you tried to connect it and failed:

Please go to *Start *- *Run *- type in *eventvwr.msc* to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.


----------



## olabola (May 20, 2012)

Here it is.... I may have duplicated a couple because there were several errors. Also, there were several yellow warnings listed but I didnt include them.

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 11706
Date: 1/9/2013
Time: 3:03:07 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 172A1}

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1023
Date: 1/9/2013
Time: 3:03:09 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 - Update '{6C298884-91FD-408C-9D90-5A59D2C29FD1}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2742597-X86\NDP1.1sp1-KB2742597-X86-msi.0.log.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 20 7b 172A1} {
0028: 36 43 32 39 38 38 38 34 6C298884
0030: 2d 39 31 46 44 2d 34 30 -91FD-40
0038: 38 43 2d 39 44 39 30 2d 8C-9D90-
0040: 35 41 35 39 44 32 43 32 5A59D2C2
0048: 39 46 44 31 7d 20 31 36 9FD1} 16
0050: 30 33 03

Event Type: Error
Event Source: NativeWrapper
Event Category: None
Event ID: 5000
Date: 1/9/2013
Time: 3:03:11 AM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1716.5060, kb2742597, 1033, 643, f, install, x86, 5.1.2600.2.3.0.256, 0.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 37 00 78 00 38 00 30 00 7.x.8.0.
0020: 75 00 70 00 64 00 61 00 u.p.d.a.
0028: 74 00 65 00 2c 00 20 00 t.e.,. .
0030: 6d 00 73 00 69 00 65 00 m.s.i.e.
0038: 78 00 65 00 63 00 2e 00 x.e.c...
0040: 65 00 78 00 65 00 2c 00 e.x.e.,.
0048: 20 00 31 00 2e 00 30 00 .1...0.
0050: 2e 00 31 00 37 00 31 00 ..1.7.1.
0058: 36 00 2e 00 35 00 30 00 6...5.0.
0060: 36 00 30 00 2c 00 20 00 6.0.,. .
0068: 6b 00 62 00 32 00 37 00 k.b.2.7.
0070: 34 00 32 00 35 00 39 00 4.2.5.9.
0078: 37 00 2c 00 20 00 31 00 7.,. .1.
0080: 30 00 33 00 33 00 2c 00 0.3.3.,.
0088: 20 00 36 00 34 00 33 00 .6.4.3.
0090: 2c 00 20 00 66 00 2c 00 ,. .f.,.
0098: 20 00 69 00 6e 00 73 00 .i.n.s.
00a0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00a8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00b0: 36 00 2c 00 20 00 35 00 6.,. .5.
00b8: 2e 00 31 00 2e 00 32 00 ..1...2.
00c0: 36 00 30 00 30 00 2e 00 6.0.0...
00c8: 32 00 2e 00 33 00 2e 00 2...3...
00d0: 30 00 2e 00 32 00 35 00 0...2.5.
00d8: 36 00 20 00 30 00 0d 00 6. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: .NET Runtime Optimization Service
Event Category: None
Event ID: 1103
Date: 1/9/2013
Time: 3:29:22 AM
User: N/A
Computer: D16M9M71
Description:
.NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 11706
Date: 1/9/2013
Time: 10:38:52 PM
User: D16M9M71\Alexandra Jachimczyk
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 172A1}

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1023
Date: 1/9/2013
Time: 10:38:53 PM
User: D16M9M71\Alexandra Jachimczyk
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 - Update '{6C298884-91FD-408C-9D90-5A59D2C29FD1}' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\ALEXAN~1\LOCALS~1\Temp\NDP1.1sp1-KB2742597-X86\NDP1.1sp1-KB2742597-X86-msi.0.log.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 20 7b 172A1} {
0028: 36 43 32 39 38 38 38 34 6C298884
0030: 2d 39 31 46 44 2d 34 30 -91FD-40
0038: 38 43 2d 39 44 39 30 2d 8C-9D90-
0040: 35 41 35 39 44 32 43 32 5A59D2C2
0048: 39 46 44 31 7d 20 31 36 9FD1} 16
0050: 30 33 03

Event Type: Error
Event Source: NativeWrapper
Event Category: None
Event ID: 5000
Date: 1/9/2013
Time: 10:38:55 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1716.5060, kb2742597, 1033, 643, f, install, x86, 5.1.2600.2.3.0.256, 0.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 37 00 78 00 38 00 30 00 7.x.8.0.
0020: 75 00 70 00 64 00 61 00 u.p.d.a.
0028: 74 00 65 00 2c 00 20 00 t.e.,. .
0030: 6d 00 73 00 69 00 65 00 m.s.i.e.
0038: 78 00 65 00 63 00 2e 00 x.e.c...
0040: 65 00 78 00 65 00 2c 00 e.x.e.,.
0048: 20 00 31 00 2e 00 30 00 .1...0.
0050: 2e 00 31 00 37 00 31 00 ..1.7.1.
0058: 36 00 2e 00 35 00 30 00 6...5.0.
0060: 36 00 30 00 2c 00 20 00 6.0.,. .
0068: 6b 00 62 00 32 00 37 00 k.b.2.7.
0070: 34 00 32 00 35 00 39 00 4.2.5.9.
0078: 37 00 2c 00 20 00 31 00 7.,. .1.
0080: 30 00 33 00 33 00 2c 00 0.3.3.,.
0088: 20 00 36 00 34 00 33 00 .6.4.3.
0090: 2c 00 20 00 66 00 2c 00 ,. .f.,.
0098: 20 00 69 00 6e 00 73 00 .i.n.s.
00a0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00a8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00b0: 36 00 2c 00 20 00 35 00 6.,. .5.
00b8: 2e 00 31 00 2e 00 32 00 ..1...2.
00c0: 36 00 30 00 30 00 2e 00 6.0.0...
00c8: 32 00 2e 00 33 00 2e 00 2...3...
00d0: 30 00 2e 00 32 00 35 00 0...2.5.
00d8: 36 00 20 00 30 00 0d 00 6. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 11706
Date: 1/10/2013
Time: 3:00:54 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 172A1}

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1023
Date: 1/10/2013
Time: 3:00:56 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 - Update '{6C298884-91FD-408C-9D90-5A59D2C29FD1}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2742597-X86\NDP1.1sp1-KB2742597-X86-msi.0.log.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 20 7b 172A1} {
0028: 36 43 32 39 38 38 38 34 6C298884
0030: 2d 39 31 46 44 2d 34 30 -91FD-40
0038: 38 43 2d 39 44 39 30 2d 8C-9D90-
0040: 35 41 35 39 44 32 43 32 5A59D2C2
0048: 39 46 44 31 7d 20 31 36 9FD1} 16
0050: 30 33 03

Event Type: Error
Event Source: NativeWrapper
Event Category: None
Event ID: 5000
Date: 1/10/2013
Time: 3:00:57 AM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1716.5060, kb2742597, 1033, 643, f, install, x86, 5.1.2600.2.3.0.256, 0.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 37 00 78 00 38 00 30 00 7.x.8.0.
0020: 75 00 70 00 64 00 61 00 u.p.d.a.
0028: 74 00 65 00 2c 00 20 00 t.e.,. .
0030: 6d 00 73 00 69 00 65 00 m.s.i.e.
0038: 78 00 65 00 63 00 2e 00 x.e.c...
0040: 65 00 78 00 65 00 2c 00 e.x.e.,.
0048: 20 00 31 00 2e 00 30 00 .1...0.
0050: 2e 00 31 00 37 00 31 00 ..1.7.1.
0058: 36 00 2e 00 35 00 30 00 6...5.0.
0060: 36 00 30 00 2c 00 20 00 6.0.,. .
0068: 6b 00 62 00 32 00 37 00 k.b.2.7.
0070: 34 00 32 00 35 00 39 00 4.2.5.9.
0078: 37 00 2c 00 20 00 31 00 7.,. .1.
0080: 30 00 33 00 33 00 2c 00 0.3.3.,.
0088: 20 00 36 00 34 00 33 00 .6.4.3.
0090: 2c 00 20 00 66 00 2c 00 ,. .f.,.
0098: 20 00 69 00 6e 00 73 00 .i.n.s.
00a0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00a8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00b0: 36 00 2c 00 20 00 35 00 6.,. .5.
00b8: 2e 00 31 00 2e 00 32 00 ..1...2.
00c0: 36 00 30 00 30 00 2e 00 6.0.0...
00c8: 32 00 2e 00 33 00 2e 00 2...3...
00d0: 30 00 2e 00 32 00 35 00 0...2.5.
00d8: 36 00 20 00 30 00 0d 00 6. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: MPSampleSubmission
Event Category: None
Event ID: 5000
Date: 1/7/2013
Time: 6:27:33 PM
User: N/A
Computer: D16M9M71
Description:
EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 70 00 74 00 65 00 m.p.t.e.
0008: 6c 00 65 00 6d 00 65 00 l.e.m.e.
0010: 74 00 72 00 79 00 2c 00 t.r.y.,.
0018: 20 00 75 00 6e 00 73 00 .u.n.s.
0020: 70 00 65 00 63 00 69 00 p.e.c.i.
0028: 66 00 69 00 65 00 64 00 f.i.e.d.
0030: 2c 00 20 00 68 00 61 00 ,. .h.a.
0038: 72 00 64 00 65 00 6e 00 r.d.e.n.
0040: 69 00 6e 00 67 00 74 00 i.n.g.t.
0048: 65 00 6c 00 65 00 6d 00 e.l.e.m.
0050: 65 00 74 00 72 00 79 00 e.t.r.y.
0058: 2c 00 20 00 68 00 61 00 ,. .h.a.
0060: 72 00 64 00 65 00 6e 00 r.d.e.n.
0068: 69 00 6e 00 67 00 74 00 i.n.g.t.
0070: 65 00 6c 00 65 00 6d 00 e.l.e.m.
0078: 65 00 74 00 72 00 79 00 e.t.r.y.
0080: 64 00 69 00 73 00 61 00 d.i.s.a.
0088: 62 00 6c 00 65 00 72 00 b.l.e.r.
0090: 74 00 70 00 2c 00 20 00 t.p.,. .
0098: 34 00 2e 00 31 00 2e 00 4...1...
00a0: 35 00 32 00 32 00 2e 00 5.2.2...
00a8: 30 00 2c 00 20 00 75 00 0.,. .u.
00b0: 6e 00 73 00 70 00 65 00 n.s.p.e.
00b8: 63 00 69 00 66 00 69 00 c.i.f.i.
00c0: 65 00 64 00 2c 00 20 00 e.d.,. .
00c8: 75 00 6e 00 73 00 70 00 u.n.s.p.
00d0: 65 00 63 00 69 00 66 00 e.c.i.f.
00d8: 69 00 65 00 64 00 2c 00 i.e.d.,.
00e0: 20 00 75 00 6e 00 73 00 .u.n.s.
00e8: 70 00 65 00 63 00 69 00 p.e.c.i.
00f0: 66 00 69 00 65 00 64 00 f.i.e.d.
00f8: 2c 00 20 00 4e 00 49 00 ,. .N.I.
0100: 4c 00 2c 00 20 00 4e 00 L.,. .N.
0108: 49 00 4c 00 20 00 4e 00 I.L. .N.
0110: 49 00 4c 00 0d 00 0a 00 I.L.....

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/7/2013
Time: 6:07:27 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/7/2013
Time: 10:36:50 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 1/7/2013
Time: 10:39:16 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/8/2013
Time: 7:46:39 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 1/9/2013
Time: 3:03:16 AM
User: N/A
Computer: D16M9M71
Description:
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 38 30 39 31 34 46 ={80914F
0028: 34 38 2d 46 45 38 30 2d 48-FE80-
0030: 34 37 39 43 2d 38 36 44 479C-86D
0038: 42 2d 44 42 41 38 39 33 B-DBA893
0040: 45 46 39 33 39 37 7d 20 EF9397} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 32 Number=2
0058: 30 31 20 00 01 .

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/9/2013
Time: 3:29:22 AM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/9/2013
Time: 8:55:52 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10010
Date: 1/9/2013
Time: 8:57:09 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 1/9/2013
Time: 10:39:00 PM
User: N/A
Computer: D16M9M71
Description:
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 38 30 39 31 34 46 ={80914F
0028: 34 38 2d 46 45 38 30 2d 48-FE80-
0030: 34 37 39 43 2d 38 36 44 479C-86D
0038: 42 2d 44 42 41 38 39 33 B-DBA893
0040: 45 46 39 33 39 37 7d 20 EF9397} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 32 Number=2
0058: 30 31 20 00 01 .

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/9/2013
Time: 10:42:05 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 1/10/2013
Time: 3:01:16 AM
User: N/A
Computer: D16M9M71
Description:
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 38 30 39 31 34 46 ={80914F
0028: 34 38 2d 46 45 38 30 2d 48-FE80-
0030: 34 37 39 43 2d 38 36 44 479C-86D
0038: 42 2d 44 42 41 38 39 33 B-DBA893
0040: 45 46 39 33 39 37 7d 20 EF9397} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 32 Number=2
0058: 30 31 20 00 01 .

Event Type: Error
Event Source: MPSampleSubmission
Event Category: None
Event ID: 5000
Date: 1/7/2013
Time: 6:27:33 PM
User: N/A
Computer: D16M9M71
Description:
EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 70 00 74 00 65 00 m.p.t.e.
0008: 6c 00 65 00 6d 00 65 00 l.e.m.e.
0010: 74 00 72 00 79 00 2c 00 t.r.y.,.
0018: 20 00 75 00 6e 00 73 00 .u.n.s.
0020: 70 00 65 00 63 00 69 00 p.e.c.i.
0028: 66 00 69 00 65 00 64 00 f.i.e.d.
0030: 2c 00 20 00 68 00 61 00 ,. .h.a.
0038: 72 00 64 00 65 00 6e 00 r.d.e.n.
0040: 69 00 6e 00 67 00 74 00 i.n.g.t.
0048: 65 00 6c 00 65 00 6d 00 e.l.e.m.
0050: 65 00 74 00 72 00 79 00 e.t.r.y.
0058: 2c 00 20 00 68 00 61 00 ,. .h.a.
0060: 72 00 64 00 65 00 6e 00 r.d.e.n.
0068: 69 00 6e 00 67 00 74 00 i.n.g.t.
0070: 65 00 6c 00 65 00 6d 00 e.l.e.m.
0078: 65 00 74 00 72 00 79 00 e.t.r.y.
0080: 64 00 69 00 73 00 61 00 d.i.s.a.
0088: 62 00 6c 00 65 00 72 00 b.l.e.r.
0090: 74 00 70 00 2c 00 20 00 t.p.,. .
0098: 34 00 2e 00 31 00 2e 00 4...1...
00a0: 35 00 32 00 32 00 2e 00 5.2.2...
00a8: 30 00 2c 00 20 00 75 00 0.,. .u.
00b0: 6e 00 73 00 70 00 65 00 n.s.p.e.
00b8: 63 00 69 00 66 00 69 00 c.i.f.i.
00c0: 65 00 64 00 2c 00 20 00 e.d.,. .
00c8: 75 00 6e 00 73 00 70 00 u.n.s.p.
00d0: 65 00 63 00 69 00 66 00 e.c.i.f.
00d8: 69 00 65 00 64 00 2c 00 i.e.d.,.
00e0: 20 00 75 00 6e 00 73 00 .u.n.s.
00e8: 70 00 65 00 63 00 69 00 p.e.c.i.
00f0: 66 00 69 00 65 00 64 00 f.i.e.d.
00f8: 2c 00 20 00 4e 00 49 00 ,. .N.I.
0100: 4c 00 2c 00 20 00 4e 00 L.,. .N.
0108: 49 00 4c 00 20 00 4e 00 I.L. .N.
0110: 49 00 4c 00 0d 00 0a 00 I.L.....


----------



## Cookiegal (Aug 27, 2003)

Please go to *Sart *- *Run *- type in *dxdiag *and click OK. It will open a screen called DirectX Diagnostic Tool which will run for a minute to collect information from the system. Once it's finished, to the bottom right you will see a button called "Save All Information". Please click on that and save it to Notepad and then copy and paste the contents here.


----------



## olabola (May 20, 2012)

------------------
System Information
------------------
Time of this report: 1/10/2013, 18:36:54
Machine name: D16M9M71
Operating System: Windows XP Professional (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.120821-1629)
Language: English (Regional Setting: English)
System Manufacturer: Dell Inc. 
System Model: Dimension 8400 
BIOS: Phoenix ROM BIOS PLUS Version 1.10 A05
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz (2 CPUs)
Memory: 3070MB RAM
Page File: 562MB used, 3881MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.5512 32bit Unicode
------------
DxDiag Notes
------------
DirectX Files Tab: No problems found.
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Music Tab: No problems found.
Input Tab: No problems found.
Network Tab: No problems found.
--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (n/a)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (n/a)
DirectMusic: 0/5 (n/a)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)
---------------
Display Devices
---------------
Card name: NVIDIA GeForce 6800 
Manufacturer: NVIDIA
Chip type: GeForce 6800
DAC type: Integrated RAMDAC
Device Key: Enum\PCI\VEN_10DE&DEV_00C1&SUBSYS_024510DE&REV_A2
Display Memory: 256.0 MB
Current Mode: 1024 x 768 (32 bit) (75Hz)
Monitor: Dell E193FP
Monitor Max Res: 1280,1024
Driver Name: nv4_disp.dll
Driver Version: 6.14.0010.6684 (English)
DDI Version: 9 (or higher)
Driver Attributes: Final Retail
Driver Date/Size: 11/11/2004 17:10:00, 3721344 bytes
WHQL Logo'd: Yes
WHQL Date Stamp: n/a
VDD: n/a
Mini VDD: nv4_mini.sys
Mini VDD Date: 11/11/2004 17:10:00, 2738400 bytes
Device Identifier: {D7B71E3E-4381-11CF-7269-4F2203C2CB35}
Vendor ID: 0x10DE
Device ID: 0x00C1
SubSys ID: 0x024510DE
Revision ID: 0x00A2
Revision ID: 0x00A2
Video Accel: ModeMPEG2_A ModeMPEG2_B ModeMPEG2_C ModeMPEG2_D ModeWMV9_B ModeWMV9_A 
Deinterlace Caps: {212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
{212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
{212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
{212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
Registry: OK
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled
DDraw Test Result: Not run
D3D7 Test Result: Not run
D3D8 Test Result: Not run
D3D9 Test Result: Not run
-------------
Sound Devices
-------------
Description: SB Audigy 2 ZS Audio [DCC0]
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: PCI\VEN_1102&DEV_0004&SUBSYS_20061102&REV_04
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: ctaud2k.sys
Driver Version: 6.00.0001.1241 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 4/10/2007 04:20:38, 520488 bytes
Other Files: 
Driver Provider: Creative
HW Accel Level: Full
Cap Flags: 0xF5F
Min/Max Sample Rate: 4000, 192000
Static/Strm HW Mix Bufs: 64, 62
Static/Strm HW 3D Bufs: 64, 62
HW Memory: 0
Voice Management: Yes
EAX(tm) 2.0 Listen/Src: Yes, Yes
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Registry: OK
Sound Test Result: Not run
Description: Modem #0 Line Playback (emulated)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: 
Manufacturer ID: 1
Product ID: 81
Type: Emulated
Driver Name: 
Driver Version: 
Driver Attributes: 
WHQL Logo'd: 
Date and Size: 
Other Files: 
Driver Provider: 
HW Accel Level: Full
Cap Flags: 0x0
Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Registry: OK
Sound Test Result: Not run
---------------------
Sound Capture Devices
---------------------
Description: Modem #0 Line Record (emulated)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: 
Driver Version: 
Driver Attributes: 
Date and Size: 
Cap Flags: 0x60
Format Flags: 0x0
Description: SB Audigy 2 ZS Audio [DCC0]
Default Sound Capture: No
Default Voice Capture: No
Driver Name: ctaud2k.sys
Driver Version: 6.00.0001.1241 (English)
Driver Attributes: Final Retail
Date and Size: 4/10/2007 04:20:38, 520488 bytes
Cap Flags: 0x41
Format Flags: 0xFFF
-----------
DirectMusic
-----------
DLS Path: C:\WINDOWS\SYSTEM32\drivers\GM.DLS
DLS Version: 1.00.0016.0002
Acceleration: Enabled
Ports: SB Audigy 2 ZS DirectMusic Synthesizer [DCC0], Hardware (Kernel Mode), Output, DLS, Internal, Default Port
SB Audigy 2 ZS Audio [DCC0], Software (Kernel Mode), Output, DLS, Internal
Microsoft MIDI Mapper [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS Synth A [DCC0] [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS Synth B [DCC0] [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS MIDI IO [DCC0] [Emulated], Hardware (Not Kernel Mode), Output, No DLS, External
Microsoft GS Wavetable SW Synth [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS MIDI IO [DCC0] [Emulated], Hardware (Not Kernel Mode), Input, No DLS, External
Microsoft Synthesizer, Software (Not Kernel Mode), Output, DLS, Internal
Registry: OK
Test Result: Not run
-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Poll w/ Interrupt: No
Registry: OK
-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x265A
| Matching Device ID: usb\root_hub
| Service: usbhub
| Driver: usbhub.sys, 4/13/2008 13:45:37, 59520 bytes
| Driver: usbd.sys, 8/10/2004 05:00:00, 4736 bytes
----------------
Gameport Devices
----------------
+ Intel(R) 82801 PCI Bridge - 244E
| Location: PCI bus 0, device 30, function 0
| Matching Device ID: pci\ven_8086&dev_244e
| Service: pci
| Driver: pci.sys, 4/13/2008 13:36:44, 68224 bytes
| 
+-+ Creative Game Port
| | Location: PCI bus 4, device 2, function 1
| | Matching Device ID: pci\ven_1102&dev_7003&subsys_00401102
| | Service: gameenum
| | Driver: gameenum.sys, 4/13/2008 14:45:30, 10624 bytes
------------
PS/2 Devices
------------
+ HID Keyboard Device
| Vendor/Product ID: 0x046D, 0xC52E
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
| Driver: kbdhid.sys, 4/13/2008 14:39:48, 14592 bytes
| Driver: kbdclass.sys, 4/13/2008 13:39:47, 24576 bytes
| 
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| Driver: termdd.sys, 4/13/2008 19:13:20, 40840 bytes
| Driver: kbdclass.sys, 4/13/2008 13:39:47, 24576 bytes
| 
+ HID-compliant mouse
| Vendor/Product ID: 0x046D, 0xC52E
| Matching Device ID: hid_device_system_mouse
| Service: mouhid
| Driver: mouclass.sys, 4/13/2008 13:39:47, 23040 bytes
| Driver: mouhid.sys, 8/17/2001 13:48:00, 12160 bytes
| 
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
| Driver: termdd.sys, 4/13/2008 19:13:20, 40840 bytes
| Driver: mouclass.sys, 4/13/2008 13:39:47, 23040 bytes
----------------------------
DirectPlay Service Providers
----------------------------
DirectPlay8 Modem Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 Serial Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 IPX Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 TCP/IP Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
Internet TCP/IP Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
IPX Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
Modem Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
Serial Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
DirectPlay Voice Wizard Tests: Full Duplex: Not run, Half Duplex: Not run, Mic: Not run
DirectPlay Test Result: Not run
Registry: OK
-------------------
DirectPlay Adapters
-------------------
DirectPlay8 Modem Service Provider: Conexant D850 56K V.9x DFVc Modem
DirectPlay8 Serial Service Provider: COM1
DirectPlay8 TCP/IP Service Provider: Local Area Connection - IPv4 - 
-----------------------
DirectPlay Voice Codecs
-----------------------
Voxware VR12 1.4kbit/s
Voxware SC06 6.4kbit/s
Voxware SC03 3.2kbit/s
MS-PCM 64 kbit/s
MS-ADPCM 32.8 kbit/s
Microsoft GSM 6.10 13 kbit/s
TrueSpeech(TM) 8.6 kbit/s
-------------------------
DirectPlay Lobbyable Apps
-------------------------
------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 53.8 GB
Total Space: 147.8 GB
File System: NTFS
Model: ST3160023AS
Drive: D:
Model: TSSTcorp DVD-ROM TS-H352C
Driver: c:\windows\system32\drivers\cdrom.sys, 5.01.2600.5593 (English), 5/2/2008 05:49:39, 62976 bytes
Drive: E:
Model: _NEC DVD+-RW ND-3530A
Driver: c:\windows\system32\drivers\cdrom.sys, 5.01.2600.5593 (English), 5/2/2008 05:49:39, 62976 bytes
--------------
System Devices
--------------
Name: Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F
Device ID: PCI\VEN_8086&DEV_266F&SUBSYS_01771028&REV_03\3&172E68DD&0&F9
Driver: C:\WINDOWS\system32\DRIVERS\pciide.sys, 5.01.2600.0000 (English), 8/17/2001 13:51:52, 3328 bytes
Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:29, 24960 bytes
Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:30, 96512 bytes
Name: Intel(R) 82801FB/FBM SMBus Controller - 266A
Device ID: PCI\VEN_8086&DEV_266A&SUBSYS_01771028&REV_03\3&172E68DD&0&FB
Driver: n/a
Name: Intel(R) 82801FB/FBM PCI Express Root Port - 2662
Device ID: PCI\VEN_8086&DEV_2662&SUBSYS_00000000&REV_03\3&172E68DD&0&E1
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Intel(R) 82801FB/FBM PCI Express Root Port - 2660
Device ID: PCI\VEN_8086&DEV_2660&SUBSYS_00000000&REV_03\3&172E68DD&0&E0
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Intel(R) 82801FB/FBM USB2 Enhanced Host Controller - 265C
Device ID: PCI\VEN_8086&DEV_265C&SUBSYS_01771028&REV_03\3&172E68DD&0&EF
Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 30208 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Driver: C:\WINDOWS\system32\hccoin.dll, 5.01.2600.5512 (English), 4/13/2008 19:11:54, 7168 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 265B
Device ID: PCI\VEN_8086&DEV_265B&SUBSYS_01771028&REV_03\3&172E68DD&0&EB
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 265A
Device ID: PCI\VEN_8086&DEV_265A&SUBSYS_01771028&REV_03\3&172E68DD&0&EA
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 2659
Device ID: PCI\VEN_8086&DEV_2659&SUBSYS_01771028&REV_03\3&172E68DD&0&E9
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 2658
Device ID: PCI\VEN_8086&DEV_2658&SUBSYS_01771028&REV_03\3&172E68DD&0&E8
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FR SATA AHCI Controller
Device ID: PCI\VEN_8086&DEV_2652&SUBSYS_01771028&REV_03\3&172E68DD&0&FA
Driver: C:\WINDOWS\system32\DRIVERS\iaStor.sys, 5.01.0000.1022 (English), 6/17/2005 07:33:40, 872064 bytes
Name: Intel(R) 82801FB LPC Interface Controller - 2640
Device ID: PCI\VEN_8086&DEV_2640&SUBSYS_00000000&REV_03\3&172E68DD&0&F8
Driver: C:\WINDOWS\system32\DRIVERS\isapnp.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:41, 37248 bytes
Name: Intel(R) 925X/XE PCI Express Root Port - 2585
Device ID: PCI\VEN_8086&DEV_2585&SUBSYS_00000000&REV_04\3&172E68DD&0&08
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Intel(R) 925X/XE Memory Controller Hub - 2584
Device ID: PCI\VEN_8086&DEV_2584&SUBSYS_00000000&REV_04\3&172E68DD&0&00
Driver: n/a
Name: Intel(R) 82801 PCI Bridge - 244E
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_00000000&REV_D3\3&172E68DD&0&F0
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Conexant D850 56K V.9x DFVc Modem
Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&10416D21&0&08F0
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys, 7.06.0000.0000 (English), 11/17/2003 15:58:02, 680704 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys, 7.06.0000.0000 (English), 11/17/2003 15:59:20, 212224 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys, 7.06.0000.0000 (English), 11/17/2003 15:56:26, 1042432 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys, 1.00.0002.0002 (English), 4/9/2003 13:48:08, 11043 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\del200f.cty, 11/19/2003 02:15:00, 128398 bytes
Driver: C:\WINDOWS\system32\mdmxsdk.dll, 1.00.0002.0002 (English), 4/9/2003 14:01:32, 90112 bytes
Driver: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSetup.exe, 2.01.0008.0000 (English), 10/30/2003 15:25:38, 532480 bytes
Driver: C:\WINDOWS\system32\HSFCI008.dll, 7.99.0099.0099 (English), 10/23/2003 15:01:36, 32218 bytes
Name: Broadcom NetXtreme 57xx Gigabit Controller
Device ID: PCI\VEN_14E4&DEV_1677&SUBSYS_01771028&REV_01\4&1D7EFF9E&0&00E0
Driver: C:\WINDOWS\system32\DRIVERS\b57xp32.sys, 7.73.0000.0000 (English), 5/29/2004 17:41:54, 186112 bytes
Name: Creative Game Port
Device ID: PCI\VEN_1102&DEV_7003&SUBSYS_00401102&REV_04\4&10416D21&0&11F0
Driver: C:\WINDOWS\system32\drivers\gameenum.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:30, 10624 bytes
Name: OHCI Compliant IEEE 1394 Host Controller
Device ID: PCI\VEN_1102&DEV_4001&SUBSYS_00101102&REV_04\4&10416D21&0&12F0
Driver: C:\WINDOWS\system32\DRIVERS\ohci1394.sys, 5.01.2600.5512 (English), 4/13/2008 13:46:18, 61696 bytes
Driver: C:\WINDOWS\system32\DRIVERS\1394bus.sys, 5.01.2600.5512 (English), 4/13/2008 13:46:18, 53376 bytes
Driver: C:\WINDOWS\system32\DRIVERS\nic1394.sys, 5.01.2600.5512 (English), 4/13/2008 13:51:25, 61824 bytes
Driver: C:\WINDOWS\system32\DRIVERS\arp1394.sys, 5.01.2600.5512 (English), 4/13/2008 13:51:25, 60800 bytes
Driver: C:\WINDOWS\system32\DRIVERS\enum1394.sys, 5.01.2600.0000 (English), 8/17/2001 13:46:40, 6400 bytes
Name: Creative SB Audigy 2 ZS (WDM)
Device ID: PCI\VEN_1102&DEV_0004&SUBSYS_20061102&REV_04\4&10416D21&0&10F0
Driver: C:\WINDOWS\system32\ksuser.dll, 5.03.2600.5512 (English), 4/13/2008 19:11:56, 4096 bytes
Driver: C:\WINDOWS\system32\ksproxy.ax, 5.03.2600.5512 (English), 4/13/2008 19:12:42, 129536 bytes
Driver: C:\WINDOWS\system32\drivers\ks.sys, 5.03.2600.5512 (English), 4/13/2008 14:16:36, 141056 bytes
Driver: C:\WINDOWS\system32\drivers\drmk.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:14, 60160 bytes
Driver: C:\WINDOWS\system32\drivers\portcls.sys, 5.01.2600.5512 (English), 4/13/2008 14:19:42, 146048 bytes
Driver: C:\WINDOWS\system32\drivers\stream.sys, 5.03.2600.5512 (English), 4/13/2008 13:45:16, 49408 bytes
Driver: C:\WINDOWS\system32\wdmaud.drv, 5.01.2600.5512 (English), 4/13/2008 19:12:45, 23552 bytes
Driver: C:\WINDOWS\system32\drivers\ctac32k.sys, 6.00.0001.1241 (English), 4/10/2007 04:19:30, 511272 bytes
Driver: C:\WINDOWS\system32\drivers\ctaud2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:20:38, 520488 bytes
Driver: C:\WINDOWS\system32\drivers\ctoss2k.sys, 6.00.0001.1241 (English), 4/10/2007 05:59:04, 126760 bytes
Driver: C:\WINDOWS\system32\drivers\ctprxy2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:25:46, 14632 bytes
Driver: C:\WINDOWS\system32\drivers\ctsfm2k.sys, 6.00.0001.1241 (English), 4/10/2007 06:00:24, 157480 bytes
Driver: C:\WINDOWS\system32\drivers\emupia2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:28:36, 92968 bytes
Driver: C:\WINDOWS\system32\drivers\ha10kx2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:29:10, 797992 bytes
Driver: C:\WINDOWS\system32\drivers\haP16v2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:31:18, 163112 bytes
Driver: C:\WINDOWS\system32\drivers\pfmodnt.sys, 3.00.0000.0012 (English), 4/10/2007 04:32:34, 16168 bytes
Driver: C:\WINDOWS\system32\ctdlang.dat, 11/26/2003 12:29:54, 127226 bytes
Driver: C:\WINDOWS\system32\ctdaught.dat, 4/9/2007 12:19:20, 53932 bytes
Driver: C:\WINDOWS\system32\a3d.dll, 80.00.0000.0003 (English), 4/9/2007 12:32:58, 34816 bytes
Driver: C:\WINDOWS\system32\commonfx.dll, 6.00.0001.1241 (English), 4/18/2007 08:59:40, 98600 bytes
Driver: C:\WINDOWS\system32\ctaudfx.dll, 6.00.0001.1241 (English), 4/12/2007 08:10:16, 546048 bytes
Driver: C:\WINDOWS\system32\ctsblfx.dll, 6.00.0001.1241 (English), 4/12/2007 08:10:16, 560384 bytes
Driver: C:\WINDOWS\system32\sfman32.dll, 6.00.0001.1241 (English), 4/9/2007 12:21:48, 22528 bytes
Driver: C:\WINDOWS\system32\SBAudigy.ico, 8/17/2001 04:42:28, 7406 bytes
Driver: C:\WINDOWS\system32\Audigy.bmp, 11/13/2001 01:48:20, 1912 bytes
Driver: C:\WINDOWS\system32\drivers\ctdvda2k.sys, 5.13.0001.0461 (English), 4/10/2007 04:21:06, 347128 bytes
Driver: C:\WINDOWS\system32\ctbas2w.dat, 4/9/2007 12:21:28, 149838 bytes
Driver: C:\WINDOWS\system32\ctsbas2w.dat, 4/9/2007 12:19:44, 274587 bytes
Name: NVIDIA GeForce 6800 
Device ID: PCI\VEN_10DE&DEV_00C1&SUBSYS_024510DE&REV_A2\4&16EC1A1&0&0008
Driver: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 2738400 bytes
Driver: C:\WINDOWS\system32\nvsvc32.exe, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 127046 bytes
Driver: C:\WINDOWS\system32\nvcod.dll, 1.00.0000.0015 (English), 11/11/2004 17:10:00, 32256 bytes
Driver: C:\WINDOWS\system32\nvcodins.dll, 1.00.0000.0015 (English), 11/11/2004 17:10:00, 32256 bytes
Driver: C:\WINDOWS\system32\nv4_disp.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 3721344 bytes
Driver: C:\WINDOWS\system32\nvoglnt.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 5267456 bytes
Driver: C:\WINDOWS\system32\nvcpl.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 4583424 bytes
Driver: C:\WINDOWS\system32\nvmctray.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 86016 bytes
Driver: C:\WINDOWS\help\nvcpl.hlp, 11/11/2004 17:10:00, 157490 bytes
------------------
DirectX Components
------------------
ddraw.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 279552 bytes
ddrawex.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 27136 bytes
dxapi.sys: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 10496 bytes
d3d8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 1179648 bytes
d3d8thk.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 8192 bytes
d3d9.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 1689088 bytes
d3dim.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 436224 bytes
d3dim700.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 824320 bytes
d3dramp.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 590336 bytes
d3drm.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 350208 bytes
d3dxof.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 47616 bytes
d3dpmesh.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 34816 bytes
dplay.dll: 5.00.2134.0001 English Final Retail 8/10/2004 05:00:00 33040 bytes
dplayx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 229888 bytes
dpmodemx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 23552 bytes
dpwsock.dll: 5.00.2134.0001 English Final Retail 8/10/2004 05:00:00 42768 bytes
dpwsockx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 57344 bytes
dplaysvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:17 29696 bytes
dpnsvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:17 17920 bytes
dpnet.dll: 5.03.2600.6311 English Final Retail 11/1/2012 21:02:42 375296 bytes
dpnlobby.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:09:20 3072 bytes
dpnaddr.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:09:19 3072 bytes
dpvoice.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 212480 bytes
dpvsetup.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:18 83456 bytes
dpvvox.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 116736 bytes
dpvacm.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 21504 bytes
dpnhpast.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 35328 bytes
dpnhupnp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 60928 bytes
dpserial.dll: 5.00.2134.0001 English Final Retail 8/10/2004 05:00:00 53520 bytes
dinput.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 158720 bytes
dinput8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181760 bytes
dimap.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 44032 bytes
diactfrm.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 394240 bytes
joy.cpl: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:41 68608 bytes
gcdef.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 76800 bytes
pid.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:02 35328 bytes
gameenum.sys: 5.01.2600.5512 English Final Retail 4/13/2008 14:45:30 10624 bytes
dsound.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 367616 bytes
dsound3d.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 1293824 bytes
dswave.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 19456 bytes
dsdmo.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181248 bytes
dsdmoprp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 71680 bytes
dmusic.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 104448 bytes
dmband.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 28672 bytes
dmcompos.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 61440 bytes
dmime.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181248 bytes
dmloader.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 35840 bytes
dmstyle.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 105984 bytes
dmsynth.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 103424 bytes
dmscript.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 82432 bytes
system.dll: 1.00.3705.6110 English Final Retail 1/9/2013 03:04:28 1179648 bytes
system.dll: 1.01.4322.2500 English Final Retail 11/15/2012 09:54:41 1232896 bytes
Microsoft.DirectX.Direct3D.dll: 9.05.0132.0000 English Final Retail 1/3/2012 20:36:32 473600 bytes
Microsoft.DirectX.Direct3DX.dll: 5.04.0000.3900 English Final Retail 1/3/2012 20:36:21 2676224 bytes
Microsoft.DirectX.Direct3DX.dll: 9.04.0091.0000 English Final Retail 1/3/2012 20:36:21 2846720 bytes
Microsoft.DirectX.Direct3DX.dll: 9.05.0132.0000 English Final Retail 1/3/2012 20:36:22 563712 bytes
Microsoft.DirectX.Direct3DX.dll: 9.06.0168.0000 English Final Retail 1/3/2012 20:36:23 567296 bytes
Microsoft.DirectX.Direct3DX.dll: 9.07.0239.0000 English Final Retail 1/3/2012 20:36:23 576000 bytes
Microsoft.DirectX.Direct3DX.dll: 9.08.0299.0000 English Final Retail 1/3/2012 20:36:24 577024 bytes
Microsoft.DirectX.Direct3DX.dll: 9.09.0376.0000 English Final Retail 1/3/2012 20:36:24 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.10.0455.0000 English Final Retail 1/3/2012 20:36:24 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.11.0519.0000 English Final Retail 1/3/2012 20:36:25 578560 bytes
Microsoft.DirectX.Direct3DX.dll: 9.12.0589.0000 English Final Retail 1/3/2012 20:36:32 578560 bytes
Microsoft.DirectX.DirectDraw.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 145920 bytes
Microsoft.DirectX.DirectInput.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 159232 bytes
Microsoft.DirectX.DirectPlay.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 364544 bytes
Microsoft.DirectX.DirectSound.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 178176 bytes
Microsoft.DirectX.AudioVideoPlayback.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:31 53248 bytes
Microsoft.DirectX.Diagnostics.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 12800 bytes
Microsoft.DirectX.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:31 223232 bytes
dx7vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 619008 bytes
dx8vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 1227264 bytes
dxdiagn.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 2113536 bytes
mfc40.dll: 4.01.0000.6151 English Beta Retail 9/18/2010 01:53:25 954368 bytes
mfc42.dll: 6.02.8081.0000 English Final Retail 2/8/2011 08:33:55 978944 bytes
wsock32.dll: 5.01.2600.5512 English Final Retail 4/13/2008 19:12:10 22528 bytes
amstream.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:49 70656 bytes
devenum.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:51 59904 bytes
dxmasf.dll: 6.04.0009.1133 English Final Retail 4/13/2008 19:11:52 498742 bytes
mciqtz32.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:56 35328 bytes
mpg2splt.ax: 6.05.2710.2732 English Final Retail 8/5/2005 13:06:50 165376 bytes
msdmo.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:59 14336 bytes
encapi.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:53 20480 bytes
qasf.dll: 11.00.5721.5262 English Final Retail 1/30/2009 20:34:02 211456 bytes
qcap.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 192512 bytes
qdv.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 279040 bytes
qdvd.dll: 6.05.2600.6169 English Final Retail 11/3/2011 10:28:36 386048 bytes
qedit.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 562176 bytes
qedwipes.dll: 6.05.2600.5512 English Final Retail 4/13/2008 12:21:32 733696 bytes
quartz.dll: 6.05.2600.6169 English Final Retail 11/3/2011 10:28:36 1292288 bytes
strmdll.dll: 4.01.0000.3938 English Final Retail 8/26/2009 03:00:21 247326 bytes
iac25_32.ax: 2.00.0005.0053 English Final Retail 4/13/2008 19:12:42 199680 bytes
ir41_32.ax: 4.51.0016.0003 English Final Retail 4/13/2008 19:12:42 848384 bytes
ir41_qc.dll: 4.30.0062.0002 English Final Retail 4/13/2008 19:11:55 120320 bytes
ir41_qcx.dll: 4.30.0064.0001 English Final Retail 4/13/2008 19:11:55 338432 bytes
ir50_32.dll: 5.2562.0015.0055 English Final Retail 4/13/2008 19:11:55 755200 bytes
ir50_qc.dll: 5.00.0063.0048 English Final Retail 4/13/2008 19:11:55 200192 bytes
ir50_qcx.dll: 5.00.0064.0048 English Final Retail 4/13/2008 19:11:55 183808 bytes
ivfsrc.ax: 5.10.0002.0051 English Final Retail 4/13/2008 19:12:42 154624 bytes
mswebdvd.dll: 6.05.2600.5857 English Final Retail 8/5/2009 04:01:48 204800 bytes
ks.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:16:36 141056 bytes
ksproxy.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 129536 bytes
ksuser.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:56 4096 bytes
stream.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:45:16 49408 bytes
mspclock.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:50 5376 bytes
mspqm.sys: 5.01.2600.5512 English Final Retail 4/13/2008 13:39:51 4992 bytes
mskssrv.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:52 7552 bytes
swenum.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:53 4352 bytes
mstee.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:50 5504 bytes
msdvbnp.ax: 6.05.2710.2732 English Final Retail 8/5/2005 14:01:54 58368 bytes
psisdecd.dll: 6.05.2715.3011 English Final Retail 10/9/2006 16:12:14 235008 bytes
psisrndr.ax: 6.05.2715.3011 English Final Retail 10/9/2006 16:12:30 224256 bytes
ipsink.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 16384 bytes
mpeg2data.ax: 6.05.2710.2732 English Final Retail 8/5/2005 14:01:54 62976 bytes
ndisip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:22 10880 bytes
streamip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:22 15232 bytes
msvidctl.dll: 6.05.2715.3011 English Final Retail 10/9/2006 16:15:52 1669632 bytes
slip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:24 11136 bytes
nabtsfec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:26 85248 bytes
ccdecode.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:24 17024 bytes
vbisurf.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 30208 bytes
msyuv.dll: 5.03.2600.5908 English Final Retail 11/27/2009 12:11:44 17920 bytes
kstvtune.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 61952 bytes
ksxbar.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 43008 bytes
kswdmcap.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 91136 bytes
vfwwdm32.dll: 5.01.2600.5512 English Final Retail 4/13/2008 19:12:08 53760 bytes
wstcodec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:24 19200 bytes
wstdecod.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:10 50688 bytes
------------------
DirectShow Filters
------------------
WDM Streaming VBI Codecs:
NABTS/FEC VBI Codec,0x00200000,2,1,,5.03.2600.5512
CC Decoder,0x00200000,2,1,,5.03.2600.5512
WST Codec,0x00200000,1,1,,5.03.2600.5512
DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,,
WMAPro over S/PDIF DMO,0x00600800,1,1,,
WMA Voice Decoder DMO,0x00600800,1,1,,
WMVideo Advanced Decoder DMO,0x00800001,1,1,,
Mpeg4s Decoder DMO,0x00800001,1,1,,
WMV Screen decoder DMO,0x00800001,1,1,,
WMVideo Decoder DMO,0x00800001,1,1,,
Mpeg43 Decoder DMO,0x00800001,1,1,,
Mpeg4 Decoder DMO,0x00800001,1,1,,
WMT MuxDeMux Filter,0x00200000,0,0,wmm2filt.dll,2.01.4026.0000
AXIS Picture Events Embedded,0x00200000,1,1,AxPicEventsFilterEmb.ax,1.02.0001.0000
SonyCDSrcWriter,0x00200000,1,0,SonyCDSrcWriter.ax,4.07.0000.12140
Xiph.Org Vorbis Decoder,0x00600000,1,1,,
Creative LiveRecording Filter,0x00400000,0,1,LiveRec.ax,2.01.0001.0000
Full Screen Renderer,0x00200000,1,0,quartz.dll,6.05.2600.6169
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
Record Queue,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,14.00.8117.0416
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,14.00.8117.0416
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
RealPlayer Video Filter,0x00200000,1,1,rdsf3260.dll,15.00.0004.0053
WAV Dest Trial,0x00200000,0,0,WavD2Try.dll,1.01.0000.3463
CT Upsampler filter,0x00100000,1,1,Upsample.ax,2.00.0000.0003
OpenMG Async. File Source,0x00400000,0,1,OmgAfs.ax,4.07.0000.12140
Creative Wave Writer,0x00200000,1,0,WavWrite.ax,3.00.0003.0000
WST Renderer,0x00800000,1,1,WSTRenderer.ax,6.05.2710.2732
DV Muxer,0x00400000,0,0,qdv.dll,6.05.2600.5512
Sony Audio CD Source Filter,0x00600000,0,1,cdsrc.ax,4.07.0000.12140
Creative MLP Source Filter,0x00400000,0,1,MlpSrc.ax,3.00.0000.0000
Color Space Converter,0x00400001,1,1,quartz.dll,6.05.2600.6169
WM ASF Reader,0x00400000,0,0,qasf.dll,11.00.5721.5262
Creative NVF Filter,0x00400000,0,1,NvfSrc.ax,3.00.0000.0000
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.5721.5262
SAL Output Converter,0x00200000,1,0,saloconv.ax,4.07.0000.12140
AVI Splitter,0x00600000,1,1,quartz.dll,6.05.2600.6169
BPM Metadata,0x001fffff,1,1,MetaBPM.ax,1.00.0004.0000
WMT AudioAnalyzer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.05.2600.6169
Indeo® video 5.10 Compression Filter,0x00200000,1,1,ir50_32.dll,5.2562.0015.0055
Windows Media Audio Decoder,0x00800001,1,1,msadds32.ax,8.00.0000.4487
Creative Still Picture MPEG1 Splitter,0x00600000,1,2,CTspf.ax,1.00.0003.0000
Photo Story 2 Trial Source Filter,0x00200000,0,1,PSSF2Try.dll,1.01.0000.3463
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.05.2710.2732
WMT Format Conversion,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
CT Time-Scaling filter,0x00100000,1,1,TimeScal.ax,2.02.0000.0000
StreamBufferSink,0x00200000,0,0,sbe.dll,6.05.2715.5512
WMT Black Frame Generator,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Microsoft TV Caption Decoder,0x00200001,1,0,mstvcapn.dll,5.01.2715.5512
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
Indeo® video 5.10 Decompression Filter,0x00640000,1,1,ir50_32.dll,5.2562.0015.0055
WMT Screen Capture filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
SVM Metadata,0x001fffff,1,1,MetaSVM.ax,1.00.0006.0000
Microsoft Screen Video Decompressor,0x00800000,1,1,msscds32.ax,8.00.0000.4487
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.05.2600.6169
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
VBI Codec,0x00600000,1,4,VBICodec.ax,6.05.2710.2732
MPEG Layer-3 Decoder,0x00810000,1,1,l3codecx.ax,1.06.0000.0052
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.05.2710.2732
ACELP.net Sipro Lab Audio Decoder,0x00800001,1,1,acelpdec.ax,1.04.0000.0000
WMS Filter,0x00400000,0,1,CTWMSFLT.DLL,1.12.0001.0000
Photo Story 3 Source Filter,0x00000000,0,0,,
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.05.2600.6169
File Source (Netshow URL),0x00400000,0,1,wmpasf.dll,11.00.5721.5262
WMT Import Filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
OmgGenericSrcFilter,0x00400000,0,1,OmgGenericSrcFilter.ax,4.07.0000.12140
DV Splitter,0x00600000,1,2,qdv.dll,6.05.2600.5512
Bitmap Generate,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Windows Media Video Decoder,0x00800000,1,1,wmvds32.ax,8.00.0000.4487
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.05.2600.6169
Windows Media Video Decoder,0x00800000,1,1,wmv8ds32.ax,8.00.0000.4000
OmgDsee Filter,0x00200000,1,1,OmgDseeFilter.ax,
WMT VIH2 Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
OmgPushSrc,0x00200000,0,1,OmgPushSrc.ax,4.07.0000.12140
PCM to EXT,0x00200000,0,0,Pcm2Ext.ax,5.00.0000.0000
Record Queue,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Xiph.Org Vorbis Encoder,0x00200000,1,1,,
CT Karaoke filter,0x00100000,1,1,Karaoke.ax,2.00.0000.0004
Creative MP3 Source Filter,0x00400000,0,1,Mp3Src.ax,3.00.0000.0000
Windows Media Multiplexer,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASX file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASX v.2 file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5262
NSC file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
AxisRTPSrcFilterEmb,0x00200000,0,2,AxisRTPSrcFilterEmb.ax,1.06.0003.0003
CT PDP filter,0x00100000,1,1,PDP.ax,1.00.0000.0000
ACM Wrapper,0x00600000,1,1,quartz.dll,6.05.2600.6169
OMG Seamless,0x00200000,1,1,SeamlessFilter.ax,4.07.0000.12140
Windows Media source filter,0x00600000,0,2,wmpasf.dll,11.00.5721.5262
Video Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
Frame Eater,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.05.2715.5512
SonyWavWriter,0x00200000,1,0,,
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.05.2600.6169
Video Port Manager,0x00600000,2,1,quartz.dll,6.05.2600.6169
WST Decoder,0x00600000,1,1,wstdecod.dll,5.03.2600.5512
Video Renderer,0x00400000,1,0,quartz.dll,6.05.2600.6169
OpenMG Audio Decrypt Splitter,0x00600000,1,1,omgdec.ax,4.07.0000.12140
File Writer,0x00200000,1,0,WLXVAFilt.dll,14.00.8117.0416
Creative AC3 Source Filter,0x00400000,0,1,AC3Src.ax,3.00.0001.0000
CT SmartVolumeManagement filter,0x00100000,1,1,DSCompr.ax,1.00.0000.0001
WM ASF Writer,0x00400000,0,0,qasf.dll,11.00.5721.5262
CBVA Filter,0x00200000,1,1,CBVAFilter.dll,5.01.2700.2180
WMT Sample Information Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,5.03.2600.5512
Creative MP3 Writer,0x00200000,1,0,MP3Write.ax,3.00.0001.0000
Microsoft MPEG-4 Video Decompressor,0x00800000,1,1,mpg4ds32.ax,8.00.0000.4504
OpenMG OmgSource Filter,0x00600000,0,1,omgsrc.ax,4.07.0000.12140
File writer,0x00200000,1,0,qcap.dll,6.05.2600.5512
WMT Log Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Virtual Renderer,0x00200000,1,0,wmm2filt.dll,2.01.4026.0000
OMG TRANSFORM,0x00600000,1,1,omgtrans.ax,4.07.0000.12140
DVD Navigator,0x00200000,0,2,qdvd.dll,6.05.2600.6169
OmgMP4Decoder2,0x00600000,1,1,OmgMP4Decoder2.ax,4.07.0000.12140
Overlay Mixer2,0x00400000,1,1,qdvd.dll,6.05.2600.6169
SonyMSAConverter,0x00200000,1,0,SonyMSAConverter3.ax,4.07.0000.12140
Tivo DirectShow Source Filter,0x00400000,0,1,TiVoDirectShowFilter.dll,1.00.0017.6289
CT CMSS3 filter,0x00100000,1,1,CMSS3.ax,3.00.0000.0002
AVI Draw,0x00600064,9,1,quartz.dll,6.05.2600.6169
.RAM file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5262
WST Pager,0x00800000,1,1,WSTPager.ax,6.05.2710.2732
WMT DirectX Transform Wrapper,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
G.711 Codec,0x00200000,1,1,g711codc.ax,5.01.2600.0000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.05.2710.2732
DV Video Decoder,0x00800000,1,1,qdv.dll,6.05.2600.5512
RealPlayer Transcode Filter,0x00600000,0,0,rdsf3260.dll,15.00.0004.0053
Creative MP3 Source Filter,0x00400000,0,1,CTMP3SFT.DLL,1.00.0010.0000
Indeo® audio software,0x00500000,1,1,iac25_32.ax,2.00.0005.0053
Windows Media Update Filter,0x00400000,1,0,wmpasf.dll,11.00.5721.5262
Noise Reduction,0x00100000,1,1,NoisRedu.ax,3.00.0000.0002
ASF DIB Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF ACM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF ICM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF URL Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF JPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF DJPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF embedded stuff Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
9x8Resize,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WIA Stream Snapshot Filter,0x00200000,1,1,wiasf.ax,1.00.0000.0000
Allocator Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.05.2600.5512
Null Renderer,0x00200000,1,0,qedit.dll,6.05.2600.5512
Creative WMA Writer,0x00200000,1,0,WMAWrite.ax,3.00.0003.0000
WMT Virtual Source,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.05.2710.2732
WMT Interlacer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
StreamBufferSource,0x00200000,0,0,sbe.dll,6.05.2715.5512
Smart Tee,0x00200000,1,2,qcap.dll,6.05.2600.5512
Creative WMA Source Filter,0x00400000,0,1,WmaSrc.ax,3.00.0003.0000
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.05.2600.6169
RealPlayer Audio Filter,0x00200000,1,1,rdsf3260.dll,15.00.0004.0053
AVI Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
Uncompressed Domain Shot Detection Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.05.2600.6169
Arcsoft Snapshot Filter 1.0,0x00200000,1,1,ArcSnap.ax,1.00.0000.0020
QuickTime Movie Parser,0x00600000,1,1,quartz.dll,6.05.2600.6169
Wave Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
MIDI Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
Multi-file Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
File stream renderer,0x00400000,1,1,quartz.dll,6.05.2600.6169
XML Playlist,0x00400000,1,0,wmpasf.dll,11.00.5721.5262
NVF Filter,0x00400000,0,1,CTNVFFLT.DLL,1.00.0000.0000
CyberLink Line21 Decoder Filter,0x00200000,0,2,CLLine21.ax,4.00.0000.4418
CyberLink Video/SP Decoder DELL 5.3,0x00600000,2,3,CLVSD.ax,6.00.0000.2314
CyberLink AudioCD Filter,0x00600000,0,1,CLAudioCD.ax,5.00.0000.1305
CyberLink TimeStretch Filter,0x00200000,1,1,clauts.ax,1.00.0000.2519
CyberLink DVD Navigator,0x00600000,0,3,CLNavX.ax,5.03.0000.2503
CyberLink Audio Decoder,0x00601000,1,1,claud.ax,6.00.0000.2505
AVI Mux,0x00200000,1,0,qcap.dll,6.05.2600.5512
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.05.2600.6169
File Source (Async.),0x00400000,0,1,quartz.dll,6.05.2600.6169
File Source (URL),0x00400000,0,1,quartz.dll,6.05.2600.6169
WMT DV Extract,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Creative CDDA Source Filter,0x00400000,0,1,CDDA.ax,3.00.0001.0000
WAV Dest,0x00000000,0,0,,
WMT Switch Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Volume,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Stretch Video,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.05.2600.5512
SAL Input Converter,0x00200000,0,1,saliconv.ax,4.07.0000.12140
QT Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.05.2600.6169
Indeo® video 4.4 Decompression Filter,0x00640000,1,1,ir41_32.ax,4.51.0016.0003
Indeo® video 4.4 Compression Filter,0x00200000,1,1,ir41_32.ax,4.51.0016.0003
WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512
WDM Streaming Data Transforms:
Microsoft Kernel Acoustic Echo Canceller,0x00000000,0,0,,
Microsoft Kernel GS Wavetable Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DLS Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DRM Audio Descrambler,0x00200000,1,1,,5.03.2600.5512
Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,,
MSScreen encoder DMO,0x00600800,1,1,,
WMVideo9 Encoder DMO,0x00600800,1,1,,
MSScreen 9 encoder DMO,0x00600800,1,1,,
DV Video Encoder,0x00200000,0,0,qdv.dll,6.05.2600.5512
Indeo® video 5.10 Compression Filter,0x00100000,1,1,ir50_32.dll,5.2562.0015.0055
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.05.2600.6169
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel 4:2:0 Video V2.50,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo(R) Video R3.2,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo(R) Video Interactive,0x00200000,1,1,qcap.dll,6.05.2600.5512
Indeo® video 5.10,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.261 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.263 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft RLE,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.05.2600.5512
Audio Compressors:
WMA Voice Encoder DMO,0x00600800,1,1,,
WM Speech Encoder DMO,0x00600800,1,1,,
WMAudio Encoder DMO,0x00600800,1,1,,
Xiph.Org Vorbis Encoder,0x00200000,1,1,,
IAC2,0x00200000,1,1,quartz.dll,6.05.2600.6169
IMA ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
PCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
ACELP.net,0x00200000,1,1,quartz.dll,6.05.2600.6169
DSP Group TrueSpeech(TM),0x00200000,1,1,quartz.dll,6.05.2600.6169
Windows Media Audio V1,0x00200000,1,1,quartz.dll,6.05.2600.6169
Windows Media Audio V2,0x00200000,1,1,quartz.dll,6.05.2600.6169
GSM 6.10,0x00200000,1,1,quartz.dll,6.05.2600.6169
Microsoft G.723.1,0x00200000,1,1,quartz.dll,6.05.2600.6169
CCITT A-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
CCITT u-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.05.2600.6169
Audio Capture Sources:
Modem #0 Line Record,0x00200000,0,0,qcap.dll,6.05.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,0,0,qcap.dll,6.05.2600.5512
Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
Microsoft GS Wavetable SW Synth,0x00200000,1,0,quartz.dll,6.05.2600.6169
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
SB Audigy 2 ZS Synth A [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
SB Audigy 2 ZS Synth B [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
WDM Streaming Capture Devices:
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,2,2,,5.03.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,3,2,,5.03.2600.5512
WDM Streaming Rendering Devices:
SB Audigy 2 ZS DirectMusic Synthesizer [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS Synth A [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS Synth B [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,2,2,,5.03.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,3,2,,5.03.2600.5512
BDA Rendering Filters:
BDA IP Sink,0x00200000,1,1,,5.03.2600.5512
BDA Network Providers:
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.05.2710.2732
Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.05.2710.2732
BDA Transport Information Renderers:
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.05.2710.2732
WDM Streaming Mixer Devices:
Microsoft Kernel Wave Audio Mixer,0x00000000,0,0,,
BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,0,encdec.dll,6.05.2715.5512
Encrypt/Tag,0x00200000,0,0,encdec.dll,6.05.2715.5512
XDS Codec,0x00200000,0,0,encdec.dll,6.05.2715.5512
WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512
Audio Renderers:
SB Audigy 2 ZS Audio [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
CyberLink Audio Renderer,0x00200000,1,0,cladr.ax,6.00.0000.1927
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.05.2600.6169
DirectSound: Modem #0 Line Playback (emulated),0x00200000,1,0,quartz.dll,6.05.2600.6169
DirectSound: SB Audigy 2 ZS Audio [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
Modem #0 Line Playback,0x00200000,1,0,quartz.dll,6.05.2600.6169
WDM Streaming System Devices:
SB Audigy 2 ZS DirectMusic Synthesizer [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS Synth A [DCC0],0x00200000,11,2,,5.03.2600.5512
SB Audigy 2 ZS Synth B [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,2,2,,5.03.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,13,2,,5.03.2600.5512
BDA Receiver Component:
BDA Slip De-Framer,0x00600000,1,1,,5.03.2600.5512


----------



## olabola (May 20, 2012)

FYI...I do not have the web cam currently connected to my computer. I disconnected it after it failed to work on 1/7.


----------



## Cookiegal (Aug 27, 2003)

Have you tried the webcam since then? Is it still not recognized?


----------



## olabola (May 20, 2012)

I think I did try it again but honestly I dont remember...I only use it for class on Mondays and Thursdays. But I can try, if you need me to?


----------



## Cookiegal (Aug 27, 2003)

yes, can you give it a try please?


----------



## olabola (May 20, 2012)

I just connected it and received the same error. This time I took a screen shot. Also, I keep getting errors from Microsoft about SP1 installation?


----------



## olabola (May 20, 2012)

This is what pops up if I click the balooon.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Please go to *Sart *- *Run *- type in *dxdiag *and click OK. It will open a screen called DirectX Diagnostic Tool which will run for a minute to collect information from the system. Once it's finished, to the bottom right you will see a button called "Save All Information". Please click on that and save it to Notepad and then copy and paste the contents here.


I will try this again with the SP1 error and the camera connected to see what comes up., I know it will take a while so I will put it in the post when I get back from work.
 Thanks for your continued help and support!


----------



## olabola (May 20, 2012)

olabola said:


> I will try this again with the SP1 error and the camera connected to see what comes up., I know it will take a while so I will put it in the post when I get back from work.
> Thanks for your continued help and support!


------------------
System Information
------------------
Time of this report: 1/15/2013, 06:54:33
Machine name: D16M9M71
Operating System: Windows XP Professional (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.120821-1629)
Language: English (Regional Setting: English)
System Manufacturer: Dell Inc. 
System Model: Dimension 8400 
BIOS: Phoenix ROM BIOS PLUS Version 1.10 A05
Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz (2 CPUs)
Memory: 3070MB RAM
Page File: 590MB used, 3853MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.5512 32bit Unicode
------------
DxDiag Notes
------------
DirectX Files Tab: No problems found.
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Music Tab: No problems found.
Input Tab: No problems found.
Network Tab: No problems found.
--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (n/a)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (n/a)
DirectMusic: 0/5 (n/a)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)
---------------
Display Devices
---------------
Card name: NVIDIA GeForce 6800 
Manufacturer: NVIDIA
Chip type: GeForce 6800
DAC type: Integrated RAMDAC
Device Key: Enum\PCI\VEN_10DE&DEV_00C1&SUBSYS_024510DE&REV_A2
Display Memory: 256.0 MB
Current Mode: 1024 x 768 (32 bit) (75Hz)
Monitor: Dell E193FP
Monitor Max Res: 1280,1024
Driver Name: nv4_disp.dll
Driver Version: 6.14.0010.6684 (English)
DDI Version: 9 (or higher)
Driver Attributes: Final Retail
Driver Date/Size: 11/11/2004 17:10:00, 3721344 bytes
WHQL Logo'd: Yes
WHQL Date Stamp: n/a
VDD: n/a
Mini VDD: nv4_mini.sys
Mini VDD Date: 11/11/2004 17:10:00, 2738400 bytes
Device Identifier: {D7B71E3E-4381-11CF-7269-4F2203C2CB35}
Vendor ID: 0x10DE
Device ID: 0x00C1
SubSys ID: 0x024510DE
Revision ID: 0x00A2
Revision ID: 0x00A2
Video Accel: ModeMPEG2_A ModeMPEG2_B ModeMPEG2_C ModeMPEG2_D ModeWMV9_B ModeWMV9_A 
Deinterlace Caps: {212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
{212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
{212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
{212DC724-3235-44A4-BD29-E1652BBCC71C}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,1) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive 
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch 
Registry: OK
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled
DDraw Test Result: Not run
D3D7 Test Result: Not run
D3D8 Test Result: Not run
D3D9 Test Result: Not run
-------------
Sound Devices
-------------
Description: SB Audigy 2 ZS Audio [DCC0]
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: PCI\VEN_1102&DEV_0004&SUBSYS_20061102&REV_04
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: ctaud2k.sys
Driver Version: 6.00.0001.1241 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 4/10/2007 04:20:38, 520488 bytes
Other Files: 
Driver Provider: Creative
HW Accel Level: Full
Cap Flags: 0xF5F
Min/Max Sample Rate: 4000, 192000
Static/Strm HW Mix Bufs: 64, 62
Static/Strm HW 3D Bufs: 64, 62
HW Memory: 0
Voice Management: Yes
EAX(tm) 2.0 Listen/Src: Yes, Yes
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Registry: OK
Sound Test Result: Not run
Description: Modem #0 Line Playback (emulated)
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: 
Manufacturer ID: 1
Product ID: 81
Type: Emulated
Driver Name: 
Driver Version: 
Driver Attributes: 
WHQL Logo'd: 
Date and Size: 
Other Files: 
Driver Provider: 
HW Accel Level: Full
Cap Flags: 0x0
Min/Max Sample Rate: 0, 0
Static/Strm HW Mix Bufs: 0, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX(tm) 2.0 Listen/Src: No, No
I3DL2(tm) Listen/Src: No, No
Sensaura(tm) ZoomFX(tm): No
Registry: OK
Sound Test Result: Not run
---------------------
Sound Capture Devices
---------------------
Description: Modem #0 Line Record (emulated)
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: 
Driver Version: 
Driver Attributes: 
Date and Size: 
Cap Flags: 0x60
Format Flags: 0x0
Description: SB Audigy 2 ZS Audio [DCC0]
Default Sound Capture: No
Default Voice Capture: No
Driver Name: ctaud2k.sys
Driver Version: 6.00.0001.1241 (English)
Driver Attributes: Final Retail
Date and Size: 4/10/2007 04:20:38, 520488 bytes
Cap Flags: 0x41
Format Flags: 0xFFF
-----------
DirectMusic
-----------
DLS Path: C:\WINDOWS\SYSTEM32\drivers\GM.DLS
DLS Version: 1.00.0016.0002
Acceleration: Enabled
Ports: SB Audigy 2 ZS DirectMusic Synthesizer [DCC0], Hardware (Kernel Mode), Output, DLS, Internal, Default Port
SB Audigy 2 ZS Audio [DCC0], Software (Kernel Mode), Output, DLS, Internal
Microsoft MIDI Mapper [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS Synth A [DCC0] [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS Synth B [DCC0] [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS MIDI IO [DCC0] [Emulated], Hardware (Not Kernel Mode), Output, No DLS, External
Microsoft GS Wavetable SW Synth [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
SB Audigy 2 ZS MIDI IO [DCC0] [Emulated], Hardware (Not Kernel Mode), Input, No DLS, External
Microsoft Synthesizer, Software (Not Kernel Mode), Output, DLS, Internal
Registry: OK
Test Result: Not run
-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC52E
FF Driver: n/a
Poll w/ Interrupt: No
Registry: OK
-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x265A
| Matching Device ID: usb\root_hub
| Service: usbhub
| Driver: usbhub.sys, 4/13/2008 13:45:37, 59520 bytes
| Driver: usbd.sys, 8/10/2004 05:00:00, 4736 bytes
----------------
Gameport Devices
----------------
+ Intel(R) 82801 PCI Bridge - 244E
| Location: PCI bus 0, device 30, function 0
| Matching Device ID: pci\ven_8086&dev_244e
| Service: pci
| Driver: pci.sys, 4/13/2008 13:36:44, 68224 bytes
| 
+-+ Creative Game Port
| | Location: PCI bus 4, device 2, function 1
| | Matching Device ID: pci\ven_1102&dev_7003&subsys_00401102
| | Service: gameenum
| | Driver: gameenum.sys, 4/13/2008 14:45:30, 10624 bytes
------------
PS/2 Devices
------------
+ HID Keyboard Device
| Vendor/Product ID: 0x046D, 0xC52E
| Matching Device ID: hid_device_system_keyboard
| Service: kbdhid
| Driver: kbdhid.sys, 4/13/2008 14:39:48, 14592 bytes
| Driver: kbdclass.sys, 4/13/2008 13:39:47, 24576 bytes
| 
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| Driver: termdd.sys, 4/13/2008 19:13:20, 40840 bytes
| Driver: kbdclass.sys, 4/13/2008 13:39:47, 24576 bytes
| 
+ HID-compliant mouse
| Vendor/Product ID: 0x046D, 0xC52E
| Matching Device ID: hid_device_system_mouse
| Service: mouhid
| Driver: mouclass.sys, 4/13/2008 13:39:47, 23040 bytes
| Driver: mouhid.sys, 8/17/2001 13:48:00, 12160 bytes
| 
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
| Driver: termdd.sys, 4/13/2008 19:13:20, 40840 bytes
| Driver: mouclass.sys, 4/13/2008 13:39:47, 23040 bytes
----------------------------
DirectPlay Service Providers
----------------------------
DirectPlay8 Modem Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 Serial Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 IPX Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 TCP/IP Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
Internet TCP/IP Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
IPX Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
Modem Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
Serial Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
DirectPlay Voice Wizard Tests: Full Duplex: Not run, Half Duplex: Not run, Mic: Not run
DirectPlay Test Result: Not run
Registry: OK
-------------------
DirectPlay Adapters
-------------------
DirectPlay8 Modem Service Provider: Conexant D850 56K V.9x DFVc Modem
DirectPlay8 Serial Service Provider: COM1
DirectPlay8 TCP/IP Service Provider: Local Area Connection - IPv4 - 
-----------------------
DirectPlay Voice Codecs
-----------------------
Voxware VR12 1.4kbit/s
Voxware SC06 6.4kbit/s
Voxware SC03 3.2kbit/s
MS-PCM 64 kbit/s
MS-ADPCM 32.8 kbit/s
Microsoft GSM 6.10 13 kbit/s
TrueSpeech(TM) 8.6 kbit/s
-------------------------
DirectPlay Lobbyable Apps
-------------------------
------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 53.6 GB
Total Space: 147.8 GB
File System: NTFS
Model: ST3160023AS
Drive: D:
Model: TSSTcorp DVD-ROM TS-H352C
Driver: c:\windows\system32\drivers\cdrom.sys, 5.01.2600.5593 (English), 5/2/2008 05:49:39, 62976 bytes
Drive: E:
Model: _NEC DVD+-RW ND-3530A
Driver: c:\windows\system32\drivers\cdrom.sys, 5.01.2600.5593 (English), 5/2/2008 05:49:39, 62976 bytes
--------------
System Devices
--------------
Name: Intel(R) 82801FB/FBM Ultra ATA Storage Controllers - 266F
Device ID: PCI\VEN_8086&DEV_266F&SUBSYS_01771028&REV_03\3&172E68DD&0&F9
Driver: C:\WINDOWS\system32\DRIVERS\pciide.sys, 5.01.2600.0000 (English), 8/17/2001 13:51:52, 3328 bytes
Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:29, 24960 bytes
Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 13:40:30, 96512 bytes
Name: Intel(R) 82801FB/FBM SMBus Controller - 266A
Device ID: PCI\VEN_8086&DEV_266A&SUBSYS_01771028&REV_03\3&172E68DD&0&FB
Driver: n/a
Name: Intel(R) 82801FB/FBM PCI Express Root Port - 2662
Device ID: PCI\VEN_8086&DEV_2662&SUBSYS_00000000&REV_03\3&172E68DD&0&E1
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Intel(R) 82801FB/FBM PCI Express Root Port - 2660
Device ID: PCI\VEN_8086&DEV_2660&SUBSYS_00000000&REV_03\3&172E68DD&0&E0
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Intel(R) 82801FB/FBM USB2 Enhanced Host Controller - 265C
Device ID: PCI\VEN_8086&DEV_265C&SUBSYS_01771028&REV_03\3&172E68DD&0&EF
Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 30208 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Driver: C:\WINDOWS\system32\hccoin.dll, 5.01.2600.5512 (English), 4/13/2008 19:11:54, 7168 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 265B
Device ID: PCI\VEN_8086&DEV_265B&SUBSYS_01771028&REV_03\3&172E68DD&0&EB
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 265A
Device ID: PCI\VEN_8086&DEV_265A&SUBSYS_01771028&REV_03\3&172E68DD&0&EA
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 2659
Device ID: PCI\VEN_8086&DEV_2659&SUBSYS_01771028&REV_03\3&172E68DD&0&E9
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FB/FBM USB Universal Host Controller - 2658
Device ID: PCI\VEN_8086&DEV_2658&SUBSYS_01771028&REV_03\3&172E68DD&0&E8
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:35, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:36, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/13/2008 19:12:08, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:37, 59520 bytes
Name: Intel(R) 82801FR SATA AHCI Controller
Device ID: PCI\VEN_8086&DEV_2652&SUBSYS_01771028&REV_03\3&172E68DD&0&FA
Driver: C:\WINDOWS\system32\DRIVERS\iaStor.sys, 5.01.0000.1022 (English), 6/17/2005 07:33:40, 872064 bytes
Name: Intel(R) 82801FB LPC Interface Controller - 2640
Device ID: PCI\VEN_8086&DEV_2640&SUBSYS_00000000&REV_03\3&172E68DD&0&F8
Driver: C:\WINDOWS\system32\DRIVERS\isapnp.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:41, 37248 bytes
Name: Intel(R) 925X/XE PCI Express Root Port - 2585
Device ID: PCI\VEN_8086&DEV_2585&SUBSYS_00000000&REV_04\3&172E68DD&0&08
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Intel(R) 925X/XE Memory Controller Hub - 2584
Device ID: PCI\VEN_8086&DEV_2584&SUBSYS_00000000&REV_04\3&172E68DD&0&00
Driver: n/a
Name: Intel(R) 82801 PCI Bridge - 244E
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_00000000&REV_D3\3&172E68DD&0&F0
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 13:36:44, 68224 bytes
Name: Conexant D850 56K V.9x DFVc Modem
Device ID: PCI\VEN_14F1&DEV_2F20&SUBSYS_200F14F1&REV_00\4&10416D21&0&08F0
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys, 7.06.0000.0000 (English), 11/17/2003 15:58:02, 680704 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys, 7.06.0000.0000 (English), 11/17/2003 15:59:20, 212224 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys, 7.06.0000.0000 (English), 11/17/2003 15:56:26, 1042432 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\mdmxsdk.sys, 1.00.0002.0002 (English), 4/9/2003 13:48:08, 11043 bytes
Driver: C:\WINDOWS\SYSTEM32\DRIVERS\del200f.cty, 11/19/2003 02:15:00, 128398 bytes
Driver: C:\WINDOWS\system32\mdmxsdk.dll, 1.00.0002.0002 (English), 4/9/2003 14:01:32, 90112 bytes
Driver: C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200F14F1\HXFSetup.exe, 2.01.0008.0000 (English), 10/30/2003 15:25:38, 532480 bytes
Driver: C:\WINDOWS\system32\HSFCI008.dll, 7.99.0099.0099 (English), 10/23/2003 15:01:36, 32218 bytes
Name: Broadcom NetXtreme 57xx Gigabit Controller
Device ID: PCI\VEN_14E4&DEV_1677&SUBSYS_01771028&REV_01\4&1D7EFF9E&0&00E0
Driver: C:\WINDOWS\system32\DRIVERS\b57xp32.sys, 7.73.0000.0000 (English), 5/29/2004 17:41:54, 186112 bytes
Name: Creative Game Port
Device ID: PCI\VEN_1102&DEV_7003&SUBSYS_00401102&REV_04\4&10416D21&0&11F0
Driver: C:\WINDOWS\system32\drivers\gameenum.sys, 5.01.2600.5512 (English), 4/13/2008 14:45:30, 10624 bytes
Name: OHCI Compliant IEEE 1394 Host Controller
Device ID: PCI\VEN_1102&DEV_4001&SUBSYS_00101102&REV_04\4&10416D21&0&12F0
Driver: C:\WINDOWS\system32\DRIVERS\ohci1394.sys, 5.01.2600.5512 (English), 4/13/2008 13:46:18, 61696 bytes
Driver: C:\WINDOWS\system32\DRIVERS\1394bus.sys, 5.01.2600.5512 (English), 4/13/2008 13:46:18, 53376 bytes
Driver: C:\WINDOWS\system32\DRIVERS\nic1394.sys, 5.01.2600.5512 (English), 4/13/2008 13:51:25, 61824 bytes
Driver: C:\WINDOWS\system32\DRIVERS\arp1394.sys, 5.01.2600.5512 (English), 4/13/2008 13:51:25, 60800 bytes
Driver: C:\WINDOWS\system32\DRIVERS\enum1394.sys, 5.01.2600.0000 (English), 8/17/2001 13:46:40, 6400 bytes
Name: Creative SB Audigy 2 ZS (WDM)
Device ID: PCI\VEN_1102&DEV_0004&SUBSYS_20061102&REV_04\4&10416D21&0&10F0
Driver: C:\WINDOWS\system32\ksuser.dll, 5.03.2600.5512 (English), 4/13/2008 19:11:56, 4096 bytes
Driver: C:\WINDOWS\system32\ksproxy.ax, 5.03.2600.5512 (English), 4/13/2008 19:12:42, 129536 bytes
Driver: C:\WINDOWS\system32\drivers\ks.sys, 5.03.2600.5512 (English), 4/13/2008 14:16:36, 141056 bytes
Driver: C:\WINDOWS\system32\drivers\drmk.sys, 5.01.2600.5512 (English), 4/13/2008 13:45:14, 60160 bytes
Driver: C:\WINDOWS\system32\drivers\portcls.sys, 5.01.2600.5512 (English), 4/13/2008 14:19:42, 146048 bytes
Driver: C:\WINDOWS\system32\drivers\stream.sys, 5.03.2600.5512 (English), 4/13/2008 13:45:16, 49408 bytes
Driver: C:\WINDOWS\system32\wdmaud.drv, 5.01.2600.5512 (English), 4/13/2008 19:12:45, 23552 bytes
Driver: C:\WINDOWS\system32\drivers\ctac32k.sys, 6.00.0001.1241 (English), 4/10/2007 04:19:30, 511272 bytes
Driver: C:\WINDOWS\system32\drivers\ctaud2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:20:38, 520488 bytes
Driver: C:\WINDOWS\system32\drivers\ctoss2k.sys, 6.00.0001.1241 (English), 4/10/2007 05:59:04, 126760 bytes
Driver: C:\WINDOWS\system32\drivers\ctprxy2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:25:46, 14632 bytes
Driver: C:\WINDOWS\system32\drivers\ctsfm2k.sys, 6.00.0001.1241 (English), 4/10/2007 06:00:24, 157480 bytes
Driver: C:\WINDOWS\system32\drivers\emupia2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:28:36, 92968 bytes
Driver: C:\WINDOWS\system32\drivers\ha10kx2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:29:10, 797992 bytes
Driver: C:\WINDOWS\system32\drivers\haP16v2k.sys, 6.00.0001.1241 (English), 4/10/2007 04:31:18, 163112 bytes
Driver: C:\WINDOWS\system32\drivers\pfmodnt.sys, 3.00.0000.0012 (English), 4/10/2007 04:32:34, 16168 bytes
Driver: C:\WINDOWS\system32\ctdlang.dat, 11/26/2003 12:29:54, 127226 bytes
Driver: C:\WINDOWS\system32\ctdaught.dat, 4/9/2007 12:19:20, 53932 bytes
Driver: C:\WINDOWS\system32\a3d.dll, 80.00.0000.0003 (English), 4/9/2007 12:32:58, 34816 bytes
Driver: C:\WINDOWS\system32\commonfx.dll, 6.00.0001.1241 (English), 4/18/2007 08:59:40, 98600 bytes
Driver: C:\WINDOWS\system32\ctaudfx.dll, 6.00.0001.1241 (English), 4/12/2007 08:10:16, 546048 bytes
Driver: C:\WINDOWS\system32\ctsblfx.dll, 6.00.0001.1241 (English), 4/12/2007 08:10:16, 560384 bytes
Driver: C:\WINDOWS\system32\sfman32.dll, 6.00.0001.1241 (English), 4/9/2007 12:21:48, 22528 bytes
Driver: C:\WINDOWS\system32\SBAudigy.ico, 8/17/2001 04:42:28, 7406 bytes
Driver: C:\WINDOWS\system32\Audigy.bmp, 11/13/2001 01:48:20, 1912 bytes
Driver: C:\WINDOWS\system32\drivers\ctdvda2k.sys, 5.13.0001.0461 (English), 4/10/2007 04:21:06, 347128 bytes
Driver: C:\WINDOWS\system32\ctbas2w.dat, 4/9/2007 12:21:28, 149838 bytes
Driver: C:\WINDOWS\system32\ctsbas2w.dat, 4/9/2007 12:19:44, 274587 bytes
Name: NVIDIA GeForce 6800 
Device ID: PCI\VEN_10DE&DEV_00C1&SUBSYS_024510DE&REV_A2\4&16EC1A1&0&0008
Driver: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 2738400 bytes
Driver: C:\WINDOWS\system32\nvsvc32.exe, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 127046 bytes
Driver: C:\WINDOWS\system32\nvcod.dll, 1.00.0000.0015 (English), 11/11/2004 17:10:00, 32256 bytes
Driver: C:\WINDOWS\system32\nvcodins.dll, 1.00.0000.0015 (English), 11/11/2004 17:10:00, 32256 bytes
Driver: C:\WINDOWS\system32\nv4_disp.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 3721344 bytes
Driver: C:\WINDOWS\system32\nvoglnt.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 5267456 bytes
Driver: C:\WINDOWS\system32\nvcpl.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 4583424 bytes
Driver: C:\WINDOWS\system32\nvmctray.dll, 6.14.0010.6684 (English), 11/11/2004 17:10:00, 86016 bytes
Driver: C:\WINDOWS\help\nvcpl.hlp, 11/11/2004 17:10:00, 157490 bytes
------------------
DirectX Components
------------------
ddraw.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 279552 bytes
ddrawex.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 27136 bytes
dxapi.sys: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 10496 bytes
d3d8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 1179648 bytes
d3d8thk.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 8192 bytes
d3d9.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 1689088 bytes
d3dim.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 436224 bytes
d3dim700.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:51 824320 bytes
d3dramp.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 590336 bytes
d3drm.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 350208 bytes
d3dxof.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 47616 bytes
d3dpmesh.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 34816 bytes
dplay.dll: 5.00.2134.0001 English Final Retail 8/10/2004 05:00:00 33040 bytes
dplayx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 229888 bytes
dpmodemx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 23552 bytes
dpwsock.dll: 5.00.2134.0001 English Final Retail 8/10/2004 05:00:00 42768 bytes
dpwsockx.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 57344 bytes
dplaysvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:17 29696 bytes
dpnsvr.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:17 17920 bytes
dpnet.dll: 5.03.2600.6311 English Final Retail 11/1/2012 21:02:42 375296 bytes
dpnlobby.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:09:20 3072 bytes
dpnaddr.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:09:19 3072 bytes
dpvoice.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 212480 bytes
dpvsetup.exe: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:18 83456 bytes
dpvvox.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 116736 bytes
dpvacm.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 21504 bytes
dpnhpast.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 35328 bytes
dpnhupnp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 60928 bytes
dpserial.dll: 5.00.2134.0001 English Final Retail 8/10/2004 05:00:00 53520 bytes
dinput.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 158720 bytes
dinput8.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181760 bytes
dimap.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 44032 bytes
diactfrm.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 394240 bytes
joy.cpl: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:41 68608 bytes
gcdef.dll: 5.01.2600.0000 English Final Retail 8/10/2004 05:00:00 76800 bytes
pid.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:02 35328 bytes
gameenum.sys: 5.01.2600.5512 English Final Retail 4/13/2008 14:45:30 10624 bytes
dsound.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 367616 bytes
dsound3d.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 1293824 bytes
dswave.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 19456 bytes
dsdmo.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181248 bytes
dsdmoprp.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 71680 bytes
dmusic.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 104448 bytes
dmband.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 28672 bytes
dmcompos.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 61440 bytes
dmime.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 181248 bytes
dmloader.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 35840 bytes
dmstyle.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 105984 bytes
dmsynth.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 103424 bytes
dmscript.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 82432 bytes
system.dll: 1.00.3705.6110 English Final Retail 1/9/2013 03:04:28 1179648 bytes
system.dll: 1.01.4322.2500 English Final Retail 11/15/2012 09:54:41 1232896 bytes
Microsoft.DirectX.Direct3D.dll: 9.05.0132.0000 English Final Retail 1/3/2012 20:36:32 473600 bytes
Microsoft.DirectX.Direct3DX.dll: 5.04.0000.3900 English Final Retail 1/3/2012 20:36:21 2676224 bytes
Microsoft.DirectX.Direct3DX.dll: 9.04.0091.0000 English Final Retail 1/3/2012 20:36:21 2846720 bytes
Microsoft.DirectX.Direct3DX.dll: 9.05.0132.0000 English Final Retail 1/3/2012 20:36:22 563712 bytes
Microsoft.DirectX.Direct3DX.dll: 9.06.0168.0000 English Final Retail 1/3/2012 20:36:23 567296 bytes
Microsoft.DirectX.Direct3DX.dll: 9.07.0239.0000 English Final Retail 1/3/2012 20:36:23 576000 bytes
Microsoft.DirectX.Direct3DX.dll: 9.08.0299.0000 English Final Retail 1/3/2012 20:36:24 577024 bytes
Microsoft.DirectX.Direct3DX.dll: 9.09.0376.0000 English Final Retail 1/3/2012 20:36:24 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.10.0455.0000 English Final Retail 1/3/2012 20:36:24 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.11.0519.0000 English Final Retail 1/3/2012 20:36:25 578560 bytes
Microsoft.DirectX.Direct3DX.dll: 9.12.0589.0000 English Final Retail 1/3/2012 20:36:32 578560 bytes
Microsoft.DirectX.DirectDraw.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 145920 bytes
Microsoft.DirectX.DirectInput.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 159232 bytes
Microsoft.DirectX.DirectPlay.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 364544 bytes
Microsoft.DirectX.DirectSound.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 178176 bytes
Microsoft.DirectX.AudioVideoPlayback.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:31 53248 bytes
Microsoft.DirectX.Diagnostics.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:32 12800 bytes
Microsoft.DirectX.dll: 5.04.0000.2904 English Final Retail 1/3/2012 20:36:31 223232 bytes
dx7vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 619008 bytes
dx8vb.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 1227264 bytes
dxdiagn.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:52 2113536 bytes
mfc40.dll: 4.01.0000.6151 English Beta Retail 9/18/2010 01:53:25 954368 bytes
mfc42.dll: 6.02.8081.0000 English Final Retail 2/8/2011 08:33:55 978944 bytes
wsock32.dll: 5.01.2600.5512 English Final Retail 4/13/2008 19:12:10 22528 bytes
amstream.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:49 70656 bytes
devenum.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:51 59904 bytes
dxmasf.dll: 6.04.0009.1133 English Final Retail 4/13/2008 19:11:52 498742 bytes
mciqtz32.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:56 35328 bytes
mpg2splt.ax: 6.05.2710.2732 English Final Retail 8/5/2005 13:06:50 165376 bytes
msdmo.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:11:59 14336 bytes
encapi.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:53 20480 bytes
 qasf.dll: 11.00.5721.5262 English Final Retail 1/30/2009 20:34:02 211456 bytes
qcap.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 192512 bytes
qdv.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 279040 bytes
qdvd.dll: 6.05.2600.6169 English Final Retail 11/3/2011 10:28:36 386048 bytes
qedit.dll: 6.05.2600.5512 English Final Retail 4/13/2008 19:12:03 562176 bytes
qedwipes.dll: 6.05.2600.5512 English Final Retail 4/13/2008 12:21:32 733696 bytes
quartz.dll: 6.05.2600.6169 English Final Retail 11/3/2011 10:28:36 1292288 bytes
strmdll.dll: 4.01.0000.3938 English Final Retail 8/26/2009 03:00:21 247326 bytes
iac25_32.ax: 2.00.0005.0053 English Final Retail 4/13/2008 19:12:42 199680 bytes
ir41_32.ax: 4.51.0016.0003 English Final Retail 4/13/2008 19:12:42 848384 bytes
ir41_qc.dll: 4.30.0062.0002 English Final Retail 4/13/2008 19:11:55 120320 bytes
ir41_qcx.dll: 4.30.0064.0001 English Final Retail 4/13/2008 19:11:55 338432 bytes
ir50_32.dll: 5.2562.0015.0055 English Final Retail 4/13/2008 19:11:55 755200 bytes
ir50_qc.dll: 5.00.0063.0048 English Final Retail 4/13/2008 19:11:55 200192 bytes
ir50_qcx.dll: 5.00.0064.0048 English Final Retail 4/13/2008 19:11:55 183808 bytes
ivfsrc.ax: 5.10.0002.0051 English Final Retail 4/13/2008 19:12:42 154624 bytes
mswebdvd.dll: 6.05.2600.5857 English Final Retail 8/5/2009 04:01:48 204800 bytes
ks.sys: 5.03.2600.5512 English Final Retail 4/13/2008 14:16:36 141056 bytes
ksproxy.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 129536 bytes
ksuser.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:11:56 4096 bytes
stream.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:45:16 49408 bytes
mspclock.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:50 5376 bytes
mspqm.sys: 5.01.2600.5512 English Final Retail 4/13/2008 13:39:51 4992 bytes
mskssrv.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:52 7552 bytes
swenum.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:53 4352 bytes
mstee.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:39:50 5504 bytes
msdvbnp.ax: 6.05.2710.2732 English Final Retail 8/5/2005 14:01:54 58368 bytes
psisdecd.dll: 6.05.2715.3011 English Final Retail 10/9/2006 16:12:14 235008 bytes
psisrndr.ax: 6.05.2715.3011 English Final Retail 10/9/2006 16:12:30 224256 bytes
ipsink.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 16384 bytes
mpeg2data.ax: 6.05.2710.2732 English Final Retail 8/5/2005 14:01:54 62976 bytes
ndisip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:22 10880 bytes
streamip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:22 15232 bytes
msvidctl.dll: 6.05.2715.3011 English Final Retail 10/9/2006 16:15:52 1669632 bytes
slip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:24 11136 bytes
nabtsfec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:26 85248 bytes
ccdecode.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:24 17024 bytes
vbisurf.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 30208 bytes
msyuv.dll: 5.03.2600.5908 English Final Retail 11/27/2009 12:11:44 17920 bytes
kstvtune.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 61952 bytes
ksxbar.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 43008 bytes
kswdmcap.ax: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:42 91136 bytes
vfwwdm32.dll: 5.01.2600.5512 English Final Retail 4/13/2008 19:12:08 53760 bytes
wstcodec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 13:46:24 19200 bytes
wstdecod.dll: 5.03.2600.5512 English Final Retail 4/13/2008 19:12:10 50688 bytes
------------------
DirectShow Filters
------------------
WDM Streaming VBI Codecs:
NABTS/FEC VBI Codec,0x00200000,2,1,,5.03.2600.5512
CC Decoder,0x00200000,2,1,,5.03.2600.5512
WST Codec,0x00200000,1,1,,5.03.2600.5512
DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,,
WMAPro over S/PDIF DMO,0x00600800,1,1,,
WMA Voice Decoder DMO,0x00600800,1,1,,
WMVideo Advanced Decoder DMO,0x00800001,1,1,,
Mpeg4s Decoder DMO,0x00800001,1,1,,
WMV Screen decoder DMO,0x00800001,1,1,,
WMVideo Decoder DMO,0x00800001,1,1,,
Mpeg43 Decoder DMO,0x00800001,1,1,,
Mpeg4 Decoder DMO,0x00800001,1,1,,
WMT MuxDeMux Filter,0x00200000,0,0,wmm2filt.dll,2.01.4026.0000
AXIS Picture Events Embedded,0x00200000,1,1,AxPicEventsFilterEmb.ax,1.02.0001.0000
SonyCDSrcWriter,0x00200000,1,0,SonyCDSrcWriter.ax,4.07.0000.12140
Xiph.Org Vorbis Decoder,0x00600000,1,1,,
Creative LiveRecording Filter,0x00400000,0,1,LiveRec.ax,2.01.0001.0000
Full Screen Renderer,0x00200000,1,0,quartz.dll,6.05.2600.6169
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
Record Queue,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll,14.00.8117.0416
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll,14.00.8117.0416
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll,14.00.8117.0416
RealPlayer Video Filter,0x00200000,1,1,rdsf3260.dll,15.00.0004.0053
WAV Dest Trial,0x00200000,0,0,WavD2Try.dll,1.01.0000.3463
CT Upsampler filter,0x00100000,1,1,Upsample.ax,2.00.0000.0003
OpenMG Async. File Source,0x00400000,0,1,OmgAfs.ax,4.07.0000.12140
Creative Wave Writer,0x00200000,1,0,WavWrite.ax,3.00.0003.0000
WST Renderer,0x00800000,1,1,WSTRenderer.ax,6.05.2710.2732
DV Muxer,0x00400000,0,0,qdv.dll,6.05.2600.5512
Sony Audio CD Source Filter,0x00600000,0,1,cdsrc.ax,4.07.0000.12140
Creative MLP Source Filter,0x00400000,0,1,MlpSrc.ax,3.00.0000.0000
Color Space Converter,0x00400001,1,1,quartz.dll,6.05.2600.6169
WM ASF Reader,0x00400000,0,0,qasf.dll,11.00.5721.5262
Creative NVF Filter,0x00400000,0,1,NvfSrc.ax,3.00.0000.0000
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.5721.5262
SAL Output Converter,0x00200000,1,0,saloconv.ax,4.07.0000.12140
AVI Splitter,0x00600000,1,1,quartz.dll,6.05.2600.6169
BPM Metadata,0x001fffff,1,1,MetaBPM.ax,1.00.0004.0000
WMT AudioAnalyzer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.05.2600.6169
Indeo® video 5.10 Compression Filter,0x00200000,1,1,ir50_32.dll,5.2562.0015.0055
Windows Media Audio Decoder,0x00800001,1,1,msadds32.ax,8.00.0000.4487
Creative Still Picture MPEG1 Splitter,0x00600000,1,2,CTspf.ax,1.00.0003.0000
Photo Story 2 Trial Source Filter,0x00200000,0,1,PSSF2Try.dll,1.01.0000.3463
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.05.2710.2732
WMT Format Conversion,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
CT Time-Scaling filter,0x00100000,1,1,TimeScal.ax,2.02.0000.0000
StreamBufferSink,0x00200000,0,0,sbe.dll,6.05.2715.5512
WMT Black Frame Generator,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Microsoft TV Caption Decoder,0x00200001,1,0,mstvcapn.dll,5.01.2715.5512
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
Indeo® video 5.10 Decompression Filter,0x00640000,1,1,ir50_32.dll,5.2562.0015.0055
WMT Screen Capture filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
SVM Metadata,0x001fffff,1,1,MetaSVM.ax,1.00.0006.0000
Microsoft Screen Video Decompressor,0x00800000,1,1,msscds32.ax,8.00.0000.4487
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.05.2600.6169
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
VBI Codec,0x00600000,1,4,VBICodec.ax,6.05.2710.2732
MPEG Layer-3 Decoder,0x00810000,1,1,l3codecx.ax,1.06.0000.0052
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.05.2710.2732
ACELP.net Sipro Lab Audio Decoder,0x00800001,1,1,acelpdec.ax,1.04.0000.0000
WMS Filter,0x00400000,0,1,CTWMSFLT.DLL,1.12.0001.0000
Photo Story 3 Source Filter,0x00000000,0,0,,
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.05.2600.6169
File Source (Netshow URL),0x00400000,0,1,wmpasf.dll,11.00.5721.5262
WMT Import Filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
OmgGenericSrcFilter,0x00400000,0,1,OmgGenericSrcFilter.ax,4.07.0000.12140
DV Splitter,0x00600000,1,2,qdv.dll,6.05.2600.5512
Bitmap Generate,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Windows Media Video Decoder,0x00800000,1,1,wmvds32.ax,8.00.0000.4487
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.05.2600.6169
Windows Media Video Decoder,0x00800000,1,1,wmv8ds32.ax,8.00.0000.4000
OmgDsee Filter,0x00200000,1,1,OmgDseeFilter.ax,
WMT VIH2 Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
OmgPushSrc,0x00200000,0,1,OmgPushSrc.ax,4.07.0000.12140
PCM to EXT,0x00200000,0,0,Pcm2Ext.ax,5.00.0000.0000
Record Queue,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Xiph.Org Vorbis Encoder,0x00200000,1,1,,
CT Karaoke filter,0x00100000,1,1,Karaoke.ax,2.00.0000.0004
Creative MP3 Source Filter,0x00400000,0,1,Mp3Src.ax,3.00.0000.0000
Windows Media Multiplexer,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASX file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASX v.2 file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5262
NSC file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
AxisRTPSrcFilterEmb,0x00200000,0,2,AxisRTPSrcFilterEmb.ax,1.06.0003.0003
CT PDP filter,0x00100000,1,1,PDP.ax,1.00.0000.0000
ACM Wrapper,0x00600000,1,1,quartz.dll,6.05.2600.6169
OMG Seamless,0x00200000,1,1,SeamlessFilter.ax,4.07.0000.12140
Windows Media source filter,0x00600000,0,2,wmpasf.dll,11.00.5721.5262
Video Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
Frame Eater,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.05.2715.5512
SonyWavWriter,0x00200000,1,0,,
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.05.2600.6169
Video Port Manager,0x00600000,2,1,quartz.dll,6.05.2600.6169
WST Decoder,0x00600000,1,1,wstdecod.dll,5.03.2600.5512
Video Renderer,0x00400000,1,0,quartz.dll,6.05.2600.6169
OpenMG Audio Decrypt Splitter,0x00600000,1,1,omgdec.ax,4.07.0000.12140
File Writer,0x00200000,1,0,WLXVAFilt.dll,14.00.8117.0416
Creative AC3 Source Filter,0x00400000,0,1,AC3Src.ax,3.00.0001.0000
CT SmartVolumeManagement filter,0x00100000,1,1,DSCompr.ax,1.00.0000.0001
WM ASF Writer,0x00400000,0,0,qasf.dll,11.00.5721.5262
CBVA Filter,0x00200000,1,1,CBVAFilter.dll,5.01.2700.2180
WMT Sample Information Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,5.03.2600.5512
Creative MP3 Writer,0x00200000,1,0,MP3Write.ax,3.00.0001.0000
Microsoft MPEG-4 Video Decompressor,0x00800000,1,1,mpg4ds32.ax,8.00.0000.4504
OpenMG OmgSource Filter,0x00600000,0,1,omgsrc.ax,4.07.0000.12140
File writer,0x00200000,1,0,qcap.dll,6.05.2600.5512
WMT Log Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Virtual Renderer,0x00200000,1,0,wmm2filt.dll,2.01.4026.0000
OMG TRANSFORM,0x00600000,1,1,omgtrans.ax,4.07.0000.12140
DVD Navigator,0x00200000,0,2,qdvd.dll,6.05.2600.6169
OmgMP4Decoder2,0x00600000,1,1,OmgMP4Decoder2.ax,4.07.0000.12140
Overlay Mixer2,0x00400000,1,1,qdvd.dll,6.05.2600.6169
SonyMSAConverter,0x00200000,1,0,SonyMSAConverter3.ax,4.07.0000.12140
Tivo DirectShow Source Filter,0x00400000,0,1,TiVoDirectShowFilter.dll,1.00.0017.6289
CT CMSS3 filter,0x00100000,1,1,CMSS3.ax,3.00.0000.0002
AVI Draw,0x00600064,9,1,quartz.dll,6.05.2600.6169
.RAM file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5262
WST Pager,0x00800000,1,1,WSTPager.ax,6.05.2710.2732
WMT DirectX Transform Wrapper,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
G.711 Codec,0x00200000,1,1,g711codc.ax,5.01.2600.0000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.05.2710.2732
DV Video Decoder,0x00800000,1,1,qdv.dll,6.05.2600.5512
RealPlayer Transcode Filter,0x00600000,0,0,rdsf3260.dll,15.00.0004.0053
Creative MP3 Source Filter,0x00400000,0,1,CTMP3SFT.DLL,1.00.0010.0000
Indeo® audio software,0x00500000,1,1,iac25_32.ax,2.00.0005.0053
Windows Media Update Filter,0x00400000,1,0,wmpasf.dll,11.00.5721.5262
Noise Reduction,0x00100000,1,1,NoisRedu.ax,3.00.0000.0002
ASF DIB Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF ACM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF ICM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF URL Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF JPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF DJPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
ASF embedded stuff Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5262
9x8Resize,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WIA Stream Snapshot Filter,0x00200000,1,1,wiasf.ax,1.00.0000.0000
Allocator Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.05.2600.5512
Null Renderer,0x00200000,1,0,qedit.dll,6.05.2600.5512
Creative WMA Writer,0x00200000,1,0,WMAWrite.ax,3.00.0003.0000
WMT Virtual Source,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Sections and Tables,0x005fffff,1,0,Mpeg2Data.ax,6.05.2710.2732
WMT Interlacer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
StreamBufferSource,0x00200000,0,0,sbe.dll,6.05.2715.5512
Smart Tee,0x00200000,1,2,qcap.dll,6.05.2600.5512
Creative WMA Source Filter,0x00400000,0,1,WmaSrc.ax,3.00.0003.0000
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.05.2600.6169
RealPlayer Audio Filter,0x00200000,1,1,rdsf3260.dll,15.00.0004.0053
AVI Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
Uncompressed Domain Shot Detection Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.05.2600.6169
Arcsoft Snapshot Filter 1.0,0x00200000,1,1,ArcSnap.ax,1.00.0000.0020
QuickTime Movie Parser,0x00600000,1,1,quartz.dll,6.05.2600.6169
Wave Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
MIDI Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
Multi-file Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
File stream renderer,0x00400000,1,1,quartz.dll,6.05.2600.6169
XML Playlist,0x00400000,1,0,wmpasf.dll,11.00.5721.5262
NVF Filter,0x00400000,0,1,CTNVFFLT.DLL,1.00.0000.0000
CyberLink Line21 Decoder Filter,0x00200000,0,2,CLLine21.ax,4.00.0000.4418
CyberLink Video/SP Decoder DELL 5.3,0x00600000,2,3,CLVSD.ax,6.00.0000.2314
CyberLink AudioCD Filter,0x00600000,0,1,CLAudioCD.ax,5.00.0000.1305
CyberLink TimeStretch Filter,0x00200000,1,1,clauts.ax,1.00.0000.2519
CyberLink DVD Navigator,0x00600000,0,3,CLNavX.ax,5.03.0000.2503
CyberLink Audio Decoder,0x00601000,1,1,claud.ax,6.00.0000.2505
AVI Mux,0x00200000,1,0,qcap.dll,6.05.2600.5512
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.05.2600.6169
File Source (Async.),0x00400000,0,1,quartz.dll,6.05.2600.6169
File Source (URL),0x00400000,0,1,quartz.dll,6.05.2600.6169
WMT DV Extract,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Creative CDDA Source Filter,0x00400000,0,1,CDDA.ax,3.00.0001.0000
WAV Dest,0x00000000,0,0,,
WMT Switch Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Volume,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Stretch Video,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.05.2600.5512
SAL Input Converter,0x00200000,0,1,saliconv.ax,4.07.0000.12140
QT Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.05.2600.6169
Indeo® video 4.4 Decompression Filter,0x00640000,1,1,ir41_32.ax,4.51.0016.0003
Indeo® video 4.4 Compression Filter,0x00200000,1,1,ir41_32.ax,4.51.0016.0003
WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512
WDM Streaming Data Transforms:
Microsoft Kernel Acoustic Echo Canceller,0x00000000,0,0,,
Microsoft Kernel GS Wavetable Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DLS Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DRM Audio Descrambler,0x00200000,1,1,,5.03.2600.5512
Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,,
MSScreen encoder DMO,0x00600800,1,1,,
WMVideo9 Encoder DMO,0x00600800,1,1,,
MSScreen 9 encoder DMO,0x00600800,1,1,,
DV Video Encoder,0x00200000,0,0,qdv.dll,6.05.2600.5512
Indeo® video 5.10 Compression Filter,0x00100000,1,1,ir50_32.dll,5.2562.0015.0055
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.05.2600.6169
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel 4:2:0 Video V2.50,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo(R) Video R3.2,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo(R) Video Interactive,0x00200000,1,1,qcap.dll,6.05.2600.5512
Indeo® video 5.10,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.261 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.263 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft RLE,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.05.2600.5512
Audio Compressors:
WMA Voice Encoder DMO,0x00600800,1,1,,
WM Speech Encoder DMO,0x00600800,1,1,,
WMAudio Encoder DMO,0x00600800,1,1,,
Xiph.Org Vorbis Encoder,0x00200000,1,1,,
IAC2,0x00200000,1,1,quartz.dll,6.05.2600.6169
IMA ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
PCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
ACELP.net,0x00200000,1,1,quartz.dll,6.05.2600.6169
DSP Group TrueSpeech(TM),0x00200000,1,1,quartz.dll,6.05.2600.6169
Windows Media Audio V1,0x00200000,1,1,quartz.dll,6.05.2600.6169
Windows Media Audio V2,0x00200000,1,1,quartz.dll,6.05.2600.6169
GSM 6.10,0x00200000,1,1,quartz.dll,6.05.2600.6169
Microsoft G.723.1,0x00200000,1,1,quartz.dll,6.05.2600.6169
CCITT A-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
CCITT u-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.05.2600.6169
Audio Capture Sources:
Modem #0 Line Record,0x00200000,0,0,qcap.dll,6.05.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,0,0,qcap.dll,6.05.2600.5512
Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
Microsoft GS Wavetable SW Synth,0x00200000,1,0,quartz.dll,6.05.2600.6169
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
SB Audigy 2 ZS Synth A [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
SB Audigy 2 ZS Synth B [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
WDM Streaming Capture Devices:
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,2,2,,5.03.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,3,2,,5.03.2600.5512
WDM Streaming Rendering Devices:
SB Audigy 2 ZS DirectMusic Synthesizer [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS Synth A [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS Synth B [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,2,2,,5.03.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,3,2,,5.03.2600.5512
BDA Rendering Filters:
BDA IP Sink,0x00200000,1,1,,5.03.2600.5512
BDA Network Providers:
Microsoft Network Provider,0x00200000,0,1,MSNP.ax,6.05.2710.2732
Multi-Instance Capable VBI Codecs:
VBI Codec,0x00600000,1,4,VBICodec.ax,6.05.2710.2732
BDA Transport Information Renderers:
MPEG-2 Sections and Tables,0x00600000,1,0,Mpeg2Data.ax,6.05.2710.2732
WDM Streaming Mixer Devices:
Microsoft Kernel Wave Audio Mixer,0x00000000,0,0,,
BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,0,encdec.dll,6.05.2715.5512
Encrypt/Tag,0x00200000,0,0,encdec.dll,6.05.2715.5512
XDS Codec,0x00200000,0,0,encdec.dll,6.05.2715.5512
WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512
Audio Renderers:
SB Audigy 2 ZS Audio [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
CyberLink Audio Renderer,0x00200000,1,0,cladr.ax,6.00.0000.1927
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.05.2600.6169
DirectSound: Modem #0 Line Playback (emulated),0x00200000,1,0,quartz.dll,6.05.2600.6169
DirectSound: SB Audigy 2 ZS Audio [DCC0],0x00200000,1,0,quartz.dll,6.05.2600.6169
Modem #0 Line Playback,0x00200000,1,0,quartz.dll,6.05.2600.6169
WDM Streaming System Devices:
SB Audigy 2 ZS DirectMusic Synthesizer [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS Synth A [DCC0],0x00200000,11,2,,5.03.2600.5512
SB Audigy 2 ZS Synth B [DCC0],0x00200000,1,1,,5.03.2600.5512
SB Audigy 2 ZS MIDI IO [DCC0],0x00200000,2,2,,5.03.2600.5512
SB Audigy 2 ZS Audio [DCC0],0x00200000,13,2,,5.03.2600.5512
BDA Receiver Component:
BDA Slip De-Framer,0x00600000,1,1,,5.03.2600.5512


----------



## olabola (May 20, 2012)

olabola said:


> This is what pops up if I click the balooon.


So I followed the instructions of the popups and the trouble shooter and took screen shots all the way through, and some of the stuff I found was pretty interesting...including NORTON!!!

I did not follow all the way through because I prefer to have you walk me through it, plus with the Norton in there it caught me by surprise. I was wondering if the camera needs a new driver? Its supposed to be plug and play, which is what happened at work. I it didnt come with any software and I threw out the small box it came with.

Thanks


----------



## olabola (May 20, 2012)

I reveived my external hard drive in the mail but I am worried about using it out of fear that it will get whatever is infecting my computer?


----------



## Cookiegal (Aug 27, 2003)

Have you tried to connect the webcam in a different port?


----------



## olabola (May 20, 2012)

Not this attempt, but previously yes. Unfortunately I have a much bigger problem. I turned on my computer this am and it wouldn't finish booting. Thank God for smart phones!


----------



## Cookiegal (Aug 27, 2003)

Can you boot to Safe Mode?

If not, try booting to Last Known Good Configuration.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Can you boot to Safe Mode?
> 
> If not, try booting to Last Known Good Configuration.


I wasnt able to finish booting, as you can see in the picture below


----------



## olabola (May 20, 2012)

Im nervous about what I should do when I get home with the computer?


----------



## Cookiegal (Aug 27, 2003)

Reboot it and see if you can select Last Known Good Configuration.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Reboot it and see if you can select Last Known Good Configuration.


How? When I hit that screen nothing happens, it just sits with half the whit bar filled, and no matter what I press, nothing changes until I manually shut it off


----------



## Cookiegal (Aug 27, 2003)

When you restart the computer continuously tap the F8 key when it's booting until you see the "Windows Advanced Options Menu". Then use the arrow keys to scroll down to select "Last Known Good Configuration" and hit Enter.


----------



## olabola (May 20, 2012)

Well it didn't work this morning but it did just now and it seems to be loading still - to last known good config like u said


----------



## olabola (May 20, 2012)

I was able to get back onto my computer, but I dont want to do too much without instruction from you. Everthing "looks" ok but I am assuming that you will want some logs or scans done, so I will wait to hear from you and just no go online too much except to check a quick email and to see if there is a new post.

Thanks so much!


----------



## Cookiegal (Aug 27, 2003)

That's good. 

Please go to *Start *- *Run *- type in *eventvwr.msc* to open the event viewer. Look under both "Application" and "System" for recent (the last 48 hours or so) errors (shown in red) and if found, do this for each one.

Double-click the error to open it up and then click on the icon that looks like two pieces of paper. This will copy the full error. Then "paste" the error into Notepad. Do this for each one until you have them all listed in Notepad and then copy and paste the list in a reply here please.


----------



## olabola (May 20, 2012)

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 11706
Date: 1/14/2013
Time: 3:00:42 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 172A1} 
Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1023
Date: 1/14/2013
Time: 3:00:44 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 - Update '{6C298884-91FD-408C-9D90-5A59D2C29FD1}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2742597-X86\NDP1.1sp1-KB2742597-X86-msi.0.log.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 20 7b 172A1} {
0028: 36 43 32 39 38 38 38 34 6C298884
0030: 2d 39 31 46 44 2d 34 30 -91FD-40
0038: 38 43 2d 39 44 39 30 2d 8C-9D90-
0040: 35 41 35 39 44 32 43 32 5A59D2C2
0048: 39 46 44 31 7d 20 31 36 9FD1} 16
0050: 30 33 03 
Event Type: Error
Event Source: NativeWrapper
Event Category: None
Event ID: 5000
Date: 1/14/2013
Time: 3:00:46 AM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1716.5060, kb2742597, 1033, 643, f, install, x86, 5.1.2600.2.3.0.256, 0.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 37 00 78 00 38 00 30 00 7.x.8.0.
0020: 75 00 70 00 64 00 61 00 u.p.d.a.
0028: 74 00 65 00 2c 00 20 00 t.e.,. .
0030: 6d 00 73 00 69 00 65 00 m.s.i.e.
0038: 78 00 65 00 63 00 2e 00 x.e.c...
0040: 65 00 78 00 65 00 2c 00 e.x.e.,.
0048: 20 00 31 00 2e 00 30 00 .1...0.
0050: 2e 00 31 00 37 00 31 00 ..1.7.1.
0058: 36 00 2e 00 35 00 30 00 6...5.0.
0060: 36 00 30 00 2c 00 20 00 6.0.,. .
0068: 6b 00 62 00 32 00 37 00 k.b.2.7.
0070: 34 00 32 00 35 00 39 00 4.2.5.9.
0078: 37 00 2c 00 20 00 31 00 7.,. .1.
0080: 30 00 33 00 33 00 2c 00 0.3.3.,.
0088: 20 00 36 00 34 00 33 00 .6.4.3.
0090: 2c 00 20 00 66 00 2c 00 ,. .f.,.
0098: 20 00 69 00 6e 00 73 00 .i.n.s.
00a0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00a8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00b0: 36 00 2c 00 20 00 35 00 6.,. .5.
00b8: 2e 00 31 00 2e 00 32 00 ..1...2.
00c0: 36 00 30 00 30 00 2e 00 6.0.0...
00c8: 32 00 2e 00 33 00 2e 00 2...3...
00d0: 30 00 2e 00 32 00 35 00 0...2.5.
00d8: 36 00 20 00 30 00 0d 00 6. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 11706
Date: 1/15/2013
Time: 3:00:41 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 172A1} 
Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1023
Date: 1/15/2013
Time: 3:00:43 AM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 - Update '{6C298884-91FD-408C-9D90-5A59D2C29FD1}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2742597-X86\NDP1.1sp1-KB2742597-X86-msi.0.log.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 20 7b 172A1} {
0028: 36 43 32 39 38 38 38 34 6C298884
0030: 2d 39 31 46 44 2d 34 30 -91FD-40
0038: 38 43 2d 39 44 39 30 2d 8C-9D90-
0040: 35 41 35 39 44 32 43 32 5A59D2C2
0048: 39 46 44 31 7d 20 31 36 9FD1} 16
0050: 30 33 03 
Event Type: Error
Event Source: NativeWrapper
Event Category: None
Event ID: 5000
Date: 1/15/2013
Time: 3:00:44 AM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1716.5060, kb2742597, 1033, 643, f, install, x86, 5.1.2600.2.3.0.256, 0.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 37 00 78 00 38 00 30 00 7.x.8.0.
0020: 75 00 70 00 64 00 61 00 u.p.d.a.
0028: 74 00 65 00 2c 00 20 00 t.e.,. .
0030: 6d 00 73 00 69 00 65 00 m.s.i.e.
0038: 78 00 65 00 63 00 2e 00 x.e.c...
0040: 65 00 78 00 65 00 2c 00 e.x.e.,.
0048: 20 00 31 00 2e 00 30 00 .1...0.
0050: 2e 00 31 00 37 00 31 00 ..1.7.1.
0058: 36 00 2e 00 35 00 30 00 6...5.0.
0060: 36 00 30 00 2c 00 20 00 6.0.,. .
0068: 6b 00 62 00 32 00 37 00 k.b.2.7.
0070: 34 00 32 00 35 00 39 00 4.2.5.9.
0078: 37 00 2c 00 20 00 31 00 7.,. .1.
0080: 30 00 33 00 33 00 2c 00 0.3.3.,.
0088: 20 00 36 00 34 00 33 00 .6.4.3.
0090: 2c 00 20 00 66 00 2c 00 ,. .f.,.
0098: 20 00 69 00 6e 00 73 00 .i.n.s.
00a0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00a8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00b0: 36 00 2c 00 20 00 35 00 6.,. .5.
00b8: 2e 00 31 00 2e 00 32 00 ..1...2.
00c0: 36 00 30 00 30 00 2e 00 6.0.0...
00c8: 32 00 2e 00 33 00 2e 00 2...3...
00d0: 30 00 2e 00 32 00 35 00 0...2.5.
00d8: 36 00 20 00 30 00 0d 00 6. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: MPSampleSubmission
Event Category: None
Event ID: 5000
Date: 1/15/2013
Time: 7:14:41 AM
User: N/A
Computer: D16M9M71
Description:
EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 1.1.9002.0, P3 1.141.3868.0, P4 1.141.3868.0, P5 0000055512700eda_89690281720024e8c154ab524dcb4a198a2530b5, P6 NIL, P7 NIL, P8 NIL, P9 NIL, P10 NIL.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 61 00 76 00 73 00 75 00 a.v.s.u.
0008: 62 00 6d 00 69 00 74 00 b.m.i.t.
0010: 2c 00 20 00 6d 00 69 00 ,. .m.i.
0018: 63 00 72 00 6f 00 73 00 c.r.o.s.
0020: 6f 00 66 00 74 00 20 00 o.f.t. .
0028: 73 00 65 00 63 00 75 00 s.e.c.u.
0030: 72 00 69 00 74 00 79 00 r.i.t.y.
0038: 20 00 65 00 73 00 73 00 .e.s.s.
0040: 65 00 6e 00 74 00 69 00 e.n.t.i.
0048: 61 00 6c 00 73 00 20 00 a.l.s. .
0050: 28 00 65 00 64 00 62 00 (.e.d.b.
0058: 34 00 66 00 61 00 32 00 4.f.a.2.
0060: 33 00 2d 00 35 00 33 00 3.-.5.3.
0068: 62 00 38 00 2d 00 34 00 b.8.-.4.
0070: 61 00 66 00 61 00 2d 00 a.f.a.-.
0078: 38 00 63 00 35 00 64 00 8.c.5.d.
0080: 2d 00 39 00 39 00 37 00 -.9.9.7.
0088: 35 00 32 00 63 00 63 00 5.2.c.c.
0090: 61 00 37 00 30 00 39 00 a.7.0.9.
0098: 34 00 29 00 2c 00 20 00 4.).,. .
00a0: 31 00 2e 00 31 00 2e 00 1...1...
00a8: 39 00 30 00 30 00 32 00 9.0.0.2.
00b0: 2e 00 30 00 2c 00 20 00 ..0.,. .
00b8: 31 00 2e 00 31 00 34 00 1...1.4.
00c0: 31 00 2e 00 33 00 38 00 1...3.8.
00c8: 36 00 38 00 2e 00 30 00 6.8...0.
00d0: 2c 00 20 00 31 00 2e 00 ,. .1...
00d8: 31 00 34 00 31 00 2e 00 1.4.1...
00e0: 33 00 38 00 36 00 38 00 3.8.6.8.
00e8: 2e 00 30 00 2c 00 20 00 ..0.,. .
00f0: 30 00 30 00 30 00 30 00 0.0.0.0.
00f8: 30 00 35 00 35 00 35 00 0.5.5.5.
0100: 31 00 32 00 37 00 30 00 1.2.7.0.
0108: 30 00 65 00 64 00 61 00 0.e.d.a.
0110: 5f 00 38 00 39 00 36 00 _.8.9.6.
0118: 39 00 30 00 32 00 38 00 9.0.2.8.
0120: 31 00 37 00 32 00 30 00 1.7.2.0.
0128: 30 00 32 00 34 00 65 00 0.2.4.e.
0130: 38 00 63 00 31 00 35 00 8.c.1.5.
0138: 34 00 61 00 62 00 35 00 4.a.b.5.
0140: 32 00 34 00 64 00 63 00 2.4.d.c.
0148: 62 00 34 00 61 00 31 00 b.4.a.1.
0150: 39 00 38 00 61 00 32 00 9.8.a.2.
0158: 35 00 33 00 30 00 62 00 5.3.0.b.
0160: 35 00 2c 00 20 00 4e 00 5.,. .N.
0168: 49 00 4c 00 2c 00 20 00 I.L.,. .
0170: 4e 00 49 00 4c 00 2c 00 N.I.L.,.
0178: 20 00 4e 00 49 00 4c 00 .N.I.L.
0180: 2c 00 20 00 4e 00 49 00 ,. .N.I.
0188: 4c 00 20 00 4e 00 49 00 L. .N.I.
0190: 4c 00 0d 00 0a 00 L.....

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 11706
Date: 1/16/2013
Time: 8:30:35 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 -- Error 1706.No valid source could be found for product Microsoft .NET Framework 1.1. The Windows installer cannot continue.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 172A1}

Event Type: Error
Event Source: MsiInstaller
Event Category: None
Event ID: 1023
Date: 1/16/2013
Time: 8:30:38 PM
User: NT AUTHORITY\SYSTEM
Computer: D16M9M71
Description:
Product: Microsoft .NET Framework 1.1 - Update '{6C298884-91FD-408C-9D90-5A59D2C29FD1}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2742597-X86\NDP1.1sp1-KB2742597-X86-msi.0.log.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 7b 43 42 32 46 37 45 44 {CB2F7ED
0008: 44 2d 39 44 31 46 2d 34 D-9D1F-4
0010: 33 43 31 2d 39 30 46 43 3C1-90FC
0018: 2d 34 46 35 32 45 41 45 -4F52EAE
0020: 31 37 32 41 31 7d 20 7b 172A1} {
0028: 36 43 32 39 38 38 38 34 6C298884
0030: 2d 39 31 46 44 2d 34 30 -91FD-40
0038: 38 43 2d 39 44 39 30 2d 8C-9D90-
0040: 35 41 35 39 44 32 43 32 5A59D2C2
0048: 39 46 44 31 7d 20 31 36 9FD1} 16
0050: 30 33 03

Event Type: Error
Event Source: NativeWrapper
Event Category: None
Event ID: 5000
Date: 1/16/2013
Time: 8:30:40 PM
User: N/A
Computer: D16M9M71
Description:
The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1716.5060, kb2742597, 1033, 643, f, install, x86, 5.1.2600.2.3.0.256, 0.
Data:
0000: 76 00 69 00 73 00 75 00 v.i.s.u.
0008: 61 00 6c 00 73 00 74 00 a.l.s.t.
0010: 75 00 64 00 69 00 6f 00 u.d.i.o.
0018: 37 00 78 00 38 00 30 00 7.x.8.0.
0020: 75 00 70 00 64 00 61 00 u.p.d.a.
0028: 74 00 65 00 2c 00 20 00 t.e.,. .
0030: 6d 00 73 00 69 00 65 00 m.s.i.e.
0038: 78 00 65 00 63 00 2e 00 x.e.c...
0040: 65 00 78 00 65 00 2c 00 e.x.e.,.
0048: 20 00 31 00 2e 00 30 00 .1...0.
0050: 2e 00 31 00 37 00 31 00 ..1.7.1.
0058: 36 00 2e 00 35 00 30 00 6...5.0.
0060: 36 00 30 00 2c 00 20 00 6.0.,. .
0068: 6b 00 62 00 32 00 37 00 k.b.2.7.
0070: 34 00 32 00 35 00 39 00 4.2.5.9.
0078: 37 00 2c 00 20 00 31 00 7.,. .1.
0080: 30 00 33 00 33 00 2c 00 0.3.3.,.
0088: 20 00 36 00 34 00 33 00 .6.4.3.
0090: 2c 00 20 00 66 00 2c 00 ,. .f.,.
0098: 20 00 69 00 6e 00 73 00 .i.n.s.
00a0: 74 00 61 00 6c 00 6c 00 t.a.l.l.
00a8: 2c 00 20 00 78 00 38 00 ,. .x.8.
00b0: 36 00 2c 00 20 00 35 00 6.,. .5.
00b8: 2e 00 31 00 2e 00 32 00 ..1...2.
00c0: 36 00 30 00 30 00 2e 00 6.0.0...
00c8: 32 00 2e 00 33 00 2e 00 2...3...
00d0: 30 00 2e 00 32 00 35 00 0...2.5.
00d8: 36 00 20 00 30 00 0d 00 6. .0...
00e0: 0a 00 ..

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 1/14/2013
Time: 3:00:54 AM
User: N/A
Computer: D16M9M71
Description:
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 38 30 39 31 34 46 ={80914F
0028: 34 38 2d 46 45 38 30 2d 48-FE80-
0030: 34 37 39 43 2d 38 36 44 479C-86D
0038: 42 2d 44 42 41 38 39 33 B-DBA893
0040: 45 46 39 33 39 37 7d 20 EF9397} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 32 Number=2
0058: 30 31 20 00 01 .

Event Type: Warning
Event Source: W32Time
Event Category: None
Event ID: 36
Date: 1/14/2013
Time: 11:43:26 PM
User: N/A
Computer: D16M9M71
Description:
The time service has not been able to synchronize the system time for 49152 seconds because none of the time providers has been able to provide a usable time stamp. The system clock is unsynchronized.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 1/15/2013
Time: 3:00:49 AM
User: N/A
Computer: D16M9M71
Description:
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 38 30 39 31 34 46 ={80914F
0028: 34 38 2d 46 45 38 30 2d 48-FE80-
0030: 34 37 39 43 2d 38 36 44 479C-86D
0038: 42 2d 44 42 41 38 39 33 B-DBA893
0040: 45 46 39 33 39 37 7d 20 EF9397} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 32 Number=2
0058: 30 31 20 00 01 .

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/15/2013
Time: 3:18:39 AM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7026
Date: 1/16/2013
Time: 8:28:49 PM
User: N/A
Computer: D16M9M71
Description:
The following boot-start or system-start driver(s) failed to load: 
SYMTDI
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: Windows Update Agent
Event Category: Installation 
Event ID: 20
Date: 1/16/2013
Time: 8:30:45 PM
User: N/A
Computer: D16M9M71
Description:
Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2742597).
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 57 69 6e 33 32 48 52 65 Win32HRe
0008: 73 75 6c 74 3d 30 78 38 sult=0x8
0010: 30 30 37 30 36 34 33 20 0070643 
0018: 55 70 64 61 74 65 49 44 UpdateID
0020: 3d 7b 38 30 39 31 34 46 ={80914F
0028: 34 38 2d 46 45 38 30 2d 48-FE80-
0030: 34 37 39 43 2d 38 36 44 479C-86D
0038: 42 2d 44 42 41 38 39 33 B-DBA893
0040: 45 46 39 33 39 37 7d 20 EF9397} 
0048: 52 65 76 69 73 69 6f 6e Revision
0050: 4e 75 6d 62 65 72 3d 32 Number=2
0058: 30 31 20 00 01 .


----------



## Cookiegal (Aug 27, 2003)

Please navigate to the following file and open it in Notepad and copy/paste the contents. 

C:\WINDOWS\TEMP\NDP1.1sp1-KB2742597-X86\NDP1.1sp1-KB2742597-X86-msi.0.log.


----------



## Cookiegal (Aug 27, 2003)

Sorry. I should have known it would be very long and asked you to zip it instead.

Try downloading this .NET Framework manually from the following link:

http://www.microsoft.com/en-us/download/details.aspx?id=36281


----------



## olabola (May 20, 2012)

Cookiegal said:


> Sorry. I should have known it would be very long and asked you to zip it instead.
> 
> Try downloading this .NET Framework manually from the following link:
> 
> http://www.microsoft.com/en-us/download/details.aspx?id=36281


Im almost done, should I still do it?


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Im almost done, should I still do it?


Yes please.


----------



## olabola (May 20, 2012)

should i stop copy pasting the log?

I tried to download the .net from the link, but I got a dialog box and dont know what do do so I am showing a screen shot, and await your instructions


----------



## Cookiegal (Aug 27, 2003)

Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.


----------



## olabola (May 20, 2012)

next screen shot


----------



## olabola (May 20, 2012)

next one


----------



## olabola (May 20, 2012)

last one


----------



## Cookiegal (Aug 27, 2003)

It looks like your installation of .NET Framework 1.1 is corrupt. Please post the uninstall list.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Open HijackThis and click on the *Open Misc Tools section* button. Click on the *Open Uninstall Manager* button. Click the *Save List* button. Save the list then copy and paste it here.


Strange, I cant find HJT on my Comp??? weird right?


----------



## olabola (May 20, 2012)

olabola said:


> Strange, I cant find HJT on my Comp??? weird right?


Ignore me, Im just blind


----------



## olabola (May 20, 2012)

µTorrent
Adobe AIR
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Digital Editions 2.0
Adobe Flash Player 10 Plugin
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.5)
Amazon MP3 Downloader 1.0.17
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
AXIS Media Control Embedded
Bonjour
Bonjour
Broadcom Advanced Control Suite 2
CardRd81
CCScore
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Creative MediaSource
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Support 5.0.0 (630)
Digital Line Detect
Download Navigator
Download Updater (AOL LLC)
Epson Connect
Epson Customer Participation
Epson Event Manager
EPSON NX430 Series Printer Uninstall
EPSON Scan
ERUNT 1.1j
ESET Online Scanner v3
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
G21942EN
GearDrvs
GearDrvs
GenoPro 2.5.4.1
Google Books Downloader version 2.2
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB959765)
Intel Matrix Storage Manager
Internet Explorer Default Page
iTunes
Java(TM) 6 Update 32
Junk Mail filter update
kgcbase
Kodak EasyShare software
Learn2 Player (Uninstall Only)
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office 2000 SR-1 Professional
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works 6-9 Converter
MobileMe Control Panel
Modem Helper
Mozilla Firefox 18.0 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
netbrdg
NetWaiting
NVIDIA Drivers
OfotoXMI
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Otto
Photo Story 3 for Windows
PowerDVD 5.9
PrintMaster Gold 4.00
Qualxserve Service Agreement
QuickBooks Simple Start Special Edition
QuickTime
RealArcade
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
RealUpgrade 1.1
Revo Uninstaller 1.94
Road Runner Medic 5.4
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Segoe UI
SFR
SHASTA
skin0001
SKINXSDK
Sonic Audio module
Sonic Copy Module
Sonic DLA
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Data
Sonic Update Manager
Sound Blaster Audigy 2 ZS
staticcr
SUPERAntiSpyware
tooltips
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wnyiper
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnyiper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wnyiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnyiper
TurboTax 2011 wrapper
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005
TWC Customer Controls
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB971029)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual Studio C++ 10.0 Runtime
VLC media player 1.1.8
VPRINTOL
WebEx Support Manager for Internet Explorer
WexTech AnswerWorks
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Service Pack 3
WinRAR 4.00 (32-bit)
WIRELESS


----------



## Cookiegal (Aug 27, 2003)

See if you can install .NET Framework 1.1 over the top of the existing one:

http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=26

Then try installing the update again from this link (the same one as before):

http://www.microsoft.com/en-us/download/details.aspx?id=36281


----------



## olabola (May 20, 2012)

Cookiegal said:


> See if you can install .NET Framework 1.1 over the top of the existing one:
> 
> http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=26
> 
> ...


wow, both were successfully installed :up:


----------



## Cookiegal (Aug 27, 2003)

Yippee! 

That should eliminate many of the errors that were appearing in the Event Viewer.

Please post back tomorrow with any new errors that have occurred only since those installations were successful please.

I would also like to run some programs we've used before to see how things are.

Please remove ComboFix and grab the latest version then disable all security programs temporarily, run a new scan and post the log.

Please visit *Combofix Guide & Instructions * for instructions for installing the Recovery Console and downloading and running ComboFix.

The only thing different from the instructions there is that when downloading and saving the ComboFix.exe I would like you to rename it to puppy.exe please.


----------



## olabola (May 20, 2012)

ComboFix 13-01-17.04 - Alexandra Jachimczyk 01/17/2013 22:51:48.3.2 - x86
Running from: c:\documents and settings\Alexandra Jachimczyk\Desktop\Security\PUPPY.exe
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\regtlib.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-12-18 to 2013-01-18 )))))))))))))))))))))))))))))))
.
.
2013-01-18 03:28 . 2013-01-18 03:28 29904 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{397CE7AB-ACCD-469F-808B-891C4A713FDA}\MpKsl0cd77046.sys
2013-01-18 01:38 . 2013-01-08 04:57 6991832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{397CE7AB-ACCD-469F-808B-891C4A713FDA}\mpengine.dll
2013-01-17 01:39 . 2013-01-08 04:57 6991832 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-11 17:41 . 2013-01-13 16:16 -------- d-----w- c:\program files\Mozilla Thunderbird
2013-01-09 08:32 . 2013-01-09 08:32 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Local Settings\Application Data\PCHealth
2013-01-09 01:11 . 2013-01-09 01:11 -------- d-----w- c:\program files\ESET
2013-01-01 20:38 . 2013-01-01 20:38 -------- d-----w- c:\program files\iPod
2013-01-01 20:38 . 2013-01-01 20:38 -------- d-----w- c:\program files\iTunes
2013-01-01 20:38 . 2013-01-01 20:38 -------- d-----w- c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-01-01 20:23 . 2013-01-01 20:23 -------- d-----w- c:\documents and settings\Alexandra Jachimczyk\Application Data\Amazon
2013-01-01 18:55 . 2013-01-01 18:55 -------- d-----w- c:\program files\Amazon
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-12 15:06 . 2012-04-04 01:01 697864 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-12 15:06 . 2011-05-17 22:15 74248 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23 . 2004-08-10 10:00 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 21:49 . 2012-05-24 12:18 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-13 01:25 . 2004-08-10 10:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-06 02:01 . 2008-06-02 23:30 1371648 ------w- c:\windows\system32\msxml6.dll
2012-11-02 02:02 . 2004-08-10 10:00 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-11-01 12:17 . 2004-08-10 10:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-11-01 12:17 . 2004-08-10 10:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-11-01 12:17 . 2004-08-10 10:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-11-01 00:35 . 2004-08-10 10:00 385024 ------w- c:\windows\system32\html.iec
2006-01-09 01:09 . 2006-01-09 01:09 774144 -c--a-w- c:\program files\RngInterstitial.dll
2005-10-19 05:17 . 2005-10-19 05:17 353298 -c--a-w- c:\program files\LimeWireWin.exe
2005-10-17 02:31 . 2005-10-17 02:31 4077184 -c--a-w- c:\program files\winzip90.exe
2013-01-10 13:14 . 2013-01-10 13:13 262704 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-12 39408]
"EPLTarget\P0000000000000000"="c:\windows\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE" [2012-02-29 249440]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2009-01-30 204288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTSysVol"="c:\program files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 57344]
"CTHelper"="CTHELPER.EXE" [2007-04-09 19456]
"tgcmd"="c:\program files\Support.com\bin\tgcmd.exe" [2005-10-18 1921024]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"dla"="c:\windows\system32\dla\tfswctrl.exe" [2005-03-16 127037]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2010-03-17 47392]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"ArcSoft Connection Service"="c:\program files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-28 207424]
"Dell Photo AIO Printer 942"="c:\program files\Dell Photo AIO Printer 942\dlbubmgr.exe" [2005-02-03 294912]
"DellMCM"="c:\program files\Dell Photo AIO Printer 942\memcard.exe" [2004-07-27 262144]
"EEventManager"="c:\program files\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk]
backup=c:\windows\pss\Windows Search.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-12-03 07:35 946352 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTDVDDET]
2003-06-18 06:00 45056 -c--a-w- c:\program files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell Photo AIO Printer 942]
2005-02-03 13:08 294912 ----a-w- c:\program files\Dell Photo AIO Printer 942\dlbubmgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellMCM]
2004-07-27 19:08 262144 ----a-w- c:\program files\Dell Photo AIO Printer 942\memcard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2006-04-06 14:51 49152 -c----w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2005-06-17 12:56 139264 -c--a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2004-07-27 21:50 221184 -c--a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2004-07-27 21:50 81920 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2012-12-12 18:57 152544 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
2012-12-14 21:49 512360 ----a-w- c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2004-11-11 22:10 4583424 -c--a-w- c:\windows\SYSTEM32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-11-29 22:38 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 19:02 254696 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-11-08 21:06 4763008 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2009-02-12 01:02 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-05-20 18:51 296056 ----a-w- c:\program files\Real\realplayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
2000-05-11 06:00 90112 -c----w- c:\windows\Updreg.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-01-30 22:46 204288 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Epson Software\\Event Manager\\EEventManager.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R3 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys [x]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [x]
S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MPKSL0CD77046
.
Contents of the 'Scheduled Tasks' folder
.
2013-01-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 15:06]
.
2013-01-14 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 16:34]
.
2013-01-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 12:15]
.
2013-01-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-01 12:15]
.
2013-01-17 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 22:25]
.
2013-01-17 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 17:40]
.
2013-01-13 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2011-09-27 17:40]
.
2013-01-18 c:\windows\Tasks\User_Feed_Synchronization-{99BE4562-DD15-4050-9103-AA7BC77B85E8}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.aol.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
Trusted Zone: aol.com%20and%20https
Trusted Zone: intuit.com\ttlc
Trusted Zone: mhvfcuebanking.com\www
Trusted Zone: microsoft.com\www
Trusted Zone: turbotax.com
TCP: DhcpNameServer = 209.18.47.61 209.18.47.62
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - hxxp://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://24.97.152.19/activex/AMC.cab
FF - ProfilePath - c:\documents and settings\Alexandra Jachimczyk\Application Data\Mozilla\Firefox\Profiles\3i92dirc.default\
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_ActiveSetup-{8A69D345-D564-463c-AFF1-A69D9E530F96} - 24.0.1312.52\Installer\setup.exe --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-01-17 22:59
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ... 
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Completion time: 2013-01-17 23:02:46
ComboFix-quarantined-files.txt 2013-01-18 04:02
ComboFix2.txt 2012-12-11 02:41
.
Pre-Run: 63,188,910,080 bytes free
Post-Run: 63,402,938,368 bytes free
.
- - End Of File - - E456C4CC1799EBF080312FD71FFAB812


----------



## Cookiegal (Aug 27, 2003)

Please go to the Device Manager (*Start *- *Run *- type in *devmgmt.msc* and his *Enter*) and double-click on the unknown device listed under "USB Root Hub (8 ports)" then click on the Driver Tab and then on Driver Details and let me know what is says there please.


----------



## olabola (May 20, 2012)

Well, it doesnt say much...


----------



## Cookiegal (Aug 27, 2003)

Let's try clicking on the uninstall button please.

Then reboot the computer and check back and see if it reappears.


----------



## Cookiegal (Aug 27, 2003)

Also, please do the following:

Please download *SystemLook* from one of the links below and save it to your Desktop.
*Download Mirror #1
Download Mirror #2*
Double-click *SystemLook.exe* to run it.
Copy the content of the following code box into the main text field:

```
:filefind
*mcvidrv*
*mcaudrv*
```

Click the *Look* button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
*Note:* The log can also be found on your Desktop entitled *SystemLook.txt*


----------



## olabola (May 20, 2012)

Cookiegal said:


> Let's try clicking on the uninstall button please.
> 
> Then reboot the computer and check back and see if it reappears.


Well, something strange happened. I uninstalled the driver and rebooted (all while the camera was connected). When the computer started back up it got stuck again on the bios screen. I manually shut down and tried using f8 to restart back to last known good configuration. I tried 3 times but nothing helped. But, when I disconnected the camera and restarted manually, f8 suddenly worked so I chose start normally. And it seems to have loaded. ???


----------



## Cookiegal (Aug 27, 2003)

Is the camera working now too?


----------



## olabola (May 20, 2012)

Cookiegal said:


> Is the camera working now too?


When I plugged it back in, it initially said that it was unrecognized, but installed and ready to use. Then the old message about not recognizing the device and that it was not functioning properly. So...no, it is not working.

Also, I forgot to do the systemlook thing, so I will do that now.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Also, please do the following:
> 
> Please download *SystemLook* from one of the links below and save it to your Desktop.
> *Download Mirror #1*
> ...


SystemLook 30.07.11 by jpshortstuff
Log created at 20:39 on 19/01/2013 by Alexandra Jachimczyk
Administrator - Elevation successful
========== filefind ==========
Searching for "*mcvidrv*"
C:\WINDOWS\SYSTEM32\DRIVERS\mcvidrv.sys --a--c- 32000 bytes [06:11 11/01/2012] [06:11 11/01/2012] 8E17D513D8011B0EE03C355EAAB0E0CC
Searching for "*mcaudrv*"
C:\WINDOWS\SYSTEM32\DRIVERS\mcaudrv.sys --a--c- 22400 bytes [10:34 22/02/2012] [10:34 22/02/2012] 562D95E00E14A944DEBE655DECBD3F5B
-= EOF =-


----------



## olabola (May 20, 2012)

I received my backup harddrive. Should I wait until my computer is "safe" to copy the files? I am afraid of infecting the hard drive?


----------



## Cookiegal (Aug 27, 2003)

It should be fine if you just copy over photos and documents but no executables (programs).

If you go into the Device Manager again, does it still show an unknown device under USB Root Hub as it did before?


----------



## olabola (May 20, 2012)

Cookiegal said:


> It should be fine if you just copy over photos and documents but no executables (programs).
> 
> If you go into the Device Manager again, does it still show an unknown device under USB Root Hub as it did before?


Can I copy music also?

and yes, the device manager shows the webcam as an unknown device.


----------



## olabola (May 20, 2012)

Another interesting symptom presented itself today. I was trying to trasnfer a picture from my camera to the computer using a card reader that I have used hundereds of time and was unsuccessful. I received the same unknow device message that I got with the web cam. You would thing its the ports, right? But I use the same ports for my head set that enables me to talk to my classmates during my internet classes, and that still works.


----------



## olabola (May 20, 2012)

I may have jumped the gun in purchasing my hard drive. I bought it on ebay, brand new, but I dont think the one I purchased allows you to pick and choose what you can save to it. Its an Automatic Backup, that starts to back up the entire computer as soon as its connected. I will post a link, its from a store, becuase I couldnt find one directly from the manufacturer because it looks like its an older model.

http://www.qvc.com/qvc.product.E205963.html?item=E205963&ref=BV1&tpl=detail


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Can I copy music also?
> 
> and yes, the device manager shows the webcam as an unknown device.


Yes, you can copy music too.


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Another interesting symptom presented itself today. I was trying to trasnfer a picture from my camera to the computer using a card reader that I have used hundereds of time and was unsuccessful. I received the same unknow device message that I got with the web cam. You would thing its the ports, right? But I use the same ports for my head set that enables me to talk to my classmates during my internet classes, and that still works.


Didn't you say that you were having problem with a card reader before?


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> I may have jumped the gun in purchasing my hard drive. I bought it on ebay, brand new, but I dont think the one I purchased allows you to pick and choose what you can save to it. Its an Automatic Backup, that starts to back up the entire computer as soon as its connected. I will post a link, its from a store, becuase I couldnt find one directly from the manufacturer because it looks like its an older model.
> 
> http://www.qvc.com/qvc.product.E205963.html?item=E205963&ref=BV1&tpl=detail


Yeah, it looks like you can't just copy files to it and it will perform the back up automatically.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Didn't you say that you were having problem with a card reader before?


It was a thumb drive before. this time it is a special reader that lets me put my cameras memory card in it and directly attach it via USB.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Yeah, it looks like you can't just copy files to it and it will perform the back up automatically.


Should I get a different one?


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Should I get a different one?


Is it possible to return it?


----------



## olabola (May 20, 2012)

Cookiegal said:


> Is it possible to return it?


I can not return it to the original seller, but I am sure I could sell it on ebay to someone else. I want to be sure that I dont mess up my computer even more.


----------



## throoper (Jan 20, 2007)

olabola said:


> I can not return it to the original seller, but I am sure I could sell it on ebay to someone else. I want to be sure that I dont mess up my computer even more.


When the backup screen appears after turning it on, click Options in the lower left, then on the "manage settings and pc's" tab click "Change backup settings".
You can select what file types it backs up or deselect all and just use it as an extra drive. 
Since the idea of getting the drive was to back up your stuff, I'd select what you want it to do and let it do it.

Once you get things straightened out on your computer, you can just leave the drive connected and turn off the Autoplay so it doesn't try doing backups every time you startup if you wish (although, backups are a good thing ).


----------



## olabola (May 20, 2012)

throoper said:


> When the backup screen appears after turning it on, click Options in the lower left, then on the "manage settings and pc's" tab click "Change backup settings".
> You can select what file types it backs up or deselect all and just use it as an extra drive.
> Since the idea of getting the drive was to back up your stuff, I'd select what you want it to do and let it do it.
> 
> Once you get things straightened out on your computer, you can just leave the drive connected and turn off the Autoplay so it doesn't try doing backups every time you startup if you wish (although, backups are a good thing ).


Are you familiar with this particular brand? It supposedly starts backing up as soon as it is plugged into the computer. That is why I havent tried it yet..especially if there is still something nasty on the computer, I dont want to bring it over to the drive. Also, if I wind up getting a different back up drive, then it will be much easier to sell this one if it remains unused.


----------



## olabola (May 20, 2012)

Cookie and Throoper,
Is there anything I should or should not be doing in between the times I "speak" to you? I want to be sure I am not making things worse. I use my computer frequently (pretty much every day) so if there were some guidlines to use, that would be great.


----------



## olabola (May 20, 2012)

I wanted to put some school work onto a thumb drive (the one that never gave me any trouble) and received the unknown device message, and when I checked the properties under device manager, it said that there was no driver installed. I tried my other thumb drive and it said the exact same thing. There is definetly something wrong with the 2 USB ports in the front of the computer.


----------



## Cookiegal (Aug 27, 2003)

You can use it like your normally would but try not to install any new software or hardware until we're finished troubleshooting.

Have you tried any of the USB ports in the back?


----------



## Triple6 (Dec 26, 2002)

Are you only having trouble when you plug devices into the front USB ports or the back ones too? 

Are the front USB ports part of a card reader or part of the case and independent of any card reader?


----------



## throoper (Jan 20, 2007)

olabola said:


> Are you familiar with this particular brand? It supposedly starts backing up as soon as it is plugged into the computer. That is why I havent tried it yet..especially if there is still something nasty on the computer, I dont want to bring it over to the drive. Also, if I wind up getting a different back up drive, then it will be much easier to sell this one if it remains unused.


Semi-familiar.  
I had a friend that got one and didn't want it to do backups at all, just use it as an extra drive. Personally, I kind of liked the backup features, but it wasn't my computer.

All I did was plug it in and cancel the startup screen for the backup.
Opened My Computer, right clicked the backup drive and clicked Explore to open it in Windows Explorer.
Set Folder Options to show System files and folders and renamed the Autorun.INF to Autorun.OLD on the drive.
That stopped it from running the backup programs installed on the drive when it gets turned on.
If you disable the Autorun but later decide you want it to do the backups, then you just rename the Autorun.OLD back to Autorun.INF and it's ready to go again.

For you, since the whole idea is to actually do backups, just let it do it's thing. The backup software doesn't backup any system or executable files by default (you CAN have it do those through the Options if you want, but the basic program only does your personal file types like images, music, docs, etc.). You can change what it backs up in the programs Options.
All your stuff gets written to a single backup file that can be deleted if you decide you don't want it (for instance if you decide you do want to sell it at a later time).


----------



## olabola (May 20, 2012)

Cookiegal said:


> You can use it like your normally would but try not to install any new software or hardware until we're finished troubleshooting.
> 
> Have you tried any of the USB ports in the back?


I havnet tried the ports in the back, specfically, but my keyboard and mouse are connected via wireless USB connection on the back of the tower and they are still working correctly. My printer is also connected via one of the USB ports in the back and it is also working correctly. The only reason I havn't tried the back ports is because the web cam was originally using one of the back ports when it stopped working so I figured that once it was fixed, I would reconnect in the back. Plus, I have to move my desk to get to the back of the tower (which obviously I would do if necessary).


----------



## olabola (May 20, 2012)

Triple6 said:


> Are you only having trouble when you plug devices into the front USB ports or the back ones too?
> 
> Are the front USB ports part of a card reader or part of the case and independent of any card reader?


I havn't tried the thumb drives in the back of the tower, or the memory card reader, or my ipod connection. But, the Webcam used to be connected in theback of the tower. (see post to cookiegal)

The ports on the front of the computer are part of the tower, integrated into the compter and not part of any additional reader. There are only two and were the only USB ports I used on a regular basis for my Ipod, Webcam, Headphones...ect.


----------



## Triple6 (Dec 26, 2002)

The purpose of trying the back ports is to determine if he devices still work or if its just the front USB ports that have failed. If the front USB ports have failed then you'd have to stop using them or have the case replaced or the front ports connected to a different USB controller on the motherboard depending on where the fault lies.


----------



## olabola (May 20, 2012)

Triple6 said:


> The purpose of trying the back ports is to determine if he devices still work or if its just the front USB ports that have failed. If the front USB ports have failed then you'd have to stop using them or have the case replaced or the front ports connected to a different USB controller on the motherboard depending on where the fault lies.


I understand...Since there are several in the back how do I know which one corresponds to the identified port on the device manager? Also, doesnt the fact that my keyboard and mouse, and my printer, both of which are connected via USB, are still workin, infer that my USB ports in the back are functioning?

Is there any other way to "test" the ports in the front?


----------



## Triple6 (Dec 26, 2002)

Triple6 said:


> The purpose of trying the back ports is to determine if he devices still work


----------



## Triple6 (Dec 26, 2002)

olabola said:


> Is there any other way to "test" the ports in the front?


Plug a device in that works on the back ports and see if it works on the front ports, if it doesn't then there's something wrong with them and you'll need to either have them fixed/replaced or stop using them.


----------



## throoper (Jan 20, 2007)

olabola said:


> Plus, I have to move my desk to get to the back of the tower (which obviously I would do if necessary).


Just a suggestion. Go to Wal-Mart or Staples and get a cheap 4 or 6 port USB hub with a cable long enough to reach around the computer. 
Get to the back and plug it in (you probably need to clean the "dust bunnies" back there anyway ) so you have access with the hub in the front. Then you can try both back and front ports without having to move anything again (plus it will give you a couple extra USB ports to use).


----------



## Triple6 (Dec 26, 2002)

throoper said:


> Just a suggestion. Go to Wal-Mart or Staples and get a cheap 4 or 6 port USB hub with a cable long enough to reach around the computer.
> Get to the back and plug it in (you probably need to clean the "dust bunnies" back there anyway ) so you have access with the hub in the front. Then you can try both back and front ports without having to move anything again (plus it will give you a couple extra USB ports to use).


Exactly what I'd recommend if everything works when connected to the back USB ports and if the front USB ports don't work with anything.


----------



## olabola (May 20, 2012)

Triple6 said:


> Exactly what I'd recommend if everything works when connected to the back USB ports and if the front USB ports don't work with anything.


Its been a busy day and I didnt get a chance to test the back ports, but in the mean time I did use the front port successfully all night tonight for my online class. I used my headset for nearly two hours, with no problems and was able to hear and talk to my classmates...all through a USB connection in the front port? So what does that mean? To test things out, I plugged my Ipod into the front USB connection and it was an "unknown device" and there was supposedly no driver installed.


----------



## olabola (May 20, 2012)

I actually have one of those hubs (2 as a matter of fact)...and tried to connect the web cam and my ipod. Well, I web cam didnt work, and my ipod is not totally frozen and I am PRAYING that the apple gods will gix it over night. When both were plugged in, I got a message about high speed ports...see below.


----------



## Triple6 (Dec 26, 2002)

Sometimes front USB ports can't provide enough power for some devices, you can try finding a 

With USB hubs, you should ,make sure they are powered USB hubs that have their own power source that plugs into a power outlet, unpowered hubs cause more problems. Additionally not all devices work properly through hubs, webcams often do not. I'd use the back ports or a hub for as much as possible, and if you have some devices that work on the front ports you can use those but honestly I wouldn't risk it.


----------



## olabola (May 20, 2012)

Triple6 said:


> Sometimes front USB ports can't provide enough power for some devices, you can try finding a
> 
> With USB hubs, you should ,make sure they are powered USB hubs that have their own power source that plugs into a power outlet, unpowered hubs cause more problems. Additionally not all devices work properly through hubs, webcams often do not. I'd use the back ports or a hub for as much as possible, and if you have some devices that work on the front ports you can use those but honestly I wouldn't risk it.


Thanks, but this still doesnt solve the problem of why it suddenly stopped working?


----------



## olabola (May 20, 2012)

I'm a little lost on what I should be doin next, especially since the backup drive needs a USB plug to back up my computer?


----------



## throoper (Jan 20, 2007)

You need to find a working port to plug it in to. 
It sounds like that will probably be one of the back ports, but if it WILL work in one of the fronts, great.
If you do need to use a back port, put in a hub so you won't need to keep dragging the computer out to use the port.
The important thing, IMO, is to get your stuff backed up in case your computer is on it's way out.


----------



## Triple6 (Dec 26, 2002)

Stuff breaks, if the ports have broken or the USB controller that those ports are connected to has failed then they will need to be replaced. If you are not comfortable switching the internal ports that the front USB ports are connected too then you will have to take it into a local repair shop to have them properly checked that issue resolved.


----------



## olabola (May 20, 2012)

throoper said:


> You need to find a working port to plug it in to.
> It sounds like that will probably be one of the back ports, but if it WILL work in one of the fronts, great.
> If you do need to use a back port, put in a hub so you won't need to keep dragging the computer out to use the port.
> The important thing, IMO, is to get your stuff backed up in case your computer is on it's way out.


When you say hub, you mean something that also has a power source, like mentioned earlier? Any suggestions?


----------



## throoper (Jan 20, 2007)

olabola said:


> When you say hub, you mean something that also has a power source, like mentioned earlier? Any suggestions?


None of mine have separate power supplies (they draw their power from the port itself) and I've never had any problems with them. The last one I got is a 4 port Targus I picked up for about $10 on sale.


----------



## olabola (May 20, 2012)

throoper said:


> None of mine have separate power supplies (they draw their power from the port itself) and I've never had any problems with them. The last one I got is a 4 port Targus I picked up for about $10 on sale.


I have two things that I think are hubs, one is a little "person" with his arms and legs being extra USB ends, and another simply being a USB that plugs in and gives you 4 extra ports. Is that what you are talking about?

I guess I am still baffled at how my headset is still working from the front ports and nothing else?


----------



## throoper (Jan 20, 2007)

olabola said:


> I have two things that I think are hubs, one is a little "person" with his arms and legs being extra USB ends, and another simply being a USB that plugs in and gives you 4 extra ports. Is that what you are talking about?
> 
> I guess I am still baffled at how my headset is still working from the front ports and nothing else?


Yep, that's them. To use the 4 port, you may have to pick up an extension cable to get it around to the front of the computer.
You can plug it in directly to try it before you bother, though.

The headset working but nothing else could be a power issue or faulty internal connections (circuits to the sound card are ok, but to the drive is bad).


----------



## olabola (May 20, 2012)

throoper said:


> Yep, that's them. To use the 4 port, you may have to pick up an extension cable to get it around to the front of the computer.
> You can plug it in directly to try it before you bother, though.
> 
> The headset working but nothing else could be a power issue or faulty internal connections (circuits to the sound card are ok, but to the drive is bad).


I thought that was a hub, and it did not work with the webcam. However, I am not sure if I have found all the USB ports. When I open the device manager it seems to list more than I can find?


----------



## throoper (Jan 20, 2007)

Sorry to ask, but did you try the hub on the back ports and do other things work in it?
On your machine, there should be 2 front ports and 6 back ports.


----------



## olabola (May 20, 2012)

throoper said:


> Sorry to ask, but did you try the hub on the back ports and do other things work in it?
> On your machine, there should be 2 front ports and 6 back ports.


Don't be sorry. Yes, I have tried, but not sure which ones or how many because my tower is inside the desk. I am cleaning the house today so I will pull the tower out and test each port in the back. When I tested the web cam in at least two ports, using the hub, it did not work. The web cam was originally installed in one of the back ports and was functioning properly and with no problems for months. It just stopped functioning one day...poof!


----------



## throoper (Jan 20, 2007)

It could simply be your webcam that's got the problem or that it won't work with a hub that isn't self-powered.
You should find 6 USB ports on the back. 
Experiment a bit to see what ports work and what devices will work with a hub and which only work when plugged in directly to a port.


----------



## olabola (May 20, 2012)

What is the simplest way to test the ports?

I performed a bunch of tests and I am trying to figure out the commonalities between the different results:

The web cam alone did not work in any of the available (6) ports- I received the same messages, that the device is not recognized.

The web cam connected using my Hi-Speed 2.0 4-port mini hubman resulted in the same exact results, the device is not recognized.

The webcam connected using a cheap dollar store hub resulted in a different message on all available ports- The message would start out with a pop up that new hardware was found, that it was installing, then it was ready to use. That popup would close and a new one would open saying that the device would perform faster if connected to a high speed USB 2.0 port. When I tested the webcam there was no picture.

Note: both hubs indicate if they are functional by lighting up when connected so that is not the issue. Also, the webcam has lighting on it for the subject being taped and that light was also functioning so I would imagine that the camera is also functioning.

I performed two more tests with interesting results. I tested two thumb drives:
16 GB (owned for less that one year) did not work in any port, not recognized
64 MB (owned for years) worked perfectly with no problems in every port

The biggest commonality or different thing I have been doing over the past year is my internet classes. I purchased the webcam, headset, and 16GB thumbdrive all for the graduate shcool program that I am working on, so maybe there is something in the programs I use for school that are messing with my computer? Additionally, I have used the 16 GB thumb drive at work several times to transfer documents and asked our IT people if at all possible that I picked up something in the server. I was told that there is no way at all that there could have been a bug in the system.


----------



## throoper (Jan 20, 2007)

The simplest way to test the ports is exactly what you did. Try a device you know works in each port.
If the 64MB flash works, I doubt it's the ports.
I'm not a hardware guy, but I would suspect the problem is with the devices that aren't working. 
Have you tried your backup drive to see if it gets recognized and works?

Edit: To clarify, I mean either the physical device or the software for that device.


----------



## olabola (May 20, 2012)

throoper said:


> The simplest way to test the ports is exactly what you did. Try a device you know works in each port.
> If the 64MB flash works, I doubt it's the ports.
> I'm not a hardware guy, but I would suspect the problem is with the devices that aren't working.
> Have you tried your backup drive to see if it gets recognized and works?
> ...


No, I havn't tried the backup drive because I am afraid of transferring a bug if that is whats messing up the USB ports.


----------



## throoper (Jan 20, 2007)

After what Cookiegal has had you do, I doubt you have an active "bug". More likely would be residual damage.
It's extremely unlikely that there's any thing remaining that would transfer to your backup drive by backing up your personal data.


----------



## olabola (May 20, 2012)

That makes sense. Well I will have to do it tomorrow because when I went to plug it in I realized that I ran out of outlets! I will have to swap out power strips with a larger one. Its always something, right?


----------



## olabola (May 20, 2012)

Hello Thread!
Its been a while since I posted because its been busy on my end and I am sure that everyone else is busy too. I cant tell you how appreciative I am for helping me with my computer. So far no major glitches except for the USB ports. I havnt tried the back up yet, but I did take my webcam to work the other day to check if there is anything wrong with it. Guess what? It installed perfectly fine, and worked immediatly! So, we know its not the webcam. The Thumbdrives also function with no problems in my work PC. How strange??? So this leaves me with trying the back up to see if it connects and is able to do what its meant to do (back up the computer's hard drive).


----------



## olabola (May 20, 2012)

So, I guess I have my answer  the backup harddrive was not recognized in any of the USB ports in the front or the back. Ugh!!!! Now what? I recall someone mentioning opening up the computer to swap something out? I certainly can not do this, but I may know someone who could. If so, how much would be a reasonable cost? Or is there a fix to this internally, with some kind of program or software? It seems odd that all of them stopped working but the headset works?


----------



## Triple6 (Dec 26, 2002)

Have you tried the external drive on another computer? Have you checked Disk Management to see if the hard drive shows up there: http://pcsupport.about.com/od/tipstricks/f/open-disk-management.htm


----------



## olabola (May 20, 2012)

Triple6 said:


> Have you tried the external drive on another computer? Have you checked Disk Management to see if the hard drive shows up there: http://pcsupport.about.com/od/tipstricks/f/open-disk-management.htm


Not yet, but my hope is that there is a simpler answer.


----------



## olabola (May 20, 2012)

Cookiegal,

I hope you are still watching the thread because I have a question about ComboFix. I was talking about my USB problem with one of the IT guys at work and he jogged my memory by mentioning the plug and play feature in my devices and whether autorun was enabled. Then I remembered that you had me disable it for ComboFix. To be sure, I went looking for the post, and finally found it:

_Important notes regarding ComboFix:

ComboFix may reset a number of Internet Explorer's settings, including making it the default browser. This can easily be changed once we're finished.

ComboFix also prevents autorun of ALL CDs, floppies and USB devices (don't worry, the keyboard and mouse will still function) to assist with malware removal & increase security. If this is an issue or makes it difficult for you, please let me know. This can be undone manually when we're finished. Read _*HERE *_for an article written by dvk01 on why we disable autoruns._

Could this be the problem with my USB ports? Especially since my printer, mouse and keyboard are still connected and are functioning with no issues, and the headset is working? I was also told that I may need to reinstall the drivers? I hope this helps you help me?


----------



## Triple6 (Dec 26, 2002)

Combofix disables autorun on devices but you should still be able to access it through My Computer as you normally would. Is the external USB drive accessible through My Computer? Is it visible in Disk Management?


----------



## Cookiegal (Aug 27, 2003)

Yes, I've been following the thread along.

I had thought of ComboFix too but didn't mention it because, as Triple6 stated, it wouldn't prevent the device from appearing in My Computer. It only prevents it from executing or running automatically upon insertion. It has to show there in order to be able to run it manually. You would have to click on the device or CD/DVD to access it and then click again to run or play it. 

Is the device showing in My Computer when you plug it into any USB port (front or back)?


----------



## olabola (May 20, 2012)

No, I dont see it in my computer  and its showing up as an unknow device


----------



## Triple6 (Dec 26, 2002)

In that case Combofix is not to blame. I forget if you said you tried it on another computer or not.


----------



## olabola (May 20, 2012)

I tried another computer with the thumb drives the web cam and my ipod. The external hard drive is brand new. I dont think its the drive...its the computer...but why are the ports that have my printer plugged into it, and my wireless mouse and keyboard still working? And the headset continues to work in any port.


----------



## Triple6 (Dec 26, 2002)

Testing it on another computer is a basic troubleshooting step. Because something is new doesn't mean anything, new devices can be broken. The point of testing the device in another computer is to determine with 100% certainty where the fault lies so we don't spend weeks trying to troubleshoot/fix the wrong thing.


----------



## throoper (Jan 20, 2007)

When you were trying the ports, did you have your printer unplugged and try that port with the 16GB flash drive?


----------



## olabola (May 20, 2012)

Triple6 said:


> Testing it on another computer is a basic troubleshooting step. Because something is new doesn't mean anything, new devices can be broken. The point of testing the device in another computer is to determine with 100% certainty where the fault lies so we don't spend weeks trying to troubleshoot/fix the wrong thing.


Can I use a laptop to test it out?


----------



## olabola (May 20, 2012)

throoper said:


> When you were trying the ports, did you have your printer unplugged and try that port with the 16GB flash drive?


The printer, mouse and keyboard have been plugged into their respective USB ports since day 1 and I have not tried unplugging the power or the port connected to the printer. I havnt done this simply because I'm afraid of loosing the printer.


----------



## Triple6 (Dec 26, 2002)

olabola said:


> Can I use a laptop to test it out?


Of course.


----------



## olabola (May 20, 2012)

Triple6 said:


> Of course.


Well, the backup hard drive works like a charm...very simple to use. I just plugged it in and it did all the work (with regard to backing up my little asus net book, that is).


----------



## throoper (Jan 20, 2007)

olabola said:


> The printer, mouse and keyboard have been plugged into their respective USB ports since day 1 and I have not tried unplugging the power or the port connected to the printer. I havnt done this simply because I'm afraid of loosing the printer.


I take that to mean if the computer is on, the Printer is on also.
Click Start>Run>type *msconfig*>OK.
On the Startup tab, uncheck the following items and click OK.

[EEventManager] "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"

[EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus NX430"

[Dell Photo AIO Printer 942] "C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe"

[DellMCM] "C:\Program Files\Dell Photo AIO Printer 942\memcard.exe"

Shutdown the computer and while it's off, turn off the printer. You don't need to unplug the USB connection (at this time) as long as the printer will not power up when the computer starts.

Boot up and try the USB ports and see if any work while the Printer is offline and the startups I listed above are disabled.


----------



## Triple6 (Dec 26, 2002)

olabola said:


> Well, the backup hard drive works like a charm...very simple to use. I just plugged it in and it did all the work (with regard to backing up my little asus net book, that is).


Do you mean the drive works on the other computer, or did you manage to get it to work on this computer?


----------



## olabola (May 20, 2012)

Triple6 said:


> Do you mean the drive works on the other computer, or did you manage to get it to work on this computer?


I got it to work on the laptop computer.


----------



## throoper (Jan 20, 2007)

I'm dying of suspense to know if it's the printer causing the problem.


----------



## Triple6 (Dec 26, 2002)

Ok, so there is a problem with the USB ports on the computer. This hard drive doesn't have it's own power adapter correct? It's just powered from a USB port? Does it have a single USB connector or does it have dual USB connectors? Some computers do not provide enough power over a single USB port to power some hard drives, or if it's not working properly. If using such a Y-cable as this: http://www.walmart.com/ip/Startech-6-USB-Y-Cable-for-External-Hard-Drive/14659917 You need to make sure you are not plugging in the two cable into the same side by side pair of USB ports as they share the same controller.


----------



## olabola (May 20, 2012)

throoper said:


> I'm dying of suspense to know if it's the printer causing the problem.


As am I, but I no longer have the Dell photo printer, I have an Epson Stylus. Despite going through the process of uninstalling the Dell, and installing the Epson for some reason the Dell still shows up in the quickstart menu (I think thats what its called- little icons on lower right). So, when I went to uncheck the items you noted I realized that you were referring to the Dell, I was wondering if you realized that I dont have that printer anymore? Maybe that is the issue?

Interestingly, there was a time thoughtout this process that the Dell Printer seemed to have disappeared, then "magically" reappeard.


----------



## olabola (May 20, 2012)

Triple6 said:


> Ok, so there is a problem with the USB ports on the computer. This hard drive doesn't have it's own power adapter correct? It's just powered from a USB port? Does it have a single USB connector or does it have dual USB connectors? Some computers do not provide enough power over a single USB port to power some hard drives, or if it's not working properly. If using such a Y-cable as this: http://www.walmart.com/ip/Startech-6-USB-Y-Cable-for-External-Hard-Drive/14659917 You need to make sure you are not plugging in the two cable into the same side by side pair of USB ports as they share the same controller.


No, that is not correct, I am referring to a back up 500gb hard drive that I purchased to back up the entire computer when I feared loosing the entire computer alltogether. It is a ClickFree Automatic Backup HardDrive that connectes to a power outlet and to the computer via USB. When I tried the PC I connected the power first, then the USB, which is the same process that I tried with the laptop (which was successful).


----------



## throoper (Jan 20, 2007)

olabola said:


> As am I, but I no longer have the Dell photo printer, I have an Epson Stylus. Despite going through the process of uninstalling the Dell, and installing the Epson for some reason the Dell still shows up in the quickstart menu (I think thats what its called- little icons on lower right). So, when I went to uncheck the items you noted I realized that you were referring to the Dell, I was wondering if you realized that I dont have that printer anymore? Maybe that is the issue?
> 
> Interestingly, there was a time thoughtout this process that the Dell Printer seemed to have disappeared, then "magically" reappeard.


OK. We'll see if we can hunt down and get rid of the Dell remnants. 
Definitely uncheck them along with the 2 Epson entries in misconfig, reboot and make sure the Printer is powered off before Windows starts up again.


----------



## olabola (May 20, 2012)

throoper said:


> OK. We'll see if we can hunt down and get rid of the Dell remnants.
> Definitely uncheck them along with the 2 Epson entries in misconfig, reboot and make sure the Printer is powered off before Windows starts up again.


I am so glad that I stayed home to do this, I will be a little late for work, but who cares! It worked! I followed the steps, unchecked the items you listed (I took screen shots to show you)...and when I rebooted and poped in the webcam it actually installed immediatly and worked. I saw myself and my kitty live and in person! I don't have time to try the other ports, but I am so greatful to you for your help. I will check back in when I get back from work...EST. Thank you a million times over!


----------



## throoper (Jan 20, 2007)

Yippee!!!! Now that we know WHAT the problem is, we should be able to get everything working at the same time.
Try turning your Printer on, without rechecking those startups, and see if it will work and also allow the other USB ports to work at the same time.
As soon as you press the power button on the printer, you should get the "found new hardware" notice and the drivers for it should load and work. I'm hoping it's simply a matter of not having the printer software load at startup, just when you need to use the printer. 
Have a good day at work.


----------



## olabola (May 20, 2012)

Well, when I turned on the computer, I noticed the Epson icon in the lower right, which was strange, because I thought that we turned that all off? But, I still follwed your directions and turned the printer on using the power button and tested the printer and it worked fine. However, when I tried the USB Webcam I received the Unrecognized Message.


----------



## throoper (Jan 20, 2007)

Check in msconfig and see if the Epson items are still unchecked.


----------



## olabola (May 20, 2012)

throoper said:


> Check in msconfig and see if the Epson items are still unchecked.


Yes, still unchecked


----------



## throoper (Jan 20, 2007)

Right click on the Epson tray icon and click exit. If there's no Exit, please let me know what IS on the menu.
Try your webcam again and see if it will work with the Epson software shut down (you can leave the Printer on for this).
If the webcam still doesn't work, click the "Safely Remove Hardware" icon in the tray and select the Printer. When it says it's safe to remove, power off the printer and try the cam again (make sure the Epson icon is still gone from the previous step).


----------



## olabola (May 20, 2012)

There is no Exit...see pic below


----------



## olabola (May 20, 2012)

These are all the tray items. Interestingly there is an item that says i can safely remove hardware, but I am not sure what its referring to.


----------



## throoper (Jan 20, 2007)

olabola said:


> These are all the tray items. Interestingly there is an item that says i can safely remove hardware, but I am not sure what its referring to.


Click (normal click, not right click) on the one on the far left with the little green arrow (that's the safely remove icon). 
You should get a list of hardware that's connected and the Printer should be on it.
Click it and see if you get an OK to remove it. If you do, power off the printer.
If you don't, shut down the computer, turn off the printer and then start up again and try the webcam.
Turning the printer back on should result in a "Found new hardware" and load the software, but will likely kill the USB ports for other things again
I'm thinking that when the printer is on and the software is loaded for it, it's messing with the function of the USBports.
If you can just "Safely remove hardware" and power down the printer, that will give you a quick workaround until I can find another fix.


----------



## olabola (May 20, 2012)

throoper said:


> Click (normal click, not right click) on the one on the far left with the little green arrow (that's the safely remove icon).
> You should get a list of hardware that's connected and the Printer should be on it.
> Click it and see if you get an OK to remove it. If you do, power off the printer.


Yes, this worked, and the webcam worked when I plugged it in...Although the icon with the green arrow is gone, the icon for the printer itself is still there. Is that supposed to be like that? Also, I recall when I installed the printer that I did it from downloading the driver from Epson online because the disk was missing (I got the printer from my mom). However, since then, I retreived the disk and have it so if I need to uninstall and reinstall then I would be able to do that if necessary.

Thanks again!


----------



## throoper (Jan 20, 2007)

Yes. You only have the Safely Remove icon when you have external hardware active.

If you have the installation disc for it, it might be the best solution to just uninstall everything Epson and then reinstall from the original disc. That may solve the problem as I assume at one time the printer could be on at the same time as other devices were being used.

Worst case would be you are in the same place and need to power off the printer when you want to use the ports for something else. Not perfect, but workable.


----------



## throoper (Jan 20, 2007)

I think I may have stumbled on the problem. 
If you don't use the Epson Connect software for wireless printing, uninstall it from Add/Remove programs.
That may be what's causing the conflict and killing use of the USB ports.


----------



## olabola (May 20, 2012)

I do not use the printer for wireless printing so I uninstalled the software you mentioned and when I plugged in the webcam it was working. I then unplugged the webcam and turned on the printer. I plugged the webcam back in and received the unrecognized message again. So...I guess I should uninstall and reinstall the printer? Is that the next step?


----------



## throoper (Jan 20, 2007)

It figures it wasn't the software that you don't use.
You could try using the "update driver" on the tray icon menu. 
If a new driver doesn't solve it, then I'd try the uninstall and reinstall of the printer and software.
I found a user manual at Epson.
http://files.support.epson.com/htmldocs/nx430_/nx430_ug/index.html
In the "Solving Problems" section, there's an uninstall guide under "When to uninstall your product software" that walks you through it.


----------



## olabola (May 20, 2012)

I tried to update the driver, and it said I had the latest version of the driver..boo hoo! So, I guess I will uninstall and reinstall the printer.


----------



## throoper (Jan 20, 2007)

olabola said:


> I tried to update the driver, and it said I had the latest version of the driver..boo hoo! So, I guess I will uninstall and reinstall the printer.


I think that may be what started the problem with the ports. The Epson software probably updated the driver and now you have a conflict.
I'll keep my fingers crossed that reinstalling does the trick. :up:


----------



## olabola (May 20, 2012)

throoper said:


> I think that may be what started the problem with the ports. The Epson software probably updated the driver and now you have a conflict.
> I'll keep my fingers crossed that reinstalling does the trick. :up:


I wish that it solved the problem, but sadly, it did not. I uninstalled and reinstalled the printer and then tried the webcam and the unrecognized popup reared its ugly head.


----------



## throoper (Jan 20, 2007)

So just to check where we are:
The Printer is working fine but webcam isn't.
If you "Safely remove hardware" and power off the printer, the webcam works.
If you turn the printer back on, the webcam quits working. 
Does that about size up the situation?


----------



## throoper (Jan 20, 2007)

Question:

I was assuming that at one time the printer and webcam both worked at the same time. 
Is that correct or did the webcam quit functioning at the same time you installed the printer?


----------



## olabola (May 20, 2012)

throoper said:


> Question:
> 
> I was assuming that at one time the printer and webcam both worked at the same time.
> Is that correct or did the webcam quit functioning at the same time you installed the printer?


Hmmm....you know what, I really dont remember. My dell printer stopped functioning some time within the last year and I started using the webcam also within the last year. If I had to guess I would say that I installed the Epson around Nov or Dec...but I wasnt using my webcam at that time because I didnt need it for classes. However, I was using USB thumb drives which I noticed stopped working. So, maybe its the printer?


----------



## olabola (May 20, 2012)

throoper said:


> So just to check where we are:
> The Printer is working fine but webcam isn't.
> If you "Safely remove hardware" and power off the printer, the webcam works.
> If you turn the printer back on, the webcam quits working.
> Does that about size up the situation?


Yes, that is correct.


----------



## throoper (Jan 20, 2007)

olabola said:


> Hmmm....you know what, I really dont remember. My dell printer stopped functioning some time within the last year and I started using the webcam also within the last year. If I had to guess I would say that I installed the Epson around Nov or Dec...but I wasnt using my webcam at that time because I didnt need it for classes. However, I was using USB thumb drives which I noticed stopped working. So, maybe its the printer?


I was hoping it was just a conflict with the drivers, but if it's occurring since you installed the printer it may be that the printer draws too much power through the USB ports and it's not leaving enough for other devices. Basically, too much printer for your computer. I don't really know what you could do about it other than either get a different printer (which may have the same problem) or upgrade your power supply (which doing that can have it's own problems).
Of course I could be wrong and someone may have another alternative.
One thing you could try is getting a powered USB hub as suggested by Triple6 for the printer. If I'm right about the power, that may take some of the load and allow other things to work at the same time. If nothing else, it will at least give you extra USB ports and it can be used if you get a new computer sometime.

For now, it seems you can use the printer, or other devices, just not at the same time.
When not using the printer, simply power it off and the other things should work.
When you want to print or scan, push the button and don't plan on using the webcam or external drives until you're done and power it off again.
Like I said, not perfect but at least it's workable.


----------



## Triple6 (Dec 26, 2002)

Actually instead of a USB hub I think I'd recommend an internal PCI card like this: http://www.newegg.com/Product/Product.aspx?Item=N82E16815158220

It'll give you 4 external ports on the back plus will allow you to connect two front USB ports to the internal header. It's a tad harder to install than a USB hub but works better and replaces all aspects of the USB ports and controllers and any power issues related to the internal motherboard ports.


----------



## olabola (May 20, 2012)

Triple6 said:


> Actually instead of a USB hub I think I'd recommend an internal PCI card like this: http://www.newegg.com/Product/Product.aspx?Item=N82E16815158220
> 
> It'll give you 4 external ports on the back plus will allow you to connect two front USB ports to the internal header. It's a tad harder to install than a USB hub but works better and replaces all aspects of the USB ports and controllers and any power issues related to the internal motherboard ports.


This looks like something I would have to actully put inside the tower? Is that something someone like me could realistically do? I generally feel like I can do mostly anything with instructions, but I do not want to make things worse. Would it be simpler to turn off the printer while using other USB based items?


----------



## olabola (May 20, 2012)

throoper said:


> Basically, too much printer for your computer.


Maybe this is a silly question, but the printer is powered through an outlet, not the USB, right?


----------



## throoper (Jan 20, 2007)

olabola said:


> Maybe this is a silly question, but the printer is powered through an outlet, not the USB, right?


Not silly at all. 
The printer hardware is powered from the outlet (the motors and such) but it also uses power from the usb port for data transfer.

To your question about the usb card, it's no harder than putting in memory sticks. 
Obviously the simplest would be to turn off the printer when using other devices, but that may be a nuisance for you to do and either a usb card or powered hub would give you more functionality without having to remember to do that.


----------



## olabola (May 20, 2012)

Triple6 said:


> Actually instead of a USB hub I think I'd recommend an internal PCI card like this: http://www.newegg.com/Product/Product.aspx?Item=N82E16815158220
> 
> It'll give you 4 external ports on the back plus will allow you to connect two front USB ports to the internal header. It's a tad harder to install than a USB hub but works better and replaces all aspects of the USB ports and controllers and any power issues related to the internal motherboard ports.


I am thinking about getting this PCI card and looked on youtube for some how to videos and it doesnt seem too difficult to install. I wonder though, how does the card affect the old USB slots? the ones in the front and back? Does it disable them or just boost their power?


----------



## olabola (May 20, 2012)

OK, It looks like I might actually be close to closing up the thread! Yipeee! For now I know that I can use the method throoper described to use my webcam, or purchase the PCI card adapter that Triple6 mentioned. So, with the printer shut down, I was able to use my webcam, sync my Ipod and Iphone with Itunes, and backup the PC with the backup harddrive. Are there any other final things I need to do to "fix" the things that were done in the search for the bugs? Or, alternatively are there more bug searches that should be done?

Thanks to everyone that has been helping me...I really appreciate it and would have lost my computer if it wasn't for your assisstance.


----------



## Cookiegal (Aug 27, 2003)

A big thanks to throoper and Triple6 for helping olabola with the USB port/webcam/printer issues. :up:

Since this thread is very long and you did have a rootkit infection to start with, I'd like to do the same two scans that I had you do initially just to be sure nothing has resurfaced and all is in order. They are DDS and GMER but please remove the versions you currently have by dragging them to the Recycle Bin and downloading them again.

Please download DDS by sUBs to your desktop from the following location:

http://download.bleepingcomputer.com/sUBs/dds.scr

Double-click the *dds.scr* file to run the program.

It will automatically run in silent mode and then you will see the following note:

*"Two logs shall be created on your Desktop".*

The logs will be named *dds.txt* and *attach.txt*.

Wait until the logs appear and then copy and paste their contents in your post.

Please download GMER from: http://www.gmer.net

Click on the "Download EXE" button and save the randomly named .exe file to your desktop.

*Note: You must uninstall any CD Emulation programs that you have before running GMER as they can cause conflicts and give false results.*

Double click the GMER .exe file on your desktop to run the tool and it will automatically do a quick scan.

If the tool warns of rootkit activity and asks if you want to run a full scan, click on No and make sure the following are *unchecked *on the right-hand side:

IAT/EAT
Any drive letter other than the primary system drive (which is generally C).

Click the *Scan *button and when the scan is finished, click *Save* and save the log in Notepad with the name ark.txt to your desktop.

*Note: It's important that all other windows be closed and that you don't touch the mouse or do anything with the computer during the scan as it may cause it to freeze. You should disable your screen saver as if it comes on it may cause the program to freeze.*

Open the ark.txt file and copy and paste the contents of the log here please.

I'd also like you to run the following as it often finds minor junk that often gets installed with other applications.

Please download AdwCleaner from here to your desktop

Run AdwCleaner and select "Search" (do not select "Delete" at this time)

Once the scan is finished a log will be produced. Please copy and paste the log into your next reply.


----------



## olabola (May 20, 2012)

*Note: You must uninstall any CD Emulation programs that you have before running GMER as they can cause conflicts and give false results.*

What is a CD Emulation Program?


----------



## Cookiegal (Aug 27, 2003)

Don't worry about that. If you had one you would know it.


----------



## olabola (May 20, 2012)

.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Atmosphere Player for Acrobat and Adobe Reader
Adobe Connect Add-in
Adobe Digital Editions 2.0
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.6)
Amazon MP3 Downloader 1.0.17
AnswerWorks 4.0 Runtime - English
AnswerWorks 5.0 English Runtime
AOL Toolbar
AOLIcon
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Print Creations
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
AXIS Media Control Embedded
Bonjour
Broadcom Advanced Control Suite 2
CardRd81
CCScore
Compatibility Pack for the 2007 Office system
Conexant D850 56K V.9x DFVc Modem
Creative MediaSource
Dell Digital Jukebox Driver
Dell Driver Download Manager
Dell Driver Reset Tool
Dell Support 5.0.0 (630)
Dell System Restore
Digital Line Detect
Download Navigator
Download Updater (AOL LLC)
Epson Connect
Epson Customer Participation
Epson Event Manager
EPSON NX430 Series Printer Uninstall
EPSON Scan
ERUNT 1.1j
ESET Online Scanner v3
ESSBrwr
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSPDock
ESSSONIC
ESSTOOLS
essvatgt
G21942EN
GearDrvs
GenoPro 2.5.4.1
Google Books Downloader version 2.2
Google Toolbar for Internet Explorer
Google Update Helper
HighMAT Extension to Microsoft Windows XP CD Writing Wizard
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB932716-v2)
Hotfix for Windows XP (KB945060-v3)
Hotfix for Windows XP (KB954708)
Hotfix for Windows XP (KB959765)
Intel Matrix Storage Manager
Internet Explorer Default Page
iTunes
Java 7 Update 15
Java Auto Updater
Java(TM) 6 Update 32
Junk Mail filter update
kgcbase
KODAK EASYSHARE Gallery Upload ActiveX Control
Kodak EasyShare software
Learn2 Player (Uninstall Only)
LTCM Client
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 SR-1 Disc 2
Microsoft Office 2000 SR-1 Professional
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Works 6-9 Converter
MobileMe Control Panel
Modem Helper
Mozilla Firefox 18.0.2 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 17.0.2 (x86 en-US)
MSVCRT
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
My Way Search Assistant
netbrdg
NetWaiting
NVIDIA Drivers
OfotoXMI
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
Otto
Photo Story 3 for Windows
PowerDVD 5.9
PrintMaster Gold 4.00
Qualxserve Service Agreement
QuickBooks Simple Start Special Edition
QuickTime
RealArcade
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Revo Uninstaller 1.94
Road Runner Medic 5.4
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Segoe UI
SFR
SHASTA
skin0001
SKINXSDK
Sonic Audio module
Sonic Copy Module
Sonic DLA
Sonic Encoders
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Data
Sonic Update Manager
Sound Blaster Audigy 2 ZS
staticcr
SUPERAntiSpyware
TomTom HOME 2.8.2.2264
tooltips
TurboTax 2008
TurboTax 2008 WinPerFedFormset
TurboTax 2008 WinPerProgramHelp
TurboTax 2008 WinPerReleaseEngine
TurboTax 2008 WinPerTaxSupport
TurboTax 2008 WinPerUserEducation
TurboTax 2008 wnyiper
TurboTax 2008 wrapper
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wnyiper
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wnyiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wnyiper
TurboTax 2011 wrapper
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005
TWC Customer Controls
Uninstall 1.0.0.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB971029)
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual Studio C++ 10.0 Runtime
VLC media player 1.1.8
VPRINTOL
WebEx Support Manager for Internet Explorer
WebFldrs XP
WexTech AnswerWorks
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Photo Gallery
Windows Live Sync
Windows Live Upload Tool
Windows Media Connect
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows PowerShell(TM) 1.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Service Pack 3
WinRAR 4.00 (32-bit)
WIRELESS
.
==== End Of File ===========================


----------



## olabola (May 20, 2012)

DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.15.2
Run by Alexandra Jachimczyk at 10:11:24 on 2013-02-23
.
============== Running Processes ================
.
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Support.com\bin\tgcmd.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
C:\Documents and Settings\All Users\Application Data\OfficeGuardian\reminder\SacReminder.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.145.202.0.exe
C:\WINDOWS\system32\MpSigStub.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.aol.com/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - LocalServer32 - <no file>
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [EPLTarget\P0000000000000000] c:\windows\system32\spool\drivers\w32x86\3\e_fatihba.exe /ept "epltarget\P0000000000000000" /M "Epson Stylus NX430"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
uRun: [SacReminder] c:\documents and settings\all users\application data\officeguardian\reminder\SacReminder.exe
mRun: [CTSysVol] "c:\program files\creative\sbaudigy2zs\surround mixer\CTSysVol.exe" /r
mRun: [CTHelper] CTHELPER.EXE
mRun: [tgcmd] "c:\program files\support.com\bin\tgcmd.exe" /server /startmonitor /deaf
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [dla] c:\windows\system32\dla\tfswctrl.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [ArcSoft Connection Service] c:\program files\common files\arcsoft\connection service\bin\ACDaemon.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSCONFIG.EXE /auto
mRun: [EEventManager] "c:\program files\epson software\event manager\EEventManager.exe"
mRun: [LTCM Client] c:\program files\ltcm client\ltcmClient.exe /startup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://www.activation.rr.com/install/download/tgctlcm.cab
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} - hxxp://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} - hxxp://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} - hxxp://aolcc.aol.com/computercheckup/qdiagcc.cab
DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118701430265
DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} - hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
DPF: {6715D12F-213F-4C6E-ACE1-8A363F550B96} - hxxp://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab
DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} - hxxps://webdl.symantec.com/activex/symdlmgr.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345548205328
DPF: {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {6F750200-1362-4815-A476-88533DE61D0C} - hxxp://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
DPF: {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} - hxxp://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab
DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} - hxxp://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {94B82441-A413-4E43-8422-D49930E69764} - hxxps://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab
DPF: {BAC761D3-DFFD-4DB4-A01D-173346E090A7} - hxxp://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} - hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} - hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - hxxps://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D441AB53-A39C-42AE-AB79-3C05B7298F34} - hxxp://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab
DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://24.97.152.19/activex/AMC.cab
DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - hxxp://www.popcap.com/webgames/popcaploader_v10.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{EC07AD45-4B6C-41AA-BD45-9ECA4D349186} : DHCPNameServer = 209.18.47.61 209.18.47.62
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\alexandra jachimczyk\application data\mozilla\firefox\profiles\3i92dirc.default\
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlhtml5videoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\mozillaplugins\nprndlpepperflashvideoshim.dll
FF - plugin: c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\npdlplugin.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\amazon\mp3 downloader\npAmazonMP3DownloaderPlugin101752.dll
FF - plugin: c:\program files\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npunagi2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npViewpoint.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\viewpoint\viewpoint experience technology\npViewpoint.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? IntuitUpdateServiceV4;Intuit Update Service v4
R? ManyCam;ManyCam Virtual Webcam
R? mcaudrv_simple;ManyCam Virtual Microphone
R? TomTomHOMEService;TomTomHOMEService
R? Viewpoint Manager Service;Viewpoint Manager Service
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
S? !SASCORE;SAS Core Service
S? EpsonCustomerParticipation;EpsonCustomerParticipation
S? McrdSvc;Media Center Extender Service
S? MpFilter;Microsoft Malware Protection Driver
S? RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service
S? SASDIFSV;SASDIFSV
S? SASKUTIL;SASKUTIL
.
=============== Created Last 30 ================
.
2013-02-23 15:11:10 6954968 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{dd1252ec-22c7-4fba-8cf9-847b4c4274a7}\mpengine.dll
2013-02-23 15:08:17 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2013-02-23 15:05:45 -------- d-----w- c:\documents and settings\alexandra jachimczyk\local settings\application data\Sun
2013-02-21 19:50:33 6954968 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-02-18 14:50:32 -------- d-----w- c:\documents and settings\all users\application data\OfficeGuardian
2013-02-18 04:10:10 -------- d-----w- c:\documents and settings\alexandra jachimczyk\application data\Leader Technologies
2013-02-18 00:51:38 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll
2013-02-18 00:51:38 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll
2013-02-18 00:51:38 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll
2013-02-18 00:51:38 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll
2013-02-18 00:51:38 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll
2013-02-18 00:51:38 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll
2013-02-18 00:51:38 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll
2013-02-16 20:00:36 -------- d-----w- c:\program files\LTCM Client
2013-02-16 19:54:14 -------- d-----w- c:\program files\Epson America Inc
2013-02-16 19:52:05 342016 ----a-w- c:\windows\system32\eswiaud.dll
2013-02-16 19:52:05 132560 ----a-w- c:\windows\system32\esdevapp.exe
2013-02-16 19:52:05 12800 ----a-w- c:\windows\system32\escdev.dll
2013-02-15 22:31:23 186432 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-02-13 03:14:36 -------- d-----w- c:\documents and settings\alexandra jachimczyk\System
2013-02-13 03:14:36 -------- d-----w- c:\documents and settings\alexandra jachimczyk\application data\SmartDraw
2013-02-02 17:04:40 -------- d-----w- c:\program files\RealNetworks
2013-02-02 17:04:37 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
2013-02-02 17:04:14 -------- d-----w- c:\program files\common files\xing shared
2013-02-02 17:03:33 499712 ----a-w- c:\windows\system32\msvcp71.dll
2013-02-02 17:03:33 348160 ----a-w- c:\windows\system32\msvcr71.dll
.
==================== Find3M ====================
.
2013-02-23 15:08:01 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-02-23 15:08:00 861088 -c--a-w- c:\windows\system32\npdeployJava1.dll
2013-02-23 15:08:00 782240 -c--a-w- c:\windows\system32\deployJava1.dll
2013-02-18 01:00:11 71024 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-18 01:00:11 691568 -c--a-w- c:\windows\system32\FlashPlayerApp.exe
2013-01-30 10:53:21 232336 ------w- c:\windows\system32\MpSigStub.exe
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16:29 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16:28 43520 ------w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16:28 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40:59 385024 ------w- c:\windows\system32\html.iec
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 21:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2006-01-09 01:09:34 774144 -c--a-w- c:\program files\RngInterstitial.dll
2005-10-19 05:17:35 353298 -c--a-w- c:\program files\LimeWireWin.exe
2005-10-17 02:31:15 4077184 -c--a-w- c:\program files\winzip90.exe
.
============= FINISH: 10:13:05.90 ===============


----------



## olabola (May 20, 2012)

Cookiegal said:


> A big thanks to throoper and Triple6 for helping olabola with the USB port/webcam/printer issues. :up:
> 
> Since this thread is very long and you did have a rootkit infection to start with, I'd like to do the same two scans that I had you do initially just to be sure nothing has resurfaced and all is in order. They are DDS and GMER but please remove the versions you currently have by dragging them to the Recycle Bin and downloading them again.
> 
> ...


So...just wanted to let you know that I goofed a bit on the instructions. I guess I wasnt paying attention. I forgot to delete DDS and GMER (the ones I already had) before re downloading and running the scans. But, both of them allowed me to re-download and scan. The other strange thing that occurred was that my screen saver was turned off but after 20 minutes or so my screen would go black. I shook the mouse to make it go back and prayed my computer didnt blow up. When the scan was done a message poped up saying the scan was successfully completed. Let me know if I compromised the scans, or computer or anything else.


----------



## olabola (May 20, 2012)

# AdwCleaner v2.112 - Logfile created 02/23/2013 at 13:42:50
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Alexandra Jachimczyk - D16M9M71
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\AdwCleaner.exe
# Option [Search]

***** [Services] *****
Found : Viewpoint Manager Service
***** [Files / Folders] *****
File Found : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Found : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Found : C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Alexandra Jachimczyk\Application Data\yourfiledownloader
Folder Found : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\All Users\Application Data\Ask
Folder Found : C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Found : C:\Documents and Settings\All Users\Application Data\Premium
Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Program Files\1ClickDownload
Folder Found : C:\Program Files\Ask.com
Folder Found : C:\Program Files\Common Files\Plasmoo
Folder Found : C:\Program Files\Common Files\Software Update Utility
Folder Found : C:\Program Files\Conduit
Folder Found : C:\Program Files\Viewpoint
***** [Registry] *****
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\5d55df8db069ef43
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKCU\Software\Viewpoint
Key Found : HKCU\Software\YourFileDownloader
Key Found : HKLM\SOFTWARE\5d55df8db069ef43
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Found : HKLM\Software\Iminent
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\Viewpoint
Key Found : HKLM\Software\YourFileDownloader
Key Found : HKU\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v18.0.2 (en-US)
File : C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Mozilla\Firefox\Profiles\3i92dirc.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v24.0.1312.57
File : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Found [l.8] : homepage = "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc=HP_ss&mntrId=6c1d4e3200000000000000132017bce0",
Found [l.12] : urls_to_restore_on_startup = [ "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc=HP_ss&mntrId=6c1d4e3200000000000000132017bce0" ]
Found [l.351] : homepage = "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc=HP_ss&mntrId=6c1d4e3200000000000000132017bce0",
Found [l.665] : urls_to_restore_on_startup = [ "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc=HP_ss&mntrId=6c1d4e3200000000000000132017bce0" ]
*************************
AdwCleaner[R1].txt - [11006 octets] - [23/02/2013 13:42:50]
########## EOF - C:\AdwCleaner[R1].txt - [11067 octets] ##########


----------



## Cookiegal (Aug 27, 2003)

No, it's fine.

You should uninstall these via the Control Panel - Add or Remove Programs:

Java(TM) 6 Update 32
Viewpoint Manager (Remove Only)
Viewpoint Media Player

Please run AdwCleaner again and this type select the "delete" option and post the resulting log.


----------



## olabola (May 20, 2012)

# AdwCleaner v2.113 - Logfile created 02/23/2013 at 21:18:54
# Updated 23/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Alexandra Jachimczyk - D16M9M71
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****
File Deleted : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage
File Deleted : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
Folder Deleted : C:\Documents and Settings\Alexandra Jachimczyk\Application Data\dvdvideosoftiehelpers
Folder Deleted : C:\Documents and Settings\Alexandra Jachimczyk\Application Data\yourfiledownloader
Folder Deleted : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Premium
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\Program Files\Common Files\Plasmoo
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Viewpoint
***** [Registry] *****
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\5d55df8db069ef43
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\5d55df8db069ef43
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\YourFileDownloader
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.6001.18702
[OK] Registry is clean.
-\\ Mozilla Firefox v18.0.2 (en-US)
File : C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Mozilla\Firefox\Profiles\3i92dirc.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v24.0.1312.57
File : C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
Deleted [l.8] : homepage = "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc=HP_ss&mntrId=6c1d4e320[...]
Deleted [l.12] : urls_to_restore_on_startup = [ "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc[...]
Deleted [l.351] : homepage = "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc=HP_ss&mntrId=6c1d4e320000[...]
Deleted [l.665] : urls_to_restore_on_startup = [ "hxxp://www.claro-search.com/?affID=116695&tt=4712_7&babsrc=HP[...]
*************************
AdwCleaner[R1].txt - [11137 octets] - [23/02/2013 13:42:50]
AdwCleaner[S1].txt - [9926 octets] - [23/02/2013 21:18:54]
########## EOF - C:\AdwCleaner[S1].txt - [9986 octets] ##########


----------



## Cookiegal (Aug 27, 2003)

Download *OTS.exe * to your Desktop. 

Close any open browsers.
If your Real protection or Antivirus interferes with OTS, allow it to run.
Double-click on *OTS.exe* to start the program.
At the top put a check mark in the box beside "Scan All Users".
At the top (in the middle) change the "File Age" from 30 days to 90 days
Under the *Additional Scans *section put a check in the box next to Disabled MS Config Items, NetSvcs and EventViewer logs (Last 10 errors)
Now click the *Run Scan *button on the toolbar.
Let it run unhindered until it finishes.
When the scan is complete Notepad will open with the report file loaded in it.
Save that notepad file.
Use the *Reply* button, scroll down to the attachments section and attach the notepad file here.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Download *OTS.exe *to your Desktop.
> Close any open browsers.
> If your Real protection or Antivirus interferes with OTS, allow it to run.
> Double-click on *OTS.exe* to start the program.
> ...


Is this a lengthy scan? Im asking because I want to know if I should wait and do it overnight?


----------



## Cookiegal (Aug 27, 2003)

No, it should only take a few minutes to run it.


----------



## olabola (May 20, 2012)

```
OTS logfile created on: 2/24/2013 2:06:38 PM - Run 1
OTS by OldTimer - Version 3.1.47.2     Folder = C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 79.00% Memory free
4.00 Gb Paging File | 4.00 Gb Available in Paging File | 88.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 144.31 Gb Total Space | 53.17 Gb Free Space | 36.84% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: D16M9M71
Current User Name: Alexandra Jachimczyk
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 180 Days
 
[Processes - Safe List]
ots.exe -> C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Security\OTS.exe -> [2013/02/24 14:03:53 | 000,646,656 | ---- | M] (OldTimer Tools)
jqs.exe -> C:\Program Files\Java\jre7\bin\jqs.exe -> [2013/02/23 10:08:02 | 000,170,912 | ---- | M] (Oracle Corporation)
e_fatihba.exe -> C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_FATIHBA.EXE -> [2013/02/16 14:50:37 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION)
realsched.exe -> C:\Program Files\Real\realplayer\Update\realsched.exe -> [2013/02/02 12:03:36 | 000,295,072 | ---- | M] (RealNetworks, Inc.)
rndlresolversvc.exe -> C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -> [2012/11/29 20:31:04 | 000,038,608 | ---- | M] ()
sascore.exe -> C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -> [2012/11/08 16:06:48 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
msmpeng.exe -> c:\Program Files\Microsoft Security Client\MsMpEng.exe -> [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation)
msseces.exe -> C:\Program Files\Microsoft Security Client\msseces.exe -> [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation)
intuitupdateservice.exe -> C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -> [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.)
epcp.exe -> C:\Program Files\epson\EpsonCustomerParticipation\EPCP.exe -> [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION)
acdaemon.exe -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe -> [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.)
eeventmanager.exe -> C:\Program Files\Epson Software\Event Manager\EEventManager.exe -> [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION)
acservice.exe -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.)
sacreminder.exe -> C:\Documents and Settings\All Users\Application Data\OfficeGuardian\reminder\SacReminder.exe -> [2009/02/20 12:22:35 | 000,821,056 | R--- | M] (SAC)
explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
cthelper.exe -> C:\WINDOWS\SYSTEM32\CtHelper.exe -> [2007/04/09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd)
tgcmd.exe -> C:\Program Files\Support.com\bin\tgcmd.exe -> [2005/10/18 14:33:12 | 001,921,024 | ---- | M] (SupportSoft, Inc.)
ctsysvol.exe -> C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe -> [2003/09/17 10:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd)
 
[Modules - No Company Name]
quartz.dll -> C:\WINDOWS\SYSTEM32\quartz.dll -> [2013/01/02 01:49:10 | 001,292,288 | ---- | M] ()
rndlresolversvc.exe -> C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -> [2012/11/29 20:31:04 | 000,038,608 | ---- | M] ()
system.serviceprocess.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\bf0b3689dd5e261097f2feb2ed0103e8\System.ServiceProcess.ni.dll -> [2012/11/08 23:42:44 | 000,221,696 | ---- | M] ()
system.runtime.remoting.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\533deafc53346179cd118acc874752a3\System.Runtime.Remoting.ni.dll -> [2012/11/08 23:35:38 | 000,762,880 | ---- | M] ()
system.enterpriseservices.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\d0d8c27be9116224e42260292e21cad5\System.EnterpriseServices.ni.dll -> [2012/11/08 23:35:32 | 000,787,456 | ---- | M] ()
system.transactions.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\5e3cf00b80c0aecd8392f1702d2d0f28\System.Transactions.ni.dll -> [2012/11/08 23:35:30 | 000,649,728 | ---- | M] ()
system.data.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\4a1e0e4ec906686357466a5881de605e\System.Data.ni.dll -> [2012/11/08 22:52:22 | 006,815,232 | ---- | M] ()
system.windows.forms.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\7390d789557549200e474b9bbeca3d1a\System.Windows.Forms.ni.dll -> [2012/11/08 22:52:04 | 013,138,944 | ---- | M] ()
system.drawing.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\aa90407cafb9b4a0dc5e3fdff170fee9\System.Drawing.ni.dll -> [2012/11/08 22:51:39 | 001,653,248 | ---- | M] ()
system.xml.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\19e79fc0f95c93b0244c7b287e254871\System.Xml.ni.dll -> [2012/11/08 22:51:23 | 005,617,664 | ---- | M] ()
system.configuration.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\bab886a18699bab842769c5ce486c332\System.Configuration.ni.dll -> [2012/11/08 22:51:12 | 000,982,528 | ---- | M] ()
system.core.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\7292b3e639a6202cf7eaf1f7ed271249\System.Core.ni.dll -> [2012/11/08 22:51:05 | 007,069,696 | ---- | M] ()
system.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\2c59490afc22def906d3ca96e1207ff9\System.ni.dll -> [2012/11/08 22:50:38 | 009,091,584 | ---- | M] ()
mscorlib.ni.dll -> C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\44ae9f9afb2373055136d57ac6db3f96\mscorlib.ni.dll -> [2012/11/08 22:50:25 | 014,413,824 | ---- | M] ()
zlib1.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll -> [2011/11/01 23:26:32 | 000,087,912 | ---- | M] ()
libxml2.dll -> C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll -> [2011/11/01 23:26:12 | 001,242,472 | ---- | M] ()
sbe.dll -> C:\WINDOWS\SYSTEM32\sbe.dll -> [2011/02/04 17:48:30 | 000,291,840 | ---- | M] ()
msdmo.dll -> C:\WINDOWS\SYSTEM32\msdmo.dll -> [2008/04/13 19:11:59 | 000,014,336 | ---- | M] ()
devenum.dll -> C:\WINDOWS\SYSTEM32\devenum.dll -> [2008/04/13 19:11:51 | 000,059,904 | ---- | M] ()
 
[Win32 Services - Safe List]
(TomTomHOMEService) TomTomHOMEService [On_Demand | Stopped] ->  -> File not found
(JavaQuickStarterService) Java Quick Starter [Auto | Running] -> C:\Program Files\Java\jre7\bin\jqs.exe -> [2013/02/23 10:08:02 | 000,170,912 | ---- | M] (Oracle Corporation)
(MozillaMaintenance) Mozilla Maintenance Service [On_Demand | Stopped] -> C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -> [2013/02/19 07:47:47 | 000,115,608 | ---- | M] (Mozilla Foundation)
(AdobeFlashPlayerUpdateSvc) Adobe Flash Player Update Service [On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\Macromed\Flash\FlashPlayerUpdateService.exe -> [2013/02/17 20:00:11 | 000,251,248 | ---- | M] (Adobe Systems Incorporated)
(RealNetworks Downloader Resolver Service) RealNetworks Downloader Resolver Service [Auto | Running] -> C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe -> [2012/11/29 20:31:04 | 000,038,608 | ---- | M] ()
(!SASCORE) SAS Core Service [Auto | Running] -> C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -> [2012/11/08 16:06:48 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com)
(MsMpSvc) Microsoft Antimalware Service [Auto | Running] -> c:\Program Files\Microsoft Security Client\MsMpEng.exe -> [2012/09/12 17:25:22 | 000,020,472 | ---- | M] (Microsoft Corporation)
(IntuitUpdateServiceV4) Intuit Update Service v4 [Auto | Running] -> C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -> [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.)
(EpsonCustomerParticipation) EpsonCustomerParticipation [Auto | Running] -> C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -> [2011/06/09 13:01:00 | 000,521,600 | ---- | M] (SEIKO EPSON CORPORATION)
(IntuitUpdateService) Intuit Update Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -> [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.)
(ACDaemon) ArcSoft Connect Daemon [Auto | Running] -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -> [2010/03/18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.)
(SupportSoft RemoteAssist) SupportSoft RemoteAssist [On_Demand | Stopped] -> C:\Program Files\Common Files\Supportsoft\bin\ssrc.exe -> [2008/07/15 17:38:32 | 000,394,608 | ---- | M] (SupportSoft, Inc.)
(MSCSPTISRV) MSCSPTISRV [On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -> [2006/12/14 02:21:20 | 000,045,056 | ---- | M] (Sony Corporation)
(SPTISRV) Sony SPTI Service [On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -> [2006/12/14 02:02:08 | 000,069,632 | ---- | M] (Sony Corporation)
(PACSPTISVR) PACSPTISVR [On_Demand | Stopped] -> C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -> [2006/12/14 01:46:16 | 000,057,344 | ---- | M] ()
(IAANTMon) IAA Event Monitor [On_Demand | Stopped] -> C:\Program Files\Intel\Intel Application Accelerator\IAANTmon.exe -> [2004/03/23 12:15:40 | 000,073,852 | ---- | M] (Intel Corporation)
 
[Driver Services - Safe List]
(MpKsl23fdf884) MpKsl23fdf884 [Kernel | System | Running] -> c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{39FF6417-ADFE-42FD-95C5-678822ECE6BD}\MpKsl23fdf884.sys -> [2013/02/24 01:38:48 | 000,029,904 | ---- | M] (Microsoft Corporation)
(mcaudrv_simple) ManyCam Virtual Microphone [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\mcaudrv.sys -> [2012/02/22 05:34:36 | 000,022,400 | ---- | M] (ManyCam LLC)
(ManyCam) ManyCam Virtual Webcam [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\mcvidrv.sys -> [2012/01/11 01:11:20 | 000,032,000 | ---- | M] (ManyCam LLC)
(SASDIFSV) SASDIFSV [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -> [2011/07/22 11:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(SASKUTIL) SASKUTIL [Kernel | System | Running] -> C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -> [2011/07/12 16:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
(gameenum) Game Port Enumerator [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys -> [2008/04/13 14:45:30 | 000,010,624 | ---- | M] (Microsoft Corporation)
(motmodem) Motorola USB CDC ACM Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\motmodem.sys -> [2007/06/18 19:18:26 | 000,023,680 | ---- | M] (Motorola)
(COMMONFX.DLL) COMMONFX.DLL [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\COMMONFX.DLL -> [2007/04/18 08:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd)
(CT20XUT.DLL) CT20XUT.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CT20XUT.DLL -> [2007/04/12 08:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.)
(CTHWIUT.DLL) CTHWIUT.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CTHWIUT.DLL -> [2007/04/12 08:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.)
(CTEXFIFX.DLL) CTEXFIFX.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CTEXFIFX.DLL -> [2007/04/12 08:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.)
(CTEDSPSY.DLL) CTEDSPSY.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CTEDSPSY.DLL -> [2007/04/12 08:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd)
(CTEDSPIO.DLL) CTEDSPIO.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CTEDSPIO.DLL -> [2007/04/12 08:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd)
(CTEDSPFX.DLL) CTEDSPFX.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CTEDSPFX.DLL -> [2007/04/12 08:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd)
(CTERFXFX.DLL) CTERFXFX.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CTERFXFX.DLL -> [2007/04/12 08:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd)
(CTEAPSFX.DLL) CTEAPSFX.DLL [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\CTEAPSFX.DLL -> [2007/04/12 08:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd)
(CTSBLFX.DLL) CTSBLFX.DLL [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\CTSBLFX.DLL -> [2007/04/12 08:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd)
(CTAUDFX.DLL) CTAUDFX.DLL [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\CTAUDFX.DLL -> [2007/04/12 08:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd)
(ctsfm2k) Creative SoundFont Management Device Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctsfm2k.sys -> [2007/04/10 06:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd)
(ossrv) Creative OS Services Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctoss2k.sys -> [2007/04/10 05:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.)
(PfModNT) PfModNT [Kernel | Auto | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\pfmodnt.sys -> [2007/04/10 04:32:34 | 000,016,168 | ---- | M] (Creative Technology Ltd.)
(hap17v2k) Creative P17V HAL Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\haP17v2k.sys -> [2007/04/10 04:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd)
(hap16v2k) Creative P16V HAL Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\haP16v2k.sys -> [2007/04/10 04:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd)
(ha10kx2k) Creative Hardware Abstract Layer Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ha10kx2k.sys -> [2007/04/10 04:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd)
(emupia) E-mu Plug-in Architecture Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\emupia2k.sys -> [2007/04/10 04:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd)
(ctprxy2k) Creative Proxy Driver [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctprxy2k.sys -> [2007/04/10 04:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd)
(ctdvda2k) Creative DVD-Audio Device Driver [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctdvda2k.sys -> [2007/04/10 04:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd)
(ctaud2k) Creative Audio Driver (WDM) [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctaud2k.sys -> [2007/04/10 04:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd)
(ctac32k) Creative AC3 Software Decoder [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\ctac32k.sys -> [2007/04/10 04:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd)
(CdaD10BA) CdaD10BA [Kernel | Auto | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\CdaD10BA.SYS -> [2005/07/06 18:51:17 | 000,012,464 | ---- | M] (Macrovision Europe Ltd)
(b57w2k) Broadcom NetXtreme 57xx Gigabit Controller [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\b57xp32.sys -> [2004/05/29 17:41:54 | 000,186,112 | ---- | M] (Broadcom Corporation)
(HSFHWBS2) HSFHWBS2 [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\HSFHWBS2.sys -> [2003/11/17 15:59:20 | 000,212,224 | ---- | M] (Conexant Systems, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\HSF_CNXT.sys -> [2003/11/17 15:58:02 | 000,680,704 | ---- | M] (Conexant Systems, Inc.)
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\HSF_DP.sys -> [2003/11/17 15:56:26 | 001,042,432 | ---- | M] (Conexant Systems, Inc.)
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Stopped] -> C:\WINDOWS\SYSTEM32\DRIVERS\wanatw4.sys -> [2003/01/10 15:13:04 | 000,033,588 | R--- | M] (America Online, Inc.)
(omci) OMCI WDM Device Driver [Kernel | System | Running] -> C:\WINDOWS\SYSTEM32\DRIVERS\omci.sys -> [2002/11/08 13:45:06 | 000,017,217 | ---- | M] (Dell Computer Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> [URL]http://www.google.com/ie[/URL] -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: Main\\"Default_Page_URL" -> [URL]http://www.dell4me.com/myway[/URL] -> 
HKEY_USERS\.DEFAULT\: Main\\"First Home Page" -> [URL]http://www.dell4me.com/myway[/URL] -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: Main\\"Default_Page_URL" -> [URL]http://www.dell4me.com/myway[/URL] -> 
HKEY_USERS\S-1-5-18\: Main\\"First Home Page" -> [URL]http://www.dell4me.com/myway[/URL] -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: Main\\"SearchDefaultBranded" -> 1 -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: Main\\"SearchMigratedDefaultName" -> Google -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: Main\\"SearchMigratedDefaultURL" -> [URL]http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8[/URL] -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: Main\\"Start Page" -> [URL]http://www.aol.com/[/URL] -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: Search\\"SearchAssistant" -> [URL]http://www.google.com/ie[/URL] -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: SearchURL\\"" -> [URL]http://www.google.com/search?q=%s[/URL] -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: "ProxyEnable" -> 0 -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\: "ProxyOverride" -> *.local -> 
< FireFox Settings [Prefs.js] > -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Mozilla\FireFox\Profiles\3i92dirc.default\prefs.js -> 
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632} -> C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT\ [C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT\] -> [2013/02/02 12:04:42 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758} -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\REALNETWORKS\REALDOWNLOADER\BROWSERPLUGINS\FIREFOX\EXT] -> [2013/02/02 12:04:42 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 18.0.2\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components -> C:\Program Files\Mozilla Firefox\components [C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS] -> [2013/02/19 07:47:49 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins -> C:\Program Files\Mozilla Firefox\plugins [C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS] -> [2013/02/23 21:19:06 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 17.0.3\extensions ->  -> 
HKLM\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Components -> C:\Program Files\Mozilla Thunderbird\components [C:\PROGRAM FILES\MOZILLA THUNDERBIRD\COMPONENTS] -> [2013/02/24 13:43:23 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Thunderbird 17.0.3\extensions\\Plugins -> C:\PROGRAM FILES\MOZILLA THUNDERBIRD\PLUGINS -> 
< FireFox Extensions [User Folders] > -> 
  -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Mozilla\Extensions -> [2012/08/27 21:01:53 | 000,000,000 | ---D | M]
< FireFox Extensions [Program Folders] > -> 
  -> C:\Program Files\Mozilla Firefox\extensions -> [2013/02/19 07:47:04 | 000,000,000 | ---D | M]
< HOSTS File > ([2013/01/17 22:59:41 | 000,000,027 | ---- | M] - 1 lines) -> C:\WINDOWS\SYSTEM32\DRIVERS\ETC\hosts -> 
Reset Hosts
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{3049C3E9-B461-4BC5-8870-4C09146192CA} [HKLM] -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [RealNetworks Download and Record Plugin for Internet Explorer] -> [2012/11/29 20:33:04 | 000,539,888 | ---- | M] (RealDownloader)
{5CA3D70E-1895-11CF-8E15-001234567890} [HKLM] -> C:\WINDOWS\SYSTEM32\dla\tfswshx.dll [DriveLetterAccess] -> [2005/03/16 05:33:00 | 000,118,844 | ---- | M] (Sonic Solutions)
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> C:\Program Files\Java\jre7\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2013/02/23 10:08:04 | 000,461,216 | ---- | M] (Oracle Corporation)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll [Google Toolbar Notifier BHO] -> [2012/12/15 07:33:04 | 001,000,984 | ---- | M] (Google Inc.)
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2013/02/23 10:08:02 | 000,170,912 | ---- | M] (Oracle Corporation)
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Toolbar\ -> 
WebBrowser\\"{BA00B7B1-0351-477A-B948-23E3EE5A73D4}" [HKLM] -> Reg Error: Value error. [AOL Toolbar] -> File not found
WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar] -> File not found
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"APSDaemon" -> C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe ["C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"] -> [2012/11/28 14:13:16 | 000,059,280 | ---- | M] (Apple Inc.)
"ArcSoft Connection Service" -> C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe] -> [2010/10/27 19:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.)
"CTHelper" -> C:\WINDOWS\System32\CtHelper.exe [CTHELPER.EXE] -> [2007/04/09 12:32:32 | 000,019,456 | ---- | M] (Creative Technology Ltd)
"CTSysVol" -> C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe ["C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r] -> [2003/09/17 10:43:36 | 000,057,344 | ---- | M] (Creative Technology Ltd)
"EEventManager" -> C:\Program Files\Epson Software\Event Manager\EEventManager.exe ["C:\Program Files\Epson Software\Event Manager\EEventManager.exe"] -> [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION)
"LTCM Client" -> C:\Program Files\LTCM Client\ltcmClient.exe [C:\Program Files\LTCM Client\ltcmClient.exe /startup] -> [2009/08/05 12:36:18 | 001,596,096 | ---- | M] (Leader Technologies Inc.)
"MSC" -> c:\Program Files\Microsoft Security Client\msseces.exe ["c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey] -> [2012/09/12 17:19:44 | 000,947,176 | ---- | M] (Microsoft Corporation)
"tgcmd" -> C:\Program Files\Support.com\bin\tgcmd.exe ["C:\Program Files\Support.com\bin\tgcmd.exe" /server /startmonitor /deaf] -> [2005/10/18 14:33:12 | 001,921,024 | ---- | M] (SupportSoft, Inc.)
"TkBellExe" -> C:\program files\real\realplayer\update\realsched.exe ["C:\program files\real\realplayer\update\realsched.exe"  -osboot] -> [2013/02/02 12:03:36 | 000,295,072 | ---- | M] (RealNetworks, Inc.)
< Run [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"EPLTarget\P0000000000000000" -> C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBA.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus NX430"] -> [2013/02/16 14:50:37 | 000,249,440 | ---- | M] (SEIKO EPSON CORPORATION)
"SacReminder" -> C:\Documents and Settings\All Users\Application Data\OfficeGuardian\reminder\SacReminder.exe [C:\Documents and Settings\All Users\Application Data\OfficeGuardian\reminder\SacReminder.exe] -> [2009/02/20 12:22:35 | 000,821,056 | R--- | M] (SAC)
< Administrator Startup Folder > -> C:\Documents and Settings\Administrator\Start Menu\Programs\Startup -> 
< Alexandra Jachimczyk Startup Folder > -> C:\Documents and Settings\Alexandra Jachimczyk\Start Menu\Programs\Startup -> 
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk -> C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe -> [2011/02/23 16:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company)
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE -> [2000/01/21 03:15:54 | 000,065,588 | ---- | M] (Microsoft Corporation)
< Default User Startup Folder > -> C:\Documents and Settings\Default User\Start Menu\Programs\Startup -> 
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< Software Policy Settings [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
[URL="file://\\"HonorAutoRunSetting"]\\"HonorAutoRunSetting[/URL]" ->  [1] -> File not found
[URL="file://\\"NoCDBurning"]\\"NoCDBurning[/URL]" ->  [0] -> File not found
[URL="file://\\"NoDriveAutoRun"]\\"NoDriveAutoRun[/URL]" ->  [67108863] -> File not found
[URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [323] -> File not found
[URL="file://\\"NoDrives"]\\"NoDrives[/URL]" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
[URL="file://\\"InstallVisualStyle"]\\"InstallVisualStyle[/URL]" -> C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles [C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles] -> [2004/08/10 03:39:00 | 001,347,728 | ---- | M] (Microsoft)
[URL="file://\\"InstallTheme"]\\"InstallTheme[/URL]" -> C:\WINDOWS\Resources\Themes\Royale.Theme [C:\WINDOWS\Resources\Themes\Royale.theme] -> [2004/07/28 02:03:28 | 000,001,293 | ---- | M] ()
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
[URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [323] -> File not found
[URL="file://\\"NoDriveAutoRun"]\\"NoDriveAutoRun[/URL]" ->  [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
[URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [323] -> File not found
[URL="file://\\"NoDriveAutoRun"]\\"NoDriveAutoRun[/URL]" ->  [67108863] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-19] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
[URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-20] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
[URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [145] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
[URL="file://\\"NoDriveTypeAutoRun"]\\"NoDriveTypeAutoRun[/URL]" ->  [323] -> File not found
[URL="file://\\"NoDriveAutoRun"]\\"NoDriveAutoRun[/URL]" ->  [67108863] -> File not found
[URL="file://\\"NoDrives"]\\"NoDrives[/URL]" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] ->  [Reg Error: Key error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] ->  [Reg Error: Key error.] -> File not found
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value error.] -> File not found
CmdMapping\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] ->  [Reg Error: Key error.] -> File not found
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] ->  [Reg Error: Key error.] -> File not found
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4846 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4874 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4874 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4718 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4718 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 77 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5904 domain(s) found. -> 
objects_aol.com 
[*] -> Out of zone range - ( 5 ) -> 
aol.com%20and%20https .[http] -> Trusted sites -> 
www_mhvfcuebanking.com [https] -> Trusted sites -> 
www_microsoft.com [https] -> Trusted sites -> 
turbotax.com .[https] -> Trusted sites -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 78 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{01113300-3E00-11D2-8470-0060089874ED} [HKLM] -> [URL]http://www.activation.rr.com/install/download/tgctlcm.cab[/URL] [Support.com Configuration Class] -> 
{01A88BB1-1174-41EC-ACCB-963509EAE56B} [HKLM] -> [URL]http://support.dell.com/systemprofiler/SysPro.CAB[/URL] [SysProWmi Class] -> 
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> [URL]http://office.microsoft.com/sites/production/ieawsdc32.cab[/URL] [Microsoft Office Template and Media Control] -> 
{17492023-C23A-453E-A040-C7C580BBF700} [HKLM] -> [URL]http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab[/URL] [Windows Genuine Advantage Validation Tool] -> 
{37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} [HKLM] -> [URL]http://esupport.aol.com/help/acp2/engine/aolcoach_core_1.cab[/URL] [Reg Error: Key error.] -> 
{3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} [HKLM] -> [URL]http://office.microsoft.com/officeupdate/content/opuc3.cab[/URL] [Office Update Installation Engine] -> 
{4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} [HKLM] -> [URL]http://aolcc.aol.com/computercheckup/qdiagcc.cab[/URL] [Reg Error: Key error.] -> 
{4C39376E-FA9D-4349-BACC-D305C1750EF3} [HKLM] -> [URL]http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-3-48.cab[/URL] [Reg Error: Key error.] -> 
{6414512B-B978-451D-A0D8-FCFDF33E833C} [HKLM] -> [URL]http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1118701430265[/URL] [WUWebControl Class] -> 
{644E432F-49D3-41A1-8DD5-E099162EEEC5} [HKLM] -> [URL]http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab[/URL] [Reg Error: Key error.] -> 
{6715D12F-213F-4C6E-ACE1-8A363F550B96} [HKLM] -> [URL]http://aolsvc.aol.com/onlinegames/free-trial-doggie-dash/DoggieDash.1.0.0.6.cab[/URL] [CPlayFirstDoggieDashControl Object] -> 
{6A344D34-5231-452A-8A57-D064AC9B7862} [HKLM] -> [URL]https://webdl.symantec.com/activex/symdlmgr.cab[/URL] [Symantec Download Manager] -> 
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> [URL]http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345548205328[/URL] [MUWebControl Class] -> 
{6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} [HKLM] -> [URL]http://support.dell.com/systemprofiler/DellSystemLite.CAB[/URL] [Reg Error: Key error.] -> 
{6F750200-1362-4815-A476-88533DE61D0C} [HKLM] -> [URL]http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab[/URL] [Reg Error: Key error.] -> 
{6FE79ACA-A498-45E5-8BC4-1B9F380CE468} [HKLM] -> [URL]http://aolsvc.aol.com/onlinegames/ghadventureball/abxgh.cab[/URL] [Reg Error: Key error.] -> 
{74E4A24D-5224-4F05-8A41-99445E0FC22B} [HKLM] -> [URL]http://aolsvc.aol.com/onlinegames/free-trial-mind-medley/gamehouseplayer.cab[/URL] [Reg Error: Key error.] -> 
{7530BFB8-7293-4D34-9923-61A11451AFC5} [HKLM] -> [URL]http://download.eset.com/special/eos/OnlineScanner.cab[/URL] [OnlineScanner Control] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> [URL]http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab[/URL] [Java Plug-in 1.7.0_15] -> 
{94B82441-A413-4E43-8422-D49930E69764} [HKLM] -> [URL]https://echat.us.dell.com/Media/VisitorChat/TLIEFlash.CAB[/URL] [Reg Error: Key error.] -> 
{B516CA4E-A5BA-405C-AFCF-A97F08CC7429} [HKLM] -> [URL]http://aolsvc.aol.com/onlinegames/free-trial-burger-shop/GoBitGamesPlayer_v4.cab[/URL] [GoBit Games Player] -> 
{BAC761D3-DFFD-4DB4-A01D-173346E090A7} [HKLM] -> [URL]http://aolsvc.aol.com/onlinegames/free-trial-zenerchi/ZenerchiWeb.1.0.0.10.cab[/URL] [CPlayFirstzenerchiControl Object] -> 
{C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} [HKLM] -> [URL]http://support.dell.com/systemprofiler/DellSystemLite.CAB[/URL] [DellSystemLite.Scanner] -> 
{C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} [HKLM] -> [URL]http://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-31-0.cab[/URL] [Reg Error: Key error.] -> 
{CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} [HKLM] -> [URL]http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab[/URL] [Java Plug-in 1.7.0_15] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> [URL]http://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab[/URL] [Java Plug-in 1.7.0_15] -> 
{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} [HKLM] -> [URL]https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab[/URL] [Reg Error: Key error.] -> 
{D27CDB6E-AE6D-11CF-96B8-444553540000} [HKLM] -> [URL]https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab[/URL] [Shockwave Flash Object] -> 
{D441AB53-A39C-42AE-AB79-3C05B7298F34} [HKLM] -> [URL]http://aolsvc.aol.com/onlinegames/free-trial-astro-avenger-ii/AstroAvenger2Loader.cab[/URL] [Reg Error: Key error.] -> 
{DE625294-70E6-45ED-B895-CFFA13AEB044} [HKLM] -> [URL]http://24.97.152.19/activex/AMC.cab[/URL] [AxisMediaControlEmb Class] -> 
{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} [HKLM] -> [URL]http://www.popcap.com/webgames/popcaploader_v10.cab[/URL] [PopCapLoader Object] -> 
{E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> [URL]http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab[/URL] [Reg Error: Key error.] -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ -> 
DhcpNameServer -> 209.18.47.61 209.18.47.62 -> 
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{EC07AD45-4B6C-41AA-BD45-9ECA4D349186}\\DhcpNameServer -> 209.18.47.61 209.18.47.62   (Broadcom NetXtreme 57xx Gigabit Controller) -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\WINDOWS\explorer.exe -> [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit -> 
C:\WINDOWS\system32\userinit.exe -> C:\WINDOWS\SYSTEM32\userinit.exe -> [2008/04/13 19:12:38 | 000,026,112 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{56F9679E-7826-4C84-81F3-532071A8BCC5}" [HKLM] -> C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll [] -> [2009/05/24 22:41:34 | 000,304,128 | ---- | M] (Microsoft Corporation)
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}" [HKLM] -> C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [] -> [2011/07/18 19:02:18 | 000,113,024 | ---- | M] (SuperAdBlocker.com)
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"C:\Program Files\America Online 9.0\waol.exe" ->  [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL] -> File not found
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" ->  [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL] -> File not found
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" -> C:\Program Files\Common Files\AOL\System Information\sinf.exe [C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL] -> [2004/04/07 12:07:36 | 000,103,536 | ---- | M] (America Online, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" -> C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit] -> [2012/11/28 14:13:42 | 000,014,224 | ---- | M] (Apple Inc.)
"C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe" -> C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update v4 Shared Downloads Server] -> [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.)
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe" -> C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server] -> [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.)
"C:\Program Files\Epson Software\Event Manager\EEventManager.exe" -> C:\Program Files\Epson Software\Event Manager\EEventManager.exe [C:\Program Files\Epson Software\Event Manager\EEventManager.exe:*:Enabled:EEventManager Application] -> [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION)
"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe" -> C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare] -> [2011/02/23 16:11:22 | 000,323,584 | ---- | M] (Eastman Kodak Company)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe" -> C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe [C:\Program Files\TurboTax\Deluxe 2006\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax] -> [2007/03/08 00:25:56 | 009,950,760 | ---- | M] (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe" -> C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe [C:\Program Files\TurboTax\Deluxe 2006\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager] -> [2007/03/17 13:26:19 | 003,679,784 | ---- | M] (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe" -> C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe [C:\Program Files\TurboTax\Deluxe 2007\32bit\ttax.exe:LocalSubNet:Enabled:TurboTax] -> [2008/03/05 22:29:49 | 010,343,712 | ---- | M] (Intuit, Inc.)
"C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe" -> C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe [C:\Program Files\TurboTax\Deluxe 2007\32bit\updatemgr.exe:LocalSubNet:Enabled:TurboTax Update Manager] -> [2007/10/22 18:56:52 | 003,597,600 | ---- | M] (Intuit, Inc.)
"C:\Program Files\uTorrent\uTorrent.exe" -> C:\Program Files\uTorrent\uTorrent.exe [C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent] -> [2013/01/01 21:22:37 | 000,969,104 | ---- | M] (BitTorrent, Inc.)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> C:\AUTOEXEC.BAT [ NTFS ] -> [2004/08/19 16:07:14 | 000,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 
 
[Registry - Additional Scans - Safe List]
< Disabled MSConfig Folder Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\ -> 
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe -> [2003/10/29 02:06:00 | 000,024,576 | R--- | M] (BVRP Software)
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office\OSA9.EXE -> [2000/01/21 03:15:54 | 000,065,588 | ---- | M] (Microsoft Corporation)
C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe -> [2008/05/26 22:19:14 | 000,123,904 | ---- | M] (Microsoft Corporation)
< Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ -> 
Adobe ARM hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe -> [2012/12/03 02:35:28 | 000,946,352 | ---- | M] (Adobe Systems Incorporated)
CTDVDDET hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE -> [2003/06/18 01:00:00 | 000,045,056 | ---- | M] (Creative Technology Ltd)
ctfmon.exe hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->  -> File not found
Dell Photo AIO Printer 942 hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Dell Photo AIO Printer 942\dlbubmgr.exe -> [2005/02/03 08:08:54 | 000,294,912 | ---- | M] ()
DellMCM hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Dell Photo AIO Printer 942\memcard.exe -> [2004/07/27 14:08:22 | 000,262,144 | ---- | M] ()
DVDLauncher hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe -> [2006/04/06 09:51:04 | 000,049,152 | ---- | M] (CyberLink Corp.)
EEventManager hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Epson Software\Event Manager\EEventManager.exe -> [2010/10/12 13:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION)
IAAnotif hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe -> [2005/06/17 07:56:14 | 000,139,264 | ---- | M] (Intel Corporation)
ISUSPM Startup hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -> [2004/07/27 16:50:42 | 000,221,184 | ---- | M] (InstallShield Software Corporation)
ISUSScheduler hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe -> [2004/07/27 16:50:18 | 000,081,920 | ---- | M] (InstallShield Software Corporation)
iTunesHelper hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\iTunes\iTunesHelper.exe -> [2012/12/12 13:57:10 | 000,152,544 | ---- | M] (Apple Inc.)
Malwarebytes' Anti-Malware hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe -> [2012/12/14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation)
NvCplDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->  -> File not found
QuickTime Task hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\QuickTime\qttask.exe -> [2012/10/25 03:12:14 | 000,421,888 | ---- | M] (Apple Inc.)
SunJavaUpdateSched hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Common Files\Java\Java Update\jusched.exe -> [2012/07/03 09:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.)
SUPERAntiSpyware hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE -> [2012/11/08 16:06:47 | 004,763,008 | ---- | M] (SUPERAntiSpyware.com)
swg hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe -> [2009/02/11 20:02:35 | 000,039,408 | ---- | M] (Google Inc.)
TkBellExe hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\program files\real\realplayer\update\realsched.exe -> [2013/02/02 12:03:36 | 000,295,072 | ---- | M] (RealNetworks, Inc.)
UpdReg hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\Updreg.EXE -> [2000/05/11 01:00:00 | 000,090,112 | ---- | M] (Creative Technology Ltd.)
WMPNSCFG hkey=HKCU key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\Program Files\Windows Media Player\wmpnscfg.exe -> [2009/01/30 17:46:14 | 000,204,288 | ---- | M] (Microsoft Corporation)
< Disabled MSConfig State [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\state -> 
"bootini" -> 0 -> 
"services" -> 0 -> 
"startup" -> 2 -> 
"system.ini" -> 0 -> 
"win.ini" -> 0 -> 
 
[Files/Folders - Created Within 180 Days]
 Mozilla Thunderbird -> C:\Program Files\Mozilla Thunderbird -> [2013/02/24 13:43:23 | 000,000,000 | ---D | C]
 IsolatedStorage -> C:\Documents and Settings\NetworkService\Local Settings\Application Data\IsolatedStorage -> [2013/02/23 14:06:50 | 000,000,000 | ---D | C]
 TurboTax 2012 -> C:\Documents and Settings\All Users\Start Menu\Programs\TurboTax 2012 -> [2013/02/23 14:04:14 | 000,000,000 | ---D | C]
 javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2013/02/23 10:08:29 | 000,262,560 | ---- | C] (Oracle Corporation)
 javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2013/02/23 10:08:17 | 000,174,496 | ---- | C] (Oracle Corporation)
 java.exe -> C:\WINDOWS\System32\java.exe -> [2013/02/23 10:08:17 | 000,174,496 | ---- | C] (Oracle Corporation)
 WindowsAccessBridge.dll -> C:\WINDOWS\System32\WindowsAccessBridge.dll -> [2013/02/23 10:08:17 | 000,094,112 | ---- | C] (Oracle Corporation)
 Sun -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\Sun -> [2013/02/23 10:05:45 | 000,000,000 | ---D | C]
 Mozilla Firefox -> C:\Program Files\Mozilla Firefox -> [2013/02/19 07:47:04 | 000,000,000 | ---D | C]
 OfficeGuardian -> C:\Documents and Settings\All Users\Application Data\OfficeGuardian -> [2013/02/18 09:50:32 | 000,000,000 | ---D | C]
 Leader Technologies -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Leader Technologies -> [2013/02/17 23:10:10 | 000,000,000 | ---D | C]
 Java -> C:\Program Files\Common Files\Java -> [2013/02/17 19:58:13 | 000,000,000 | ---D | C]
 QuickTime -> C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime -> [2013/02/17 19:51:31 | 000,000,000 | ---D | C]
 QuickTime -> C:\Program Files\QuickTime -> [2013/02/17 19:51:06 | 000,000,000 | ---D | C]
 LTCM Client -> C:\Program Files\LTCM Client -> [2013/02/16 15:00:36 | 000,000,000 | ---D | C]
 Epson America Inc -> C:\Program Files\Epson America Inc -> [2013/02/16 14:54:14 | 000,000,000 | ---D | C]
 EPSON -> C:\Documents and Settings\All Users\Start Menu\Programs\EPSON -> [2013/02/16 14:52:06 | 000,000,000 | ---D | C]
 eswiaud.dll -> C:\WINDOWS\System32\eswiaud.dll -> [2013/02/16 14:52:05 | 000,342,016 | ---- | C] (Seiko Epson Corporation)
 esdevapp.exe -> C:\WINDOWS\System32\esdevapp.exe -> [2013/02/16 14:52:05 | 000,132,560 | ---- | C] (Seiko Epson Corporation)
 escdev.dll -> C:\WINDOWS\System32\escdev.dll -> [2013/02/16 14:52:05 | 000,012,800 | ---- | C] (Seiko Epson Corporation)
 System -> C:\Documents and Settings\Alexandra Jachimczyk\System -> [2013/02/12 22:14:36 | 000,000,000 | ---D | C]
 SmartDraw -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\SmartDraw -> [2013/02/12 22:14:36 | 000,000,000 | ---D | C]
 RealNetworks -> C:\Program Files\RealNetworks -> [2013/02/02 12:04:40 | 000,000,000 | ---D | C]
 RealNetworks -> C:\Documents and Settings\All Users\Application Data\RealNetworks -> [2013/02/02 12:04:37 | 000,000,000 | ---D | C]
 xing shared -> C:\Program Files\Common Files\xing shared -> [2013/02/02 12:04:14 | 000,000,000 | ---D | C]
 rmoc3260.dll -> C:\WINDOWS\System32\rmoc3260.dll -> [2013/02/02 12:03:58 | 000,201,424 | ---- | C] (RealNetworks, Inc.)
 pndx5016.dll -> C:\WINDOWS\System32\pndx5016.dll -> [2013/02/02 12:03:42 | 000,006,656 | ---- | C] (RealNetworks, Inc.)
 pndx5032.dll -> C:\WINDOWS\System32\pndx5032.dll -> [2013/02/02 12:03:42 | 000,005,632 | ---- | C] (RealNetworks, Inc.)
 RealNetworks -> C:\Documents and Settings\All Users\Start Menu\Programs\RealNetworks -> [2013/02/02 12:03:40 | 000,000,000 | ---D | C]
 RECYCLER -> C:\RECYCLER -> [2013/01/19 21:01:07 | 000,000,000 | -HSD | C]
 temp -> C:\WINDOWS\temp -> [2013/01/17 23:02:49 | 000,000,000 | ---D | C]
 SWREG.exe -> C:\WINDOWS\SWREG.exe -> [2013/01/17 22:49:10 | 000,518,144 | ---- | C] (SteelWerX)
 NIRCMD.exe -> C:\WINDOWS\NIRCMD.exe -> [2013/01/17 22:49:10 | 000,060,416 | ---- | C] (NirSoft)
 SWSC.exe -> C:\WINDOWS\SWSC.exe -> [2013/01/17 22:49:09 | 000,406,528 | ---- | C] (SteelWerX)
 SWXCACLS.exe -> C:\WINDOWS\SWXCACLS.exe -> [2013/01/17 22:49:09 | 000,212,480 | ---- | C] (SteelWerX)
 Qoobox -> C:\Qoobox -> [2013/01/17 22:48:52 | 000,000,000 | ---D | C]
 Amazon MP3 -> C:\Documents and Settings\Alexandra Jachimczyk\My Documents\Amazon MP3 -> [2013/01/01 15:23:50 | 000,000,000 | ---D | C]
 _OTL -> C:\_OTL -> [2012/12/11 14:41:43 | 000,000,000 | ---D | C]
 MpSigStub.exe -> C:\WINDOWS\System32\MpSigStub.exe -> [2012/12/10 21:59:44 | 000,232,336 | ---- | C] (Microsoft Corporation)
 cmdcons -> C:\cmdcons -> [2012/12/10 20:42:39 | 000,000,000 | RHSD | C]
 TDSSKiller_Quarantine -> C:\TDSSKiller_Quarantine -> [2012/12/09 18:29:22 | 000,000,000 | ---D | C]
 ERDNT -> C:\WINDOWS\ERDNT -> [2012/12/09 18:28:11 | 000,000,000 | ---D | C]
 wamregps.dll -> C:\WINDOWS\System32\dllcache\wamregps.dll -> [2012/12/07 16:24:35 | 000,007,168 | ---- | C] (Microsoft Corporation)
 s3legacy.dll -> C:\WINDOWS\System32\dllcache\s3legacy.dll -> [2012/12/07 16:24:23 | 000,066,048 | ---- | C] (Microsoft Corporation)
 inetsloc.dll -> C:\WINDOWS\System32\dllcache\inetsloc.dll -> [2012/12/07 16:24:13 | 000,019,968 | ---- | C] (Microsoft Corporation)
 inetmgr.exe -> C:\WINDOWS\System32\dllcache\inetmgr.exe -> [2012/12/07 16:24:13 | 000,007,680 | ---- | C] (Microsoft Corporation)
 iisui.dll -> C:\WINDOWS\System32\dllcache\iisui.dll -> [2012/12/07 16:24:12 | 000,169,984 | ---- | C] (Microsoft Corporation)
 iisreset.exe -> C:\WINDOWS\System32\dllcache\iisreset.exe -> [2012/12/07 16:24:11 | 000,014,336 | ---- | C] (Microsoft Corporation)
 iisrstap.dll -> C:\WINDOWS\System32\dllcache\iisrstap.dll -> [2012/12/07 16:24:11 | 000,005,632 | ---- | C] (Microsoft Corporation)
 ftpsapi2.dll -> C:\WINDOWS\System32\dllcache\ftpsapi2.dll -> [2012/12/07 16:24:10 | 000,006,144 | ---- | C] (Microsoft Corporation)
 certmap.ocx -> C:\WINDOWS\System32\dllcache\certmap.ocx -> [2012/12/07 16:24:04 | 000,094,720 | ---- | C] (Microsoft Corporation)
 CSC -> C:\WINDOWS\CSC -> [2012/12/04 18:45:00 | 000,000,000 | -HSD | C]
 E_FLBHBA.DLL -> C:\WINDOWS\System32\E_FLBHBA.DLL -> [2012/11/23 10:16:34 | 000,095,232 | ---- | C] (SEIKO EPSON CORPORATION)
 E_FD4BHBA.DLL -> C:\WINDOWS\System32\E_FD4BHBA.DLL -> [2012/11/23 10:16:34 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION)
 My Digital Editions -> C:\Documents and Settings\Alexandra Jachimczyk\My Documents\My Digital Editions -> [2012/11/13 21:34:37 | 000,000,000 | ---D | C]
 QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2012/10/25 03:12:26 | 000,094,208 | ---- | C] (Apple Inc.)
 QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2012/10/25 03:12:26 | 000,069,632 | ---- | C] (Apple Inc.)
 imapi2fs.dll -> C:\WINDOWS\System32\imapi2fs.dll -> [2012/10/05 22:08:28 | 000,465,920 | ---- | C] (Microsoft Corporation)
 imapi2fs.dll -> C:\WINDOWS\System32\dllcache\imapi2fs.dll -> [2012/10/05 22:08:28 | 000,465,920 | ---- | C] (Microsoft Corporation)
 imapi2.dll -> C:\WINDOWS\System32\imapi2.dll -> [2012/10/05 22:08:28 | 000,317,952 | ---- | C] (Microsoft Corporation)
 imapi2.dll -> C:\WINDOWS\System32\dllcache\imapi2.dll -> [2012/10/05 22:08:28 | 000,317,952 | ---- | C] (Microsoft Corporation)
 cdrom.sys -> C:\WINDOWS\System32\dllcache\cdrom.sys -> [2012/10/05 22:08:28 | 000,062,976 | ---- | C] (Microsoft Corporation)
 Iphone RingTones -> C:\Documents and Settings\Alexandra Jachimczyk\My Documents\Iphone RingTones -> [2012/08/28 21:20:22 | 000,000,000 | ---D | C]
 
[Files/Folders - Modified Within 180 Days]
 GoogleUpdateTaskMachineUA.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job -> [2013/02/24 13:37:00 | 000,000,886 | ---- | M] ()
 Adobe Flash Player Updater.job -> C:\WINDOWS\tasks\Adobe Flash Player Updater.job -> [2013/02/24 13:17:00 | 000,000,830 | ---- | M] ()
 User_Feed_Synchronization-{99BE4562-DD15-4050-9103-AA7BC77B85E8}.job -> C:\WINDOWS\tasks\User_Feed_Synchronization-{99BE4562-DD15-4050-9103-AA7BC77B85E8}.job -> [2013/02/24 10:47:25 | 000,000,452 | -H-- | M] ()
 Microsoft Antimalware Scheduled Scan.job -> C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job -> [2013/02/24 01:35:18 | 000,000,384 | -H-- | M] ()
 RealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> [2013/02/23 21:23:48 | 000,000,308 | ---- | M] ()
 RealPlayerRealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> [2013/02/23 21:23:43 | 000,000,316 | ---- | M] ()
 RealPlayerRealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> [2013/02/23 21:23:43 | 000,000,308 | ---- | M] ()
 WPA.DBL -> C:\WINDOWS\System32\WPA.DBL -> [2013/02/23 21:22:40 | 000,002,206 | ---- | M] ()
 GoogleUpdateTaskMachineCore.job -> C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job -> [2013/02/23 21:21:29 | 000,000,882 | ---- | M] ()
 BOOTSTAT.DAT -> C:\WINDOWS\BOOTSTAT.DAT -> [2013/02/23 21:21:15 | 000,002,048 | --S- | M] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2013/02/23 21:21:13 | 3219,296,256 | -HS- | M] ()
 FNTCACHE.DAT -> C:\WINDOWS\System32\FNTCACHE.DAT -> [2013/02/23 21:21:13 | 000,285,312 | ---- | M] ()
 BMXStateBkp-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> C:\WINDOWS\System32\BMXStateBkp-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> [2013/02/23 21:20:19 | 000,031,056 | ---- | M] ()
 BMXState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> C:\WINDOWS\System32\BMXState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> [2013/02/23 21:20:19 | 000,031,056 | ---- | M] ()
 BMXCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> C:\WINDOWS\System32\BMXCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> [2013/02/23 21:20:19 | 000,030,528 | ---- | M] ()
 BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> C:\WINDOWS\System32\BMXBkpCtrlState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> [2013/02/23 21:20:19 | 000,030,528 | ---- | M] ()
 DVCState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> C:\WINDOWS\System32\DVCState-{00000004-00000000-00000002-00001102-00000004-20061102}.rfx -> [2013/02/23 21:20:19 | 000,011,564 | ---- | M] ()
 Microsoft.SqlServer.Compact.400.32.bc -> C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc -> [2013/02/23 14:06:44 | 000,000,744 | ---- | M] ()
 TurboTax 2012.lnk -> C:\Documents and Settings\All Users\Desktop\TurboTax 2012.lnk -> [2013/02/23 14:04:14 | 000,001,880 | ---- | M] ()
 WindowsAccessBridge.dll -> C:\WINDOWS\System32\WindowsAccessBridge.dll -> [2013/02/23 10:08:04 | 000,094,112 | ---- | M] (Oracle Corporation)
 javaws.exe -> C:\WINDOWS\System32\javaws.exe -> [2013/02/23 10:08:01 | 000,262,560 | ---- | M] (Oracle Corporation)
 javaw.exe -> C:\WINDOWS\System32\javaw.exe -> [2013/02/23 10:08:01 | 000,174,496 | ---- | M] (Oracle Corporation)
 java.exe -> C:\WINDOWS\System32\java.exe -> [2013/02/23 10:08:01 | 000,174,496 | ---- | M] (Oracle Corporation)
 javacpl.cpl -> C:\WINDOWS\System32\javacpl.cpl -> [2013/02/23 10:08:01 | 000,143,872 | ---- | M] (Oracle Corporation)
 npdeployJava1.dll -> C:\WINDOWS\System32\npdeployJava1.dll -> [2013/02/23 10:08:00 | 000,861,088 | ---- | M] (Oracle Corporation)
 deployJava1.dll -> C:\WINDOWS\System32\deployJava1.dll -> [2013/02/23 10:08:00 | 000,782,240 | ---- | M] (Oracle Corporation)
 RealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> [2013/02/19 21:20:02 | 000,000,316 | ---- | M] ()
 AppleSoftwareUpdate.job -> C:\WINDOWS\tasks\AppleSoftwareUpdate.job -> [2013/02/18 18:12:00 | 000,000,284 | ---- | M] ()
 FlashPlayerApp.exe -> C:\WINDOWS\System32\FlashPlayerApp.exe -> [2013/02/17 20:00:11 | 000,691,568 | ---- | M] (Adobe Systems Incorporated)
 FlashPlayerCPLApp.cpl -> C:\WINDOWS\System32\FlashPlayerCPLApp.cpl -> [2013/02/17 20:00:11 | 000,071,024 | ---- | M] (Adobe Systems Incorporated)
 Epson Stylus NX430 User's Guide.lnk -> C:\Documents and Settings\All Users\Desktop\Epson Stylus NX430 User's Guide.lnk -> [2013/02/16 15:00:34 | 000,001,701 | ---- | M] ()
 EPSON Scan.lnk -> C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk -> [2013/02/16 14:52:06 | 000,000,665 | ---- | M] ()
 BOOT.INI -> C:\BOOT.INI -> [2013/02/15 08:51:46 | 000,000,325 | RHS- | M] ()
 imsins.BAK -> C:\WINDOWS\imsins.BAK -> [2013/02/13 03:05:34 | 000,001,374 | ---- | M] ()
 PERFH009.DAT -> C:\WINDOWS\System32\PERFH009.DAT -> [2013/02/13 03:02:51 | 000,504,048 | ---- | M] ()
 PERFC009.DAT -> C:\WINDOWS\System32\PERFC009.DAT -> [2013/02/13 03:02:51 | 000,087,462 | ---- | M] ()
 1330 - SWK560 Clinical Diagnosis & Treatment.url -> C:\Documents and Settings\Alexandra Jachimczyk\Desktop\1330 - SWK560 Clinical Diagnosis & Treatment.url -> [2013/02/11 19:11:47 | 000,000,284 | ---- | M] ()
 rmoc3260.dll -> C:\WINDOWS\System32\rmoc3260.dll -> [2013/02/02 12:03:58 | 000,201,424 | ---- | M] (RealNetworks, Inc.)
 pndx5016.dll -> C:\WINDOWS\System32\pndx5016.dll -> [2013/02/02 12:03:42 | 000,006,656 | ---- | M] (RealNetworks, Inc.)
 pndx5032.dll -> C:\WINDOWS\System32\pndx5032.dll -> [2013/02/02 12:03:42 | 000,005,632 | ---- | M] (RealNetworks, Inc.)
 pncrt.dll -> C:\WINDOWS\System32\pncrt.dll -> [2013/02/02 12:03:40 | 000,272,896 | ---- | M] (Progressive Networks)
 MpSigStub.exe -> C:\WINDOWS\System32\MpSigStub.exe -> [2013/01/30 05:53:21 | 000,232,336 | ---- | M] (Microsoft Corporation)
 oleaut32.dll -> C:\WINDOWS\System32\dllcache\oleaut32.dll -> [2013/01/25 22:55:44 | 000,552,448 | ---- | M] (Microsoft Corporation)
 hosts -> C:\WINDOWS\System32\drivers\ETC\hosts -> [2013/01/17 22:59:41 | 000,000,027 | ---- | M] ()
 Organizations.url -> C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Organizations.url -> [2013/01/10 18:41:03 | 000,000,266 | ---- | M] ()
 vgx.dll -> C:\WINDOWS\System32\dllcache\vgx.dll -> [2013/01/10 14:33:34 | 000,759,296 | ---- | M] (Microsoft Corporation)
 mshtml.dll -> C:\WINDOWS\System32\dllcache\mshtml.dll -> [2013/01/08 15:34:58 | 006,010,368 | ---- | M] (Microsoft Corporation)
 Communities.url -> C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Communities.url -> [2013/01/07 18:32:08 | 000,000,262 | ---- | M] ()
 ntoskrnl.exe -> C:\WINDOWS\System32\ntoskrnl.exe -> [2013/01/06 20:19:45 | 002,148,864 | ---- | M] (Microsoft Corporation)
 ntkrnlmp.exe -> C:\WINDOWS\System32\dllcache\ntkrnlmp.exe -> [2013/01/06 20:19:45 | 002,148,864 | ---- | M] (Microsoft Corporation)
 ntoskrnl.exe -> C:\WINDOWS\System32\dllcache\ntoskrnl.exe -> [2013/01/06 20:16:02 | 002,193,024 | ---- | M] (Microsoft Corporation)
 ntkrpamp.exe -> C:\WINDOWS\System32\dllcache\ntkrpamp.exe -> [2013/01/06 19:37:01 | 002,027,520 | ---- | M] (Microsoft Corporation)
 ntkrnlpa.exe -> C:\WINDOWS\System32\ntkrnlpa.exe -> [2013/01/06 19:37:01 | 002,027,520 | ---- | M] (Microsoft Corporation)
 ntkrnlpa.exe -> C:\WINDOWS\System32\dllcache\ntkrnlpa.exe -> [2013/01/06 19:36:58 | 002,069,760 | ---- | M] (Microsoft Corporation)
 win32k.sys -> C:\WINDOWS\System32\win32k.sys -> [2013/01/03 20:20:00 | 001,867,264 | ---- | M] (Microsoft Corporation)
 win32k.sys -> C:\WINDOWS\System32\dllcache\win32k.sys -> [2013/01/03 20:20:00 | 001,867,264 | ---- | M] (Microsoft Corporation)
 quartz.dll -> C:\WINDOWS\System32\dllcache\quartz.dll -> [2013/01/02 01:49:10 | 001,292,288 | ---- | M] ()
 urlmon.dll -> C:\WINDOWS\System32\dllcache\urlmon.dll -> [2012/12/26 15:16:29 | 001,212,928 | ---- | M] (Microsoft Corporation)
 wininet.dll -> C:\WINDOWS\System32\dllcache\wininet.dll -> [2012/12/26 15:16:29 | 000,916,480 | ---- | M] (Microsoft Corporation)
 msfeeds.dll -> C:\WINDOWS\System32\msfeeds.dll -> [2012/12/26 15:16:29 | 000,630,272 | ---- | M] (Microsoft Corporation)
 msfeeds.dll -> C:\WINDOWS\System32\dllcache\msfeeds.dll -> [2012/12/26 15:16:29 | 000,630,272 | ---- | M] (Microsoft Corporation)
 mstime.dll -> C:\WINDOWS\System32\mstime.dll -> [2012/12/26 15:16:29 | 000,611,840 | ---- | M] (Microsoft Corporation)
 mstime.dll -> C:\WINDOWS\System32\dllcache\mstime.dll -> [2012/12/26 15:16:29 | 000,611,840 | ---- | M] (Microsoft Corporation)
 occache.dll -> C:\WINDOWS\System32\dllcache\occache.dll -> [2012/12/26 15:16:29 | 000,206,848 | ---- | M] (Microsoft Corporation)
 url.dll -> C:\WINDOWS\System32\url.dll -> [2012/12/26 15:16:29 | 000,105,984 | ---- | M] (Microsoft Corporation)
 url.dll -> C:\WINDOWS\System32\dllcache\url.dll -> [2012/12/26 15:16:29 | 000,105,984 | ---- | M] (Microsoft Corporation)
 mshtmled.dll -> C:\WINDOWS\System32\dllcache\mshtmled.dll -> [2012/12/26 15:16:29 | 000,067,072 | ---- | M] (Microsoft Corporation)
 msfeedsbs.dll -> C:\WINDOWS\System32\msfeedsbs.dll -> [2012/12/26 15:16:29 | 000,055,296 | ---- | M] (Microsoft Corporation)
 msfeedsbs.dll -> C:\WINDOWS\System32\dllcache\msfeedsbs.dll -> [2012/12/26 15:16:29 | 000,055,296 | ---- | M] (Microsoft Corporation)
 ieframe.dll -> C:\WINDOWS\System32\dllcache\ieframe.dll -> [2012/12/26 15:16:28 | 011,111,424 | ---- | M] (Microsoft Corporation)
 iertutil.dll -> C:\WINDOWS\System32\dllcache\iertutil.dll -> [2012/12/26 15:16:28 | 002,004,992 | ---- | M] (Microsoft Corporation)
 inetcpl.cpl -> C:\WINDOWS\System32\inetcpl.cpl -> [2012/12/26 15:16:28 | 001,469,440 | ---- | M] (Microsoft Corporation)
 inetcpl.cpl -> C:\WINDOWS\System32\dllcache\inetcpl.cpl -> [2012/12/26 15:16:28 | 001,469,440 | ---- | M] (Microsoft Corporation)
 iedvtool.dll -> C:\WINDOWS\System32\dllcache\iedvtool.dll -> [2012/12/26 15:16:28 | 000,743,424 | ---- | M] (Microsoft Corporation)
 jsdbgui.dll -> C:\WINDOWS\System32\dllcache\jsdbgui.dll -> [2012/12/26 15:16:28 | 000,522,240 | ---- | M] (Microsoft Corporation)
 iedkcs32.dll -> C:\WINDOWS\System32\iedkcs32.dll -> [2012/12/26 15:16:28 | 000,387,584 | ---- | M] (Microsoft Corporation)
 iedkcs32.dll -> C:\WINDOWS\System32\dllcache\iedkcs32.dll -> [2012/12/26 15:16:28 | 000,387,584 | ---- | M] (Microsoft Corporation)
 iepeers.dll -> C:\WINDOWS\System32\iepeers.dll -> [2012/12/26 15:16:28 | 000,184,320 | ---- | M] (Microsoft Corporation)
 iepeers.dll -> C:\WINDOWS\System32\dllcache\iepeers.dll -> [2012/12/26 15:16:28 | 000,184,320 | ---- | M] (Microsoft Corporation)
 licmgr10.dll -> C:\WINDOWS\System32\licmgr10.dll -> [2012/12/26 15:16:28 | 000,043,520 | ---- | M] (Microsoft Corporation)
 licmgr10.dll -> C:\WINDOWS\System32\dllcache\licmgr10.dll -> [2012/12/26 15:16:28 | 000,043,520 | ---- | M] (Microsoft Corporation)
 jsproxy.dll -> C:\WINDOWS\System32\jsproxy.dll -> [2012/12/26 15:16:28 | 000,025,600 | ---- | M] (Microsoft Corporation)
 jsproxy.dll -> C:\WINDOWS\System32\dllcache\jsproxy.dll -> [2012/12/26 15:16:28 | 000,025,600 | ---- | M] (Microsoft Corporation)
 ie4uinit.exe -> C:\WINDOWS\System32\ie4uinit.exe -> [2012/12/24 01:41:10 | 000,174,080 | ---- | M] (Microsoft Corporation)
 ie4uinit.exe -> C:\WINDOWS\System32\dllcache\ie4uinit.exe -> [2012/12/24 01:41:10 | 000,174,080 | ---- | M] (Microsoft Corporation)
 html.iec -> C:\WINDOWS\System32\html.iec -> [2012/12/24 01:40:59 | 000,385,024 | ---- | M] (Microsoft Corporation)
 atmfd.dll -> C:\WINDOWS\System32\dllcache\atmfd.dll -> [2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated)
 atmfd.dll -> C:\WINDOWS\System32\atmfd.dll -> [2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated)
 ODBC.INI -> C:\WINDOWS\ODBC.INI -> [2012/12/14 22:43:56 | 000,000,376 | ---- | M] ()
 Microsoft Office.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk -> [2012/12/14 22:37:33 | 000,001,725 | ---- | M] ()
 mbam.sys -> C:\WINDOWS\System32\drivers\mbam.sys -> [2012/12/14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation)
 epplauncher.mif -> C:\WINDOWS\epplauncher.mif -> [2012/12/10 21:58:31 | 000,001,945 | ---- | M] ()
 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2012/12/06 18:49:08 | 000,030,720 | ---- | M] ()
 d3d8caps.dat -> C:\WINDOWS\System32\d3d8caps.dat -> [2012/12/04 08:00:30 | 000,000,552 | ---- | M] ()
 EEventManager.INI -> C:\WINDOWS\EEventManager.INI -> [2012/12/01 08:26:19 | 000,000,000 | ---- | M] ()
 {00000004-00000000-00000002-00001102-00000004-20061102}.CDF -> C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-20061102}.CDF -> [2012/11/30 22:33:10 | 004,935,331 | ---- | M] ()
 {00000004-00000000-00000002-00001102-00000004-20061102}.BAK -> C:\WINDOWS\{00000004-00000000-00000002-00001102-00000004-20061102}.BAK -> [2012/11/30 22:33:10 | 004,935,331 | ---- | M] ()
 Cat.DB -> C:\WINDOWS\System32\drivers\NIS\1309000.009\Cat.DB -> [2012/11/30 20:46:16 | 000,716,325 | ---- | M] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2012/11/29 23:15:15 | 000,000,742 | ---- | M] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2012/11/29 23:15:15 | 000,000,724 | ---- | M] ()
 mlfcache.dat -> C:\WINDOWS\System32\mlfcache.dat -> [2012/11/27 22:57:00 | 000,055,928 | -H-- | M] ()
 Cache.db -> C:\WINDOWS\System32\Cache.db -> [2012/11/26 08:01:13 | 000,003,072 | ---- | M] ()
 ESBK.mbb -> C:\Documents and Settings\All Users\Documents\ESBK.mbb -> [2012/11/23 13:28:35 | 007,933,952 | R--- | M] ()
 ESBK.mb -> C:\Documents and Settings\All Users\Documents\ESBK.mb -> [2012/11/23 13:28:35 | 004,398,080 | R--- | M] ()
 ENX430.ini -> C:\WINDOWS\ENX430.ini -> [2012/11/23 10:22:51 | 000,000,071 | ---- | M] ()
 Google Books Downloader.lnk -> C:\Documents and Settings\All Users\Desktop\Google Books Downloader.lnk -> [2012/11/21 22:02:15 | 000,000,775 | ---- | M] ()
 VT20121114.016 -> C:\WINDOWS\System32\drivers\NIS\1309000.009\VT20121114.016 -> [2012/11/16 06:43:37 | 000,013,946 | ---- | M] ()
 Google Chrome.lnk -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> [2012/11/12 14:54:03 | 000,001,791 | ---- | M] ()
 msxml6.dll -> C:\WINDOWS\System32\dllcache\msxml6.dll -> [2012/11/05 21:01:39 | 001,371,648 | ---- | M] (Microsoft Corporation)
 dpnet.dll -> C:\WINDOWS\System32\dpnet.dll -> [2012/11/01 21:02:42 | 000,375,296 | ---- | M] (Microsoft Corporation)
 dpnet.dll -> C:\WINDOWS\System32\dllcache\dpnet.dll -> [2012/11/01 21:02:42 | 000,375,296 | ---- | M] (Microsoft Corporation)
 dellstat.ini -> C:\WINDOWS\dellstat.ini -> [2012/11/01 11:49:10 | 000,001,824 | ---- | M] ()
 QuickTimeVR.qtx -> C:\WINDOWS\System32\QuickTimeVR.qtx -> [2012/10/25 03:12:26 | 000,094,208 | ---- | M] (Apple Inc.)
 QuickTime.qts -> C:\WINDOWS\System32\QuickTime.qts -> [2012/10/25 03:12:26 | 000,069,632 | ---- | M] (Apple Inc.)
 Kodak EasyShare software.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk -> [2012/10/05 22:10:14 | 000,001,837 | ---- | M] ()
 Kodak EasyShare.lnk -> C:\Documents and Settings\All Users\Desktop\Kodak EasyShare.lnk -> [2012/10/05 22:10:14 | 000,001,817 | ---- | M] ()
 logfile -> C:\logfile -> [2012/10/05 22:08:08 | 000,583,316 | ---- | M] ()
 kernel32.dll -> C:\WINDOWS\System32\dllcache\kernel32.dll -> [2012/10/02 23:58:13 | 000,990,208 | ---- | M] (Microsoft Corporation)
 synceng.dll -> C:\WINDOWS\System32\synceng.dll -> [2012/10/02 13:04:21 | 000,058,368 | ---- | M] (Microsoft Corporation)
 synceng.dll -> C:\WINDOWS\System32\dllcache\synceng.dll -> [2012/10/02 13:04:21 | 000,058,368 | ---- | M] (Microsoft Corporation)
 usbaaplrc.dll -> C:\WINDOWS\System32\usbaaplrc.dll -> [2012/09/28 10:32:56 | 005,989,776 | ---- | M] (Apple, Inc.)
 6 C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\*.tmp -> 
 6 C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\*.tmp -> 
 
[Files - No Company Name]
 TurboTax 2012.lnk -> C:\Documents and Settings\All Users\Desktop\TurboTax 2012.lnk -> [2013/02/23 14:04:14 | 000,001,880 | ---- | C] ()
 LTCM Client.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\LTCM Client.lnk -> [2013/02/16 15:00:36 | 000,001,619 | ---- | C] ()
 Epson Stylus NX430 User's Guide.lnk -> C:\Documents and Settings\All Users\Desktop\Epson Stylus NX430 User's Guide.lnk -> [2013/02/16 15:00:34 | 000,001,701 | ---- | C] ()
 EPSON Scan.lnk -> C:\Documents and Settings\All Users\Desktop\EPSON Scan.lnk -> [2013/02/16 14:52:06 | 000,000,665 | ---- | C] ()
 1330 - SWK560 Clinical Diagnosis & Treatment.url -> C:\Documents and Settings\Alexandra Jachimczyk\Desktop\1330 - SWK560 Clinical Diagnosis & Treatment.url -> [2013/02/07 22:47:53 | 000,000,284 | ---- | C] ()
 RealPlayerRealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> C:\WINDOWS\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> [2013/02/02 13:20:22 | 000,000,308 | ---- | C] ()
 RealPlayerRealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> C:\WINDOWS\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2885659742-3719046469-1376452676-1005.job -> [2013/02/02 13:20:21 | 000,000,316 | ---- | C] ()
 PEV.exe -> C:\WINDOWS\PEV.exe -> [2013/01/17 22:49:10 | 000,256,000 | ---- | C] ()
 MBR.exe -> C:\WINDOWS\MBR.exe -> [2013/01/17 22:49:10 | 000,208,896 | ---- | C] ()
 sed.exe -> C:\WINDOWS\sed.exe -> [2013/01/17 22:49:10 | 000,098,816 | ---- | C] ()
 grep.exe -> C:\WINDOWS\grep.exe -> [2013/01/17 22:49:10 | 000,080,412 | ---- | C] ()
 zip.exe -> C:\WINDOWS\zip.exe -> [2013/01/17 22:49:10 | 000,068,096 | ---- | C] ()
 FontCache3.0.0.0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat -> [2013/01/09 03:27:36 | 006,062,280 | ---- | C] ()
 Communities.url -> C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Communities.url -> [2013/01/07 18:32:08 | 000,000,262 | ---- | C] ()
 Organizations.url -> C:\Documents and Settings\Alexandra Jachimczyk\Desktop\Organizations.url -> [2013/01/07 18:31:07 | 000,000,266 | ---- | C] ()
 Microsoft Office.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk -> [2012/12/14 07:10:55 | 000,001,725 | ---- | C] ()
 Microsoft Antimalware Scheduled Scan.job -> C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job -> [2012/12/10 22:06:28 | 000,000,384 | -H-- | C] ()
 Boot.bak -> C:\Boot.bak -> [2012/12/10 20:42:46 | 000,000,209 | ---- | C] ()
 cmldr -> C:\cmldr -> [2012/12/10 20:42:43 | 000,260,272 | RHS- | C] ()
 hiberfil.sys -> C:\hiberfil.sys -> [2012/12/07 16:17:45 | 3219,296,256 | -HS- | C] ()
 epplauncher.mif -> C:\WINDOWS\epplauncher.mif -> [2012/12/04 20:53:49 | 000,001,945 | ---- | C] ()
 d3d8caps.dat -> C:\WINDOWS\System32\d3d8caps.dat -> [2012/12/04 08:00:30 | 000,000,552 | ---- | C] ()
 EEventManager.INI -> C:\WINDOWS\EEventManager.INI -> [2012/12/01 08:26:19 | 000,000,000 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk -> [2012/11/29 23:15:15 | 000,000,742 | ---- | C] ()
 Mozilla Firefox.lnk -> C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk -> [2012/11/29 23:15:14 | 000,000,724 | ---- | C] ()
 ENX430.ini -> C:\WINDOWS\ENX430.ini -> [2012/11/23 10:14:58 | 000,000,071 | ---- | C] ()
 Google Books Downloader.lnk -> C:\Documents and Settings\All Users\Desktop\Google Books Downloader.lnk -> [2012/11/21 22:02:14 | 000,000,775 | ---- | C] ()
 Google Chrome.lnk -> C:\Documents and Settings\Alexandra Jachimczyk\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> [2012/11/08 16:14:07 | 000,001,791 | ---- | C] ()
 Kodak EasyShare software.lnk -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Kodak EasyShare software.lnk -> [2012/10/05 22:10:14 | 000,001,837 | ---- | C] ()
 Kodak EasyShare.lnk -> C:\Documents and Settings\All Users\Desktop\Kodak EasyShare.lnk -> [2012/10/05 22:10:14 | 000,001,817 | ---- | C] ()
 Cache.db -> C:\WINDOWS\System32\Cache.db -> [2012/08/30 02:00:05 | 000,003,072 | ---- | C] ()
 HamsterAudioConverterSettings.cfg -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\HamsterAudioConverterSettings.cfg -> [2012/06/22 18:07:45 | 000,000,275 | ---- | C] ()
 installLang.ini -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\installLang.ini -> [2012/06/22 18:05:21 | 000,000,035 | ---- | C] ()
 show_all_body_parts-1.2-tb.xpi -> C:\Program Files\show_all_body_parts-1.2-tb.xpi -> [2012/06/03 07:33:03 | 000,002,297 | ---- | C] ()
 WPFFontCache_v0400-S-1-5-21-2885659742-3719046469-1376452676-1005-0.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-2885659742-3719046469-1376452676-1005-0.dat -> [2012/02/21 03:33:44 | 004,344,131 | ---- | C] ()
 WPFFontCache_v0400-System.dat -> C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat -> [2012/02/21 03:33:43 | 000,284,078 | ---- | C] ()
 Microsoft.SqlServer.Compact.400.32.bc -> C:\Documents and Settings\All Users\Application Data\Microsoft.SqlServer.Compact.400.32.bc -> [2012/02/20 11:21:39 | 000,000,744 | ---- | C] ()
 iacenc.dll -> C:\WINDOWS\System32\iacenc.dll -> [2012/02/16 00:27:26 | 000,003,072 | ---- | C] ()
 youtube2mp3.ini -> C:\WINDOWS\youtube2mp3.ini -> [2011/07/25 12:52:50 | 000,000,216 | ---- | C] ()
 atscie.msi -> C:\Documents and Settings\All Users\Application Data\atscie.msi -> [2011/05/21 18:19:33 | 008,892,928 | ---- | C] ()
 {96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini -> [2011/05/18 18:13:38 | 000,001,940 | ---- | C] ()
 {96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini -> C:\Documents and Settings\LocalService\Local Settings\Application Data\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini -> [2011/05/18 18:08:35 | 000,001,940 | ---- | C] ()
< End of report >
```


----------



## olabola (May 20, 2012)

I'm not sure why it posted like that, but if I need to fix anything let me know. Also, the forum timed out when I was in the middle of submitted the reply...strange right?


----------



## Cookiegal (Aug 27, 2003)

That's fine. I asked for 90 days and you did 180!  No problem though. I just wanted to be sure we went back to around the time we started this and that will definitely do it and then some. 

Did you put these in the Trusted Zone intentionally?

mhvfcuebanking.com
microsoft.com
turbotax.com

I would remove them as doing that gives them permission to override security measures on your computer. I'm not a fan of puttnig sites in the Trusted Zone. If they don't work without being there then the reason for that should be explored.

Start *OTS*. Copy/Paste the information in the code box below into the pane where it says *"Paste fix here"* and then click the "Run Fix" button.

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the OK button and Notepad will open with a log of actions taken during the fix. Post that information back here please.


```
[Kill All Processes]
[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer ToolBars [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{BA00B7B1-0351-477A-B948-23E3EE5A73D4}" [HKLM] -> Reg Error: Value error. [AOL Toolbar]
YN -> WebBrowser\\"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> Reg Error: Key error. [Yahoo! Toolbar]
< Internet Explorer Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.]
YN -> CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.]
YN -> CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.]
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Extensions\
YN -> CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] -> [Reg Error: Value error.]
YN -> CmdMapping\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}" [HKLM] -> [Reg Error: Key error.]
YN -> CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> [Reg Error: Key error.]
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\] > -> HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> objects_aol.com [*] -> Out of zone range - ( 5 )
YN -> aol.com%20and%20https .[http] -> Trusted sites
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
YN -> {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40} [HKLM] -> http://esupport.aol.com/help/acp2/en...ach_core_1.cab [Reg Error: Key error.]
YN -> {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} [HKLM] -> http://aolcc.aol.com/computercheckup/qdiagcc.cab [Reg Error: Key error.]
YN -> {4C39376E-FA9D-4349-BACC-D305C1750EF3} [HKLM] -> http://tools.ebayimg.com/eps/wl/acti..._v1-0-3-48.cab [Reg Error: Key error.]
YN -> {644E432F-49D3-41A1-8DD5-E099162EEEC5} [HKLM] -> http://security.symantec.com/sscv6/S.../bin/cabsa.cab [Reg Error: Key error.]
YN -> {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7} [HKLM] -> http://support.dell.com/systemprofil...SystemLite.CAB [Reg Error: Key error.]
YN -> {6F750200-1362-4815-A476-88533DE61D0C} [HKLM] -> http://www.kodakgallery.com/download...1/axofupld.cab [Reg Error: Key error.]
YN -> {6FE79ACA-A498-45E5-8BC4-1B9F380CE468} [HKLM] -> http://aolsvc.aol.com/onlinegames/gh...ball/abxgh.cab [Reg Error: Key error.]
YN -> {74E4A24D-5224-4F05-8A41-99445E0FC22B} [HKLM] -> http://aolsvc.aol.com/onlinegames/fr...ouseplayer.cab [Reg Error: Key error.]
YN -> {94B82441-A413-4E43-8422-D49930E69764} [HKLM] -> https://echat.us.dell.com/Media/Visi.../TLIEFlash.CAB [Reg Error: Key error.]
YN -> {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} [HKLM] -> http://tools.ebayimg.com/eps/wl/acti..._v1-0-31-0.cab [Reg Error: Key error.]
YN -> {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} [HKLM] -> https://www-secure.symantec.com/tech...l/SymAData.cab [Reg Error: Key error.]
YN -> {D441AB53-A39C-42AE-AB79-3C05B7298F34} [HKLM] -> http://aolsvc.aol.com/onlinegames/fr...ger2Loader.cab [Reg Error: Key error.]
YN -> {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [HKLM] -> http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab [Reg Error: Key error.]
[Registry - Additional Scans - Safe List]
< Disabled MSConfig Registry Items [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\
YN -> NvCplDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
YN -> UpdReg hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> C:\WINDOWS\Updreg.EXE
[Files/Folders - Modified Within 180 Days]
NY ->  6 C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\*.tmp files -> C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\*.tmp
[Empty Temp Folders]
[EmptyFlash]
[EmptyJava]
[Start Explorer]
[Reboot]
```


----------



## olabola (May 20, 2012)

I put mhvfcuebanking.com in the trusted zone because its my bank...
also, I noticed a bunch of new icons all over my documents thumbs???


----------



## olabola (May 20, 2012)

and desktop.ini?


----------



## olabola (May 20, 2012)

All Processes Killed
[Registry - Safe List]
Registry value HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA00B7B1-0351-477A-B948-23E3EE5A73D4} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA00B7B1-0351-477A-B948-23E3EE5A73D4}\ deleted successfully.
Registry value HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EF99BD32-C1FB-11D2-892F-0090271D4F88} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}\ not found.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}\ not found.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry value HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\ not found.
Registry value HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{4982D40A-C53B-4615-B15B-B5B5E98D167C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4982D40A-C53B-4615-B15B-B5B5E98D167C}\ not found.
Registry value HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CD67F990-D8E9-11d2-98FE-00C0F0318AFE}\ not found.
Registry value HKEY_USERS\S-1-5-21-2885659742-3719046469-1376452676-1005\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{FB5F1910-F110-11d2-BB9E-00C04F795683} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB5F1910-F110-11d2-BB9E-00C04F795683}\ not found.
Registry key HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\objects_aol.com\ not found.
Registry key HKEY_USERS\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\aol.com%20and%20https not found.
Starting removal of ActiveX control {37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37DF41B2-61DB-4CAC-A755-CFB3C7EE7F40}\ not found.
Starting removal of ActiveX control {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B}\ not found.
Starting removal of ActiveX control {4C39376E-FA9D-4349-BACC-D305C1750EF3}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4C39376E-FA9D-4349-BACC-D305C1750EF3}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{4C39376E-FA9D-4349-BACC-D305C1750EF3}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4C39376E-FA9D-4349-BACC-D305C1750EF3}\ not found.
Starting removal of ActiveX control {644E432F-49D3-41A1-8DD5-E099162EEEC5}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{644E432F-49D3-41A1-8DD5-E099162EEEC5}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{644E432F-49D3-41A1-8DD5-E099162EEEC5}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{644E432F-49D3-41A1-8DD5-E099162EEEC5}\ not found.
Starting removal of ActiveX control {6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F6FDB9E-5072-498C-BCB0-2B7F00C49EE7}\ not found.
Starting removal of ActiveX control {6F750200-1362-4815-A476-88533DE61D0C}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6F750200-1362-4815-A476-88533DE61D0C}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6F750200-1362-4815-A476-88533DE61D0C}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F750200-1362-4815-A476-88533DE61D0C}\ not found.
Starting removal of ActiveX control {6FE79ACA-A498-45E5-8BC4-1B9F380CE468}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6FE79ACA-A498-45E5-8BC4-1B9F380CE468}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6FE79ACA-A498-45E5-8BC4-1B9F380CE468}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FE79ACA-A498-45E5-8BC4-1B9F380CE468}\ not found.
Starting removal of ActiveX control {74E4A24D-5224-4F05-8A41-99445E0FC22B}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74E4A24D-5224-4F05-8A41-99445E0FC22B}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{74E4A24D-5224-4F05-8A41-99445E0FC22B}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{74E4A24D-5224-4F05-8A41-99445E0FC22B}\ not found.
Starting removal of ActiveX control {94B82441-A413-4E43-8422-D49930E69764}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{94B82441-A413-4E43-8422-D49930E69764}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{94B82441-A413-4E43-8422-D49930E69764}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94B82441-A413-4E43-8422-D49930E69764}\ not found.
Starting removal of ActiveX control {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB}\ not found.
Starting removal of ActiveX control {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE28D5D2-60CF-4C7D-9FE8-0F47A3308078}\ not found.
Starting removal of ActiveX control {D441AB53-A39C-42AE-AB79-3C05B7298F34}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D441AB53-A39C-42AE-AB79-3C05B7298F34}\Contains\Files\ not found.
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{D441AB53-A39C-42AE-AB79-3C05B7298F34}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D441AB53-A39C-42AE-AB79-3C05B7298F34}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
Registry error reading value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\DownloadInformation\\INF .
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
[Registry - Additional Scans - Safe List]
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ not found.
File not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdReg hkey=HKLM key=SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ not found.
File not found.
[Files/Folders - Modified Within 180 Days]
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\GLB30.tmp deleted successfully.
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\RD53.tmp deleted successfully.
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\RD5B.tmp deleted successfully.
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\RDEA.tmp deleted successfully.
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\Set25.tmp deleted successfully.
File delete failed. C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2DFC.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2E0A.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2E68.tmp scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2E76.tmp scheduled to be deleted on reboot.
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF54F7.tmp deleted successfully.
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DFF71E.tmp deleted successfully.
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~nsu.tmp folder deleted successfully.
[Empty Temp Folders]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Alexandra Jachimczyk
->Temp folder emptied: 87458220 bytes
->Temporary Internet Files folder emptied: 123489526 bytes
->Java cache emptied: 5636141 bytes
->FireFox cache emptied: 146079060 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 5332116 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
->Flash cache emptied: 56502 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 155236 bytes
->Temporary Internet Files folder emptied: 82054 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 441285 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 13881663 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 530520721 bytes

Total Files Cleaned = 871.00 mb

[EMPTYFLASH]

User: Administrator

User: Alexandra Jachimczyk
->Flash cache emptied: 0 bytes

User: All Users

User: Default User
->Flash cache emptied: 0 bytes

User: LocalService

User: NetworkService

Total Flash Files Cleaned = 0.00 mb

[EMPTYJAVA]

User: Administrator

User: Alexandra Jachimczyk
->Java cache emptied: 0 bytes

User: All Users

User: Default User

User: LocalService

User: NetworkService

Total Java Files Cleaned = 0.00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.47.2 fix logfile created on 02242013_161344
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2DFC.tmp not found!
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2E0A.tmp not found!
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2E68.tmp not found!
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\temp\~DF2E76.tmp not found!
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Temp\~DF54F7.tmp not found!
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Temp\~DFF71E.tmp not found!
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Temporary Internet Files\Content.IE5\ZCQQT8C9\1079439-ie-8-firefox-wont-even-23[1].html not found!
File\Folder C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Temporary Internet Files\Content.IE5\X3YZY815\si[7].htm not found!
C:\Documents and Settings\Alexandra Jachimczyk\Local Settings\Temporary Internet Files\Content.IE5\3S5W27D7\si[4].htm moved successfully.
Registry entries deleted on Reboot...


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> I put mhvfcuebanking.com in the trusted zone because its my bank...


Yes but does it need to be there to work?


> also, I noticed a bunch of new icons all over my documents thumbs???


Yes, that's normal. It's because files have been unhidden. That should return to normal (meaning the thumbs.db and the desktop.ini files will disappear again) after we run ComboFix's uninstaller to close this out.

So everything seems to be in order now. Are there any other problems?


----------



## olabola (May 20, 2012)

I dont know if MHVFCU needs to be there to work...I put it there such a long time ago that i really dont know. I can take the other ones out I guess. I think I was trying to prevent the securit warnings that seem to plague IE... Is there a way to know which times I should ignore them or not? I get them on a regular basis about secure content?

Also, I am still getting a black screen in the beginning when I reboot that seems to give me a few seconds to choose if I want to reboot in a different mode if I want to, is that normal? I thought you had to hit F8 to see that screen? And, the System Configuration Utility pops up on every reboot but I just ignore it.

Thanks


----------



## olabola (May 20, 2012)

Also, what do I do with all the logs and programs I downloaded along the way?


----------



## Cookiegal (Aug 27, 2003)

The IE8 alerts are for security reasons but you can turn them off by enabling mixed content. I don't recommend it but it's your choice. To do that:

In IE go to *Tools *- *Internet Options* - *Security zone *then click on the *Security *tab. Click the *Custom Level* button and under *Miscellaneous *change "*Display mixed content*" to *Enable*.

I think what you're referring to is the option to boot to the Recovery Console that we installed when using ComboFix. It's recommended to leave that there as it can be instrumental in recovering the system in the event of failure. It only gives you a couple of second to select it and then it boots to Windows automatically. If that's a problem for you we can uninstall the Recovery Console.


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Also, what do I do with all the logs and programs I downloaded along the way?


We will uninstall them in the final steps.


----------



## olabola (May 20, 2012)

Cookiegal said:


> The IE8 alerts are for security reasons but you can turn them off by enabling mixed content. I don't recommend it but it's your choice. To do that:
> 
> In IE go to *Tools *- *Internet Options* - *Security zone *then click on the *Security *tab. Click the *Custom Level* button and under *Miscellaneous *change "*Display mixed content*" to *Enable*.
> 
> I think what you're referring to is the option to boot to the Recovery Console that we installed when using ComboFix. It's recommended to leave that there as it can be instrumental in recovering the system in the event of failure. It only gives you a couple of second to select it and then it boots to Windows automatically. If that's a problem for you we can uninstall the Recovery Console.


I certainly don't want to do something you dont recommend, but I read somewhere that IE has overly restrictive security? I will not be changing the security settings, but is there a way to know when a site is safe and its ok to allow the content? What are the repercussions of saying yes or no? Sometimes I really dont notice a difference between the two.

As for the recovery console, I am totally cool with that, I just wanted to be sure it was supposed to be there.


----------



## olabola (May 20, 2012)

Cookiegal said:


> Did you put these in the Trusted Zone intentionally?
> 
> mhvfcuebanking.com
> microsoft.com
> ...


I took the three addresses out of the trusted zone like you said, but I noticed that my security level is custom anyway, should it be?


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> I certainly don't want to do something you dont recommend, but I read somewhere that IE has overly restrictive security? I will not be changing the security settings, but is there a way to know when a site is safe and its ok to allow the content? What are the repercussions of saying yes or no? Sometimes I really dont notice a difference between the two.


"Overly restrictive" is in the eye of the beholder I guess. If those settings protect you from a malicious exploit then it wouldn't be considered "overly restrictive". Here's a link explaining the "mixed content". As you can see, there is a danger of a crossover where secure information (passwords, etc.) can be accessible to a non-secure area of the site that can possibly be exploited.


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> I took the three addresses out of the trusted zone like you said, but I noticed that my security level is custom anyway, should it be?


Custom just means that you've altered some settings and that can be to harden your security (which indeed is a good thing) or to weaken your security (in which case the default settings would probably be better) but without knowing which settings have been changed I have no way of knowing whether your custom settings are better than the default ones.


----------



## olabola (May 20, 2012)

Cookiegal said:


> "Overly restrictive" is in the eye of the beholder I guess. If those settings protect you from a malicious exploit then it wouldn't be considered "overly restrictive". Here's a link explaining the "mixed content". As you can see, there is a danger of a crossover where secure information (passwords, etc.) can be accessible to a non-secure area of the site that can possibly be exploited.


Where is the link? I would love to read the article.

Oh...I ran AdwCleaner and it found a bunch of cookies and it ate them all up


----------



## olabola (May 20, 2012)

Cookiegal said:


> Custom just means that you've altered some settings and that can be to harden your security (which indeed is a good thing) or to weaken your security (in which case the default settings would probably be better) but without knowing which settings have been changed I have no way of knowing whether your custom settings are better than the default ones.


Hmmm, is there a way for me to show you my settings? Could it be that my settings are wrong?


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Where is the link? I would love to read the article.
> 
> Oh...I ran AdwCleaner and it found a bunch of cookies and it ate them all up


Whoops, sorry. Here it is:

http://msdn.microsoft.com/en-us/library/ee264315(v=vs.85).aspx


----------



## Cookiegal (Aug 27, 2003)

olabola said:


> Hmmm, is there a way for me to show you my settings? Could it be that my settings are wrong?


That would take a long time to go through to compare each setting. You could set the browser back to defaults and then start fresh with any changes you wish to make.

http://support.microsoft.com/kb/923737


----------



## olabola (May 20, 2012)

OK, thanks! I put those two links in my favorites and will check it out. Anything else I should look into?


----------



## Cookiegal (Aug 27, 2003)

If you have a file named mbr.dat on your desktop, you can delete it. It's a back up copy of the mbr created by one of the tools we ran.

If after carrying out the following instructions there are any more programs that we used left please post what they are and I'll tell you how to remove them.

Here are some final instructions for you.

As with any infection, I recommend that you change all passwords for logging into to sites that you use on your computer as a precaution.

*Follow these steps to uninstall Combofix and all of its files and components.*

 Click *START* then *RUN*
 Now type *ComboFix /uninstall* in the runbox and click *OK*. Note the *space* between the *X* and the */uninstall*, it needs to be there (the screenshot is just for illustration purposes but the actual command uses the entire word "uninstall" and not just the "u" as shown in the picture).










Please open OTS again and click on the button that says "CleanUp" at the top. This will remove some of the tools we've used and will also uninstall the OTS program.

Now you should turn system restore off to flush out all previous system restore points, then turn it back on and create a new restore point:

To turn off system restore, on the Desktop, right click on *My Computer* and click on *Properties.*
Click the *System Restore* tab.
Check *Turn off System Restore.*
Click Apply and then click OK.

Restart your computer, turn System Restore back on and create a restore point.

To create a new restore point, click on *Start*  *All Programs*  *Accessories*  *System Tools* and then select *System Restore*.

In the System Restore wizard, select *Create a restore point* and click the Next button.

Type a name for your new restore point then click on Create.


----------



## olabola (May 20, 2012)

There was no mbr file that I could find and I was able to create the system restore point like you said. And I think the ComboFix program was successfully uninstalled and OTS cleaned up itself too.

I actually have a folder I created at the beginning of this thread that has all the programs and files that were downloaded so I will put up a screen shot of what's in there.


----------



## Cookiegal (Aug 27, 2003)

The cleanup process should have uninstalled some of those.

Let me know just the ones that haven't been uninstalled.


----------



## olabola (May 20, 2012)

Cookiegal said:


> The cleanup process should have uninstalled some of those.
> 
> Let me know just the ones that haven't been uninstalled.


What do you mean? The ones that you see are all still on my desktop.


----------



## Cookiegal (Aug 27, 2003)

I failed to notice that you had created a special folder for the programs. This should not have been done. They are supposed to run directly frm the desktop. That may be why the cleanup routine from OTS didn't remove them. You did run the OTS cleanup routine didn't you?


----------



## olabola (May 20, 2012)

Cookiegal said:


> I failed to notice that you had created a special folder for the programs. This should not have been done. They are supposed to run directly frm the desktop. That may be why the cleanup routine from OTS didn't remove them. You did run the OTS cleanup routine didn't you?


Yes I ran the OTS cleanup that you explained earlier.

The folder I created was right on the desktop, just so all the logs and programs wouldnt be scattered all over the desktop...(my OCD was having trouble with all the clutter).


----------



## olabola (May 20, 2012)

Is this really bad? Have I caused any major damage to my system?


----------



## Cookiegal (Aug 27, 2003)

No it wouldn't cause any damage to your system, just a little more work for me. 

*Erunt*:
This should be listed in the Control Panel - Add or Remove Programs so uninstall it from there.

*AdwCleaner*: 
Double-click the program to open it and then click on the button that says "uninstall" and yes to the prompt asking if you want to delete the program.

*GMER*:
Drag both of those GMER files to the Recycle Bin. There should also be a log called *ark.txt* that you probably saved it in that log folder so you can delete that as well.

Drag these to the Recycle Bin:
*FarbarServiceScanner*
*HijackThis*
*mseinstall*
*Norton Internet Security* (this is just a shortcut so you can delete ityou shouldn't have NIS installed)
*Norton_Removal_Tool*
*NTREGOPT *(this is just a shortcut.you can delete the original as well from wherever you saved it.probably on the desktop)
*NRnR*
*Revo Uninstaller* (this is just a shortcut so you can delete it but the program should be listed in the Control Panel - Add or Remove Programs so you can uninstall it from there.
*VBRun60*
*DDS Scan* - also delete the logs* dds.txt *and *attach.txt*

*MalwareBytes *and *SuperAntiSpyware* are shortcuts and can be deleted from that location. I recommend keeping those programs and updating and running them regularly but if you don't want both then I'd say keep MalwareBytes. If you want to uninstall *SAS *then it should be in the Control Panel - Add or Remove Programs so you would uninstall it from there.


----------



## olabola (May 20, 2012)

Cookiegal said:


> No it wouldn't cause any damage to your system, just a little more work for me.
> 
> *Erunt*:
> This should be listed in the Control Panel - Add or Remove Programs so uninstall it from there.
> ...


I noticed that you say "this is just a shortcut" but what if I have no idea where the program is? Whenever I was prompted to save, I always saved in that folder and no where else, and I know deleting the shortcut does nothing to the actual program.


----------



## Cookiegal (Aug 27, 2003)

With the exception of NTREGOPT they should all be in Program Files so that means once you uinstall them through the Control Panel - Add or Remove programs they will be gone.

You can do a search for NTREGOPT to see where it's located.


----------



## throoper (Jan 20, 2007)

olabola said:


> And, the System Configuration Utility pops up on every reboot but I just ignore it.


To get rid of that little annoyance, next time you reboot and it pops up place a check by "Don't show this message..." and click OK.


----------



## olabola (May 20, 2012)

ok, all i have left are some left over logs and the two programs you mentioned that I want to keep.


----------



## olabola (May 20, 2012)

throoper said:


> To get rid of that little annoyance, next time you reboot and it pops up place a check by "Don't show this message..." and click OK.


its not that its an annoyance its more that I want to be sure that everything is taken care of...that the computer is back to working order, or better


----------



## Cookiegal (Aug 27, 2003)

Thanks throoper and sorry olabola that I forgot to answer that question.


----------



## Cookiegal (Aug 27, 2003)

It sounds like you're in good shape now.


----------



## olabola (May 20, 2012)

So, I ignore the black screen in the beginning?
Click "dont show this message" on the System Config or do I need to actually do something with it?
Also, for some strange reason the icons for my printer are staying on in the bottom right even though I turned off the printer (which was not the case before).

Anything else I need to do?


----------



## throoper (Jan 20, 2007)

olabola said:


> So, I ignore the black screen in the beginning?


Yes. It should be the option to boot to the Recovery Console and can be ignored.


> Click "dont show this message" on the System Config or do I need to actually do something with it?


Just check the box and click OK and it won't show up again until the next time you make changes in MSCONFIG.
You don't need to do anything else. 


> Also, for some strange reason the icons for my printer are staying on in the bottom right even though I turned off the printer (which was not the case before).


The icons are for the software for the printer. Even when the printer is powered off, the program continues to run. Doesn't hurt anything, but I'll see if I can find a way to exit the program.



> Anything else I need to do?


I think you might be done, but wait for Cookiegal to OK it.
And don't forget the profuse "Thank You's" to her for performing a miracle in saving your computer.


----------



## Cookiegal (Aug 27, 2003)

Looks like you're good to go. :up:


----------



## olabola (May 20, 2012)

It's hard to believe that I am actually done...I will kinda miss you guys  But, I am sooooo grateful for everyone's hard work and patience with me and all my questions. I know my PC was on the edge of a cliff and it was saved from falling over! 

 Cookiegal, I really cant thank you enough for your help and really awesome step by step directions, Thank You! Thank You! Thank You! 

Throoper, thanks for stepping in when I wasn't "getting it" and helped me push through! 

And, Triple6, thank you for your help with the USB and printer problems, what a mess that was! But, it was figured out and I know what to do now. I might be looking out for you when I get that card! 

Well, unless there is anything else I need to do, I will close this thread as solved, right?


----------



## Cookiegal (Aug 27, 2003)

It was my pleasure. 

Yes, you can go ahead and mark this solved now.


----------



## olabola (May 20, 2012)

Thanks again to all


----------



## Cookiegal (Aug 27, 2003)

:up:


----------

