Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't log in to bleeping computer


  • This topic is locked This topic is locked
75 replies to this topic

#1 chaknik

chaknik

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 24 February 2013 - 07:07 PM

I just registered on BleepingComputer and started a new post with my situation. As I tried to post the topic, my browser timed out as it has done hundreds of times lately. That is why I seek help now. I'll try to post some log files from OTL that I got from Geeks2go. If anyone can help, it will be greatly appreciated. Here are the OTL files:
 
 
OTL logfile created on: 2/24/2013 12:18:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\FREDA\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.25 Gb Total Physical Memory | 2.56 Gb Available Physical Memory | 78.85% Memory free
7.07 Gb Paging File | 6.43 Gb Available in Paging File | 90.96% Paging File free
Paging file location(s): C:\pagefile.sys 4096 12288 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.72 Gb Total Space | 216.44 Gb Free Space | 46.47% Space Free | Partition Type: NTFS
 
Computer Name: FREDA | User Name: FREDA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/02/24 12:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FREDA\Desktop\OTL.exe
PRC - [2013/02/14 08:11:32 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2013/02/10 15:43:57 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
PRC - [2013/01/31 09:11:58 | 000,542,632 | ---- | M] (Lavasoft) -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe
PRC - [2012/08/01 03:48:54 | 002,345,592 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgtray.exe
PRC - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2011/09/09 02:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgnsx.exe
PRC - [2011/08/18 00:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgrsx.exe
PRC - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2011/06/10 17:21:58 | 000,210,568 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\attcm_AppStart.exe
PRC - [2011/05/31 17:38:30 | 000,167,280 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe
PRC - [2011/05/23 13:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgchsvx.exe
PRC - [2011/05/20 13:36:30 | 000,238,960 | ---- | M] (Sierra Wireless, Inc.) -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe
PRC - [2011/03/28 02:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgcsrvx.exe
PRC - [2011/03/16 15:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgemcx.exe
PRC - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG10\avgwdsvc.exe
PRC - [2009/11/23 18:53:58 | 004,781,352 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchUser.exe
PRC - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\WTouch\WTouchService.exe
PRC - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\Pen_Tablet.exe
PRC - [2009/11/23 18:53:56 | 001,823,528 | ---- | M] (Wacom Technology, Corp.) -- C:\WINDOWS\system32\WTablet\Pen_TabletUser.exe
PRC - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) -- C:\Program Files\Canon\CAL\CALMAIN.exe
PRC - [2008/10/04 12:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe
PRC - [2008/04/14 06:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/14 06:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/06/10 17:22:10 | 001,048,512 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\wxmsw28u_core_vc_custom.dll
MOD - [2011/06/10 17:22:10 | 000,726,976 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\wxbase28u_vc_custom.dll
MOD - [2011/06/10 17:22:10 | 000,394,176 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\WebClient.dll
MOD - [2011/06/10 17:22:08 | 000,861,120 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\UIToolkit.dll
MOD - [2011/06/10 17:22:08 | 000,608,704 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Toolkit.dll
MOD - [2011/06/10 17:22:08 | 000,147,904 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\pcre3.dll
MOD - [2011/06/10 17:22:08 | 000,099,776 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\System.dll
MOD - [2011/06/10 17:22:08 | 000,049,600 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Preferences.dll
MOD - [2011/06/10 17:22:06 | 000,132,032 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Discovery.dll
MOD - [2011/06/10 17:22:06 | 000,061,888 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\DriveDetector.dll
MOD - [2011/06/10 17:22:04 | 000,360,896 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\Device.dll
MOD - [2011/06/10 17:22:02 | 000,247,744 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\DB.dll
MOD - [2011/06/10 17:22:00 | 000,097,216 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ComCore.dll
MOD - [2011/06/10 17:21:58 | 000,210,568 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\attcm_AppStart.exe
MOD - [2011/06/10 17:11:30 | 000,033,280 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryGeneric.plugin
MOD - [2011/06/10 17:11:26 | 000,028,160 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryMobileBroadband.plugin
MOD - [2011/06/10 17:11:22 | 000,029,696 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryVPorts.plugin
MOD - [2011/06/10 17:11:22 | 000,018,944 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\DiscoveryNdis.plugin
MOD - [2011/06/10 17:08:54 | 000,016,896 | ---- | M] () -- C:\Program Files\AT&T\AT&T Communication Manager\ressources\plugins\ContextSwitcher.plugin
MOD - [2011/02/10 06:55:18 | 001,148,256 | ---- | M] () -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2006/08/18 13:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
 
 
========== Services (SafeList) ==========
 
SRV - [2013/02/14 08:11:32 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2013/02/10 15:43:57 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/02/09 21:48:01 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/05 17:08:06 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Stopped] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/01/31 15:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/11 17:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011/05/31 17:38:30 | 000,167,280 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe -- (IERA)
SRV - [2011/05/20 13:36:30 | 000,238,960 | ---- | M] (Sierra Wireless, Inc.) [Auto | Running] -- C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe -- (SwiCardDetectSvc)
SRV - [2011/02/08 04:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2009/11/23 18:53:58 | 000,113,448 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009/11/23 18:53:56 | 004,497,704 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\WINDOWS\system32\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2009/09/08 16:25:52 | 000,096,334 | ---- | M] (Canon Inc.) [Auto | Running] -- C:\Program Files\Canon\CAL\CALMAIN.exe -- (CCALib8)
SRV - [2009/03/31 22:54:48 | 000,016,680 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe -- (GoToAssist)
SRV - [2008/11/22 00:25:46 | 000,094,208 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\IcdSptSv.exe -- (ICDSPTSV)
SRV - [2008/10/04 12:58:04 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2008/04/14 06:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 06:00:00 | 000,015,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2004/10/22 03:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [File_System | Auto | Stopped] --  -- (StarOpen)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS -- (MRESP50a64)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS -- (MREMP50a64)
DRV - File not found [Kernel | Auto | Stopped] --  -- (mdmxsdk)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | System | Stopped] --  -- (cdrbsvsd)
DRV - [2013/02/24 11:49:20 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/02/20 15:52:58 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gfibto.sys -- (gfibto)
DRV - [2012/11/12 04:47:48 | 000,255,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/19 22:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/09/19 22:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/07/22 10:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 15:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/27 18:05:44 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/05/16 12:44:17 | 000,083,968 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swiwdmbx.sys -- (swiwdmbx)
DRV - [2011/05/13 14:53:00 | 000,215,552 | ---- | M] (Sierra Wireless Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swg3kser00.sys -- (swg3kser00)
DRV - [2011/04/04 23:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/03/16 15:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/03/03 15:40:22 | 000,208,128 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swnc8ua3.sys -- (SWNC8UA3)
DRV - [2011/03/01 13:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/02/22 07:13:02 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011/02/10 06:53:54 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/02/10 06:53:52 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2009/05/20 13:54:06 | 000,013,736 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2009/01/28 12:50:44 | 003,488,768 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/11/01 02:52:16 | 000,093,184 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008/08/18 10:24:40 | 000,011,264 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ICDUSB3.sys -- (ICDUSB3)
DRV - [2008/01/15 18:17:58 | 004,652,544 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2007/10/15 15:36:07 | 000,019,712 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2007/10/15 15:36:07 | 000,018,304 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2007/02/16 13:12:36 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2006/08/18 13:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 13:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 13:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 13:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 13:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 13:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 13:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 13:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 10:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2004/03/08 12:55:50 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2002/10/15 22:41:06 | 000,102,220 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sonypvs1.sys -- (sonypvs1)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.msn.com/sphome.aspx
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://g.msn.com/USCON/1
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/sphome.aspx
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.live.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKCU\..\SearchScopes,DefaultScope = {EA169F57-9B7E-4A36-9B14-D0A84A80F73A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://search.avg.com/route/?d=4b3d2cf0&i=23&tp=chrome&q={searchTerms}&lng={language}&ychte=us&nt=1
IE - HKCU\..\SearchScopes\{EA169F57-9B7E-4A36-9B14-D0A84A80F73A}: "URL" = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "www.yahoo.com"
FF - prefs.js..extensions.enabledAddons: {972ce4c6-7e08-4474-a285-3208198ce6fd}:18.0.2
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1410
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012/12/12 09:37:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/02/20 15:58:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/02/22 17:50:01 | 000,000,000 | ---D | M]
 
[2011/03/15 19:11:14 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Extensions
[2012/10/23 16:48:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Firefox\Profiles\4205w02i.default\extensions
[2013/02/20 15:57:43 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Firefox\Profiles\4205w02i.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012/09/14 10:16:56 | 000,020,591 | ---- | M] () (No name found) -- C:\Documents and Settings\FREDA\Application Data\Mozilla\Firefox\Profiles\4205w02i.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2013/02/08 13:56:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/02/05 17:07:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/02/05 17:07:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/02/08 13:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}
[2013/02/08 13:56:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}(2)
[2013/02/22 17:49:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions
[2013/02/22 09:21:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/02/22 17:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/02/22 17:49:53 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2013/02/22 09:21:09 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA}(2)
[2013/02/05 17:08:06 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/08/16 16:42:02 | 000,070,456 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\CgpCore.dll
[2008/08/16 16:42:12 | 000,091,448 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\confmgr.dll
[2008/08/16 16:42:08 | 000,020,800 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\ctxlogging.dll
[2008/05/21 07:41:08 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcm80.dll
[2008/05/21 07:41:08 | 000,548,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcp80.dll
[2008/05/21 07:41:08 | 000,626,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files\mozilla firefox\plugins\msvcr80.dll
[2008/08/16 16:44:46 | 000,427,312 | ---- | M] () -- C:\Program Files\mozilla firefox\plugins\npicaN.dll
[2008/08/16 16:42:04 | 000,023,864 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files\mozilla firefox\plugins\TcpPServ.dll
[2012/10/22 10:59:45 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/22 11:00:33 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
 
O1 HOSTS File: ([2013/02/10 12:38:15 | 000,444,743 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1 -h-n7y15mc.firoli-sys.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-domains-registrations.com
O1 - Hosts: 127.0.0.1 www.1-domains-registrations.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 15277 more lines...
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)
O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [attcm_AppStart.exe] C:\Program Files\AT&T\AT&T Communication Manager\attcm_AppStart.exe ()
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\FREDA\Start Menu\Programs\Startup\EzWare EzDesk.lnk = C:\WINDOWS\EzDesk.exe (EzWare Technology)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKCU\..Trusted Domains: friendsofjamesrogers.com ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: onlyimaginegraphics.com ([www] http in Trusted sites)
O16 - DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB (SysProWmi Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.4.cab (DLM Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1258206523468 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1360358360593 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab (Java Plug-in 1.6.0_37)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{323E3141-105A-49C1-A74C-17F898A22C18}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll) - C:\Program Files\Citrix\GoToAssist\514\g2awinlogon.dll (Citrix Online, a division of Citrix Systems, Inc.)
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Documents and Settings\FREDA\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/27 16:35:31 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{1dee7668-f028-11de-9060-00219b29862e}\Shell - "" = AutoRun
O33 - MountPoints2\{1dee7668-f028-11de-9060-00219b29862e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{1dee7668-f028-11de-9060-00219b29862e}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{58833bd2-25b8-11e1-9124-000272aa9e26}\Shell - "" = AutoRun
O33 - MountPoints2\{58833bd2-25b8-11e1-9124-000272aa9e26}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{58833bd2-25b8-11e1-9124-000272aa9e26}\Shell\AutoRun\command - "" = E:\WIN\setup.exe -ap
O33 - MountPoints2\{95f25ca4-3122-11de-bceb-b47c9a5178e3}\Shell - "" = AutoRun
O33 - MountPoints2\{95f25ca4-3122-11de-bceb-b47c9a5178e3}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{95f25ca4-3122-11de-bceb-b47c9a5178e3}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O33 - MountPoints2\{ff392c54-f5b5-11e0-9117-000272aa9e26}\Shell - "" = AutoRun
O33 - MountPoints2\{ff392c54-f5b5-11e0-9117-000272aa9e26}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ff392c54-f5b5-11e0-9117-000272aa9e26}\Shell\AutoRun\command - "" = I:\WIN\setup.exe -ap
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/24 12:16:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\FREDA\Desktop\OTL.exe
[2013/02/24 11:44:26 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/02/24 11:44:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\Malwarebytes
[2013/02/24 11:44:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/02/24 11:44:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2013/02/24 11:44:08 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013/02/24 11:44:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/02/23 17:14:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\Anvil Studio
[2013/02/23 17:03:18 | 000,000,000 | ---D | C] -- C:\Program Files\Anvil Studio 2012
[2013/02/22 21:50:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\attcm_AppStart
[2013/02/22 18:10:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AT&T
[2013/02/20 16:22:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
[2013/02/20 16:20:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\LavasoftStatistics
[2013/02/20 15:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars
[2013/02/20 15:58:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\adawarebp
[2013/02/20 15:58:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2013/02/20 15:58:01 | 000,000,000 | ---D | C] -- C:\Program Files\adawaretb
[2013/02/20 15:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\adawaretb
[2013/02/20 15:57:51 | 000,000,000 | ---D | C] -- C:\Program Files\Toolbar Cleaner
[2013/02/20 15:57:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Ad-Aware Antivirus
[2013/02/20 15:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus
[2013/02/20 15:55:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2013/02/20 15:52:59 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/02/20 15:52:59 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/02/20 15:52:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\Ad-Aware Antivirus
[2013/02/20 11:23:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\Sunbelt Software
[2013/02/15 13:43:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\My Documents\RCA Updater
[2013/02/15 13:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\My Documents\RCA Detective
[2013/02/15 13:43:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RCA Detective
[2013/02/15 13:43:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\RCA easyRip
[2013/02/15 13:43:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\{userdocs}
[2013/02/15 13:43:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\My Documents\RCA easyRip
[2013/02/14 09:03:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Local Settings\Application Data\Sun
[2013/02/11 13:26:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documents\CrashDump
[2013/02/10 15:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013/02/09 11:05:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
[2013/02/08 16:17:04 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/02/08 14:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Start Menu\Programs\Revo Uninstaller
[2013/02/08 13:56:26 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\FREDA\Recent
[2013/02/08 10:52:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
[2013/02/08 07:58:50 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013/02/07 16:02:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\FREDA\Application Data\SUPERAntiSpyware.com
[2013/02/07 16:01:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SUPERAntiSpyware
[2013/02/07 16:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2013/02/07 16:01:12 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2013/02/07 14:20:23 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2013/02/07 14:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Lavasoft
[2013/02/05 17:07:57 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[35 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[253 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/24 12:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\FREDA\Desktop\OTL.exe
[2013/02/24 11:49:20 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2013/02/24 11:45:13 | 000,569,172 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/24 11:45:13 | 000,110,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/24 11:44:10 | 000,000,786 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/24 11:41:31 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/24 11:41:11 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
[2013/02/24 11:40:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/24 11:40:30 | 3487,723,520 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/24 09:19:40 | 111,077,230 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2013/02/23 22:31:36 | 000,574,264 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/23 18:14:59 | 000,002,293 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Anvil Studio 2012.lnk
[2013/02/23 17:44:23 | 000,002,493 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Paint Shop Pro 7.lnk
[2013/02/23 17:15:03 | 000,000,747 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Shortcut to astudio4.exe.lnk
[2013/02/23 15:59:52 | 000,003,955 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Speedtest.net - The Global Broadband Speed Test.url
[2013/02/23 15:32:53 | 000,000,319 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Weather.url
[2013/02/23 07:22:11 | 000,000,888 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\AT&T Communication Manager.lnk
[2013/02/22 21:16:33 | 000,003,634 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Novelty Midis.url
[2013/02/22 18:10:31 | 000,000,870 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AT&T Communication Manager.lnk
[2013/02/22 14:11:02 | 000,000,736 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hostsoriginal
[2013/02/21 16:41:00 | 000,000,396 | ---- | M] () -- C:\WINDOWS\tasks\AmiUpdXp.job
[2013/02/21 15:54:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/21 15:25:18 | 000,000,944 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/02/21 15:25:18 | 000,000,408 | ---- | M] () -- C:\WINDOWS\tasks\ROC_REG_JAN.job
[2013/02/21 15:25:18 | 000,000,374 | ---- | M] () -- C:\WINDOWS\tasks\ROC_REG_JAN_DELETE.job
[2013/02/20 15:52:58 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013/02/20 15:52:58 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013/02/20 13:21:22 | 000,000,120 | -H-- | M] () -- C:\aaw7boot.cmd
[2013/02/18 14:54:32 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2013/02/18 14:43:18 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/02/18 14:43:18 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/02/17 07:45:30 | 000,000,180 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Barbie.url
[2013/02/16 23:57:00 | 000,000,343 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Wyndham Search Availability.url
[2013/02/16 21:23:14 | 000,000,221 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Not Doppler.url
[2013/02/15 13:43:52 | 000,000,654 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\RCA easyRip.lnk
[2013/02/15 13:43:52 | 000,000,228 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FREE AUDIOBOOK.URL
[2013/02/15 13:43:52 | 000,000,217 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\GET FREE MP3s.URL
[2013/02/13 14:32:20 | 000,000,033 | ---- | M] () -- C:\WINDOWS\iltwain.ini
[2013/02/10 12:38:15 | 000,444,743 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/02/09 16:31:45 | 000,000,036 | ---- | M] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\housecall.guid.cache
[2013/02/08 17:02:57 | 000,000,817 | ---- | M] () -- C:\Documents and Settings\FREDA\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/02/08 16:19:05 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/07 17:14:08 | 000,445,128 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.20130209-215509.backup
[2013/02/07 16:01:16 | 000,001,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/02/07 14:20:16 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\WINDOWS\System32\drivers\SBREDrv.sys
[2013/02/03 14:11:16 | 269,657,031 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_101917_196.mp4
[2013/02/02 08:23:26 | 000,000,948 | ---- | M] () -- C:\WINDOWS\QIII.INI
[2013/01/31 18:43:04 | 000,083,264 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2013/01/30 20:52:46 | 000,037,607 | ---- | M] () -- C:\Program Files\Common Files\license.rtf
[2013/01/30 20:52:46 | 000,008,046 | ---- | M] () -- C:\Program Files\Common Files\setupBanner.jpg
[2013/01/30 16:20:34 | 000,000,241 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\Smith Lake Water Level.url
[2013/01/26 17:48:07 | 047,840,257 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_102509_094.mp4
[2013/01/26 17:47:34 | 223,809,133 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_104558_660.mp4
[2013/01/26 17:46:11 | 250,078,030 | ---- | M] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_110745_669.mp4
[35 C:\WINDOWS\System32\dllcache\*.tmp files -> C:\WINDOWS\System32\dllcache\*.tmp -> ]
[253 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/24 11:44:10 | 000,000,786 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013/02/23 17:15:03 | 000,000,747 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\Shortcut to astudio4.exe.lnk
[2013/02/23 17:03:19 | 000,002,293 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Anvil Studio 2012.lnk
[2013/02/23 17:03:19 | 000,001,904 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Anvil Studio 2012.lnk
[2013/02/23 15:59:52 | 000,003,955 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\Speedtest.net - The Global Broadband Speed Test.url
[2013/02/23 07:22:11 | 000,000,888 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\AT&T Communication Manager.lnk
[2013/02/22 21:16:33 | 000,003,634 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\Novelty Midis.url
[2013/02/22 18:10:31 | 000,000,870 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AT&T Communication Manager.lnk
[2013/02/20 16:24:04 | 000,000,944 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Antivirus Scheduled Scan.job
[2013/02/20 15:57:34 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Ad-Aware Antivirus.lnk
[2013/02/20 13:21:22 | 000,000,120 | -H-- | C] () -- C:\aaw7boot.cmd
[2013/02/18 14:43:18 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2013/02/18 14:43:18 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2013/02/15 13:43:52 | 000,000,654 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\RCA easyRip.lnk
[2013/02/15 13:43:52 | 000,000,228 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FREE AUDIOBOOK.URL
[2013/02/15 13:43:52 | 000,000,217 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\GET FREE MP3s.URL
[2013/02/15 13:43:25 | 000,459,663 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\User Manual English_TH18XXC.pdf
[2013/02/09 16:31:45 | 000,000,036 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\housecall.guid.cache
[2013/02/08 11:48:13 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/02/07 16:01:16 | 000,001,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SUPERAntiSpyware Free Edition.lnk
[2013/02/03 15:18:17 | 223,809,133 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_104558_660.mp4
[2013/02/03 15:18:16 | 047,840,257 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_102509_094.mp4
[2013/02/03 15:18:01 | 250,078,030 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_110745_669.mp4
[2013/02/03 14:11:13 | 269,657,031 | ---- | C] () -- C:\Documents and Settings\FREDA\Desktop\VID_20130126_101917_196.mp4
[2013/01/30 20:52:46 | 000,037,607 | ---- | C] () -- C:\Program Files\Common Files\license.rtf
[2013/01/30 20:52:46 | 000,008,046 | ---- | C] () -- C:\Program Files\Common Files\setupBanner.jpg
[2013/01/26 13:24:17 | 000,716,720 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-796266127-4252608427-1798623780-1005-0.dat
[2013/01/26 13:24:17 | 000,346,498 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
[2013/01/11 12:23:48 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\rx_image.Cache
[2012/12/18 10:06:10 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/12/18 10:06:06 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/12/18 10:06:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/12/18 10:06:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/12/18 10:06:06 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/06/10 11:07:15 | 000,038,576 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2012/06/10 11:07:15 | 000,011,435 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2012/06/10 11:07:15 | 000,010,225 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2012/04/22 21:54:47 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\FREDA\.recently-used.xbel
[2011/11/06 11:35:40 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/11/06 11:30:09 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011/09/02 20:38:05 | 000,000,378 | ---- | C] () -- C:\WINDOWS\System32\Pen_Tablet.dat
[2011/09/02 20:35:55 | 000,000,654 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2011/03/15 19:11:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/01/14 11:30:32 | 000,000,284 | ---- | C] () -- C:\Documents and Settings\FREDA\Application Data\ViewerApp.dat
[2010/09/07 10:20:05 | 002,755,016 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/05/16 21:02:56 | 000,120,832 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/22 08:31:09 | 000,019,461 | ---- | C] () -- C:\Documents and Settings\FREDA\DModem_Trace.trc
[2009/04/07 13:50:57 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\FREDA\Local Settings\Application Data\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2008/04/25 15:34:35 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/28 22:46:52 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 06:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 06:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013/02/20 16:22:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Antivirus
[2013/02/20 15:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ad-Aware Browsing Protection
[2013/01/22 17:36:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG January 2013 Campaign
[2013/02/22 14:18:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG10
[2010/10/27 18:38:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2011/07/10 08:44:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
[2013/02/20 15:58:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\blekko toolbars
[2012/08/09 23:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canneverbe Limited
[2009/04/21 15:31:50 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
[2011/11/24 08:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Canon_Inc_IC
[2009/09/18 14:12:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Citrix
[2010/10/27 18:49:45 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2013/02/20 15:55:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Downloaded Installations
[2012/12/28 12:10:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GameHouse
[2010/05/23 08:23:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GARMIN
[2012/11/12 11:28:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MemeoCommon
[2011/05/26 17:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2009/03/31 22:57:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC-Doctor
[2012/03/17 12:59:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PCDr
[2013/01/20 11:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Samsung
[2009/04/21 15:35:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ScanSoft
[2009/07/22 15:11:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra
[2011/10/19 15:40:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sierra Wireless
[2012/03/17 21:30:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2013/02/22 14:55:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/31 22:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Uninstall
[2013/02/21 16:45:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Ad-Aware Antivirus
[2013/02/20 15:58:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\adawaretb
[2009/04/19 12:22:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Anvil Studio
[2013/02/22 14:48:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\AVG
[2010/10/27 19:46:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\AVG10
[2012/08/09 23:03:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Canneverbe Limited
[2012/03/10 14:48:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Canon
[2010/01/22 11:19:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\CoffeeCup Software
[2009/10/19 08:24:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/09/02 08:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ElevatedDiagnostics
[2011/07/10 08:50:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ERS G-Studio
[2010/05/23 08:21:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\GARMIN
[2011/09/03 13:33:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ICAClient
[2012/04/10 06:23:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\inkscape
[2009/04/08 15:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Jasc
[2009/11/22 11:31:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\KompoZer
[2012/11/12 11:16:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Leadertech
[2012/11/20 00:17:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Memeo
[2010/07/10 14:02:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Namco
[2012/03/17 12:56:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\PCDr
[2013/01/20 11:53:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Samsung
[2009/04/21 15:35:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\ScanSoft
[2012/11/12 11:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Seagate
[2010/01/17 14:59:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Serif
[2009/12/25 12:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Sierra
[2011/10/19 15:40:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Sierra Wireless
[2013/01/14 14:38:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\SmartDraw
[2012/06/28 08:15:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Stykz
[2012/12/27 22:54:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\SwvUpdater
[2009/04/07 14:08:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Windows Search
[2010/12/25 14:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\WTouch
[2009/06/05 16:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\FREDA\Application Data\Xilisoft Corporation
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\FREDA\Desktop\SavedSkadoodle 2-by Freda.dmsd:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\FREDA\Desktop\Roy's Toys:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Documents and Settings\FREDA\Desktop\DefaultMyDVD9 files:Roxio EMC Stream
@Alternate Data Stream - 219 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4EE323A4
@Alternate Data Stream - 187 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4
@Alternate Data Stream - 116 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:FAC5BCF5

 
< End of report >
 
 
 
OTL Extras logfile created on: 2/24/2013 12:18:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\FREDA\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.25 Gb Total Physical Memory | 2.56 Gb Available Physical Memory | 78.85% Memory free
7.07 Gb Paging File | 6.43 Gb Available in Paging File | 90.96% Paging File free
Paging file location(s): C:\pagefile.sys 4096 12288 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 465.72 Gb Total Space | 216.44 Gb Free Space | 46.47% Space Free | Partition Type: NTFS
 
Computer Name: FREDA | User Name: FREDA | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with ACDSee] -- C:\Program Files\ACDSee32\ACDSee32.exe "%1" (ACD Systems, Ltd.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [ZipExplode Directory] -- C:\Program Files\ZipExploder\Exploder.exe "%1" (BCW Software)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\1Ws_ftp\WS_FTP95.exe" = C:\Program Files\1Ws_ftp\WS_FTP95.exe:*:Enabled:WS_FTP 95 -- (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
"C:\Program Files\AVG\AVG10\avgmfapx.exe" = C:\Program Files\AVG\AVG10\avgmfapx.exe:*:Enabled:AVG Installer -- (AVG Technologies CZ, s.r.o.)
"C:\WINDOWS\system32\dpvsetup.exe" = C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Disabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\AVG\AVG10\avgdiagex.exe" = C:\Program Files\AVG\AVG10\avgdiagex.exe:*:Enabled:AVG Diagnostics 2011 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Kompozer\KompoZer 0.7.10\kompozer.exe" = C:\Program Files\Kompozer\KompoZer 0.7.10\kompozer.exe:*:Disabled:Composer -- (Mozilla Foundation)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Disabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\AVG\AVG10\avgnsx.exe" = C:\Program Files\AVG\AVG10\avgnsx.exe:*:Disabled:Online Shield -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG10\avgemcx.exe" = C:\Program Files\AVG\AVG10\avgemcx.exe:*:Disabled:Personal E-mail Scanner -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\Quake III Arena\quake3.exe" = C:\Program Files\Quake III Arena\quake3.exe:*:Disabled:quake3 -- ()
"C:\WINDOWS\system32\sessmgr.exe" = C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\WINDOWS\system32\rundll32.exe" = C:\WINDOWS\system32\rundll32.exe:*:Disabled:Run a DLL as an App -- (Microsoft Corporation)
"C:\Program Files\AT&T\AT&T Communication Manager\SwiApiMuxX.exe" = C:\Program Files\AT&T\AT&T Communication Manager\SwiApiMuxX.exe:*:Enabled:SwiApiMuxX -- (Sierra Wireless, Inc.)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Disabled:WebKit -- (Apple Inc.)
"C:\Program Files\NetMeeting\conf.exe" = C:\Program Files\NetMeeting\conf.exe:*:Disabled:Windows® NetMeeting® -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0EF946E8-2406-82FB-23CD-09B39AFD781D}" = CCC Help French
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series" = Canon MP610 series
"{12A3AF78-CBB5-484B-AE87-927C4DE6B9A8}" = Garmin City Navigator North America NT 2011.10 Update
"{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}" = Dell DataSafe Online
"{1E2F8AE3-3437-44E6-BB75-E95751D6B83F}" = Picture Package
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FAFEF2D-E38E-AFF2-873E-743381EF6011}" = ccc-utility
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool
"{2656D0AB-9EA4-4C58-A117-635F3CED8B93}" = Microsoft UI Engine
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java™ 6 Update 37
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{26E4576A-C55C-386C-379A-4F048FBE811F}" = Skins
"{2E625F3B-FA2B-27C4-F470-45F2D208277F}" = CCC Help English
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{371D967E-8E71-4E47-8F97-E5EC49A58556}" = AT&T Communication Manager
"{3BDC625A-5326-112C-2285-51EFFE42DD27}" = CCC Help Korean
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}" = Banctec Service Agreement
"{43CAC9A1-1993-4F65-9096-7C9AFC2BBF54}" = Dell CinePlayer
"{486B99AF-8BCF-849E-ABAB-FC3C321EA4DA}" = CCC Help Spanish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D860F7C-B285-64AC-EB84-343891A58885}" = Catalyst Control Center Localization All
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup
"{53A908D4-99C6-469B-BC13-F4189F260742}" = Corel Painter Essentials 4
"{55115B99-1B96-479E-AFD6-CE17FC9F94B5}" = AVG 2011
"{5905F42D-3F5F-4916-ADA6-94A3646AEE76}" = Dell Driver Reset Tool
"{5BF4F3D5-703F-6352-AB20-ADEFCEE81AB6}" = CCC Help Chinese Traditional
"{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}" = Sony USB Driver
"{5FD5BE54-CFAC-9CF0-8983-5931E495D2D4}" = CCC Help Italian
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61BEA823-ECAF-49F1-8378-A59B3B8AD247}" = Microsoft Default Manager
"{62201736-0A1F-4C6F-9C59-1AA3360CEA50}" = Homespun Collection
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}" = Digital Voice Editor 3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A11104-530E-6702-DA2A-7D56F052FE52}" = CCC Help Hungarian
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7CE979C6-E5FF-41C5-B6CC-4EE18071563B}" = SierraAddressBook 3.0
"{7E44C354-10A8-4214-9C56-F3F00775E415}_is1" = Stykz for Windows 1.0.2
"{822A27F8-420B-A5AE-D9E6-B925B84988D1}" = CCC Help German
"{8344D4A2-FE9C-4275-AE51-0FD07CC9A5DB}" = Xara3D6
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90850409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{95120000-003F-0409-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98FF6869-E903-0A4B-D2D0-7BB99C8EFAB7}" = CCC Help Chinese Standard
"{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}" = Software Version Updater
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A06275F4-324B-4E85-95E6-87B2CD729401}" = Windows Defender
"{A2A42043-BCC2-495A-8BD6-5A905D101619}" = Anvil Studio 2012
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager
"{A676D72C-6ADD-2F00-2696-A3612D7FEB7C}" = ccc-core-static
"{A69D7B32-2BE9-42BF-B576-69B5E0FF7394}" = Catalyst Control Center - Branding
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BD2ED779-9542-9D3A-1FA5-7EBBB904C2D2}" = CCC Help Turkish
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C797EAF2-707A-4239-BDF3-F2672314A734}" = First Step Guide
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC8899CF-02A9-FC4C-EF06-4DEF8D70E824}" = Catalyst Control Center Graphics Previews Common
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE6DEE87-1C87-42ED-A108-7369BFE9076F}" = 32 bit Windows Card Reader Driver
"{CEB4458B-5F7F-478A-B69A-C16EE67C9E7D}" = Ad-Aware Antivirus
"{CEDD9A6B-7C8C-2CCB-1282-3BB949D4200E}" = Catalyst Control Center Graphics Full New
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D639085F-4B6E-4105-9F37-A0DBB023E2FB}" = Roxio MyDVD DE
"{D6DE02C7-1F47-11D4-9515-00105AE4B89A}" = Paint Shop Pro 7
"{DFF1DFAE-8545-B6A8-2A5F-22A452CB866B}" = Catalyst Control Center Graphics Light
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E646DCF0-5A68-11D5-B229-002078017FBF}" = Digital Line Detect
"{EADC19D5-5639-EAB9-335B-A46D8762EE95}" = Catalyst Control Center Graphics Full Existing
"{EBB54970-8AA5-2830-02D0-7DD016EBA860}" = ccc-core-preinstall
"{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}" = Citrix XenApp Web Plugin
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE
"{F0E10150-790C-469E-882D-3EFA82542D2E}" = AVG 2011
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2C1EDB3-B1AA-55C8-FE0C-F6F7F87A7489}" = CCC Help Japanese
"{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}" = ImageMixer VCD2
"{FE81A5E6-D32A-ABD7-3819-A8549CA8E3D4}" = CCC Help Portuguese
"{FF904D22-BE29-3D7C-611A-3D556DA2FE7D}" = Catalyst Control Center Core Implementation
"20/20 v2.1" = 20/20 v2.1
"ACDSee 32" = ACDSee 32
"Ad-Aware Browsing Protection" = Ad-Aware Browsing Protection
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"All ATI Software" = ATI - Software Uninstall Utility
"Arachnophilia version 4.0_is1" = Arachnophilia version 4.0
"ATI Display Driver" = ATI Display Driver
"AVG" = AVG 2011
"BFGC" = Big Fish Games: Game Manager
"BFG-Hidden Wonders of the Depths 3 - Atlantis Adventures" = Hidden Wonders of the Depths 3: Atlantis Adventures
"CameraUserGuide-PSSX40HS" = Canon PowerShot SX40 HS Camera User Guide
"CameraWindowDC" = Canon Utilities CameraWindow DC 8
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Encoder" = Canon MOV Encoder
"Canon MP610 series User Registration" = Canon MP610 series User Registration
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Codec" = DivX Codec
"DivX Player" = DivX Player 2.1
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Eye Candy 4000" = Eye Candy 4000
"FreeCell Plus" = FreeCell Plus
"GoToAssist" = GoToAssist 8.0.0.514
"HughesNetTools" = HughesNetTools
"Icon Restore_is1" = Icon Restore 1.0
"ie8" = Windows Internet Explorer 8
"Indeo® Software" = Indeo® Software
"Inkscape" = Inkscape 0.48.2
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.70.0.1100
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mobile Media Converter_is1" = MIKSOFT Mobile Media Converter
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 18.0.2 (x86 en-US)" = Mozilla Firefox 18.0.2 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Path Copy" = Path Copy 3.0
"Pen Tablet Driver" = Bamboo
"PhotoStitch" = Canon Utilities PhotoStitch
"Pivot Stickfigure Animator_is1" = Pivot Stickfigure Animator version 2.2.6
"Print Artist 2003" = Print Artist 2003
"PROSet" = Intel® PRO Network Connections Drivers
"Quake III Arena" = Quake III Arena
"RCA Detective™_is1" = RCA Detective™ 3.0.4.0
"RCA easyRip_is1" = RCA easyRip 2.5.9.0
"RCA Updater_is1" = RCA Updater 2.1.7.1
"RealSimpleAnniversaryClock_is1" = RealSimpleAnniversaryClock
"RegScrubXP_is1" = RegScrubXP 3.25
"Revo Uninstaller" = Revo Uninstaller 1.93
"ScanSoft PaperPort Viewer 7.0" = ScanSoft PaperPort Viewer 7.0
"Software Guide" = Canon DIGITAL CAMERA Solution Disk Software Guide
"Spell Checker For OE 2.1" = Spell Checker For OE 2.1
"Tweak UI 2.10" = Tweak UI
"VLC media player" = VLC media player 0.9.9
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Xilisoft Video Converter Ultimate" = Xilisoft Video Converter Ultimate
"XpsEPSC" = XML Paper Specification Shared Components Pack 1.0
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"bd4d3a0508d364f5" = Dell Driver Download Manager
"MyFreeCodec" = MyFreeCodec
"SmartDraw 6" = SmartDraw 6
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/2/2012 4:35:52 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application anim.exe, version 3.0.0.4, faulting module mfc42.dll,
 version 6.2.8081.0, fault address 0x0000451c.
 
Error - 6/3/2012 8:42:31 AM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application psp.exe, version 7.0.0.4, faulting module psp.exe,
 version 7.0.0.4, fault address 0x000c752d.
 
Error - 6/3/2012 8:44:57 AM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application psp.exe, version 7.0.0.4, faulting module psp.exe,
 version 7.0.0.4, fault address 0x000c752d.
 
Error - 6/3/2012 1:00:30 PM | Computer Name = FREDA | Source = Application Hang | ID = 1002
Description = Hanging application moviemk.exe, version 2.1.4028.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 6/3/2012 3:28:00 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application anim.exe, version 3.0.0.4, faulting module mfc42.dll,
 version 6.2.8081.0, fault address 0x0007327b.
 
Error - 6/3/2012 5:32:21 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application anim.exe, version 3.0.0.4, faulting module mfc42.dll,
 version 6.2.8081.0, fault address 0x0000451c.
 
Error - 11/14/2012 5:57:45 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application dreamweaver.exe, version 4.0.1064.0, faulting
 module dreamweaver.exe, version 4.0.1064.0, fault address 0x00046189.
 
Error - 11/20/2012 12:17:17 PM | Computer Name = FREDA | Source = Application Error | ID = 1000
Description = Faulting application spybotsd.exe, version 1.6.2.46, faulting module
 spybotsd.exe, version 1.6.2.46, fault address 0x000049ee.
 
Error - 2/21/2013 6:36:52 PM | Computer Name = FREDA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Tried to start a service that wasn't the latest version of CLR Optimization service.
 Will shutdown
 
Error - 2/21/2013 6:36:56 PM | Computer Name = FREDA | Source = .NET Runtime Optimization Service | ID = 1103
Description = .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32)
 - Tried to start a service that wasn't the latest version of CLR Optimization service.
 Will shutdown
 
[ System Events ]
Error - 11/20/2012 11:21:27 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7024
Description = The IIS Admin service terminated with service-specific error 2147549183
 (0x8000FFFF).
 
Error - 11/20/2012 11:21:57 AM | Computer Name = FREDA | Source = DCOM | ID = 10010
Description = The server {A9E69610-B80D-11D0-B9B9-00A0C922E750} did not register
 with DCOM within the required timeout.
 
Error - 11/20/2012 11:46:13 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7000
Description = The StarOpen service failed to start due to the following error:   %%2
 
Error - 11/20/2012 11:46:13 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7001
Description = The Canon Camera Access Library 8 service depends on the Windows Image
 Acquisition (WIA) service which failed to start because of the following error:
   %58
 
Error - 11/20/2012 11:50:26 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7022
Description = The IIS Admin service hung on starting.
 
Error - 11/20/2012 11:50:26 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7001
Description = The World Wide Web Publishing service depends on the IIS Admin service
 which failed to start because of the following error:   %70
 
Error - 11/20/2012 11:50:27 AM | Computer Name = FREDA | Source = Service Control Manager | ID = 7024
Description = The IIS Admin service terminated with service-specific error 2147549183
 (0x8000FFFF).
 
Error - 11/20/2012 11:50:56 AM | Computer Name = FREDA | Source = DCOM | ID = 10010
Description = The server {A9E69610-B80D-11D0-B9B9-00A0C922E750} did not register
 with DCOM within the required timeout.
 
Error - 11/20/2012 12:50:22 PM | Computer Name = FREDA | Source = Service Control Manager | ID = 7024
Description = The IIS Admin service terminated with service-specific error 2147549183
 (0x8000FFFF).
 
Error - 11/20/2012 12:50:52 PM | Computer Name = FREDA | Source = DCOM | ID = 10010
Description = The server {A9E69610-B80D-11D0-B9B9-00A0C922E750} did not register
 with DCOM within the required timeout.
 
 
< End of report >

Edit: Moved topic from Web Browsing/Email and Other Internet Applications to the more appropriate forum. Duplicate topic in same forum was deleted. ~ Animal

BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 18,050 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 PM

Posted 28 February 2013 - 10:13 AM

Greetings chaknik and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:

  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the StartNewTopic.gif button but use the AddReply.gif button instead.
  • In the upper right hand corner of the topic you will see the WatchTopic.gif button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

 

===================================================
 
 
Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided and I will reply as soon as possible.


Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 18,050 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 PM

Posted 28 February 2013 - 12:44 PM

Hi Roy,

Let's get some fresh information about the state of your computer. Please describe the issues you are currently experiencing and complete the following.
 

 

===================================================


DDS by sUBs

--------------------

  • If you no longer have the program on your computer, please download DDS by sUBs from one of the following links. Save it to your desktop.

DDS.com
DDS.pif

  • Double click on the DDS-1.jpg icon
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Two Notepad documents will open - DDS.txt and Attach.txt. Please copy and paste the results in your reply
  • Close the program window, and delete the program from your desktop

Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE


Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 chaknik

chaknik
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 28 February 2013 - 01:05 PM

Hi Gary, thanks for your time and effort. I tried many, many times before I was able to get to bleepingcomputer. IE keeps timing out...'Internet Explorer cannot display the webpage'. This happened well over  a dozen times. Just now when I clicked the above link for DDS.com, the same thing..'IE cannot....'. I still haven't been able to download the file, but I'll try some more.



#5 chaknik

chaknik
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 28 February 2013 - 01:55 PM

I was finally able to download DDS.com and ran it. Here is the DDS.txt:

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.13.2
Run by Froy at 12:19:16 on 2013-02-28
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.3070.2492 [GMT -6:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\issch.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AT&T\AT&T Communication Manager\attcm_AppStart.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\EzDesk.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
uInternet Connection Wizard,ShellNext = hxxp://127.0.0.1:4664/first_usage&s=Gfo9sFi-kJw7P1yLaLnhKlvnjBo
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
uRun: [attcm.exe] c:\program files\at&t\at&t communication manager\attcm.exe
uRunOnce: [Shockwave Updater] c:\windows\system32\adobe\shockwave 11\SwHelper_1150595.exe -Update -1150595 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; FDM)" -"http://pbskids.org/barney/children/games/imagination_game.html"
mRun: [ISUSScheduler] "c:\progra~1\common~1\instal~1\update~1\issch.exe" -start
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [CTHelper] CTHELPER.EXE
mRun: [CTDVDDET] "c:\program files\creative\sound blaster x-fi\dvdaudio\CTDVDDET.EXE"
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon                                                                                                                                                                                                                     
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [attcm_AppStart.exe] "c:\program files\at&t\at&t communication manager\attcm_AppStart.exe"
StartupFolder: c:\docume~1\froy\startm~1\programs\startup\ezware~1.lnk - c:\windows\EzDesk.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:255
uPolicies-Explorer: HideSCABattery = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
   If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {43E3F87D-DE7F-4087-BD4F-0DC854981158} - hxxp://download.microsoft.com/download/7/3/8/7384c441-3721-41ee-ae15-b678888f00dd/clearadj.CAB
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.4.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1344814358031
DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} - hxxp://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {99FE5072-78AA-4FEE-89BA-69A5FA55343F} - hxxp://download.microsoft.com/download/B/3/A/B3A2EA73-793D-4ABE-992D-C81140384044/igdtoolx.cab
DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} - hxxp://www.superadblocker.com/activex/sabspx.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{1563FF0C-236E-48E3-B70B-5C8DCCBB6108} : NameServer = 68.94.156.1,68.94.157.1
TCP: Interfaces\{2602BA14-2982-417F-8B77-F4730EB189A0} : DHCPNameServer = 192.168.0.1
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
Notify: LBTWlgn - c:\program files\common files\logitech\bluetooth\LBTWlgn.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, msansspc.dll
Hosts: 127.0.0.1 www.spywareinfo.com
Hosts: 98.139.183.24 www.yahoo.com
Hosts: 67.195.160.76 m.yahoo.com
Hosts: 209.191.93.53 yahoo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\froy\application data\mozilla\firefox\profiles\ae57pzsf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.aol.com/search/search?query={searchTerms}&invocationType=tb50-ff-amonetizetest1-chromesbox-en-us&tb_uuid=20120811143732468&tb_oid=15-08-2012&tb_mrud=15-08-2012
FF - prefs.js: browser.startup.homepage - hxxp://wwwyahoo.com
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&invocationType=tb50-ff-amonetizetest1-ab-en-us&tb_uuid=20120811143732468&tb_oid=15-08-2012&tb_mrud=15-08-2012&query=
FF - component: c:\documents and settings\froy\application data\mozilla\firefox\profiles\ae57pzsf.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}\components\MailUtil.dll
FF - plugin: c:\documents and settings\froy\local settings\application data\google\update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre6\bin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\npjpi170_13.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_171.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - ExtSQL: !HIDDEN! 2009-11-16 18:05; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: dom.disable_open_during_load - true // Popupblocker control handled by McAfee Privacy Service
.
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 IERA;Sierra Wireless Error Reporting Agent;c:\program files\sierra wireless inc\iera\IERA.exe [2011-10-19 167280]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesService32.exe [2012-8-23 1532280]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\avg\avg pc tuneup\TuneUpUtilitiesDriver32.sys [2012-7-4 10088]
S3 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2011-8-11 116608]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2004-10-29 32000]
S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [2011-10-19 215552]
S3 swivsp;AC8xx Virtual Serial Port;c:\windows\system32\drivers\swivspnt.sys [2007-3-26 20352]
S3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [2011-10-19 83968]
S3 SWNC8U12;Sierra Wireless MUX NDIS Driver (UMTS12);c:\windows\system32\drivers\swnc8u12.sys [2007-11-4 101632]
S3 SWNC8UA3;Sierra Wireless MUX NDIS Driver (UMTSA3);c:\windows\system32\drivers\swnc8ua3.sys [2011-10-19 208128]
S3 swumx12;Sierra Wireless USB MUX Driver (UMTS12);c:\windows\system32\drivers\swumx12.sys [2007-11-4 73600]
S3 VWan2k;BroadJump PPPoE Adapter;c:\windows\system32\drivers\VWAN2K.sys [2008-3-13 29228]
S4 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]
S4 SwiCardDetectSvc;Sierra Wireless Card Detection Service;c:\program files\sierra wireless inc\common\SwiCardDetect.exe [2011-5-20 238960]
.
=============== Created Last 30 ================
.
2013-02-27 17:53:36 -------- d-----w- c:\documents and settings\froy\local settings\application data\exec
2013-02-25 22:28:38 -------- d-----w- c:\documents and settings\froy\local settings\application data\Avg2013
2013-02-24 21:02:21 -------- d-----w- c:\program files\EMET
2013-02-24 19:35:45 -------- d-----w- c:\documents and settings\froy\local settings\application data\attcm_AppStart
2013-02-23 23:10:25 -------- d-----w- c:\program files\AT&T
2013-02-23 21:10:59 -------- d-----w- c:\program files\common files\Research In Motion
2013-02-15 22:31:23 186432 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-02-15 22:31:23 186432 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
2013-02-10 21:24:00 143872 ----a-w- c:\windows\system32\javacpl.cpl
2013-02-10 21:23:56 94112 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
==================== Find3M  ====================
.
2013-02-27 22:59:39 71024 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-27 22:59:39 691568 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-02-10 21:23:44 861088 ----a-w- c:\windows\system32\npdeployJava1.dll
2013-02-10 21:23:44 782240 ----a-w- c:\windows\system32\deployJava1.dll
2013-01-26 03:55:44 552448 ----a-w- c:\windows\system32\oleaut32.dll
2013-01-07 01:19:45 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37:01 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00 1867264 ----a-w- c:\windows\system32\win32k.sys
2013-01-02 06:49:10 148992 ----a-w- c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10 1292288 ----a-w- c:\windows\system32\quartz.dll
2012-12-26 20:16:29 916480 ----a-w- c:\windows\system32\wininet.dll
2012-12-26 20:16:28 43520 ------w- c:\windows\system32\licmgr10.dll
2012-12-26 20:16:28 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-12-24 06:40:59 385024 ------w- c:\windows\system32\html.iec
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-12-14 22:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys
2006-05-03 17:06:54 163328 --sha-r- c:\windows\system32\flvDX.dll
2007-02-21 18:47:16 31232 --sha-r- c:\windows\system32\msfDX.dll
2008-03-16 20:30:52 216064 --sha-r- c:\windows\system32\nbDX.dll
2010-01-07 05:00:00 107520 --sha-r- c:\windows\system32\TAKDSDecoder.dll
.
============= FINISH: 12:19:30.40 ===============
Not exactly sure about how to zip and attach the attach.txt but I'll try this.  Didn't work. How do I attach a zipped file?



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 18,050 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 PM

Posted 28 February 2013 - 04:02 PM

H Roy,

Thanks for the information. As far as the Attach.txt file you can copy and paste the contents in your reply.

Please do this for me.


===================================================

AdwCleaner by Xplode - Delete Adware

-------------------

  • Close all open programs and internet browser
  • Double click on adwcleaner.exe
  • Click on Delete
  • Confirm each time with OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[S1].txt

 

===================================================

 

Junkware Removal Tool by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply

 

===================================================


SystemLook by jpshortstuff

--------------------

Please download SystemLook from one of the links below and save it to your Desktop.

 

Download Mirror #1
Download Mirror #2
Download Mirror #3 For 64-bit users

  • Double-click SystemLook.exe to run it.
  • Vista\Windows 7 users:: Right click on SystemLook.exe, click Run As Administrator
  • Copy the content of the following codebox into the main textfield:
:dir
c:\documents and settings\froy\local settings\application data\exec /s
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
  • Note: The log can also be found on your Desktop entitled SystemLook.txt

 

 

===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log

  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply

 

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Attach log
  • AdwCleaner log
  • Junkware log
  • SystemLook log
  • MiniToolBox log
  • How is Internet Explorer behaving now?

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 chaknik

chaknik
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 28 February 2013 - 05:59 PM

<p>The Attach.txt:<br />
.<br />
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.<br />
IF REQUESTED, ZIP IT UP &amp; ATTACH IT<br />
.<br />
DDS (Ver_2012-11-20.01)<br />
.<br />
Microsoft Windows XP Home Edition<br />
Boot Device: \Device\HarddiskVolume2<br />
Install Date: 9/18/2007 2:36:51 PM<br />
System Uptime: 2/28/2013 7:28:54 AM (5 hours ago)<br />
.<br />
Motherboard: Dell Inc.&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |&nbsp; | 0CT017<br />
Processor: Intel® Core™2 CPU&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 6420&nbsp; @ 2.13GHz | Microprocessor | 2127/1066mhz<br />
.<br />
==== Disk Partitions =========================<br />
.<br />
C: is FIXED (NTFS) - 295 GiB total, 207.235 GiB free.<br />
D: is CDROM ()<br />
E: is CDROM ()<br />
F: is Removable<br />
G: is Removable<br />
H: is Removable<br />
I: is Removable<br />
.<br />
==== Disabled Device Manager Items =============<br />
.<br />
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}<br />
Description: 1394 Net Adapter<br />
Device ID: V1394\NIC1394\8071EEE5D100<br />
Manufacturer: Microsoft<br />
Name: 1394 Net Adapter<br />
PNP Device ID: V1394\NIC1394\8071EEE5D100<br />
Service: NIC1394<br />
.<br />
==== System Restore Points ===================<br />
.<br />
RP59: 11/30/2012 12:26:34 PM - System Checkpoint<br />
RP60: 12/16/2012 3:20:29 PM - System Checkpoint<br />
RP61: 12/16/2012 6:07:07 PM - Software Distribution Service 3.0<br />
RP62: 12/20/2012 11:55:22 AM - System Checkpoint<br />
RP63: 12/22/2012 1:31:17 AM - Software Distribution Service 3.0<br />
RP64: 12/23/2012 8:59:48 AM - System Checkpoint<br />
RP65: 1/13/2013 3:09:24 PM - Software Distribution Service 3.0<br />
RP66: 1/14/2013 3:38:23 PM - System Checkpoint<br />
RP67: 1/14/2013 5:15:59 PM - Software Distribution Service 3.0<br />
RP68: 1/20/2013 3:32:54 PM - System Checkpoint<br />
RP69: 2/2/2013 12:36:38 PM - System Checkpoint<br />
RP70: 2/3/2013 12:37:44 PM - System Checkpoint<br />
RP71: 2/6/2013 5:05:07 PM - System Checkpoint<br />
RP72: 2/7/2013 5:51:19 PM - System Checkpoint<br />
RP73: 2/8/2013 6:15:31 PM - System Checkpoint<br />
RP74: 2/9/2013 6:58:12 PM - System Checkpoint<br />
RP75: 2/10/2013 3:23:35 PM - Removed Java 7 Update 9<br />
RP76: 2/16/2013 7:44:06 PM - System Checkpoint<br />
RP77: 2/23/2013 9:05:00 AM - System Checkpoint<br />
RP78: 2/23/2013 3:04:05 PM - Software Distribution Service 3.0<br />
RP79: 2/23/2013 3:10:53 PM - Removed AT&amp;T Communication Manager<br />
RP80: 2/23/2013 3:11:10 PM - Drivers Installation<br />
RP81: 2/23/2013 4:53:36 PM - Restore Operation<br />
RP82: 2/23/2013 5:00:43 PM - Restore Operation<br />
RP83: 2/23/2013 5:02:55 PM - Restore Operation<br />
RP84: 2/23/2013 5:06:32 PM - Removed AT&amp;T Communication Manager<br />
RP85: 2/24/2013 3:02:21 PM - Installed EMET<br />
RP86: 2/24/2013 4:54:43 PM - Restore Operation<br />
RP87: 2/25/2013 4:27:51 PM - Removed AVG 2013<br />
RP88: 2/25/2013 4:28:45 PM - Removed AVG 2013<br />
RP89: 2/26/2013 5:31:04 PM - System Checkpoint<br />
RP90: 2/27/2013 5:47:45 PM - System Checkpoint<br />
RP91: 2/28/2013 10:40:53 AM - Removed Ad-Aware<br />
.<br />
==== Installed Programs ======================<br />
.<br />
Adobe AIR<br />
Adobe Flash Player 11 ActiveX<br />
Adobe Flash Player 11 Plugin<br />
Adobe Reader X (10.1.6)<br />
Adobe Shockwave Player 11.6<br />
Advanced Decoder Patch<br />
AnalogX NetStat Live<br />
AnalogX Vocal Remover (WinAmp)<br />
Any Video Converter 3.4.2<br />
AT&amp;T Communication Manager<br />
Audio Conversion Wizard 1.68.1<br />
AutoPlay Media Studio 5.0 Professional Trial<br />
AVG PC TuneUp<br />
AVG PC TuneUp Language Pack (en-US)<br />
BitMeter<br />
BroadJump PPPoE<br />
Canon MP Navigator EX 1.0<br />
Canon MP610 series<br />
Canon MP610 series User Registration<br />
Canon My Printer<br />
Canon Utilities Easy-PhotoPrint EX<br />
Canon Utilities Solution Menu<br />
CCleaner<br />
CDDRV_Installer<br />
CoffeeCup Free HTML Editor<br />
Creative MediaSource<br />
Dell CinePlayer<br />
Dell Driver Download Manager<br />
Dell Driver Reset Tool<br />
Dell Resource CD<br />
Dell Support Center<br />
Dell System Restore<br />
DellSupport<br />
DivX Setup<br />
Documentation &amp; Support Launcher<br />
Doom 3<br />
EMET<br />
FormatFactory 2.95<br />
Free Easy Burner V 5.1<br />
FreeCell Plus<br />
Frhed 1.7.1<br />
Games, Music, &amp; Photos Launcher<br />
GIMP 2.6.11<br />
Google Chrome<br />
GoToAssist 8.0.0.514<br />
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)<br />
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)<br />
Hotfix for Windows Internet Explorer 7 (KB947864)<br />
Hotfix for Windows XP (KB2756822)<br />
Hotfix for Windows XP (KB2779562)<br />
ImgBurn<br />
Indeo&reg; Software<br />
Info Center 1.0.0.7<br />
Inkscape 0.48.2<br />
Intel® Matrix Storage Manager<br />
Intel® PRO Network Connections<br />
Internet Explorer (Enable DEP)<br />
Internet Service Offers Launcher<br />
Java 7 Update 13<br />
Java Auto Updater<br />
KhalSetup<br />
Macromedia Dreamweaver 4<br />
Macromedia Extension Manager<br />
Malwarebytes Anti-Malware version 1.70.0.1100<br />
MediaProSoft Free FLV Video Converter 5.2.3<br />
Microsoft .NET Framework 1.1<br />
Microsoft .NET Framework 1.1 Security Update (KB2698023)<br />
Microsoft .NET Framework 1.1 Security Update (KB2742597)<br />
Microsoft .NET Framework 1.1 Security Update (KB979906)<br />
Microsoft .NET Framework 2.0 Service Pack 2<br />
Microsoft .NET Framework 3.0 Service Pack 2<br />
Microsoft .NET Framework 3.5 SP1<br />
Microsoft Automated Troubleshooting Services Shim<br />
Microsoft Compression Client Pack 1.0 for Windows XP<br />
Microsoft Expedia Streets &amp; Trips 2000<br />
Microsoft Fix it Center<br />
Microsoft Internationalized Domain Names Mitigation APIs<br />
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5<br />
Microsoft National Language Support Downlevel APIs<br />
Microsoft Office Excel MUI (English) 2007<br />
Microsoft Office Home and Student 2007<br />
Microsoft Office OneNote MUI (English) 2007<br />
Microsoft Office PowerPoint MUI (English) 2007<br />
Microsoft Office Proof (English) 2007<br />
Microsoft Office Proof (French) 2007<br />
Microsoft Office Proof (Spanish) 2007<br />
Microsoft Office Proofing (English) 2007<br />
Microsoft Office Shared MUI (English) 2007<br />
Microsoft Office Shared Setup Metadata MUI (English) 2007<br />
Microsoft Office Word MUI (English) 2007<br />
Microsoft Plus! Digital Media Edition Installer<br />
Microsoft Plus! Photo Story 2 LE<br />
Microsoft Software Update for Web Folders&nbsp; (English) 12<br />
Microsoft User-Mode Driver Framework Feature Pack 1.0<br />
Microsoft VC9 runtime libraries<br />
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053<br />
Microsoft Visual C++ 2005 Redistributable<br />
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17<br />
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148<br />
Microsoft Visual C++ 2010&nbsp; x86 Redistributable - 10.0.40219<br />
Microsoft Works 2000<br />
Microsoft Works 2000 Setup Launcher<br />
Mozilla Firefox (3.6.28)<br />
MSXML 4.0 SP2 (KB936181)<br />
MSXML 4.0 SP2 (KB954430)<br />
MSXML 4.0 SP2 (KB973688)<br />
Nokia Connectivity Adapter Cable DKU-5<br />
NVIDIA Drivers<br />
Paint Shop Pro 7<br />
PowerDVD 5.9<br />
Prism Video File Converter<br />
Quake III Arena<br />
QualxServ Service Agreement<br />
QuickTime Alternative 1.81<br />
RegScrubXP 3.25<br />
Revo Uninstaller 1.93<br />
Riva FLV Encoder 2.0<br />
Roxio Creator Audio<br />
Roxio Creator Copy<br />
Roxio Creator Data<br />
Roxio Creator DE<br />
Roxio Creator Tools<br />
ScanSoft OmniPage SE 4<br />
Security Update for 2007 Microsoft Office System (KB951550)<br />
Security Update for 2007 Microsoft Office System (KB951944)<br />
Security Update for 2007 Microsoft Office System (KB960003)<br />
Security Update for CAPICOM (KB931906)<br />
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)<br />
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)<br />
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)<br />
Security Update for Microsoft Office Excel 2007 (KB959997)<br />
Security Update for Microsoft Office OneNote 2007 (KB950130)<br />
Security Update for Microsoft Office PowerPoint 2007 (KB951338)<br />
Security Update for Microsoft Office system 2007 (KB954326)<br />
Security Update for Microsoft Office system 2007 (KB956828)<br />
Security Update for Microsoft Office Word 2007 (KB956358)<br />
Security Update for Visio 2007 (KB947590)<br />
Security Update for Windows Internet Explorer 7 (KB2544521)<br />
Security Update for Windows Internet Explorer 7 (KB2722913)<br />
Security Update for Windows Internet Explorer 7 (KB938127)<br />
Security Update for Windows Internet Explorer 7 (KB942615)<br />
Security Update for Windows Internet Explorer 7 (KB944533)<br />
Security Update for Windows Internet Explorer 7 (KB950759)<br />
Security Update for Windows Internet Explorer 7 (KB953838)<br />
Security Update for Windows Internet Explorer 7 (KB956390)<br />
Security Update for Windows Internet Explorer 7 (KB958215)<br />
Security Update for Windows Internet Explorer 7 (KB960714)<br />
Security Update for Windows Internet Explorer 7 (KB961260)<br />
Security Update for Windows Internet Explorer 7 (KB963027)<br />
Security Update for Windows Internet Explorer 7 (KB972260)<br />
Security Update for Windows Internet Explorer 8 (KB2510531)<br />
Security Update for Windows Internet Explorer 8 (KB2544521)<br />
Security Update for Windows Internet Explorer 8 (KB2618444)<br />
Security Update for Windows Internet Explorer 8 (KB2722913)<br />
Security Update for Windows Internet Explorer 8 (KB2744842)<br />
Security Update for Windows Internet Explorer 8 (KB2761465)<br />
Security Update for Windows Internet Explorer 8 (KB2792100)<br />
Security Update for Windows Internet Explorer 8 (KB2797052)<br />
Security Update for Windows Internet Explorer 8 (KB2799329)<br />
Security Update for Windows Internet Explorer 8 (KB982381)<br />
Security Update for Windows Media Player (KB911564)<br />
Security Update for Windows XP (KB2510581)<br />
Security Update for Windows XP (KB2655992)<br />
Security Update for Windows XP (KB2691442)<br />
Security Update for Windows XP (KB2698365)<br />
Security Update for Windows XP (KB2705219)<br />
Security Update for Windows XP (KB2707511)<br />
Security Update for Windows XP (KB2712808)<br />
Security Update for Windows XP (KB2719985)<br />
Security Update for Windows XP (KB2723135)<br />
Security Update for Windows XP (KB2724197)<br />
Security Update for Windows XP (KB2727528)<br />
Security Update for Windows XP (KB2731847)<br />
Security Update for Windows XP (KB2753842-v2)<br />
Security Update for Windows XP (KB2757638)<br />
Security Update for Windows XP (KB2758857)<br />
Security Update for Windows XP (KB2761226)<br />
Security Update for Windows XP (KB2770660)<br />
Security Update for Windows XP (KB2778344)<br />
Security Update for Windows XP (KB2779030)<br />
Security Update for Windows XP (KB2780091)<br />
Security Update for Windows XP (KB2799494)<br />
Security Update for Windows XP (KB2802968)<br />
Serif WebPlus 10<br />
SetPoint<br />
SmartDraw 6<br />
Sonic Activation Module<br />
Sound Blaster X-Fi<br />
Stykz for Windows 1.0.2<br />
SUPER &copy; v2012.build.52 (July 7, 2012) version v2012.build.52<br />
SUPERAntiSpyware<br />
swMSM<br />
Synfig Studio<br />
System Requirements Lab<br />
Tweak UI<br />
Update for 2007 Microsoft Office System (KB967642)<br />
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)<br />
Update for Office 2007 (KB932080)<br />
Update for Office 2007 (KB934391)<br />
Update for Windows Internet Explorer 8 (KB2598845)<br />
Update for Windows XP (KB2661254-v2)<br />
Update for Windows XP (KB2718704)<br />
Update for Windows XP (KB2736233)<br />
Update for Windows XP (KB2749655)<br />
VC80CRTRedist - 8.0.50727.6195<br />
VCDEasy<br />
VideoPad Video Editor<br />
VLC media player 1.1.11<br />
WatchWAN v1.0 Pre-Release<br />
WebFldrs XP<br />
WIDCOMM Bluetooth Software<br />
Winamp (remove only)<br />
Windows Internet Explorer 7<br />
Windows Internet Explorer 8<br />
Windows Media Encoder 9 Series SDK<br />
Windows Media Format 11 runtime<br />
Windows Media Player 10<br />
Windows Media Player 11<br />
Windows XP Service Pack 3<br />
WinPcap 3.1 beta4<br />
Xilisoft Video Converter Ultimate<br />
.<br />
==== Event Viewer Messages From Past Week ========<br />
.<br />
2/26/2013 3:55:02 PM, error: Disk [11]&nbsp; - The driver detected a controller error on \Device\Harddisk4\D.<br />
2/25/2013 1:15:01 PM, error: Service Control Manager [7026]&nbsp; - The following boot-start or system-start driver(s) failed to load:&nbsp; AVGIDSDriver AVGIDSShim Avgldx86 Fips intelppm SASDIFSV SASKUTIL<br />
2/25/2013 1:15:01 PM, error: Service Control Manager [7001]&nbsp; - The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:&nbsp; A device attached to the system is not functioning.<br />
2/25/2013 1:14:15 PM, error: DCOM [10005]&nbsp; - DCOM got error &quot;%1084&quot; attempting to start the service EventSystem with arguments &quot;&quot; in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}<br />
2/24/2013 4:56:04 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.34.46.171 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.72.146.253 (The DHCP Server sent a DHCPNACK message).<br />
2/24/2013 4:37:59 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.46.35.188 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.34.46.253 (The DHCP Server sent a DHCPNACK message).<br />
2/24/2013 4:13:24 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.46.35.188 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.46.35.253 (The DHCP Server sent a DHCPNACK message).<br />
2/24/2013 3:57:39 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.120.174.243 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.46.35.253 (The DHCP Server sent a DHCPNACK message).<br />
2/24/2013 3:37:58 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.185.188.208 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.120.174.253 (The DHCP Server sent a DHCPNACK message).<br />
2/24/2013 3:21:57 PM, error: NetDDE [206]&nbsp; - Listen failed: 15:<br />
2/24/2013 2:59:15 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.34.248.11 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.185.188.253 (The DHCP Server sent a DHCPNACK message).<br />
2/23/2013 5:06:59 PM, error: Service Control Manager [7023]&nbsp; - The Application Management service terminated with the following error:&nbsp; The specified module could not be found.<br />
2/23/2013 5:04:42 PM, error: Service Control Manager [7001]&nbsp; - The Telephony service depends on the Plug and Play service which failed to start because of the following error:&nbsp; The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.<br />
2/23/2013 5:04:42 PM, error: Service Control Manager [7001]&nbsp; - The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:&nbsp; The dependency service or group failed to start.<br />
2/23/2013 5:04:39 PM, error: DCOM [10005]&nbsp; - DCOM got error &quot;%1058&quot; attempting to start the service StiSvc with arguments &quot;&quot; in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}<br />
2/23/2013 5:02:47 PM, error: Service Control Manager [7006]&nbsp; - The ScRegSetValueExW call failed for FailureActions with the following error:&nbsp; Access is denied.<br />
2/23/2013 5:02:47 PM, error: Service Control Manager [7001]&nbsp; - The Windows Audio service depends on the Plug and Play service which failed to start because of the following error:&nbsp; The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.<br />
2/23/2013 5:02:47 PM, error: Service Control Manager [7001]&nbsp; - The Logical Disk Manager service depends on the Plug and Play service which failed to start because of the following error:&nbsp; The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.<br />
2/23/2013 5:02:35 PM, error: Print [19]&nbsp; - Sharing printer failed + 1722, Printer Auto Canon MP610 series Printer on DBTOA000 share name AutoCanon.<br />
2/23/2013 4:28:03 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.120.6.141 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.34.248.253 (The DHCP Server sent a DHCPNACK message).<br />
2/23/2013 4:07:32 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.243.27.208 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.120.6.253 (The DHCP Server sent a DHCPNACK message).<br />
2/23/2013 3:14:16 PM, error: sr [1]&nbsp; - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'.&nbsp; It has stopped monitoring the volume.<br />
2/23/2013 3:12:16 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.243.27.208 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.243.27.253 (The DHCP Server sent a DHCPNACK message).<br />
2/23/2013 2:58:51 PM, error: Dhcp [1002]&nbsp; - The IP address lease 10.88.78.21 for the Network Card with network address 00A0D5FFFFAE has been denied by the DHCP server 10.243.27.253 (The DHCP Server sent a DHCPNACK message).<br />
2/23/2013 11:08:17 AM, error: NetDDE [206]&nbsp; - Listen failed: 23: The ncb_lana_num member did not specify a valid network number.<br />
.<br />
==== End Of File ===========================<br />
&nbsp;<br />
&nbsp;<br />
AdwCleaner[Ss1].txt:<br />
&nbsp;<br />
# AdwCleaner v2.113 - Logfile created 02/28/2013 at 15:48:14<br />
# Updated 23/02/2013 by Xplode<br />
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)<br />
# User : Froy - RAS<br />
# Boot Mode : Normal<br />
# Running from : C:\Documents and Settings\Froy\Desktop\BleepingComputer\AdwCleaner.exe<br />
# Option [Delete]<br />
<br />
&nbsp;<br />
<br />
***** [Services] *****<br />
<br />
&nbsp;<br />
<br />
***** [Files / Folders] *****<br />
<br />
&nbsp;<br />
Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search<br />
File Deleted : C:\Documents and Settings\Froy\Application Data\Mozilla\Firefox\Profiles\ae57pzsf.default\searchplugins\Askcom.xml<br />
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg<br />
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml<br />
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search<br />
Folder Deleted : C:\Documents and Settings\Froy\Application Data\AVG Secure Search<br />
Folder Deleted : C:\Documents and Settings\Froy\Application Data\Mozilla\Firefox\Profiles\ae57pzsf.default\extensions\staged<br />
Folder Deleted : C:\Program Files\AVG Secure Search<br />
<br />
&nbsp;<br />
***** [Registry] *****<br />
<br />
&nbsp;<br />
Key Deleted : HKCU\Software\AVG Secure Search<br />
Key Deleted : HKCU\Software\Conduit<br />
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A69A551A-1AAE-4B67-8C2E-52F8B8A19504}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}<br />
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}<br />
Key Deleted : HKLM\Software\AVG Secure Search<br />
Key Deleted : HKLM\Software\AVG Security Toolbar<br />
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}<br />
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}<br />
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE<br />
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL<br />
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI<br />
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1<br />
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj<br />
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1<br />
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}<br />
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}<br />
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}<br />
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}<br />
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}<br />
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}<br />
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}<br />
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}<br />
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}<br />
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol<br />
Key Deleted : HKLM\SOFTWARE\Classes\S<br />
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi<br />
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1<br />
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}<br />
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}<br />
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}<br />
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE<br />
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1<br />
Key Deleted : HKLM\Software\Conduit<br />
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}<br />
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}<br />
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}<br />
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin<br />
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]<br />
<br />
&nbsp;<br />
***** [Internet Browsers] *****<br />
<br />
&nbsp;<br />
-\\ Internet Explorer v8.0.6001.18702<br />
<br />
&nbsp;<br />
[OK] Registry is clean.<br />
<br />
&nbsp;<br />
-\\ Mozilla Firefox v3.6.28 (en-US)<br />
<br />
&nbsp;<br />
File : C:\Documents and Settings\Froy\Application Data\Mozilla\Firefox\Profiles\ae57pzsf.default\prefs.js<br />
<br />
&nbsp;<br />
C:\Documents and Settings\Froy\Application Data\Mozilla\Firefox\Profiles\ae57pzsf.default\user.js ... Deleted !<br />
<br />
&nbsp;<br />
Deleted : user_pref(&quot;aol_toolbar.buttons.layout&quot;, &quot;aol_mail_5496;facebook_40839;youtube_40850;mapquest_40872;t[...]<br />
Deleted : user_pref(&quot;aol_toolbar.default.homepage.check&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.default.homepage.url&quot;, &quot;hxxp://www.aol.com/?mtmhp=hyplogusaolp00000019&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.default.search.check&quot;, true);<br />
Deleted : user_pref(&quot;aol_toolbar.default.search.label&quot;, &quot;AOL Search&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.default.search.url&quot;, &quot;hxxp://search.aol.com/search/search?query={searchTerms}[...]<br />
Deleted : user_pref(&quot;aol_toolbar.firsttime.showwindow&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.guid&quot;, &quot;{A6F8C14E-BF15-C2D9-1A7E-CCE423884DE2}&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.install.homepage&quot;, &quot;hxxp://www.aol.com/?mtmhp={mtmhp}&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.install.lastTbVersion&quot;, &quot;5.74.1.7990&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.install.lid&quot;, &quot;hyplognew00000010&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.install.mtmhp&quot;, &quot;hyplogusaolp00000019&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.install.ncid&quot;, &quot;&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.activestampdate&quot;, &quot;28&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.activestampmonth&quot;, &quot;1&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.activestampyear&quot;, &quot;2013&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.originalDate&quot;, &quot;15&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.originalHours&quot;, &quot;2&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.originalMinutes&quot;, &quot;16&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.originalMonth&quot;, &quot;8&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.originalSeconds&quot;, &quot;7&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.metrics.originalYear&quot;, &quot;2012&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.relatednews.enabled&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.remote.publish.xml&quot;, &quot;1362070327601&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.rtw.active&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.search.button&quot;, true);<br />
Deleted : user_pref(&quot;aol_toolbar.search.cid&quot;, &quot;15-08-2012&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.search.instd&quot;, &quot;20120811143732468&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.search.oid&quot;, &quot;15-08-2012&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.search.populateoncomplete&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.search.savehistory&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.search.searchtype&quot;, &quot;web&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.search.source&quot;, &quot;tb50-ff-amonetizetest1&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.skin.custom&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.date&quot;, &quot;6&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.lastDate&quot;, &quot;28&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.lastMonth&quot;, &quot;1&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.lastYear&quot;, &quot;2013&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.month&quot;, &quot;115&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.prevMonth&quot;, &quot;102&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.total&quot;, &quot;340&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.week&quot;, &quot;7&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.surf.year&quot;, &quot;216&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.ticker.active&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.upgrade.showwindow&quot;, false);<br />
Deleted : user_pref(&quot;aol_toolbar.weather.degc&quot;, &quot;8&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.weather.degf&quot;, &quot;47&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.weather.image&quot;, &quot;chrome://aoltoolbar/skin/weather/34.png&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.weather.metric&quot;, true);<br />
Deleted : user_pref(&quot;aol_toolbar.weather.tooltip&quot;, &quot;New York , NY : Mostly Sunny&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.weather.update&quot;, &quot;1362070328750&quot;);<br />
Deleted : user_pref(&quot;aol_toolbar.weather.zipcode&quot;, &quot;10065&quot;);<br />
Deleted : user_pref(&quot;browser.search.defaultengine&quot;, &quot;Ask.com&quot;);<br />
Deleted : user_pref(&quot;browser.search.defaulturl&quot;, &quot;hxxp://search.aol.com/search/search?query={searchTerms}&amp;invo[...]<br />
Deleted : user_pref(&quot;browser.search.order.1&quot;, &quot;Ask.com&quot;);<br />
Deleted : user_pref(&quot;keyword.URL&quot;, &quot;hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=843&amp;invocatio[...]<br />
<br />
&nbsp;<br />
-\\ Google Chrome v24.0.1312.57<br />
<br />
&nbsp;<br />
File : C:\Documents and Settings\Froy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences<br />
<br />
&nbsp;<br />
Deleted [l.49] : icon_url = &quot;hxxps://isearch.avg.com/favicon.ico&quot;,<br />
Deleted [l.52] : keyword = &quot;isearch.avg.com&quot;,<br />
Deleted [l.55] : search_url = &quot;hxxps://isearch.avg.com/search?cid={D29A36C4-FE10-4CDF-AB21-C2799BCF1E0B}&amp;mid=&amp;[...]<br />
<br />
&nbsp;<br />
*************************<br />
<br />
&nbsp;<br />
AdwCleaner[S1].txt - [9644 octets] - [28/02/2013 15:48:14]<br />
<br />
&nbsp;<br />
########## EOF - C:\AdwCleaner[S1].txt - [9704 octets] ##########<br />
&nbsp;<br />
&nbsp;<br />
JRT.txt:<br />
&nbsp;<br />
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
Junkware Removal Tool (JRT) by Thisisu<br />
Version: 4.6.6 (02.27.2013:1)<br />
OS: Microsoft Windows XP x86<br />
Ran by Froy on Thu 02/28/2013 at 15:57:00.96<br />
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
<br />
~~~ Services<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
~~~ Registry Values<br />
<br />
&nbsp;<br />
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName<br />
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
~~~ Registry Keys<br />
<br />
&nbsp;<br />
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak<br />
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}<br />
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{443789b7-f39c-4b5c-9287-da72d38f4fe6}<br />
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
~~~ Files<br />
<br />
&nbsp;<br />
Successfully deleted: [File] &quot;C:\WINDOWS\system32\roboot.exe&quot;<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
~~~ Folders<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
~~~ FireFox<br />
<br />
&nbsp;<br />
Successfully deleted: [Folder] C:\Documents and Settings\Froy\Application Data\mozilla\firefox\profiles\ae57pzsf.default\extensions\{7affbfae-c4e2-4915-8c0f-00fa3ec610a1}<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
&nbsp;<br />
<br />
&nbsp;<br />
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
Scan was completed on Thu 02/28/2013 at 16:02:16.54<br />
End of JRT log<br />
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<br />
<br />
SystemLook.txt:<br />
SystemLook 30.07.11 by jpshortstuff<br />
Log created at 16:38 on 28/02/2013 by Froy<br />
Administrator - Elevation successful<br />
<br />
========== dir ==========<br />
<br />
c:\documents and settings\froy\local settings\application data\exec - Parameters: &quot;/s&quot;<br />
<br />
---Files---<br />
None found.<br />
<br />
No folders found.<br />
<br />
-= EOF =-<br />
&nbsp;</p>
<p>&nbsp;</p>
<p>I don't see any improvement with IE. I clicked the 'Home' button and IE timed out. Tried to get back to this post and IE timed out again. Once I got here, I clicked the 'Edit' button to add this comment, IE timed out again. I just have to keep clicking refresh page, repair network connection, Network Diagnostics for WindowsXP. I've even restarted the machine&nbsp;and come back to the same problem. I have noticed some strange things like some of my 'Services' properties&nbsp;have change, internet disabled. Don't know what's doing that.</p> I don't know if it's my browser or what but this online editor doesn't always load the same. Has a different look and missing some of the font property options-just a sidenote.


Edited by chaknik, 28 February 2013 - 06:28 PM.


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 18,050 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 PM

Posted 28 February 2013 - 07:00 PM

Our site is being upgraded and formatting issues pop up now and again.

I still need you to run MiniToolBox.
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 chaknik

chaknik
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 28 February 2013 - 07:31 PM

I've tried twice to post Result.txt but both times the server timed out. I'll try again.

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Froy (administrator) on 28-02-2013 at 16:40:33
Running from "C:\Documents and Settings\Froy\Desktop\BleepingComputer"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************


 

========================= Flush DNS: ===================================


 


Windows IP Configuration


 

 


 


========================= IE Proxy Settings: ==============================


 

Proxy is not enabled.
No Proxy Server is set.


 

"Reset IE Proxy Settings": IE Proxy Settings were reset.


 

========================= FF Proxy Settings: ==============================


 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.


 

========================= Hosts content: =================================


 

98.139.183.24    www.yahoo.com
67.195.160.76   m.yahoo.com
209.191.93.53   yahoo.com


 

127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com


 

There are 15275 more lines starting with "127.0.0.1"


 

========================= IP Configuration: ================================


 

 


 

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


 

 


 

popd
# End of interface IP configuration


 

 


 


Windows IP Configuration


 

 


 

Server:  UnKnown
Address:  127.0.0.1


 

Ping request could not find host google.com. Please check the name and try again.


 

Server:  UnKnown
Address:  127.0.0.1


 

 


 

Pinging yahoo.com [209.191.93.53] with 32 bytes of data:


 

 


 

Destination host unreachable.


 

Destination host unreachable.


 

 


 

Ping statistics for 209.191.93.53:


 

    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),


 

 


 

Pinging 127.0.0.1 with 32 bytes of data:


 

 


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128


 

 


 

Ping statistics for 127.0.0.1:


 

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),


 

Approximate round trip times in milli-seconds:


 

    Minimum = 0ms, Maximum = 0ms, Average = 0ms


 

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================


 

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)


 

========================= Event log errors: ===============================


 

Application errors:
==================
Error: (02/28/2013 01:34:06 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/28/2013 01:23:18 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/28/2013 11:10:05 AM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.


 

Error: (02/28/2013 11:09:57 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/28/2013 07:41:18 AM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.70.0.9, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/27/2013 03:07:42 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.70.0.9, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/26/2013 04:00:21 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/26/2013 03:56:37 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/24/2013 02:52:06 PM) (Source: Application Hang) (User: )
Description: Hanging application attcm.exe, version 9.1.177.7, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 

Error: (02/23/2013 06:24:22 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.70.0.9, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


 


System errors:
=============
Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1068


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error:
%%1058


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1068


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error:
%%1058


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1068


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error:
%%1058


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1068


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error:
%%1058


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Remote Access Connection Manager service depends on the Telephony service which failed to start because of the following error:
%%1068


 

Error: (02/28/2013 04:43:08 PM) (Source: Service Control Manager) (User: )
Description: The Telephony service depends on the Plug and Play service which failed to start because of the following error:
%%1058


 


Microsoft Office Sessions:
=========================


 

**** End of log ****



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 18,050 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 PM

Posted 28 February 2013 - 08:30 PM

Are you experiencing this will all web browsers or just Internet Explorer?


Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 chaknik

chaknik
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 28 February 2013 - 08:53 PM

Firefox also, I have Chrome but haven't used it, don't like it. I'll have to sign off for now. Have other pressing matters. Will get back tomorrow. Thanks, Roy



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 18,050 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 PM

Posted 28 February 2013 - 09:52 PM

Hi Roy,

Please run this program. You can download it onto a USB device and transfer it to your computer.


===================================================

Run TDSSKiller by Kaspersky on Vista/7

--------------------

  • Please download Kaspersky's TDSSKiller and save it to your Desktop. <-Important!!!
  • If you desire you may print out and follow the instructions for performing a scan.
  • Right-click on TDSSKiller.exe and select Run As Administrator.
  • When the program opens, click the Start Scan button.

tdss1.png

  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • Any objects found will show in the Scan results - Select action for found objects and offer three options.
  • If an infected file is detected, the default action will be Cure...do not change it.

tdss2.png

  • Click Continue > Reboot now to finish the cleaning process.<- Important!!

tdss4.png

  • If 'Suspicious' objects are detected, you will be given the option to Skip or Quarantine. Skip will be the default selection. Leave it as such for now.
  • A log file named TDSSKiller_version_date_time_log.txt will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

-- If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to these instructions. In some cases it may be necessary to redownload TDSSKiller and randomly rename it before downloading and saving to the computer or to perform the scan in "safe mode".

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log

Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 chaknik

chaknik
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 01 March 2013 - 11:56 AM

Well, I ran the TDSSKiller.exe (run as adminstrator) failed to initialize, wouldn't run. Changed name to td.com(no option to run as administrator), ran the  program, it found no problems but there was the  word 'Report' at the top right of the window. I clicked it and a text file called 'report' opened. I highlighted all the text and tried to copy but it wouldn't copy. So, sorry to say, I've come back empty handed.????? There was no TDSSKiller....log.txt generated, even after I rebooted.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 18,050 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:05:38 PM

Posted 01 March 2013 - 11:59 AM

Did you check your C: drive for the report? If it is there you can attach it.
Regards,
Gary

If I do not respond to you within 24 hours of your post please send me a Personal Message .


"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 chaknik

chaknik
  • Topic Starter

  • Members
  • 91 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:38 PM

Posted 01 March 2013 - 12:34 PM

Yes, it was there. Sorry again. Everytime I click a link or try to get back to this page, it takes several attempts....always timing out. I kinda lose sight of where I am at times.

 

10:36:25.0187 2208  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
10:36:25.0187 2208  ============================================================
10:36:25.0187 2208  Current date / time: 2013/03/01 10:36:25.0187
10:36:25.0187 2208  SystemInfo:
10:36:25.0187 2208 
10:36:25.0187 2208  OS Version: 5.1.2600 ServicePack: 3.0
10:36:25.0187 2208  Product type: Workstation
10:36:25.0187 2208  ComputerName: RAS
10:36:25.0187 2208  UserName: Froy
10:36:25.0187 2208  Windows directory: C:\WINDOWS
10:36:25.0187 2208  System windows directory: C:\WINDOWS
10:36:25.0187 2208  Processor architecture: Intel x86
10:36:25.0187 2208  Number of processors: 2
10:36:25.0187 2208  Page size: 0x1000
10:36:25.0187 2208  Boot type: Normal boot
10:36:25.0187 2208  ============================================================
10:36:25.0562 2208  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:36:25.0609 2208  ============================================================
10:36:25.0609 2208  \Device\Harddisk0\DR0:
10:36:25.0609 2208  MBR partitions:
10:36:25.0609 2208  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x24E107F2
10:36:25.0609 2208  ============================================================
10:36:25.0640 2208  C: <-> \Device\Harddisk0\DR0\Partition1
10:36:25.0640 2208  ============================================================
10:36:25.0640 2208  Initialize success
10:36:25.0640 2208  ============================================================
10:36:36.0046 2232  ============================================================
10:36:36.0046 2232  Scan started
10:36:36.0046 2232  Mode: Manual;
10:36:36.0046 2232  ============================================================
10:36:36.0171 2232  ================ Scan system memory ========================
10:36:36.0187 2232  System memory - ok
10:36:36.0187 2232  ================ Scan services =============================
10:36:36.0218 2232  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
10:36:36.0218 2232  !SASCORE - ok
10:36:36.0328 2232  [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883           C:\WINDOWS\system32\DRIVERS\61883.sys
10:36:36.0328 2232  61883 - ok
10:36:36.0328 2232  Abiosdsk - ok
10:36:36.0343 2232  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
10:36:36.0343 2232  abp480n5 - ok
10:36:36.0375 2232  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:36:36.0375 2232  ACPI - ok
10:36:36.0406 2232  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:36:36.0406 2232  ACPIEC - ok
10:36:36.0484 2232  [ 9942DC4CC265CDA00486504444EF521D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:36:36.0484 2232  AdobeFlashPlayerUpdateSvc - ok
10:36:36.0531 2232  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
10:36:36.0546 2232  adpu160m - ok
10:36:36.0562 2232  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:36:36.0562 2232  aec - ok
10:36:36.0609 2232  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:36:36.0625 2232  AFD - ok
10:36:36.0640 2232  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
10:36:36.0656 2232  agp440 - ok
10:36:36.0703 2232  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
10:36:36.0703 2232  agpCPQ - ok
10:36:36.0703 2232  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
10:36:36.0703 2232  Aha154x - ok
10:36:36.0718 2232  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
10:36:36.0718 2232  aic78u2 - ok
10:36:36.0718 2232  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
10:36:36.0718 2232  aic78xx - ok
10:36:36.0750 2232  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:36:36.0750 2232  Alerter - ok
10:36:36.0781 2232  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
10:36:36.0781 2232  ALG - ok
10:36:36.0796 2232  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
10:36:36.0796 2232  AliIde - ok
10:36:36.0812 2232  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
10:36:36.0812 2232  alim1541 - ok
10:36:36.0828 2232  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
10:36:36.0828 2232  amdagp - ok
10:36:36.0828 2232  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
10:36:36.0828 2232  amsint - ok
10:36:36.0859 2232  AppMgmt - ok
10:36:36.0875 2232  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
10:36:36.0875 2232  Arp1394 - ok
10:36:36.0890 2232  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
10:36:36.0890 2232  asc - ok
10:36:36.0906 2232  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
10:36:36.0906 2232  asc3350p - ok
10:36:36.0906 2232  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
10:36:36.0906 2232  asc3550 - ok
10:36:36.0937 2232  [ 5B01AF89D16D562825C4DB4530F20CBB ] ASPI32          C:\WINDOWS\system32\drivers\aspi32.sys
10:36:36.0937 2232  ASPI32 - ok
10:36:37.0062 2232  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
10:36:37.0062 2232  aspnet_state - ok
10:36:37.0078 2232  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:36:37.0078 2232  AsyncMac - ok
10:36:37.0109 2232  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:36:37.0109 2232  atapi - ok
10:36:37.0109 2232  Atdisk - ok
10:36:37.0125 2232  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:36:37.0125 2232  Atmarpc - ok
10:36:37.0156 2232  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:36:37.0156 2232  AudioSrv - ok
10:36:37.0171 2232  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:36:37.0171 2232  audstub - ok
10:36:37.0187 2232  [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc             C:\WINDOWS\system32\DRIVERS\avc.sys
10:36:37.0187 2232  Avc - ok
10:36:37.0203 2232  [ CAE7B6E4D7EB17829C526153D19B9C95 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
10:36:37.0218 2232  avgtp - ok
10:36:37.0250 2232  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:36:37.0250 2232  Beep - ok
10:36:37.0296 2232  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:36:37.0468 2232  BITS - ok
10:36:37.0500 2232  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
10:36:37.0515 2232  Browser - ok
10:36:37.0546 2232  [ 0F249BE872F618AABA8D641E81AA3D21 ] btaudio         C:\WINDOWS\system32\drivers\btaudio.sys
10:36:37.0546 2232  btaudio - ok
10:36:37.0578 2232  [ 07F0A66CFA550B13AD0674AE09E3CBA0 ] BTDriver        C:\WINDOWS\system32\DRIVERS\btport.sys
10:36:37.0578 2232  BTDriver - ok
10:36:37.0625 2232  [ ADE37AB15C958F5DB2F85431CCA8763A ] BTKRNL          C:\WINDOWS\system32\DRIVERS\btkrnl.sys
10:36:37.0640 2232  BTKRNL - ok
10:36:37.0718 2232  [ B7822EA8D11717D1FE27295EAFF3E2CE ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
10:36:37.0734 2232  btwdins - ok
10:36:37.0765 2232  [ B1D350F3F13CF340FCE93912D2BA1EBF ] BTWDNDIS        C:\WINDOWS\system32\DRIVERS\btwdndis.sys
10:36:37.0765 2232  BTWDNDIS - ok
10:36:37.0781 2232  [ 6BEB0ADAA3D2B80E6515EEC5D03B7540 ] btwhid          C:\WINDOWS\system32\DRIVERS\btwhid.sys
10:36:37.0781 2232  btwhid - ok
10:36:37.0812 2232  [ E206EC370646E42DC862FD995869D31D ] btwmodem        C:\WINDOWS\system32\DRIVERS\btwmodem.sys
10:36:37.0812 2232  btwmodem - ok
10:36:37.0843 2232  [ A01FD9851406DE0870C23759E2F7B6EA ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
10:36:37.0843 2232  BTWUSB - ok
10:36:37.0890 2232  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
10:36:37.0906 2232  cbidf - ok
10:36:37.0906 2232  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:36:37.0906 2232  cbidf2k - ok
10:36:37.0921 2232  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:36:37.0921 2232  CCDECODE - ok
10:36:37.0937 2232  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
10:36:37.0937 2232  cd20xrnt - ok
10:36:37.0968 2232  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:36:37.0968 2232  Cdaudio - ok
10:36:38.0015 2232  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:36:38.0015 2232  Cdfs - ok
10:36:38.0015 2232  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:36:38.0015 2232  Cdrom - ok
10:36:38.0015 2232  Changer - ok
10:36:38.0062 2232  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:36:38.0062 2232  CiSvc - ok
10:36:38.0078 2232  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:36:38.0078 2232  ClipSrv - ok
10:36:38.0093 2232  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:36:38.0093 2232  clr_optimization_v2.0.50727_32 - ok
10:36:38.0125 2232  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
10:36:38.0125 2232  CmdIde - ok
10:36:38.0125 2232  COMSysApp - ok
10:36:38.0140 2232  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
10:36:38.0140 2232  Cpqarray - ok
10:36:38.0156 2232  [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
10:36:38.0171 2232  Creative Service for CDROM Access - ok
10:36:38.0171 2232  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:36:38.0171 2232  CryptSvc - ok
10:36:38.0234 2232  [ 8A9C65CE4FE6E8CB24CE06BA28D951A0 ] ctac32k         C:\WINDOWS\system32\drivers\ctac32k.sys
10:36:38.0234 2232  ctac32k - ok
10:36:38.0250 2232  [ 47236971DFB3E03690B98E41665D0924 ] ctaud2k         C:\WINDOWS\system32\drivers\ctaud2k.sys
10:36:38.0250 2232  ctaud2k - ok
10:36:38.0312 2232  [ 5A0EEB00B02FC78605AA9D3590B24978 ] ctdvda2k        C:\WINDOWS\system32\drivers\ctdvda2k.sys
10:36:38.0312 2232  ctdvda2k - ok
10:36:38.0312 2232  [ 2381CF056C15271F6B8DAB50FF82CF3A ] ctprxy2k        C:\WINDOWS\system32\drivers\ctprxy2k.sys
10:36:38.0312 2232  ctprxy2k - ok
10:36:38.0343 2232  [ DA1C530DE86C85A701138B30FB145AF3 ] ctsfm2k         C:\WINDOWS\system32\drivers\ctsfm2k.sys
10:36:38.0343 2232  ctsfm2k - ok
10:36:38.0375 2232  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
10:36:38.0375 2232  dac2w2k - ok
10:36:38.0390 2232  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
10:36:38.0390 2232  dac960nt - ok
10:36:38.0437 2232  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:36:38.0437 2232  DcomLaunch - ok
10:36:38.0484 2232  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:36:38.0484 2232  Dhcp - ok
10:36:38.0500 2232  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:36:38.0500 2232  Disk - ok
10:36:38.0500 2232  dmadmin - ok
10:36:38.0546 2232  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:36:38.0578 2232  dmboot - ok
10:36:38.0578 2232  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:36:38.0578 2232  dmio - ok
10:36:38.0593 2232  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:36:38.0593 2232  dmload - ok
10:36:38.0609 2232  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:36:38.0625 2232  dmserver - ok
10:36:38.0640 2232  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:36:38.0640 2232  DMusic - ok
10:36:38.0671 2232  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:36:38.0671 2232  Dnscache - ok
10:36:38.0718 2232  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:36:38.0718 2232  Dot3svc - ok
10:36:38.0718 2232  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
10:36:38.0734 2232  dpti2o - ok
10:36:38.0734 2232  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:36:38.0734 2232  drmkaud - ok
10:36:38.0765 2232  [ 245F62A2AA67F4A61F10174BF1017327 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
10:36:38.0765 2232  DSBrokerService - ok
10:36:38.0796 2232  [ 413F2D5F9D802688242C23B38F767ECB ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
10:36:38.0796 2232  DSproct - ok
10:36:38.0796 2232  [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv        C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
10:36:38.0796 2232  dsunidrv - ok
10:36:38.0812 2232  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
10:36:38.0812 2232  E100B - ok
10:36:38.0843 2232  [ 00192F0C612591D585594E9467E6CA8B ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:36:38.0843 2232  e1express - ok
10:36:38.0875 2232  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:36:38.0875 2232  EapHost - ok
10:36:38.0906 2232  [ 661CF27263F3E0B553BE050A42D357DB ] emupia          C:\WINDOWS\system32\drivers\emupia2k.sys
10:36:38.0906 2232  emupia - ok
10:36:38.0937 2232  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:36:38.0937 2232  ERSvc - ok
10:36:38.0968 2232  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
10:36:38.0968 2232  Eventlog - ok
10:36:39.0031 2232  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\Es.dll
10:36:39.0031 2232  EventSystem - ok
10:36:39.0046 2232  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:36:39.0046 2232  Fastfat - ok
10:36:39.0093 2232  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:36:39.0093 2232  FastUserSwitchingCompatibility - ok
10:36:39.0125 2232  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:36:39.0125 2232  Fdc - ok
10:36:39.0156 2232  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:36:39.0156 2232  Fips - ok
10:36:39.0171 2232  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
10:36:39.0171 2232  Flpydisk - ok
10:36:39.0203 2232  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:36:39.0203 2232  FltMgr - ok
10:36:39.0296 2232  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:36:39.0296 2232  FontCache3.0.0.0 - ok
10:36:39.0312 2232  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:36:39.0312 2232  Fs_Rec - ok
10:36:39.0312 2232  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:36:39.0328 2232  Ftdisk - ok
10:36:39.0390 2232  [ D3316F6E3C011435F36E3D6E49B3196C ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
10:36:39.0390 2232  GoToAssist - ok
10:36:39.0421 2232  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:36:39.0421 2232  Gpc - ok
10:36:39.0484 2232  [ 862D4185D43128FEF7818711F8F30436 ] ha20x2k         C:\WINDOWS\system32\drivers\ha20x2k.sys
10:36:39.0500 2232  ha20x2k - ok
10:36:39.0578 2232  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:36:39.0593 2232  helpsvc - ok
10:36:39.0609 2232  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:36:39.0609 2232  HidServ - ok
10:36:39.0625 2232  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:36:39.0625 2232  HidUsb - ok
10:36:39.0656 2232  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:36:39.0671 2232  hkmsvc - ok
10:36:39.0718 2232  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
10:36:39.0718 2232  hpn - ok
10:36:39.0718 2232  HSF_DPV - ok
10:36:39.0765 2232  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:36:39.0765 2232  HTTP - ok
10:36:39.0796 2232  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:36:39.0796 2232  HTTPFilter - ok
10:36:39.0828 2232  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
10:36:39.0828 2232  i2omgmt - ok
10:36:39.0843 2232  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
10:36:39.0843 2232  i2omp - ok
10:36:39.0843 2232  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:36:39.0859 2232  i8042prt - ok
10:36:39.0937 2232  [ B122BE74E283A2BC7FEBC180BFD2EFD5 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
10:36:39.0937 2232  IAANTMON - ok
10:36:39.0984 2232  [ 019CF5F31C67030841233C545A0E217A ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
10:36:39.0984 2232  iaStor - ok
10:36:40.0093 2232  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
10:36:40.0093 2232  IDriverT - ok
10:36:40.0156 2232  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:36:40.0156 2232  idsvc - ok
10:36:40.0218 2232  [ CC8DBB39941DFED9DC34C463F0ED7660 ] IERA            C:\Program Files\Sierra Wireless Inc\IERA\IERA.exe
10:36:40.0234 2232  IERA - ok
10:36:40.0265 2232  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:36:40.0265 2232  Imapi - ok
10:36:40.0312 2232  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:36:40.0312 2232  ImapiService - ok
10:36:40.0343 2232  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
10:36:40.0343 2232  ini910u - ok
10:36:40.0359 2232  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
10:36:40.0359 2232  IntelIde - ok
10:36:40.0390 2232  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:36:40.0390 2232  intelppm - ok
10:36:40.0406 2232  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:36:40.0406 2232  Ip6Fw - ok
10:36:40.0421 2232  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:36:40.0421 2232  IpFilterDriver - ok
10:36:40.0421 2232  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:36:40.0421 2232  IpInIp - ok
10:36:40.0437 2232  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:36:40.0453 2232  IpNat - ok
10:36:40.0468 2232  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:36:40.0468 2232  IPSec - ok
10:36:40.0500 2232  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:36:40.0500 2232  IRENUM - ok
10:36:40.0531 2232  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:36:40.0531 2232  isapnp - ok
10:36:40.0640 2232  [ CC54FD59486BEF7CE70275FAC2FD9D34 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:36:40.0640 2232  JavaQuickStarterService - ok
10:36:40.0656 2232  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:36:40.0671 2232  Kbdclass - ok
10:36:40.0671 2232  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:36:40.0671 2232  kbdhid - ok
10:36:40.0671 2232  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:36:40.0687 2232  kmixer - ok
10:36:40.0703 2232  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:36:40.0703 2232  KSecDD - ok
10:36:40.0765 2232  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
10:36:40.0765 2232  LanmanServer - ok
10:36:40.0828 2232  [ A8888A5327621856C0CEC4E385F69309 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
10:36:40.0828 2232  LanmanWorkstation - ok
10:36:40.0828 2232  Lavasoft Kernexplorer - ok
10:36:40.0828 2232  lbrtfdc - ok
10:36:40.0921 2232  [ D27DD0015DCECF445F229020D263392A ] LBTServ         C:\Program Files\Common Files\Logitech\Bluetooth\LBTSERV.EXE
10:36:40.0921 2232  LBTServ - ok
10:36:40.0968 2232  [ 597D79382C154CEDB638A65012925A23 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
10:36:40.0968 2232  LHidFilt - ok
10:36:40.0984 2232  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:36:40.0984 2232  LmHosts - ok
10:36:41.0015 2232  [ 9EAD053D28182BD6ACB19D5F58202194 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
10:36:41.0015 2232  LMouFilt - ok
10:36:41.0093 2232  [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc          C:\Program Files\Microsoft Fix it Center\Matsvc.exe
10:36:41.0093 2232  MatSvc - ok
10:36:41.0125 2232  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:36:41.0125 2232  Messenger - ok
10:36:41.0156 2232  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:36:41.0156 2232  mnmdd - ok
10:36:41.0171 2232  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:36:41.0171 2232  mnmsrvc - ok
10:36:41.0187 2232  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:36:41.0187 2232  Modem - ok
10:36:41.0203 2232  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
10:36:41.0203 2232  MODEMCSA - ok
10:36:41.0218 2232  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:36:41.0218 2232  Mouclass - ok
10:36:41.0218 2232  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:36:41.0218 2232  mouhid - ok
10:36:41.0250 2232  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:36:41.0250 2232  MountMgr - ok
10:36:41.0281 2232  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
10:36:41.0281 2232  mraid35x - ok
10:36:41.0296 2232  MREMP50 - ok
10:36:41.0296 2232  MREMP50a64 - ok
10:36:41.0296 2232  MRESP50 - ok
10:36:41.0296 2232  MRESP50a64 - ok
10:36:41.0296 2232  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:36:41.0312 2232  MRxDAV - ok
10:36:41.0375 2232  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:36:41.0375 2232  MRxSmb - ok
10:36:41.0375 2232  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:36:41.0390 2232  MSDTC - ok
10:36:41.0406 2232  [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV            C:\WINDOWS\system32\DRIVERS\msdv.sys
10:36:41.0406 2232  MSDV - ok
10:36:41.0421 2232  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:36:41.0421 2232  Msfs - ok
10:36:41.0421 2232  MSIServer - ok
10:36:41.0453 2232  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:36:41.0453 2232  MSKSSRV - ok
10:36:41.0453 2232  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:36:41.0453 2232  MSPCLOCK - ok
10:36:41.0468 2232  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:36:41.0468 2232  MSPQM - ok
10:36:41.0484 2232  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:36:41.0484 2232  mssmbios - ok
10:36:41.0531 2232  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:36:41.0531 2232  MSTEE - ok
10:36:41.0531 2232  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:36:41.0531 2232  Mup - ok
10:36:41.0546 2232  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:36:41.0562 2232  NABTSFEC - ok
10:36:41.0593 2232  [ 1E59AAED42A5E3A5ED86EC403F9C0776 ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
10:36:41.0609 2232  NAL - ok
10:36:41.0625 2232  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:36:41.0640 2232  napagent - ok
10:36:41.0671 2232  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:36:41.0671 2232  NDIS - ok
10:36:41.0687 2232  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:36:41.0687 2232  NdisIP - ok
10:36:41.0718 2232  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:36:41.0718 2232  NdisTapi - ok
10:36:41.0750 2232  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:36:41.0750 2232  Ndisuio - ok
10:36:41.0765 2232  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:36:41.0765 2232  NdisWan - ok
10:36:41.0812 2232  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:36:41.0812 2232  NDProxy - ok
10:36:41.0812 2232  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:36:41.0812 2232  NetBIOS - ok
10:36:41.0828 2232  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:36:41.0828 2232  NetBT - ok
10:36:41.0859 2232  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:36:41.0859 2232  NetDDE - ok
10:36:41.0875 2232  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:36:41.0875 2232  NetDDEdsdm - ok
10:36:41.0906 2232  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:36:41.0906 2232  Netlogon - ok
10:36:41.0921 2232  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
10:36:41.0921 2232  Netman - ok
10:36:41.0953 2232  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:36:41.0953 2232  NetTcpPortSharing - ok
10:36:41.0968 2232  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
10:36:41.0968 2232  NIC1394 - ok
10:36:42.0015 2232  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:36:42.0031 2232  Nla - ok
10:36:42.0062 2232  [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm              C:\WINDOWS\system32\DRIVERS\NMnt.sys
10:36:42.0062 2232  nm - ok
10:36:42.0078 2232  [ 05F6BE0427ECB1D4F0985217F30F49F2 ] NPF             C:\WINDOWS\system32\drivers\npf.sys
10:36:42.0078 2232  NPF - ok
10:36:42.0078 2232  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:36:42.0078 2232  Npfs - ok
10:36:42.0125 2232  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:36:42.0171 2232  Ntfs - ok
10:36:42.0171 2232  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:36:42.0171 2232  NtLmSsp - ok
10:36:42.0218 2232  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:36:42.0234 2232  NtmsSvc - ok
10:36:42.0265 2232  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:36:42.0265 2232  Null - ok
10:36:42.0468 2232  [ 81B2932BDD8686D70AFD87FD13BC183D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:36:42.0656 2232  nv - ok
10:36:42.0687 2232  [ E0DFD64A91F5173A554A872BB9B3F4B3 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
10:36:42.0687 2232  NVSvc - ok
10:36:42.0718 2232  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:36:42.0734 2232  NwlnkFlt - ok
10:36:42.0734 2232  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:36:42.0734 2232  NwlnkFwd - ok
10:36:42.0843 2232  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:36:42.0843 2232  odserv - ok
10:36:42.0859 2232  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
10:36:42.0859 2232  ohci1394 - ok
10:36:42.0875 2232  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:36:42.0875 2232  ose - ok
10:36:42.0906 2232  [ 99F877A7BB6FEB5AF1184EAFE937C208 ] ossrv           C:\WINDOWS\system32\drivers\ctoss2k.sys
10:36:42.0906 2232  ossrv - ok
10:36:42.0937 2232  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:36:42.0937 2232  Parport - ok
10:36:42.0953 2232  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:36:42.0953 2232  PartMgr - ok
10:36:42.0984 2232  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:36:42.0984 2232  ParVdm - ok
10:36:43.0000 2232  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:36:43.0000 2232  PCI - ok
10:36:43.0015 2232  PCIDump - ok
10:36:43.0046 2232  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:36:43.0046 2232  PCIIde - ok
10:36:43.0062 2232  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:36:43.0062 2232  Pcmcia - ok
10:36:43.0078 2232  [ 7E0F42201E8948315998FCDB0D97F519 ] PCTINDIS5       C:\WINDOWS\system32\PCTINDIS5.SYS
10:36:43.0078 2232  PCTINDIS5 - ok
10:36:43.0078 2232  PDCOMP - ok
10:36:43.0093 2232  PDFRAME - ok
10:36:43.0093 2232  PDRELI - ok
10:36:43.0093 2232  PDRFRAME - ok
10:36:43.0093 2232  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
10:36:43.0093 2232  perc2 - ok
10:36:43.0109 2232  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
10:36:43.0109 2232  perc2hib - ok
10:36:43.0140 2232  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:36:43.0140 2232  PlugPlay - ok
10:36:43.0156 2232  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:36:43.0156 2232  PolicyAgent - ok
10:36:43.0156 2232  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:36:43.0156 2232  PptpMiniport - ok
10:36:43.0171 2232  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:36:43.0171 2232  ProtectedStorage - ok
10:36:43.0171 2232  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:36:43.0171 2232  Ptilink - ok
10:36:43.0187 2232  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:36:43.0187 2232  PxHelp20 - ok
10:36:43.0203 2232  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
10:36:43.0203 2232  ql1080 - ok
10:36:43.0234 2232  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
10:36:43.0234 2232  Ql10wnt - ok
10:36:43.0234 2232  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
10:36:43.0234 2232  ql12160 - ok
10:36:43.0265 2232  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
10:36:43.0265 2232  ql1240 - ok
10:36:43.0265 2232  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
10:36:43.0265 2232  ql1280 - ok
10:36:43.0281 2232  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:36:43.0281 2232  RasAcd - ok
10:36:43.0312 2232  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:36:43.0312 2232  RasAuto - ok
10:36:43.0343 2232  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:36:43.0343 2232  Rasl2tp - ok
10:36:43.0390 2232  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:36:43.0390 2232  RasMan - ok
10:36:43.0406 2232  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:36:43.0406 2232  RasPppoe - ok
10:36:43.0406 2232  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:36:43.0406 2232  Raspti - ok
10:36:43.0421 2232  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:36:43.0421 2232  Rdbss - ok
10:36:43.0421 2232  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:36:43.0421 2232  RDPCDD - ok
10:36:43.0453 2232  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:36:43.0453 2232  rdpdr - ok
10:36:43.0484 2232  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:36:43.0484 2232  RDPWD - ok
10:36:43.0531 2232  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:36:43.0531 2232  RDSessMgr - ok
10:36:43.0546 2232  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:36:43.0546 2232  redbook - ok
10:36:43.0578 2232  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:36:43.0593 2232  RemoteAccess - ok
10:36:43.0609 2232  [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
10:36:43.0609 2232  RimVSerPort - ok
10:36:43.0625 2232  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
10:36:43.0625 2232  ROOTMODEM - ok
10:36:43.0703 2232  [ D131B07080C7CCB6EE2CC1494D6F58B4 ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
10:36:43.0703 2232  rpcapd - ok
10:36:43.0718 2232  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:36:43.0718 2232  RpcLocator - ok
10:36:43.0750 2232  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:36:43.0750 2232  RpcSs - ok
10:36:43.0781 2232  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:36:43.0781 2232  RSVP - ok
10:36:43.0828 2232  SABProcEnum - ok
10:36:43.0843 2232  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:36:43.0843 2232  SamSs - ok
10:36:43.0875 2232  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
10:36:43.0875 2232  SASDIFSV - ok
10:36:43.0906 2232  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
10:36:43.0906 2232  SASKUTIL - ok
10:36:43.0906 2232  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:36:43.0921 2232  SCardSvr - ok
10:36:43.0968 2232  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:36:43.0984 2232  Schedule - ok
10:36:44.0015 2232  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:36:44.0015 2232  Secdrv - ok
10:36:44.0031 2232  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:36:44.0031 2232  seclogon - ok
10:36:44.0062 2232  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
10:36:44.0062 2232  SENS - ok
10:36:44.0078 2232  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:36:44.0078 2232  serenum - ok
10:36:44.0078 2232  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:36:44.0093 2232  Serial - ok
10:36:44.0109 2232  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:36:44.0109 2232  Sfloppy - ok
10:36:44.0156 2232  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:36:44.0156 2232  SharedAccess - ok
10:36:44.0203 2232  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:36:44.0203 2232  ShellHWDetection - ok
10:36:44.0203 2232  Simbad - ok
10:36:44.0234 2232  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
10:36:44.0234 2232  sisagp - ok
10:36:44.0234 2232  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:36:44.0234 2232  SLIP - ok
10:36:44.0328 2232  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
10:36:44.0328 2232  Sparrow - ok
10:36:44.0343 2232  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:36:44.0359 2232  splitter - ok
10:36:44.0406 2232  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:36:44.0406 2232  Spooler - ok
10:36:44.0453 2232  sprtsvc_dellsupportcenter - ok
10:36:44.0468 2232  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:36:44.0468 2232  sr - ok
10:36:44.0500 2232  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:36:44.0500 2232  srservice - ok
10:36:44.0546 2232  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:36:44.0546 2232  Srv - ok
10:36:44.0546 2232  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:36:44.0562 2232  SSDPSRV - ok
10:36:44.0562 2232  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:36:44.0562 2232  stisvc - ok
10:36:44.0578 2232  stllssvr - ok
10:36:44.0609 2232  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:36:44.0609 2232  streamip - ok
10:36:44.0625 2232  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:36:44.0625 2232  swenum - ok
10:36:44.0656 2232  [ FDBD13CE3B3FC298E7FBB98B026F1ECB ] swg3kser00      C:\WINDOWS\system32\DRIVERS\swg3kser00.sys
10:36:44.0656 2232  swg3kser00 - ok
10:36:44.0703 2232  [ 1BD6EE93178F01E58ECA846DA0C69F14 ] SwiCardDetectSvc C:\Program Files\Sierra Wireless Inc\Common\SwiCardDetect.exe
10:36:44.0703 2232  SwiCardDetectSvc - ok
10:36:44.0734 2232  [ 5230AAB3A00B0A1B89580D8ED85B5BFA ] swivsp          C:\WINDOWS\system32\DRIVERS\swivspnt.sys
10:36:44.0750 2232  swivsp - ok
10:36:44.0765 2232  [ C61566BE5B8DA87F1B2BD3D9EC08592D ] swiwdmbx        C:\WINDOWS\system32\DRIVERS\swiwdmbx.sys
10:36:44.0765 2232  swiwdmbx - ok
10:36:44.0781 2232  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:36:44.0781 2232  swmidi - ok
10:36:44.0828 2232  [ 4748C3FBD786AA84852F0ACC416C932A ] SWNC8U12        C:\WINDOWS\system32\DRIVERS\swnc8u12.sys
10:36:44.0828 2232  SWNC8U12 - ok
10:36:44.0859 2232  [ 1D394F1585793AC2A9738028FF97FBE3 ] SWNC8UA3        C:\WINDOWS\system32\DRIVERS\swnc8ua3.sys
10:36:44.0859 2232  SWNC8UA3 - ok
10:36:44.0859 2232  SwPrv - ok
10:36:44.0890 2232  [ 574A712E3015A7E092756DB3D1982107 ] swumx12         C:\WINDOWS\system32\DRIVERS\swumx12.sys
10:36:44.0890 2232  swumx12 - ok
10:36:44.0890 2232  SWUMX20 - ok
10:36:44.0906 2232  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
10:36:44.0921 2232  symc810 - ok
10:36:44.0921 2232  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
10:36:44.0921 2232  symc8xx - ok
10:36:44.0921 2232  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
10:36:44.0921 2232  sym_hi - ok
10:36:44.0921 2232  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
10:36:44.0921 2232  sym_u3 - ok
10:36:44.0921 2232  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:36:44.0937 2232  sysaudio - ok
10:36:44.0984 2232  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:36:44.0984 2232  SysmonLog - ok
10:36:45.0015 2232  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:36:45.0015 2232  TapiSrv - ok
10:36:45.0062 2232  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:36:45.0078 2232  Tcpip - ok
10:36:45.0093 2232  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:36:45.0093 2232  TDPIPE - ok
10:36:45.0109 2232  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:36:45.0109 2232  TDTCP - ok
10:36:45.0140 2232  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:36:45.0140 2232  TermDD - ok
10:36:45.0171 2232  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
10:36:45.0171 2232  TermService - ok
10:36:45.0203 2232  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:36:45.0203 2232  Themes - ok
10:36:45.0234 2232  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
10:36:45.0234 2232  TosIde - ok
10:36:45.0265 2232  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:36:45.0265 2232  TrkWks - ok
10:36:45.0421 2232  [ 9DF6AD6FC51A802808621CBFB2A88453 ] TuneUp.UtilitiesSvc C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
10:36:45.0453 2232  TuneUp.UtilitiesSvc - ok
10:36:45.0468 2232  [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys
10:36:45.0468 2232  TuneUpUtilitiesDrv - ok
10:36:45.0500 2232  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:36:45.0500 2232  Udfs - ok
10:36:45.0531 2232  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
10:36:45.0531 2232  ultra - ok
10:36:45.0578 2232  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:36:45.0578 2232  Update - ok
10:36:45.0609 2232  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:36:45.0609 2232  upnphost - ok
10:36:45.0640 2232  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
10:36:45.0640 2232  UPS - ok
10:36:45.0671 2232  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:36:45.0671 2232  usbccgp - ok
10:36:45.0687 2232  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:36:45.0687 2232  usbehci - ok
10:36:45.0734 2232  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:36:45.0734 2232  usbhub - ok
10:36:45.0750 2232  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:36:45.0750 2232  usbprint - ok
10:36:45.0765 2232  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:36:45.0765 2232  usbscan - ok
10:36:45.0781 2232  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:36:45.0781 2232  USBSTOR - ok
10:36:45.0781 2232  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:36:45.0796 2232  usbuhci - ok
10:36:45.0796 2232  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:36:45.0796 2232  VgaSave - ok
10:36:45.0796 2232  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
10:36:45.0796 2232  viaagp - ok
10:36:45.0828 2232  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
10:36:45.0828 2232  ViaIde - ok
10:36:45.0843 2232  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:36:45.0859 2232  VolSnap - ok
10:36:45.0859 2232  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
10:36:45.0875 2232  VSS - ok
10:36:45.0937 2232  [ 3AD1E72748978D8B0B3B674741E4C3E2 ] vToolbarUpdater14.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe
10:36:45.0984 2232  vToolbarUpdater14.2.0 - ok
10:36:46.0015 2232  [ 96D9503DF68CD4DCFEE9F44903DB5BB0 ] VWan2k          C:\WINDOWS\system32\DRIVERS\VWan2k.SYS
10:36:46.0015 2232  VWan2k - ok
10:36:46.0046 2232  [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time         C:\WINDOWS\system32\w32time.dll
10:36:46.0046 2232  w32time - ok
10:36:46.0062 2232  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:36:46.0062 2232  Wanarp - ok
10:36:46.0109 2232  [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
10:36:46.0109 2232  Wdf01000 - ok
10:36:46.0125 2232  WDICA - ok
10:36:46.0140 2232  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:36:46.0140 2232  wdmaud - ok
10:36:46.0140 2232  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:36:46.0140 2232  WebClient - ok
10:36:46.0234 2232  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:36:46.0234 2232  winmgmt - ok
10:36:46.0265 2232  [ 051B1BDECD6DEE18C771B5D5EC7F044D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:36:46.0265 2232  WmdmPmSN - ok
10:36:46.0296 2232  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:36:46.0296 2232  WmiApSrv - ok
10:36:46.0390 2232  [ 6BAB4DC65515A098505F8B3D01FB6FE5 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
10:36:46.0421 2232  WMPNetworkSvc - ok
10:36:46.0437 2232  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
10:36:46.0437 2232  WS2IFSL - ok
10:36:46.0468 2232  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:36:46.0484 2232  wscsvc - ok
10:36:46.0500 2232  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:36:46.0500 2232  WSTCODEC - ok
10:36:46.0500 2232  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:36:46.0515 2232  wuauserv - ok
10:36:46.0531 2232  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:36:46.0531 2232  WudfPf - ok
10:36:46.0546 2232  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:36:46.0546 2232  WudfRd - ok
10:36:46.0562 2232  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:36:46.0562 2232  WudfSvc - ok
10:36:46.0609 2232  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:36:46.0625 2232  WZCSVC - ok
10:36:46.0656 2232  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:36:46.0671 2232  xmlprov - ok
10:36:46.0671 2232  ================ Scan global ===============================
10:36:46.0703 2232  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
10:36:46.0750 2232  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:36:46.0765 2232  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
10:36:46.0781 2232  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
10:36:46.0781 2232  [Global] - ok
10:36:46.0781 2232  ================ Scan MBR ==================================
10:36:46.0796 2232  [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR0
10:36:46.0968 2232  \Device\Harddisk0\DR0 - ok
10:36:46.0968 2232  ================ Scan VBR ==================================
10:36:46.0984 2232  [ 417163F24DFAD9C717ACCDB5E9AE3CEF ] \Device\Harddisk0\DR0\Partition1
10:36:46.0984 2232  \Device\Harddisk0\DR0\Partition1 - ok
10:36:46.0984 2232  ============================================================
10:36:46.0984 2232  Scan finished
10:36:46.0984 2232  ============================================================
10:36:46.0984 2224  Detected object count: 0
10:36:46.0984 2224  Actual detected object count: 0
10:38:43.0234 2204  Deinitialize success
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users