Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do I get rid of an annoying pop up that shows up every time I change screens


  • Please log in to reply
9 replies to this topic

#1 lantzpw

lantzpw

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 19 March 2013 - 05:06 AM

I am new to this so bear with me.

 

I am running Windows XP2 and have had AVG and now have Windows security essentials installed.  I also installed malwarebytes and scanned for viruses.  Nothing I do gets rid of the annoying pop up at the middle of the bottom of my explorer pages each time I move to a new page.  

 

When I right click on this image and click on properties I get the following...http://content.yieldmanager.edgesuite.net/atoms/20/86/7d/d6/20867dd63c93321414b484a4c7375236.gif

 

What is this and how do I get rid of it?

 

 



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 AM

Posted 19 March 2013 - 09:15 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg

  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.


    aswMBR1.png
  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.


    aswMBR2.png
  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png  button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

    esetsmartinstaller_enu.png

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 lantzpw

lantzpw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 19 March 2013 - 06:37 PM

Thank you very much for your help.

 

Here are the logs you requested....opps....I told you I was new at this...how does one paste the logs in here?  I copied them from my computer but they don't paste in



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 AM

Posted 19 March 2013 - 06:39 PM

Double click on the logs and copy the contents of the log and paste it here.

 

TDSSkiller log may be too big to post.Just last few lines of TDSSkiller log is enough.



#5 lantzpw

lantzpw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 19 March 2013 - 06:53 PM

C:\dell\Download\cnet_office-convert-word-txt-to-image-jpg-jpeg-free_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\dell\Download\Felix2.exe Win32/Joke.ScreenMate application cleaned by deleting - quarantined
C:\dell\Download\installfreefileopener4.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\dell\Download\registryfix.exe a variant of Win32/Adware.ErrorClean application cleaned by deleting - quarantined
C:\dell\Download\SoftonicDownloader_for_mightyfax.exe Win32/SoftonicDownloader.D application cleaned by deleting - quarantined
C:\Documents and Settings\All Users\Application Data\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Application Data\Sun\Java\Deployment\cache\6.0\37\5accfbe5-6a1edd9c probably a variant of Java/Exploit.Agent.NME trojan cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Application Data\Sun\Java\Deployment\cache\6.0\54\e1d7df6-1c22b966 probably a variant of Java/Exploit.Agent.NME trojan cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temp\download-SetupImgBurn_2.5.7.0.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temp\uninstall91145437.exe a variant of Win32/ExpressFiles.B application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temp\uninstall91175484.exe a variant of Win32/ExpressFiles.A application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temp\YontooSetup-S.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temp\Bunndle\BunndleOfferManager.dll a variant of Win32/Bunndle application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temporary Internet Files\Content.IE5\UJHXF7NG\firstload_com[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Lance P. Wimmer\Local Settings\Temporary Internet Files\Content.IE5\YQH8Z3H0\MapsGalaxy[1].exe Win32/AdInstaller application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\My Documents\Downloads\musicoasis (1).exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Documents and Settings\Lance P. Wimmer\My Documents\Downloads\musicoasis.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Application Data\Babylon\Setup\Setup.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\YontooSetup-Silent.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\7DCB3BA8-BAB0-7891-B3C8-B4A048A044C7\MyBabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\7DCB3BA8-BAB0-7891-B3C8-B4A048A044C7\Setup.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbar4ie.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\ICReinstall\cnet_office-convert-word-txt-to-image-jpg-jpeg-free_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\is-ST44B.tmp\BabylonTB.exe Win32/Toolbar.Babylon application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\is1598539481\setup.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\NeroInstallFiles\NERO20111209100620553\ISSetupPrerequisites\askToolbar\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\Documents and Settings\Lance Wimmer\Local Settings\Temp\NeroInstallFiles\NERO20111209105220039\ISSetupPrerequisites\askToolbar\Toolbar.exe a variant of Win32/Bundled.Toolbar.Ask application cleaned by deleting - quarantined
C:\LPW Files\Download\cdbxp_setup_4.5.1.3868.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\LPW Files\Download\cnet_office-convert-word-txt-to-image-jpg-jpeg-free_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\LPW Files\Download\converterlite_d166363.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\LPW Files\Download\dvdburning_d793035.exe probably a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\LPW Files\Download\Felix2.exe Win32/Joke.ScreenMate application cleaned by deleting - quarantined
C:\LPW Files\Download\FreeEasyCDDVDBurnerSetup-r101-w.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\LPW Files\Download\installfreefileopener4.exe a variant of Win32/InstallIQ application cleaned by deleting - quarantined
C:\LPW Files\Download\Pt219-gen05-12_downloader_us_99138.exe a variant of Win32/ExpressFiles.B application cleaned by deleting - quarantined
C:\LPW Files\Download\registryfix.exe a variant of Win32/Adware.ErrorClean application cleaned by deleting - quarantined
C:\LPW Files\Download\SetupImgBurn_2.5.7.0-d2c.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\LPW Files\Download\WinZip170.exe a variant of Win32/OpenInstall application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP51\A0056628.exe a variant of Win32/ExpressFiles.A application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP51\A0056630.exe a variant of Win32/YourFileDownloader.B application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP51\A0056639.exe a variant of Win32/ExpressFiles.B application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP59\A0076766.exe Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP64\A0079194.exe a variant of Win32/Toolbar.SearchSuite.A application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP64\A0079195.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP64\A0079196.dll a variant of Win32/Toolbar.SearchSuite application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP83\A0089772.exe a variant of Win32/InstallCore.AZ application cleaned by deleting - quarantined
C:\System Volume Information\_restore{B743AD0A-7D59-451C-BEFF-8C1EB707971B}\RP83\A0089773.exe a variant of Win32/InstallCore.AZ application cleaned by deleting - quarantined

 

 

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-03-11 08:28:50
-----------------------------
08:28:50.218    OS Version: Windows 5.1.2600 Service Pack 2
08:28:50.218    Number of processors: 2 586 0xF0D
08:28:50.218    ComputerName: LPWMOBILE  UserName:
08:28:52.375    Initialize success
08:42:18.812    AVAST engine defs: 13031100
08:42:57.343    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
08:42:57.343    Disk 0 Vendor: ST9160314AS 0003DEM1 Size: 152627MB BusType: 3
08:42:57.375    Disk 0 MBR read successfully
08:42:57.375    Disk 0 MBR scan
08:42:57.421    Disk 0 Windows XP default MBR code
08:42:57.421    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       86 MB offset 63
08:42:57.500    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       152539 MB offset 176715
08:42:57.531    Disk 0 scanning sectors +312576705
08:42:57.656    Disk 0 scanning C:\WINDOWS\system32\drivers
08:43:14.546    Service scanning
08:43:28.468    Service MpKsl2a48e499 C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{46A04DC9-3D2D-42CE-A7D8-993436A73791}\MpKsl2a48e499.sys **LOCKED** 32
08:43:43.171    Modules scanning
08:43:48.906    Disk 0 trace - called modules:
08:43:48.953    ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
08:43:48.953    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a298ab8]
08:43:48.968    3 CLASSPNP.SYS[ba11905b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a33bd98]
08:44:01.406    AVAST engine scan C:\WINDOWS
08:44:36.156    AVAST engine scan C:\WINDOWS\system32
08:50:53.937    AVAST engine scan C:\WINDOWS\system32\drivers
08:51:23.281    AVAST engine scan C:\Documents and Settings\Lance P. Wimmer
09:39:35.171    AVAST engine scan C:\Documents and Settings\All Users.WINDOWS
09:40:32.421    Scan finished successfully
10:37:18.578    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Lance P. Wimmer\Desktop\MBR.dat"
10:37:18.609    The log file has been saved successfully to "C:\Documents and Settings\Lance P. Wimmer\Desktop\aswMBR.txt"
10:37:46.625    Disk 0 MBR has been saved successfully to "C:\Virus check\MBR.dat"
10:37:46.640    The log file has been saved successfully to "C:\Virus check\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-19 11:37:14
-----------------------------
11:37:14.218    OS Version: Windows 5.1.2600 Service Pack 2
11:37:14.218    Number of processors: 2 586 0xF0D
11:37:14.218    ComputerName: LPWMOBILE  UserName:
11:37:18.437    Initialize success
11:37:28.062    AVAST engine defs: 13031900
11:37:39.968    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:37:39.968    Disk 0 Vendor: ST9160314AS 0003DEM1 Size: 152627MB BusType: 3
11:37:40.281    Disk 0 MBR read successfully
11:37:40.281    Disk 0 MBR scan
11:37:40.328    Disk 0 Windows XP default MBR code
11:37:40.343    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       86 MB offset 63
11:37:40.359    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       152539 MB offset 176715
11:37:40.375    Disk 0 scanning sectors +312576705
11:37:40.578    Disk 0 scanning C:\WINDOWS\system32\drivers
11:37:56.187    Service scanning
11:38:04.359    Service MpKsl8f7c4355 C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CCE87349-EFF9-4767-B27B-A78B55FAE5A7}\MpKsl8f7c4355.sys **LOCKED** 32
11:38:14.359    Modules scanning
11:38:26.734    Disk 0 trace - called modules:
11:38:26.765    ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
11:38:26.765    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a32fab8]
11:38:26.765    3 CLASSPNP.SYS[ba10905b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a290d98]
11:38:29.250    AVAST engine scan C:\WINDOWS
11:38:59.656    AVAST engine scan C:\WINDOWS\system32
11:44:46.421    AVAST engine scan C:\WINDOWS\system32\drivers
11:45:17.265    AVAST engine scan C:\Documents and Settings\Lance P. Wimmer
12:25:04.437    Disk 0 MBR has been saved successfully to "C:\Virus check\MBR.dat"
12:25:04.500    The log file has been saved successfully to "C:\Virus check\aswMBR.txt"


aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-03-19 11:37:14
-----------------------------
11:37:14.218    OS Version: Windows 5.1.2600 Service Pack 2
11:37:14.218    Number of processors: 2 586 0xF0D
11:37:14.218    ComputerName: LPWMOBILE  UserName:
11:37:18.437    Initialize success
11:37:28.062    AVAST engine defs: 13031900
11:37:39.968    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
11:37:39.968    Disk 0 Vendor: ST9160314AS 0003DEM1 Size: 152627MB BusType: 3
11:37:40.281    Disk 0 MBR read successfully
11:37:40.281    Disk 0 MBR scan
11:37:40.328    Disk 0 Windows XP default MBR code
11:37:40.343    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       86 MB offset 63
11:37:40.359    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       152539 MB offset 176715
11:37:40.375    Disk 0 scanning sectors +312576705
11:37:40.578    Disk 0 scanning C:\WINDOWS\system32\drivers
11:37:56.187    Service scanning
11:38:04.359    Service MpKsl8f7c4355 C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CCE87349-EFF9-4767-B27B-A78B55FAE5A7}\MpKsl8f7c4355.sys **LOCKED** 32
11:38:14.359    Modules scanning
11:38:26.734    Disk 0 trace - called modules:
11:38:26.765    ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
11:38:26.765    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a32fab8]
11:38:26.765    3 CLASSPNP.SYS[ba10905b] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a290d98]
11:38:29.250    AVAST engine scan C:\WINDOWS
11:38:59.656    AVAST engine scan C:\WINDOWS\system32
11:44:46.421    AVAST engine scan C:\WINDOWS\system32\drivers
11:45:17.265    AVAST engine scan C:\Documents and Settings\Lance P. Wimmer
12:25:04.437    Disk 0 MBR has been saved successfully to "C:\Virus check\MBR.dat"
12:25:04.500    The log file has been saved successfully to "C:\Virus check\aswMBR.txt"
12:31:32.906    AVAST engine scan C:\Documents and Settings\All Users.WINDOWS
12:32:53.500    Scan finished successfully
17:34:24.968    Disk 0 MBR has been saved successfully to "C:\Virus check\MBR.dat"
17:34:25.171    The log file has been saved successfully to "C:\Virus check\aswMBR.txt"

 

 

 

 

11:12:05.0640 4064  [ C7B7A88CC7D7ABA5C395145BF92F46F7 ] C:\WINDOWS\system32\mshtml.dll
11:12:05.0640 4064  C:\WINDOWS\system32\mshtml.dll - ok
11:12:05.0640 4064  [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
11:12:05.0640 4064  C:\WINDOWS\system32\msls31.dll - ok
11:12:05.0656 4064  ============================================================
11:12:05.0656 4064  Scan finished
11:12:05.0656 4064  ============================================================
11:12:05.0656 2976  Detected object count: 0
11:12:05.0656 2976  Actual detected object count: 0
11:13:35.0453 2856  Deinitialize success

 

 

 

 

 

hope this is what you need....pop ups still coming



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 AM

Posted 19 March 2013 - 07:03 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Make sure you are connected to the Internet and double-click on the it to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the MiniToolBox.jpg icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#7 lantzpw

lantzpw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 20 March 2013 - 08:35 AM

Thank you very much....again. Below are the files.

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.03.18.14

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 8.0.6001.18702
Lance P. Wimmer :: LPWMOBILE [administrator]

3/20/2013 6:41:44 AM
mbam-log-2013-03-20 (06-41-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 384760
Time elapsed: 44 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

■MiniToolBox log

 

MiniToolBox by Farbar  Version:05-03-2013
Ran by Lance P. Wimmer (administrator) on 20-03-2013 at 07:43:04
Running from "C:\LPW Files\Download"
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Dell Wireless 1397 WLAN Mini-Card = Wireless Network Connection (Connected)
Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration

 


Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : lpwmobile

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

        DNS Suffix Search List. . . . . . : gateway.2wire.net

Ethernet adapter Local Area Connection:

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

        Physical Address. . . . . . . . . : 00-23-AE-40-33-2F

Ethernet adapter Wireless Network Connection:

        Connection-specific DNS Suffix  . : gateway.2wire.net

        Description . . . . . . . . . . . : Dell Wireless 1397 WLAN Mini-Card

        Physical Address. . . . . . . . . : 00-25-56-A0-89-0D

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.101

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 172.16.0.1

        Lease Obtained. . . . . . . . . . : Tuesday, March 19, 2013 11:08:03 PM

        Lease Expires . . . . . . . . . . : Wednesday, March 20, 2013 11:08:03 PM

Server:  homeportal.gateway.2wire.net
Address:  172.16.0.1

Name:    google.com
Addresses:  74.125.227.128, 74.125.227.129, 74.125.227.130, 74.125.227.131
   74.125.227.132, 74.125.227.133, 74.125.227.134, 74.125.227.135, 74.125.227.136
   74.125.227.137, 74.125.227.142

 

Pinging google.com [74.125.227.130] with 32 bytes of data:

 

Reply from 74.125.227.130: bytes=32 time=15ms TTL=52

Reply from 74.125.227.130: bytes=32 time=11ms TTL=53

Ping statistics for 74.125.227.130:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 11ms, Maximum = 15ms, Average = 13ms

Server:  homeportal.gateway.2wire.net
Address:  172.16.0.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

Reply from 98.139.183.24: bytes=32 time=729ms TTL=47

Reply from 98.139.183.24: bytes=32 time=670ms TTL=47

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 670ms, Maximum = 729ms, Average = 699ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 23 ae 40 33 2f ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
0x3 ...00 25 56 a0 89 0d ...... Dell Wireless 1397 WLAN Mini-Card - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.101   25
      98.137.51.1  255.255.255.255      192.168.1.1   192.168.1.101   25
    98.139.225.42  255.255.255.255      192.168.1.1   192.168.1.101   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      169.254.0.0      255.255.0.0    192.168.1.101   192.168.1.101   1
      192.168.1.0    255.255.255.0    192.168.1.101   192.168.1.101   25
    192.168.1.101  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255    192.168.1.101   192.168.1.101   25
        224.0.0.0        240.0.0.0    192.168.1.101   192.168.1.101   25
  255.255.255.255  255.255.255.255    192.168.1.101               2   1
  255.255.255.255  255.255.255.255    192.168.1.101   192.168.1.101   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (03/20/2013 07:16:06 AM) (Source: MPSampleSubmission) (User: )
Description: EventType avsubmit, P1 microsoft security essentials (edb4fa23-53b8-4afa-8c5d-99752cca7094), P2 1.1.9203.0, P3 1.145.2079.0, P4 1.145.2079.0, P5 00000555868984e6_645e8ed472d806f2774dcd768d8c56a8e6a95cc8, P6 NIL, P7 NIL, P8 NIL, P9 avsubmit0, P10 avsubmit1.

Error: (03/19/2013 11:25:26 AM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (03/14/2013 02:22:04 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (03/14/2013 02:22:00 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/13/2013 01:09:14 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (03/13/2013 01:09:09 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/13/2013 01:08:55 PM) (Source: Application Hang) (User: )
Description: Fault bucket -1086648222.

Error: (03/13/2013 01:08:50 PM) (Source: Application Hang) (User: )
Description: Hanging application java.exe, version 6.0.370.6, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (03/12/2013 04:35:20 PM) (Source: Application Hang) (User: )
Description: Fault bucket 1180947459.

Error: (03/12/2013 04:35:17 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (03/20/2013 03:01:04 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 6.0 Service Pack 2 (KB954459).

Error: (03/19/2013 07:56:37 PM) (Source: Windows Update Agent) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (03/19/2013 07:00:36 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft XML Core Services 6.0 Service Pack 2 (KB954459).

Error: (03/19/2013 11:09:31 AM) (Source: System Error) (User: )
Description: Error code 0000007a, parameter1 e2dc1578, parameter2 c000009a, parameter3 bf8a689b, parameter4 775b5860.

Error: (03/19/2013 11:08:22 AM) (Source: Service Control Manager) (User: )
Description: The Upload Manager service failed to start due to the following error:
%%1079

Error: (03/19/2013 11:08:22 AM) (Source: Service Control Manager) (User: )
Description: The StarOpen service failed to start due to the following error:
%%2

Error: (03/19/2013 11:08:11 AM) (Source: NETLOGON) (User: )
Description: This computer is configured as a member of a workgroup, not as
a member of a domain. The Netlogon service does not need to run in this
configuration.

Error: (03/19/2013 09:07:15 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library USB DISK 2.0 USB Device.

Error: (03/19/2013 09:07:13 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library USB DISK 2.0 USB Device.

Error: (03/19/2013 08:52:45 AM) (Source: Removable Storage Service) (User: )
Description: RSM could not load media in drive Drive 0 of library USB DISK 2.0 USB Device.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

7-Zip 9.20
Adobe AIR (Version: 3.4.0.2710)
Adobe Reader X (10.1.6) (Version: 10.1.6)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
BelkinPort Monitor
BlackBerry Desktop Software 4.7 (Version: 4.7.0.37)
Broadcom Gigabit Integrated Controller (Version: 11.11.03)
Broadcom Management Programs (Version: 11.31.04)
Broadcom TPM Driver Installer (Version: 8.04.04)
Browser Defender 3.0 (Version: 3.0.0.314)
Canon CanoScan Toolbox 4.1
Canon Easy-PhotoPrint EX
Canon IJ Network Scanner Selector EX
Canon IJ Network Tool
CANON iMAGE GATEWAY MyCamera Download Plugin (Version: 3.1.1.2)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (Version: 1.9.0.9)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MOV Decoder (Version: 1.8.0.7)
Canon MOV Encoder (Version: 1.6.0.1)
Canon MovieEdit Task for ZoomBrowser EX (Version: 3.7.0.4)
Canon MP Navigator EX 5.1
Canon MP160
Canon MX430 series MP Drivers
Canon MX430 series On-screen Manual
Canon MX430 series User Registration
Canon My Printer
Canon Solution Menu EX
Canon Speed Dial Utility
Canon Utilities ZoomBrowser EX (Version: 6.7.0.24)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.5.0.9)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ConverterLite 1.6.3 (Version: 1.6.3)
CutePDF Writer 2.7
Dropbox (Version: 1.6.16)
ESET Online Scanner v3
Fast Free Converter (Version: 3.0)
Fidelity Active Trader Pro® (Version: 9.5.115.0)
Free Easy Burner V 5.1 (Version: 5.1.0.0)
Google Update Helper (Version: 1.3.21.135)
Grab & Burn, Version 4.0.1 ( Build 2005-09-21, Win32, CSS )
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
IDT Audio (Version: 1.0.6274.0)
ImgBurn (Version: 2.5.7.0)
Intel® Graphics Media Accelerator Driver
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 37 (Version: 6.0.370)
Kvisoft PDF Merger 1.5.1 (Version: 1.5.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Outlook Personal Folders Backup (Version: 1.10.0.0)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (Version: 2.0.1578.0)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (Version: 2.0.1578.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
OfotoNow
QuickBooks (Version: 19.0.4013.705)
QuickBooks Pro 2009 (Version: 19.0.4013.705)
RKS Fax (Version: 4.0)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Shutterfly Express Uploader (Version: 1.2.0)
Shutterfly Express Uploader (Version: 1.2.0.0)
swMSM (Version: 12.0.0.1)
SyncToy 2.1 (x86) (Version: 2.1.0)
TeraCopy 2.27
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760573) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB894391) (Version: 1)
Update for Windows XP (KB896256) (Version: 4)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB908531) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB914882) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB936357) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual Studio 2005 Tools for Office Second Edition Runtime
WebFldrs XP (Version: 9.50.7523)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB885855 (Version: 20040930.104104)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890859 (Version: 1)
WinZip (Version:  8.1 SR-1  (5266))

========================= Devices: ================================

Name: ACPI Multiprocessor PC
Description: ACPI Multiprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Mobile Intel® 4 Series Express Chipset Family
Description: Mobile Intel® 4 Series Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: IDT High Definition Audio CODEC
Description: IDT High Definition Audio CODEC
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: IDT
Service: STHDA

Name: Intel® High Definition Audio HDMI Service
Description: Intel® High Definition Audio HDMI Service
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel® Corporation
Service: IntcHdmiAddService

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Dell Wireless 1397 WLAN Mini-Card
Description: Dell Wireless 1397 WLAN Mini-Card
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: BCM43XX

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Broadcom NetXtreme 57xx Gigabit Controller
Description: Broadcom NetXtreme 57xx Gigabit Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: b57w2k

Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid

Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Universal PCI to USB Host Controller
Description: Standard Universal PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® 82801 PCI Bridge - 2448
Description: Intel® 82801 PCI Bridge - 2448
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
Description: Ricoh R/RL/5C476(II) or Compatible CardBus Controller
Class Guid: {4D36E977-E325-11CE-BFC1-08002BE10318}
Manufacturer: RICOH
Service: pcmcia

Name: OHCI Compliant IEEE 1394 Host Controller
Description: OHCI Compliant IEEE 1394 Host Controller
Class Guid: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
Manufacturer: IEEE 1394 OHCI Compliant Host Controller Vendor
Service: ohci1394

Name: 1394 Net Adapter
Description: 1394 Net Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394

Name: SDA Standard Compliant SD Host Controller
Description: SDA Standard Compliant SD Host Controller
Class Guid: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6}
Manufacturer: SDA Standard Compliant SD Host Controller Vendor
Service: sdbus

Name: Ricoh SD/MMC Host Controller
Description: Ricoh SD/MMC Host Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Ricoh Company
Service: rimmptsk

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: i8042prt

Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: High precision event timer
Description: High precision event timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPIEC

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ST9160314AS
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: PLDS DVD+-RW DS-8A3S
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Sleep Button
Description: ACPI Sleep Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631E54-78A4-11D0-BCF7-00AA00B7B32A}
Manufacturer: Microsoft
Service: CmBatt

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: Intel® Core™2 Duo CPU     T7250  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Core™2 Duo CPU     T7250  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft Composite Battery
Description: Microsoft Composite Battery
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Compbatt

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: 1394 ARP Client Protocol
Description: 1394 ARP Client Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Arp1394

Name: avgtp
Description: avgtp
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: avgtp

Name: BASFND
Description: BASFND
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BASFND

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp

Name: Kernel Mode Driver Frameworks service
Description: Kernel Mode Driver Frameworks service
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wdf01000

Name: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Description: Windows Socket 2.0 Non-IFS Service Provider Support Environment
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WS2IFSL

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Standard 56000 bps Modem
Description: Standard 56000 bps Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard Modem Types)
Service: Modem

Name: Dell Wireless 1397 WLAN Mini-Card - Hotspot Shield Routing Miniport
Description: Hotspot Shield Routing Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Hotspot Shield
Service: HssDrv

Name: Broadcom NetXtreme 57xx Gigabit Controller - Hotspot Shield Routing Miniport
Description: Hotspot Shield Routing Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Hotspot Shield
Service: HssDrv

Name: WAN Miniport (IP) - Hotspot Shield Routing Miniport
Description: Hotspot Shield Routing Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Hotspot Shield
Service: HssDrv

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Dell Wireless 1397 WLAN Mini-Card - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: RIM Virtual Serial Port v2 (COM4)
Description: RIM Virtual Serial Port v2
Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
Manufacturer: RIM Virtual Serial Ports
Service: RimVSerPort

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: aswMBR
Description: aswMBR
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswMBR


========================= Memory info: ===================================

Percentage of memory in use: 68%
Total physical RAM: 2003.09 MB
Available physical RAM: 633.75 MB
Total Pagefile: 3895.9 MB
Available Pagefile: 2132.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.01 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:148.96 GB) (Free:9.56 GB) NTFS

========================= Users: ========================================

User accounts for \\LPWMOBILE

Administrator            ASPNET                   Guest                   
HelpAssistant            Lance P. Wimmer          SUPPORT_388945a0

 

■Farbar's Service Scanner log

 

Farbar Service Scanner Version: 03-03-2013
Ran by Lance P. Wimmer (administrator) on 20-03-2013 at 07:46:15
Running from "C:\LPW Files\Download"
Microsoft Windows XP Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2013-01-20 15:53] - [2006-05-19 07:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2013-01-20 15:52] - [2008-08-14 04:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2013-01-20 15:52] - [2004-08-04 01:14] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2013-01-20 15:52] - [2008-06-20 05:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2013-01-20 15:52] - [2004-08-04 01:14] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-04 02:56] - [2008-02-20 00:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-04 02:56] - [2004-08-04 02:56] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-04 02:56] - [2005-08-22 13:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2012-05-24 19:26] - [2004-08-04 02:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2012-05-24 19:28] - [2004-08-04 02:56] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2013-01-20 15:52] - [2004-08-04 01:06] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-04 02:56] - [2004-08-04 02:56] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2012-05-24 19:26] - [2004-08-04 02:56] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2012-05-24 19:28] - [2004-08-04 02:56] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2013-01-20 15:54] - [2004-08-04 02:56] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-04 02:56] - [2008-07-07 15:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-04 02:56] - [2004-08-04 02:56] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-04 02:56] - [2004-08-04 02:56] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 02:56] - [2009-02-09 05:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2013-01-20 15:53] - [2009-02-06 12:14] - 0110592 ____A (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
Gpc(3) HssDrv(8) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x080000000500000001000000020000000300000004000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

 

■AdwCleaner log

 

# AdwCleaner v2.115 - Logfile created 03/20/2013 at 07:49:29
# Updated 17/03/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : Lance P. Wimmer - LPWMOBILE
# Boot Mode : Normal
# Running from : C:\LPW Files\Download\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\DOCUME~1\LANCEP~1.WIM\LOCALS~1\Temp\Searchqu.ini
File Deleted : C:\DOCUME~1\LANCEP~1.WIM\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\END
File Deleted : C:\user.js
Folder Deleted : C:\DOCUME~1\LANCEP~1.WIM\LOCALS~1\Temp\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068}
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\APN
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users.WINDOWS\Application Data\WeCareReminder
Folder Deleted : C:\Documents and Settings\Lance P. Wimmer\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\Lance P. Wimmer\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Lance P. Wimmer\Application Data\searchresultstb
Folder Deleted : C:\Documents and Settings\Lance P. Wimmer\Local Settings\Application Data\Conduit
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\WINDOWS\system32\TempDir

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3176921
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EC1A45C-8BC3-4BFE-B226-4051C5D3D068}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\Software\SearchquSRTB
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Lance P. Wimmer\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted [l.1] : icon_url ={"autofill":{"negative_upload_rate":1.0,"positive_upload_rate":1.0},"backup":{"_signature":"DtXiLec3[...]

*************************

AdwCleaner[S1].txt - [7405 octets] - [20/03/2013 07:49:29]

########## EOF - C:\AdwCleaner[S1].txt - [7465 octets] ##########

 

■Junkware Removal Tool log

 

Junkware Removal Tool (JRT) by Thisisu
Version: 4.7.2 (03.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Lance P. Wimmer on Wed 03/20/2013 at  7:59:49.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL

~~~ Registry Keys

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users.WINDOWS\application data\pc optimizer pro"
Successfully deleted: [Folder] "C:\Documents and Settings\Lance P. Wimmer\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Documents and Settings\Lance P. Wimmer\appdata\locallow\fast free converter"
Successfully deleted: [Folder] "C:\Program Files\driver-soft"
Successfully deleted: [Folder] "C:\Program Files\fast free converter"

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/20/2013 at  8:04:46.81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

■Rkill log

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 03/20/2013 08:15:00 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 03/20/2013 08:15:42 AM
Execution time: 0 hours(s), 0 minute(s), and 41 seconds(s)

 

■Autoruns log

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "AESTFltr" "AEFltrs MFC Application" "Andrea Electronics Corporation" "c:\windows\system32\aestfltr.exe"
+ "BlackBerryAutoUpdate" "RIM Auto Update" "Research In Motion Limited" "c:\program files\common files\research in motion\auto update\rimautoupdate.exe"
+ "CanonMyPrinter" "Canon My Printer" "CANON INC." "c:\program files\canon\myprinter\bjmyprt.exe"
+ "CanonSolutionMenuEx" "Canon Solution Menu EX" "CANON INC." "c:\program files\canon\solution menu ex\cnsemain.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "IJNetworkScannerSelectorEX" "Canon IJ Network Scanner Selector EX" "CANON INC." "c:\program files\canon\ij network scanner selector ex\cnmnsst.exe"
+ "Intuit SyncManager" "IntuitSyncManager" "Intuit Inc. All rights reserved." "c:\program files\common files\intuit\sync\intuitsyncmanager.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "OpwareSE4" "OCR Aware" "ScanSoft, Inc." "c:\program files\scansoft\omnipagese4.0\opwarese4.exe"
+ "PCTools FGuard" "Browser Defender Social On Disk" "Threat Expert Ltd." "c:\program files\pc tools security\bdt\fguard.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "RKS Fax Print Controller" "RKS Fax Controller" "RKS Software" "c:\program files\rks fax\rksfax_control.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "ScanSoft OmniPage SE 4.0-reminder" "Ereg" "ScanSoft, Inc." "c:\program files\scansoft\omnipagese4.0\ereg\ereg.exe"
+ "SSBkgdUpdate" "SSBkgdUpdate" "Scansoft, Inc." "c:\program files\common files\scansoft shared\ssbkgdupdate\ssbkgdupdate.exe"
+ "SysTrayApp" "IDT PC Audio" "IDT, Inc." "c:\program files\idt\wdm\sttray.exe"
"C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup" "" "" ""
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files\microsoft office\office\osa9.exe"
+ "WinZip Quick Pick.lnk" "WinZip Executable" "WinZip Computing, Inc." "c:\program files\winzip\wzqkpick.exe"
"C:\Documents and Settings\Lance P. Wimmer\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "OfotoNow USB Detection" "Ofoto USB Services Module" "Ofoto, Inc." "c:\program files\ofoto\ofotonow\ofusbs.dll"
+ "PxDotNetLoader" "PxDotNetLoader" "Fidelity Investments" "c:\program files\fidelity investments\fidelity active trader\system\atpstartupassistant.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "intu-help-qb2" "QuickBooks Assistance Library" "Intuit, Inc." "c:\program files\intuit\quickbooks 2009\helpasyncpluggableprotocol.dll"
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "x-atng" "Fidelity Active Trader Pro atngprot Module" "Fidelity Investments" "c:\program files\fidelity investments\fidelity active trader\system\atngprot.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "TeraCopy" "" "" "c:\program files\teracopy\teracopyext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, Inc." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "TeraCopy" "" "" "c:\program files\teracopy\teracopyext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, Inc." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "TeraCopy" "" "" "c:\program files\teracopy\teracopy.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, Inc." "c:\program files\winzip\wzshlstb.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
+ "TeraCopy" "" "" "c:\program files\teracopy\teracopyext.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "TeraCopy" "" "" "c:\program files\teracopy\teracopyext.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, Inc." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "TeraCopy" "" "" "c:\program files\teracopy\teracopy.dll"
+ "WinZip" "WinZip Shell Extension DLL" "WinZip Computing, Inc." "c:\program files\winzip\wzshlstb.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropboxext.17.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\lance p. wimmer\application data\dropbox\bin\dropboxext.17.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Fast Free Converter 3.0" "" "" "File not found: C:\PROGRA~1\FASTFR~1\FASTFR~1\FASTFR~1.DLL"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "PC Tools Browser Guard BHO" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\pc tools security\bdt\pctbrowserdefender.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "PC Tools Browser Guard" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\pc tools security\bdt\pctbrowserdefender.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "PC Tools Browser Guard" "Browser Defender Toolbar" "Threat Expert Ltd." "c:\program files\pc tools security\bdt\pctbrowserdefender.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Express FilesUpdate.job" "" "" "File not found: C:\Program Files\ExpressFiles\EFUpdater.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "Microsoft Antimalware Scheduled Scan.job" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ASFIPmon" "Monitors and propagates changes in the IP settings of ASF-enabled Broadcom network interfaces." "Broadcom Corporation" "c:\program files\broadcom\asfipmon\asfipmon.exe"
+ "Browser Defender Update Service" "Browser Defender Update Service" "Threat Expert Ltd." "c:\program files\pc tools security\bdt\bdtupdateservice.exe"
+ "FastFreeConverterUpdt" "" "" "File not found: C:\Program Files\Fast Free Converter\FastFreeConverterUpdt.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IJPLMSVC" "Collects log data from the IJ printer and manages data transmission." "" "c:\program files\canon\ijplm\ijplmsvc.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "QBCFMonitorService" "QuickBooks Company File Monitoring Service" "Intuit" "c:\program files\common files\intuit\quickbooks\qbcfmonitorservice.exe"
+ "QBFCService" "QuickBooks FCS module" "Intuit Inc." "c:\program files\common files\intuit\quickbooks\fcs\intuit.quickbooks.fcs.exe"
+ "STacSV" "Manages audio jack configurations." "IDT, Inc." "c:\program files\idt\wdm\stacsv.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "3CWMCRU" "Modem driver" "3Com, Inc." "c:\windows\system32\drivers\3cwmcru.sys"
+ "AESTAud" "Andrea Audio Driver" "Andrea Electronics Corporation" "c:\windows\system32\drivers\aestaud.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx86.sys"
+ "b57w2k" "Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver." "Broadcom Corporation" "c:\windows\system32\drivers\b57xp32.sys"
+ "BASFND" "Broadcom NetDetect Driver." "Broadcom Corporation" "c:\program files\broadcom\asfipmon\basfnd.sys"
+ "BCM43XX" "Broadcom 802.11 Network Adapter wireless driver" "Broadcom Corporation" "c:\windows\system32\drivers\bcmwl5.sys"
+ "Blfp" "Broadcom Advanced Server Program Driver" "Broadcom Corporation" "c:\windows\system32\drivers\baspxp32.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HssDrv" "Hotspot Shield Routing Driver" "AnchorFree Inc." "c:\windows\system32\drivers\hssdrv.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "IntcHdmiAddService" "Intel® High Definition Audio HDMI" "Intel® Corporation" "c:\windows\system32\drivers\intchdmi.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "rimmptsk" "RICOH SD/MMC Driver" "REDC" "c:\windows\system32\drivers\rimmptsk.sys"
+ "RimUsb" "BlackBerry Device Driver" "Research In Motion Limited" "c:\windows\system32\drivers\rimusb.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "StarOpen" "" "" "File not found: C:\WINDOWS\System32\Drivers\StarOpen.sys"
+ "STHDA" "IDT PC Audio" "IDT, Inc." "c:\windows\system32\drivers\sthda.sys"
+ "taphss" "TAP-Win32 Virtual Network Driver" "AnchorFree Inc" "c:\windows\system32\drivers\taphss.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "" "" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "" "" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "" "" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "" "" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "" "" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "" "" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Canon DES Resizer SaveMode" "CanonDESResizer" "Canon Inc." "c:\program files\canon\mdl30\canondesresizer.ax"
+ "Canon H.264 Decode Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon H.264 Encoder 1.6.0" "Canon H264 Encoder Filter" "CANON INC." "c:\program files\canon\canon mov encoder\canonh264encoder.ax"
+ "Canon Image Rotation Filter" "Canon Image Rotation Filter " "Canon Inc." "c:\program files\canon\mdp\canonrotatefilter.dll"
+ "Canon MDP Motion-JPEG Decoder" "Canon MDP Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files\canon\mdp\canonmdpmjpegdecoder.ax"
+ "Canon Motion-JPEG Decoder" "Canon Motion-JPEG Decoder Filter" "Canon Inc." "c:\program files\canon\mdl30\canonmjpegdecoder.ax"
+ "Canon Motion-JPEG Encoder" "Motion-JPEG Encoder Filter" "Canon Inc." "c:\program files\canon\mdl30\canonmjpegencoder.ax"
+ "Canon Mov File Parser Filter" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon Mov File Parser Filter2" "Canon H.264 Mov Filter" "Canon Inc." "c:\program files\canon\canon mov decoder\180\canonh264filter.ax"
+ "Canon Resizer" "CanonResizer" "Canon Inc." "c:\program files\canon\mdl30\canonresizer.ax"
+ "Canon Text Source Filter" "Canon Text Source Filter" "Canon Inc." "c:\program files\canon\mdl30\canontextsourcefilter.ax"
+ "Canon WAV Dest" "CanonWavDest" "Canon Inc." "c:\program files\canon\mdl30\canonwavdest.ax"
+ "Canon-Actual-Data-Length-Setter" "CanonActualDataLengthSetter" "Canon Inc." "c:\program files\canon\mdl30\canonactualdatalengthsetter.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "" "" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "" "" "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "c:\program files\canon\zoombrowser ex mcu\pswavdes.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "BelkinPort" "" "" "c:\windows\system32\pspnt.dll"
+ "Canon BJ FAX Language Monitor MX430 series" "Canon Inkjet Fax Driver" "CANON INC." "c:\windows\system32\cncalb1.dll"
+ "Canon BJ Language Monitor MP160" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm83.dll"
+ "Canon BJ Language Monitor MX430 series" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlmb1.dll"
+ "Canon BJNP Port" "Canon IJ Network 32bit comm Module" "CANON INC." "c:\windows\system32\cnmnppm.dll"
+ "CutePDF Writer Monitor" "" "" "c:\windows\system32\cpwmon2k.dll"
+ "RKSFAXMON" "Port Monitor DLL" "" "c:\windows\system32\rksfaxpm.dll"



#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 AM

Posted 20 March 2013 - 08:58 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)
 



#9 lantzpw

lantzpw
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:50 AM

Posted 20 March 2013 - 05:50 PM

narenxp,

 

I can't thank you enough for all your help....so 100 thank you's

 

I cleaned up three computers and they all run lightening fast now....they haven't worked so well in years.  I was even able to finally load XP-SP3 on my laptop.

 

Thanks and keep up the great work!!

 

lantzpw



#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:50 AM

Posted 20 March 2013 - 11:04 PM

:bananas:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users