Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google search sends me to shopping first, updates quit


  • Please log in to reply
28 replies to this topic

#1 kshan

kshan

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 02 August 2012 - 01:15 PM

I searched for firearm engraving in CT, I click on
http://www.smith-wesson.com/webapp/wcs/stores/servlet/Category4_750001_750051_757961_-1_757780_757751_image
But end up here:
http://www.personalizationmall.com/Search.aspx?searchString=silver&did=220743&utm_source=7search&utm_medium=cpc

go back and click on the S&W link the second time and it goes to S&W. I change the search words and end up in the wrong place the first time.
This is happens in Firefox. In IE explore this does not happen, but there was a tab that would drop down in IE for shopping, it said to go to their web site to stop the service, it does for a while but magically reappears in a couple of months, can not remember the name, just the little tab on the right that appeared.

here is a Virus Security essential caught yesterday and quarinitined: Trojan,win32/medfos.B


Can not update net framework, flash player? S I have these security updates waitin to be installed.This has been going on for some time below is the event log:

Any help is appreciated

Karl


======================================================================
Event log
8/2/2012 1:35:41 PM gupdatem Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdatem ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/2/2012 1:35:41 PM gupdatem Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdatem ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/2/2012 1:35:40 PM gusvc Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gusvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/2/2012 10:25:39 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/2/2012 10:21:00 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/2/2012 9:43:04 AM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/2/2012 9:43:04 AM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/2/2012 9:42:58 AM SecurityCenter Information None 1800 N/A ME1 The Windows Security Center Service has started.
8/2/2012 9:42:13 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/2/2012 5:33:31 AM NativeWrapper Error None 5000 N/A ME1 The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1701.5039, kb2656353, 1033, 643, f, install, x86, 5.1.2600.2.3.0.768, 0.
8/2/2012 5:33:30 AM MsiInstaller Error None 1023 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.
8/2/2012 5:33:30 AM MsiInstaller Error None 10005 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory
8/2/2012 5:33:22 AM NativeWrapper Error None 5000 N/A ME1 The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1705.5046, kb2656370, 1033, 643, f, install, x86, 5.1.2600.2.3.0.768, 0.
8/2/2012 5:33:20 AM MsiInstaller Error None 1023 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 - Update '{A38B334A-A0A2-436D-BAA0-34FE5E517E44}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log.
8/2/2012 5:33:20 AM MsiInstaller Error None 10005 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory
8/2/2012 5:31:09 AM NativeWrapper Error None 5000 N/A ME1 The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1701.5039, kb2656353, 1033, 643, f, install, x86, 5.1.2600.2.3.0.768, 0.
8/2/2012 5:31:08 AM MsiInstaller Error None 1023 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.
8/2/2012 5:31:08 AM MsiInstaller Error None 10005 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory
8/2/2012 5:30:58 AM NativeWrapper Error None 5000 N/A ME1 The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1705.5046, kb2656370, 1033, 643, f, install, x86, 5.1.2600.2.3.0.768, 0.
8/2/2012 5:30:56 AM MsiInstaller Error None 1023 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 - Update '{A38B334A-A0A2-436D-BAA0-34FE5E517E44}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log.
8/2/2012 5:30:56 AM MsiInstaller Error None 10005 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory
8/2/2012 5:29:38 AM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/2/2012 5:29:38 AM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/2/2012 5:29:30 AM SecurityCenter Information None 1800 N/A ME1 The Windows Security Center Service has started.
8/2/2012 5:28:39 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/2/2012 12:34:41 AM gusvc Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gusvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 11:57:52 PM crypt32 Information None 2 N/A ME1 Successful auto update retrieval of third-party root list cab from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
8/1/2012 11:57:51 PM crypt32 Information None 7 N/A ME1 Successful auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt>
8/1/2012 10:56:02 PM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/1/2012 10:56:00 PM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/1/2012 10:55:53 PM SecurityCenter Information None 1800 N/A ME1 The Windows Security Center Service has started.
8/1/2012 10:55:00 PM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 10:21:02 PM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 10:21:01 PM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 10:06:13 PM gusvc Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gusvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 10:05:14 PM gupdatem Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdatem ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 10:05:14 PM gupdatem Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdatem ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 10:05:13 PM gusvc Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gusvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 10:04:17 PM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/1/2012 10:04:17 PM Intuit Update Service Information None 0 N/A ME1 Service started successfully.
8/1/2012 10:04:07 PM SecurityCenter Information None 1800 N/A ME1 The Windows Security Center Service has started.
8/1/2012 10:03:21 PM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 6:21:00 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 6:21:00 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 3:00:41 AM NativeWrapper Error None 5000 N/A ME1 The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1701.5039, kb2656353, 1033, 643, f, install, x86, 5.1.2600.2.3.0.768, 0.
8/1/2012 3:00:41 AM MsiInstaller Error None 1023 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.
8/1/2012 3:00:41 AM MsiInstaller Error None 10005 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory
8/1/2012 3:00:30 AM NativeWrapper Error None 5000 N/A ME1 The description for Event ID ( 5000 ) in Source ( NativeWrapper ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: visualstudio7x80update, msiexec.exe, 1.0.1705.5046, kb2656370, 1033, 643, f, install, x86, 5.1.2600.2.3.0.768, 0.
8/1/2012 3:00:29 AM MsiInstaller Error None 1023 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 - Update '{A38B334A-A0A2-436D-BAA0-34FE5E517E44}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log.
8/1/2012 3:00:29 AM MsiInstaller Error None 10005 NT AUTHORITY\SYSTEM ME1 Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory
8/1/2012 1:21:00 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 1:21:00 AM gupdate Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdate ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 12:51:59 AM gusvc Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gusvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 12:51:00 AM gupdatem Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdatem ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service stopped.
8/1/2012 12:51:00 AM gupdatem Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gupdatem ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 12:50:59 AM gusvc Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gusvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.
8/1/2012 12:07:01 AM gusvc Information None 0 N/A ME1 The description for Event ID ( 0 ) in Source ( gusvc ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. You may be able to use the /AUXSOURCE= flag to retrieve this description; see Help and Support for details. The following information is part of the event: Service started.

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:45 AM

Posted 02 August 2012 - 01:28 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 02 August 2012 - 05:34 PM

here are the results of the scans. There is one thing that happens, the scanner will freeze but everything else works, you hit CTL_Alt_del bring up task mgr, then it unfreezes and finishes.

Please let me know the next step.

Thanks

TDS

15:32:49.0234 1628 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
15:32:49.0562 1628 ============================================================
15:32:49.0562 1628 Current date / time: 2012/08/02 15:32:49.0562
15:32:49.0562 1628 SystemInfo:
15:32:49.0562 1628
15:32:49.0562 1628 OS Version: 5.1.2600 ServicePack: 3.0
15:32:49.0562 1628 Product type: Workstation
15:32:49.0562 1628 ComputerName: ME1
15:32:49.0562 1628 UserName: Karl Shanholtzer
15:32:49.0562 1628 Windows directory: C:\WINDOWS
15:32:49.0562 1628 System windows directory: C:\WINDOWS
15:32:49.0562 1628 Processor architecture: Intel x86
15:32:49.0562 1628 Number of processors: 2
15:32:49.0562 1628 Page size: 0x1000
15:32:49.0562 1628 Boot type: Normal boot
15:32:49.0562 1628 ============================================================
15:32:53.0515 1628 Drive \Device\Harddisk0\DR0 - Size: 0x3A70C70000 (233.76 Gb), SectorSize: 0x200, Cylinders: 0x7733, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:32:53.0593 1628 ============================================================
15:32:53.0593 1628 \Device\Harddisk0\DR0:
15:32:53.0593 1628 MBR partitions:
15:32:53.0593 1628 \Device\Harddisk0\DR0\Partition0: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xC35314E
15:32:53.0593 1628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0xC3531CC, BlocksNum 0x110305A7
15:32:53.0593 1628 ============================================================
15:32:53.0593 1628 C: <-> \Device\Harddisk0\DR0\Partition0
15:32:53.0593 1628 D: <-> \Device\Harddisk0\DR0\Partition1
15:32:53.0593 1628 ============================================================
15:32:53.0593 1628 Initialize success
15:32:53.0593 1628 ============================================================
15:33:43.0718 2748 ============================================================
15:33:43.0718 2748 Scan started
15:33:43.0718 2748 Mode: Manual; TDLFS;
15:33:43.0718 2748 ============================================================
15:33:44.0062 2748 Abiosdsk - ok
15:33:44.0062 2748 abp480n5 - ok
15:33:44.0093 2748 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:33:44.0109 2748 ACPI - ok
15:33:44.0125 2748 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:33:44.0140 2748 ACPIEC - ok
15:33:44.0187 2748 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:33:44.0187 2748 AdobeFlashPlayerUpdateSvc - ok
15:33:44.0203 2748 adpu160m - ok
15:33:44.0234 2748 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:33:44.0281 2748 aec - ok
15:33:44.0312 2748 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:33:44.0328 2748 AFD - ok
15:33:44.0328 2748 Aha154x - ok
15:33:44.0328 2748 aic78u2 - ok
15:33:44.0343 2748 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys
15:33:44.0343 2748 aic78xx - ok
15:33:44.0468 2748 ALCXWDM (bea942ff21154fee4f71ddd477621c70) C:\WINDOWS\system32\drivers\ALCXWDM.SYS
15:33:44.0593 2748 ALCXWDM - ok
15:33:44.0656 2748 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll
15:33:44.0656 2748 Alerter - ok
15:33:44.0703 2748 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe
15:33:44.0703 2748 ALG - ok
15:33:44.0718 2748 AliIde - ok
15:33:44.0718 2748 amsint - ok
15:33:44.0796 2748 Application Updater (0805ecf10476a091999e4d59d0db71a2) C:\Program Files\Application Updater\ApplicationUpdater.exe
15:33:44.0843 2748 Application Updater - ok
15:33:44.0890 2748 AppMgmt - ok
15:33:44.0906 2748 asc - ok
15:33:44.0906 2748 asc3350p - ok
15:33:44.0921 2748 asc3550 - ok
15:33:44.0968 2748 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:33:45.0000 2748 aspnet_state - ok
15:33:45.0015 2748 asusgsb (d320732bcf5ff856120bd06855c66867) C:\WINDOWS\system32\drivers\asusgsb.sys
15:33:45.0031 2748 asusgsb - ok
15:33:45.0046 2748 asuskbnt (b3b881eb81013aac11594a5400ada47a) C:\WINDOWS\system32\drivers\atkkbnt.sys
15:33:45.0062 2748 asuskbnt - ok
15:33:45.0062 2748 ASUSVRC (94442e3029ff6c9f08140fe6718af4fb) C:\WINDOWS\system32\DRIVERS\AsusVRC.sys
15:33:45.0109 2748 ASUSVRC - ok
15:33:45.0125 2748 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:33:45.0156 2748 AsyncMac - ok
15:33:45.0171 2748 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:33:45.0171 2748 atapi - ok
15:33:45.0171 2748 Atdisk - ok
15:33:45.0234 2748 ATKKeyboardService (df70303547e59f09dcd32983100edcd1) C:\WINDOWS\ATKKBService.exe
15:33:45.0234 2748 ATKKeyboardService - ok
15:33:45.0265 2748 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:33:45.0296 2748 Atmarpc - ok
15:33:45.0343 2748 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll
15:33:45.0375 2748 AudioSrv - ok
15:33:45.0390 2748 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:33:45.0390 2748 audstub - ok
15:33:45.0406 2748 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:33:45.0437 2748 Beep - ok
15:33:45.0515 2748 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll
15:33:45.0515 2748 BITS - ok
15:33:45.0578 2748 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll
15:33:45.0593 2748 Browser - ok
15:33:45.0609 2748 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:33:45.0625 2748 cbidf2k - ok
15:33:45.0640 2748 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:33:45.0671 2748 CCDECODE - ok
15:33:45.0671 2748 cd20xrnt - ok
15:33:45.0687 2748 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:33:45.0718 2748 Cdaudio - ok
15:33:45.0734 2748 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:33:45.0734 2748 Cdfs - ok
15:33:45.0750 2748 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:33:45.0796 2748 Cdrom - ok
15:33:45.0796 2748 Changer - ok
15:33:45.0859 2748 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe
15:33:45.0890 2748 CiSvc - ok
15:33:45.0937 2748 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe
15:33:45.0968 2748 ClipSrv - ok
15:33:46.0000 2748 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:33:46.0046 2748 clr_optimization_v2.0.50727_32 - ok
15:33:46.0109 2748 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:33:46.0109 2748 clr_optimization_v4.0.30319_32 - ok
15:33:46.0125 2748 CmdIde - ok
15:33:46.0156 2748 COMSysApp - ok
15:33:46.0171 2748 Cpqarray - ok
15:33:46.0218 2748 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll
15:33:46.0218 2748 CryptSvc - ok
15:33:46.0234 2748 dac2w2k - ok
15:33:46.0234 2748 dac960nt - ok
15:33:46.0296 2748 DcomLaunch (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\system32\rpcss.dll
15:33:46.0296 2748 DcomLaunch - ok
15:33:46.0328 2748 Dhcp (5e38d7684a49cacfb752b046357e0589) C:\WINDOWS\System32\dhcpcsvc.dll
15:33:46.0359 2748 Dhcp - ok
15:33:46.0359 2748 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:33:46.0359 2748 Disk - ok
15:33:46.0406 2748 dmadmin - ok
15:33:46.0453 2748 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
15:33:46.0515 2748 dmboot - ok
15:33:46.0531 2748 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys
15:33:46.0562 2748 dmio - ok
15:33:46.0578 2748 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:33:46.0578 2748 dmload - ok
15:33:46.0625 2748 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll
15:33:46.0640 2748 dmserver - ok
15:33:46.0671 2748 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:33:46.0703 2748 DMusic - ok
15:33:46.0734 2748 Dnscache (5f7e24fa9eab896051ffb87f840730d2) C:\WINDOWS\System32\dnsrslvr.dll
15:33:46.0734 2748 Dnscache - ok
15:33:46.0796 2748 Dot3svc (0f0f6e687e5e15579ef4da8dd6945814) C:\WINDOWS\System32\dot3svc.dll
15:33:46.0875 2748 Dot3svc - ok
15:33:46.0890 2748 dpti2o - ok
15:33:46.0890 2748 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:33:46.0906 2748 drmkaud - ok
15:33:46.0953 2748 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll
15:33:46.0984 2748 EapHost - ok
15:33:47.0015 2748 EIO_XP (0daf3544804650526751c478aeccce63) C:\WINDOWS\system32\drivers\EIO_XP.sys
15:33:47.0031 2748 EIO_XP - ok
15:33:47.0078 2748 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll
15:33:47.0078 2748 ERSvc - ok
15:33:47.0109 2748 Eventlog (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:33:47.0109 2748 Eventlog - ok
15:33:47.0140 2748 EventSystem (d4991d98f2db73c60d042f1aef79efae) C:\WINDOWS\system32\es.dll
15:33:47.0140 2748 EventSystem - ok
15:33:47.0156 2748 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:33:47.0156 2748 Fastfat - ok
15:33:47.0187 2748 FastUserSwitchingCompatibility (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:33:47.0203 2748 FastUserSwitchingCompatibility - ok
15:33:47.0203 2748 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
15:33:47.0234 2748 Fdc - ok
15:33:47.0250 2748 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
15:33:47.0265 2748 Fips - ok
15:33:47.0281 2748 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
15:33:47.0312 2748 Flpydisk - ok
15:33:47.0312 2748 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:33:47.0312 2748 FltMgr - ok
15:33:47.0359 2748 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:33:47.0375 2748 FontCache3.0.0.0 - ok
15:33:47.0390 2748 fssfltr (c6ee3a87fe609d3e1db9dbd072a248de) C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
15:33:47.0390 2748 fssfltr - ok
15:33:47.0515 2748 fsssvc (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:33:47.0671 2748 fsssvc - ok
15:33:47.0687 2748 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:33:47.0703 2748 Fs_Rec - ok
15:33:47.0718 2748 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:33:47.0718 2748 Ftdisk - ok
15:33:47.0734 2748 fvntdftg - ok
15:33:47.0750 2748 GEARAspiWDM (32a73a8952580b284a47290adb62032a) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
15:33:47.0781 2748 GEARAspiWDM - ok
15:33:47.0796 2748 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:33:47.0828 2748 Gpc - ok
15:33:47.0875 2748 gupdate (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
15:33:47.0875 2748 gupdate - ok
15:33:47.0890 2748 gupdatem (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files\Google\Update\GoogleUpdate.exe
15:33:47.0890 2748 gupdatem - ok
15:33:47.0937 2748 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:33:47.0937 2748 gusvc - ok
15:33:47.0984 2748 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:33:47.0984 2748 HDAudBus - ok
15:33:48.0031 2748 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:33:48.0031 2748 helpsvc - ok
15:33:48.0093 2748 HidServ - ok
15:33:48.0125 2748 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:33:48.0140 2748 HidUsb - ok
15:33:48.0187 2748 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll
15:33:48.0218 2748 hkmsvc - ok
15:33:48.0234 2748 hpn - ok
15:33:48.0250 2748 HPZid412 (5faba4775d4c61e55ec669d643ffc71f) C:\WINDOWS\system32\DRIVERS\HPZid412.sys
15:33:48.0296 2748 HPZid412 - ok
15:33:48.0296 2748 HPZipr12 (a3c43980ee1f1beac778b44ea65dbdd4) C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
15:33:48.0312 2748 HPZipr12 - ok
15:33:48.0328 2748 HPZius12 (2906949bd4e206f2bb0dd1896ce9f66f) C:\WINDOWS\system32\DRIVERS\HPZius12.sys
15:33:48.0359 2748 HPZius12 - ok
15:33:48.0390 2748 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:33:48.0406 2748 HTTP - ok
15:33:48.0453 2748 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll
15:33:48.0484 2748 HTTPFilter - ok
15:33:48.0484 2748 i2omgmt - ok
15:33:48.0500 2748 i2omp - ok
15:33:48.0500 2748 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:33:48.0531 2748 i8042prt - ok
15:33:48.0593 2748 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:33:48.0640 2748 IDriverT - ok
15:33:48.0718 2748 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:33:48.0875 2748 idsvc - ok
15:33:48.0890 2748 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:33:48.0937 2748 Imapi - ok
15:33:48.0968 2748 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe
15:33:48.0968 2748 ImapiService - ok
15:33:48.0984 2748 ini910u - ok
15:33:49.0125 2748 IntcAzAudAddService (d87ffa95d630ec8d1482ca25c454846a) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:33:49.0171 2748 IntcAzAudAddService - ok
15:33:49.0234 2748 IntelIde - ok
15:33:49.0250 2748 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
15:33:49.0265 2748 intelppm - ok
15:33:49.0328 2748 IntuitUpdateService (3dc635b66dd7412e1c9c3a77b8d78f25) C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
15:33:49.0328 2748 IntuitUpdateService - ok
15:33:49.0375 2748 IntuitUpdateServiceV4 (1663a135865f0ba6e853353e98e67f2a) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
15:33:49.0375 2748 IntuitUpdateServiceV4 - ok
15:33:49.0390 2748 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:33:49.0421 2748 Ip6Fw - ok
15:33:49.0453 2748 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:33:49.0453 2748 IpFilterDriver - ok
15:33:49.0484 2748 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:33:49.0515 2748 IpInIp - ok
15:33:49.0562 2748 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:33:49.0562 2748 IpNat - ok
15:33:49.0625 2748 iPodService (4b532ad0d7614f701f2d29355d6321fb) C:\Program Files\iPod\bin\iPodService.exe
15:33:49.0718 2748 iPodService - ok
15:33:49.0734 2748 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:33:49.0781 2748 IPSec - ok
15:33:49.0812 2748 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:33:49.0828 2748 IRENUM - ok
15:33:49.0843 2748 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:33:49.0843 2748 isapnp - ok
15:33:49.0906 2748 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe
15:33:49.0906 2748 JavaQuickStarterService - ok
15:33:49.0937 2748 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:33:49.0968 2748 Kbdclass - ok
15:33:49.0984 2748 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:33:49.0984 2748 kmixer - ok
15:33:50.0031 2748 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:33:50.0031 2748 KSecDD - ok
15:33:50.0078 2748 lanmanserver (3a7c3cbe5d96b8ae96ce81f0b22fb527) C:\WINDOWS\System32\srvsvc.dll
15:33:50.0078 2748 lanmanserver - ok
15:33:50.0109 2748 lanmanworkstation (a8888a5327621856c0cec4e385f69309) C:\WINDOWS\System32\wkssvc.dll
15:33:50.0109 2748 lanmanworkstation - ok
15:33:50.0125 2748 lbrtfdc - ok
15:33:50.0156 2748 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll
15:33:50.0171 2748 LmHosts - ok
15:33:50.0203 2748 MBAMProtector (6dfe7f2e8e8a337263aa5c92a215f161) C:\WINDOWS\system32\drivers\mbam.sys
15:33:50.0203 2748 MBAMProtector - ok
15:33:50.0281 2748 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:33:50.0328 2748 MBAMService - ok
15:33:50.0359 2748 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll
15:33:50.0375 2748 Messenger - ok
15:33:50.0390 2748 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:33:50.0406 2748 mnmdd - ok
15:33:50.0421 2748 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe
15:33:50.0484 2748 mnmsrvc - ok
15:33:50.0515 2748 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
15:33:50.0531 2748 Modem - ok
15:33:50.0546 2748 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:33:50.0578 2748 Mouclass - ok
15:33:50.0609 2748 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:33:50.0609 2748 MountMgr - ok
15:33:50.0671 2748 MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:33:50.0750 2748 MozillaMaintenance - ok
15:33:50.0796 2748 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:33:50.0812 2748 MpFilter - ok
15:33:50.0906 2748 MpKsl617d6e6a (a69630d039c38018689190234f866d77) C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E0AFFE17-63A0-416F-B13B-225054DCD2ED}\MpKsl617d6e6a.sys
15:33:50.0906 2748 MpKsl617d6e6a - ok
15:33:50.0921 2748 mraid35x - ok
15:33:50.0953 2748 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:33:50.0953 2748 MRxDAV - ok
15:33:50.0984 2748 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:33:50.0984 2748 MRxSmb - ok
15:33:51.0015 2748 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe
15:33:51.0046 2748 MSDTC - ok
15:33:51.0062 2748 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:33:51.0062 2748 Msfs - ok
15:33:51.0109 2748 MSIServer - ok
15:33:51.0140 2748 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:33:51.0156 2748 MSKSSRV - ok
15:33:51.0203 2748 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:33:51.0234 2748 MsMpSvc - ok
15:33:51.0250 2748 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:33:51.0265 2748 MSPCLOCK - ok
15:33:51.0265 2748 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:33:51.0281 2748 MSPQM - ok
15:33:51.0312 2748 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:33:51.0312 2748 mssmbios - ok
15:33:51.0343 2748 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:33:51.0359 2748 MSTEE - ok
15:33:51.0390 2748 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:33:51.0390 2748 Mup - ok
15:33:51.0421 2748 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:33:51.0453 2748 NABTSFEC - ok
15:33:51.0531 2748 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll
15:33:51.0625 2748 napagent - ok
15:33:51.0640 2748 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:33:51.0640 2748 NDIS - ok
15:33:51.0671 2748 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:33:51.0687 2748 NdisIP - ok
15:33:51.0718 2748 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:33:51.0718 2748 NdisTapi - ok
15:33:51.0734 2748 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:33:51.0750 2748 Ndisuio - ok
15:33:51.0781 2748 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:33:51.0828 2748 NdisWan - ok
15:33:51.0859 2748 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:33:51.0859 2748 NDProxy - ok
15:33:51.0859 2748 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:33:51.0875 2748 NetBIOS - ok
15:33:51.0890 2748 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:33:51.0968 2748 NetBT - ok
15:33:52.0000 2748 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:33:52.0078 2748 NetDDE - ok
15:33:52.0078 2748 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe
15:33:52.0078 2748 NetDDEdsdm - ok
15:33:52.0125 2748 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:52.0140 2748 Netlogon - ok
15:33:52.0187 2748 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll
15:33:52.0203 2748 Netman - ok
15:33:52.0250 2748 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:33:52.0281 2748 NetTcpPortSharing - ok
15:33:52.0328 2748 Nla (943337d786a56729263071623bbb9de5) C:\WINDOWS\System32\mswsock.dll
15:33:52.0328 2748 Nla - ok
15:33:52.0375 2748 Norton PC Checkup Application Launcher - ok
15:33:52.0390 2748 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:33:52.0390 2748 Npfs - ok
15:33:52.0437 2748 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:33:52.0515 2748 Ntfs - ok
15:33:52.0531 2748 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:52.0531 2748 NtLmSsp - ok
15:33:52.0609 2748 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll
15:33:52.0671 2748 NtmsSvc - ok
15:33:52.0703 2748 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:33:52.0718 2748 Null - ok
15:33:53.0046 2748 nv (8c0456001b6900114bbb1c548bd8aaf5) C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:33:53.0093 2748 nv - ok
15:33:53.0218 2748 NVSvc (472a00d2183c9e5edb3e076272741812) C:\WINDOWS\system32\nvsvc32.exe
15:33:53.0218 2748 NVSvc - ok
15:33:53.0250 2748 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:33:53.0265 2748 NwlnkFlt - ok
15:33:53.0265 2748 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:33:53.0296 2748 NwlnkFwd - ok
15:33:53.0312 2748 PalmUSBD (803cf09c795290825607505d37819135) C:\WINDOWS\system32\drivers\PalmUSBD.sys
15:33:53.0328 2748 PalmUSBD - ok
15:33:53.0359 2748 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
15:33:53.0406 2748 Parport - ok
15:33:53.0406 2748 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:33:53.0406 2748 PartMgr - ok
15:33:53.0421 2748 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
15:33:53.0421 2748 ParVdm - ok
15:33:53.0437 2748 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
15:33:53.0437 2748 PCI - ok
15:33:53.0437 2748 PCIDump - ok
15:33:53.0453 2748 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:33:53.0453 2748 PCIIde - ok
15:33:53.0484 2748 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:33:53.0531 2748 Pcmcia - ok
15:33:53.0546 2748 PDCOMP - ok
15:33:53.0562 2748 PDFRAME - ok
15:33:53.0562 2748 PDRELI - ok
15:33:53.0578 2748 PDRFRAME - ok
15:33:53.0578 2748 perc2 - ok
15:33:53.0593 2748 perc2hib - ok
15:33:53.0640 2748 PlugPlay (65df52f5b8b6e9bbd183505225c37315) C:\WINDOWS\system32\services.exe
15:33:53.0640 2748 PlugPlay - ok
15:33:53.0687 2748 Pml Driver HPZ12 (901c43516504cbe582e4c4193e00876a) C:\WINDOWS\system32\HPZipm12.exe
15:33:53.0687 2748 Pml Driver HPZ12 - ok
15:33:53.0703 2748 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:53.0718 2748 PolicyAgent - ok
15:33:53.0750 2748 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:33:53.0781 2748 PptpMiniport - ok
15:33:53.0796 2748 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:53.0796 2748 ProtectedStorage - ok
15:33:53.0812 2748 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:33:53.0828 2748 Ptilink - ok
15:33:53.0843 2748 ql1080 - ok
15:33:53.0843 2748 Ql10wnt - ok
15:33:53.0859 2748 ql12160 - ok
15:33:53.0859 2748 ql1240 - ok
15:33:53.0875 2748 ql1280 - ok
15:33:53.0875 2748 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:33:53.0890 2748 RasAcd - ok
15:33:53.0937 2748 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll
15:33:53.0968 2748 RasAuto - ok
15:33:53.0984 2748 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:33:54.0015 2748 Rasl2tp - ok
15:33:54.0078 2748 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll
15:33:54.0093 2748 RasMan - ok
15:33:54.0093 2748 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:33:54.0125 2748 RasPppoe - ok
15:33:54.0140 2748 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:33:54.0156 2748 Raspti - ok
15:33:54.0171 2748 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:33:54.0171 2748 Rdbss - ok
15:33:54.0187 2748 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:33:54.0203 2748 RDPCDD - ok
15:33:54.0250 2748 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:33:54.0250 2748 RDPWD - ok
15:33:54.0281 2748 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe
15:33:54.0343 2748 RDSessMgr - ok
15:33:54.0359 2748 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:33:54.0406 2748 redbook - ok
15:33:54.0468 2748 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll
15:33:54.0500 2748 RemoteAccess - ok
15:33:54.0546 2748 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe
15:33:54.0578 2748 RpcLocator - ok
15:33:54.0625 2748 RpcSs (6b27a5c03dfb94b4245739065431322c) C:\WINDOWS\System32\rpcss.dll
15:33:54.0640 2748 RpcSs - ok
15:33:54.0656 2748 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe
15:33:54.0703 2748 RSVP - ok
15:33:54.0718 2748 RTL8023xp (7f0413bdd7d53eb4c7a371e7f6f84df1) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys
15:33:54.0765 2748 RTL8023xp - ok
15:33:54.0781 2748 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe
15:33:54.0781 2748 SamSs - ok
15:33:54.0796 2748 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe
15:33:54.0843 2748 SCardSvr - ok
15:33:54.0890 2748 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll
15:33:54.0890 2748 Schedule - ok
15:33:54.0906 2748 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:33:54.0937 2748 Secdrv - ok
15:33:54.0984 2748 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll
15:33:54.0984 2748 seclogon - ok
15:33:55.0031 2748 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll
15:33:55.0031 2748 SENS - ok
15:33:55.0046 2748 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:33:55.0062 2748 serenum - ok
15:33:55.0078 2748 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
15:33:55.0140 2748 Serial - ok
15:33:55.0171 2748 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:33:55.0187 2748 Sfloppy - ok
15:33:55.0250 2748 SharedAccess (83f41d0d89645d7235c051ab1d9523ac) C:\WINDOWS\System32\ipnathlp.dll
15:33:55.0281 2748 SharedAccess - ok
15:33:55.0328 2748 ShellHWDetection (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:33:55.0328 2748 ShellHWDetection - ok
15:33:55.0343 2748 Simbad - ok
15:33:55.0359 2748 SiS315 (509d96916c7d9218e4083940b8711b9b) C:\WINDOWS\system32\DRIVERS\sisgrp.sys
15:33:55.0390 2748 SiS315 - ok
15:33:55.0406 2748 SiSkp (2c921a4cce0b3eb372ebf448939fa3bf) C:\WINDOWS\system32\DRIVERS\srvkp.sys
15:33:55.0437 2748 SiSkp - ok
15:33:55.0437 2748 SISNIC (3fbb6ef8b5a71a2fa11f5f461bb73219) C:\WINDOWS\system32\DRIVERS\sisnic.sys
15:33:55.0468 2748 SISNIC - ok
15:33:55.0500 2748 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:33:55.0515 2748 SLIP - ok
15:33:55.0515 2748 Sparrow - ok
15:33:55.0562 2748 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:33:55.0578 2748 splitter - ok
15:33:55.0609 2748 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:33:55.0609 2748 Spooler - ok
15:33:55.0625 2748 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
15:33:55.0625 2748 sr - ok
15:33:55.0671 2748 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll
15:33:55.0671 2748 srservice - ok
15:33:55.0703 2748 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:33:55.0718 2748 Srv - ok
15:33:55.0750 2748 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll
15:33:55.0750 2748 SSDPSRV - ok
15:33:55.0796 2748 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll
15:33:55.0812 2748 stisvc - ok
15:33:55.0828 2748 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:33:55.0843 2748 streamip - ok
15:33:55.0859 2748 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:33:55.0875 2748 swenum - ok
15:33:55.0890 2748 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:33:55.0921 2748 swmidi - ok
15:33:55.0984 2748 SwPrv - ok
15:33:56.0000 2748 symc810 - ok
15:33:56.0000 2748 symc8xx - ok
15:33:56.0015 2748 sym_hi - ok
15:33:56.0031 2748 sym_u3 - ok
15:33:56.0046 2748 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:33:56.0093 2748 sysaudio - ok
15:33:56.0125 2748 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe
15:33:56.0171 2748 SysmonLog - ok
15:33:56.0218 2748 TapiSrv (3cb78c17bb664637787c9a1c98f79c38) C:\WINDOWS\System32\tapisrv.dll
15:33:56.0218 2748 TapiSrv - ok
15:33:56.0250 2748 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:33:56.0265 2748 Tcpip - ok
15:33:56.0296 2748 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:33:56.0328 2748 TDPIPE - ok
15:33:56.0328 2748 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:33:56.0359 2748 TDTCP - ok
15:33:56.0359 2748 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:33:56.0390 2748 TermDD - ok
15:33:56.0453 2748 TermService (ff3477c03be7201c294c35f684b3479f) C:\WINDOWS\System32\termsrv.dll
15:33:56.0453 2748 TermService - ok
15:33:56.0515 2748 Themes (99bc0b50f511924348be19c7c7313bbf) C:\WINDOWS\System32\shsvcs.dll
15:33:56.0515 2748 Themes - ok
15:33:56.0515 2748 TosIde - ok
15:33:56.0578 2748 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll
15:33:56.0578 2748 TrkWks - ok
15:33:56.0609 2748 uagp35 (d85938f272d1bcf3db3a31fc0a048928) C:\WINDOWS\system32\DRIVERS\uagp35.sys
15:33:56.0609 2748 uagp35 - ok
15:33:56.0625 2748 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:33:56.0671 2748 Udfs - ok
15:33:56.0671 2748 ultra - ok
15:33:56.0718 2748 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:33:56.0750 2748 Update - ok
15:33:56.0796 2748 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll
15:33:56.0859 2748 upnphost - ok
15:33:56.0890 2748 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe
15:33:56.0937 2748 UPS - ok
15:33:56.0968 2748 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:33:57.0000 2748 usbccgp - ok
15:33:57.0000 2748 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:33:57.0031 2748 usbehci - ok
15:33:57.0046 2748 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:33:57.0078 2748 usbhub - ok
15:33:57.0109 2748 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:33:57.0125 2748 usbohci - ok
15:33:57.0140 2748 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:33:57.0171 2748 usbprint - ok
15:33:57.0187 2748 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:33:57.0203 2748 usbscan - ok
15:33:57.0203 2748 usbstor (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:33:57.0234 2748 usbstor - ok
15:33:57.0250 2748 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
15:33:57.0265 2748 usbuhci - ok
15:33:57.0312 2748 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:33:57.0328 2748 VgaSave - ok
15:33:57.0328 2748 ViaIde - ok
15:33:57.0359 2748 Video3D (8643da4a6c83da6c10fcab1e5ab6632d) C:\WINDOWS\system32\Drivers\Video3D32.sys
15:33:57.0359 2748 Video3D - ok
15:33:57.0375 2748 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
15:33:57.0375 2748 VolSnap - ok
15:33:57.0421 2748 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe
15:33:57.0484 2748 VSS - ok
15:33:57.0515 2748 W32Time (54af4b1d5459500ef0937f6d33b1914f) C:\WINDOWS\system32\w32time.dll
15:33:57.0515 2748 W32Time - ok
15:33:57.0546 2748 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:33:57.0578 2748 Wanarp - ok
15:33:57.0609 2748 Wdf01000 (fd47474bd21794508af449d9d91af6e6) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
15:33:57.0640 2748 Wdf01000 - ok
15:33:57.0656 2748 WDICA - ok
15:33:57.0671 2748 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:33:57.0718 2748 wdmaud - ok
15:33:57.0781 2748 WebClient (77a354e28153ad2d5e120a5a8687bc06) C:\WINDOWS\System32\webclnt.dll
15:33:57.0781 2748 WebClient - ok
15:33:57.0812 2748 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:33:57.0812 2748 winmgmt - ok
15:33:57.0875 2748 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:33:57.0906 2748 WmdmPmSN - ok
15:33:57.0921 2748 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:33:58.0000 2748 WmiApSrv - ok
15:33:58.0078 2748 WMPNetworkSvc (f74e3d9a7fa9556c3bbb14d4e5e63d3b) C:\Program Files\Windows Media Player\WMPNetwk.exe
15:33:58.0375 2748 WMPNetworkSvc - ok
15:33:58.0406 2748 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
15:33:58.0437 2748 WpdUsb - ok
15:33:58.0562 2748 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:33:58.0640 2748 WPFFontCache_v0400 - ok
15:33:58.0703 2748 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll
15:33:58.0718 2748 wscsvc - ok
15:33:58.0750 2748 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:33:58.0781 2748 WSTCODEC - ok
15:33:58.0859 2748 wuauserv (35321fb577cdc98ce3eb3a3eb9e4610a) C:\WINDOWS\system32\wuauserv.dll
15:33:58.0859 2748 wuauserv - ok
15:33:58.0890 2748 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:33:58.0890 2748 WudfPf - ok
15:33:58.0906 2748 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:33:58.0953 2748 WudfRd - ok
15:33:58.0984 2748 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:33:59.0015 2748 WudfSvc - ok
15:33:59.0062 2748 WZCSVC (81dc3f549f44b1c1fff022dec9ecf30b) C:\WINDOWS\System32\wzcsvc.dll
15:33:59.0109 2748 WZCSVC - ok
15:33:59.0156 2748 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll
15:33:59.0234 2748 xmlprov - ok
15:33:59.0281 2748 zumbus (21a96535dd0a118d5663e5adc5c90f9e) C:\WINDOWS\system32\DRIVERS\zumbus.sys
15:33:59.0296 2748 zumbus - ok
15:33:59.0328 2748 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
15:33:59.0765 2748 \Device\Harddisk0\DR0 - ok
15:33:59.0765 2748 Boot (0x1200) (9b52b37ff7a12788d7fb03ccf4a5c09c) \Device\Harddisk0\DR0\Partition0
15:33:59.0765 2748 \Device\Harddisk0\DR0\Partition0 - ok
15:33:59.0781 2748 Boot (0x1200) (fa99832f373a62d79a984fb88fa66fc5) \Device\Harddisk0\DR0\Partition1
15:33:59.0781 2748 \Device\Harddisk0\DR0\Partition1 - ok
15:33:59.0781 2748 ============================================================
15:33:59.0781 2748 Scan finished
15:33:59.0781 2748 ============================================================
15:33:59.0796 2112 Detected object count: 0
15:33:59.0796 2112 Actual detected object count: 0
15:36:01.0734 3580 Deinitialize success

ASWMBR

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-02 15:37:48
-----------------------------
15:37:48.625 OS Version: Windows 5.1.2600 Service Pack 3
15:37:48.625 Number of processors: 2 586 0x605
15:37:48.625 ComputerName: ME1 UserName:
15:37:49.484 Initialize success
15:41:30.406 AVAST engine defs: 12080200
15:42:19.765 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
15:42:19.765 Disk 0 Vendor: WDC_WD2500YD-01NVB1 10.02E01 Size: 239372MB BusType: 3
15:42:19.781 Disk 1 \Device\Harddisk1\DR1 -> \Device\Scsi\aic78xx1Port2Path0Target5Lun0
15:42:19.781 Disk 1 Vendor: IOMEGA__ N*32 Size: 239372MB BusType: 1
15:42:19.796 Disk 0 MBR read successfully
15:42:19.796 Disk 0 MBR scan
15:42:19.828 Disk 0 Windows XP default MBR code
15:42:19.843 Disk 0 Partition 1 80 (A) 0C FAT32 LBA MSWIN4.1 100006 MB offset 63
15:42:19.984 Disk 0 Partition - 00 0F Extended LBA 139360 MB offset 204812685
15:42:20.000 Disk 0 Partition 2 00 0B FAT32 MSWIN4.1 139360 MB offset 204812748
15:42:20.000 Disk 0 scanning sectors +490223475
15:42:20.062 Disk 0 scanning C:\WINDOWS\system32\drivers
15:42:36.421 Service scanning
15:42:44.218 Service MpKsl617d6e6a C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E0AFFE17-63A0-416F-B13B-225054DCD2ED}\MpKsl617d6e6a.sys **LOCKED** 32
15:42:53.343 Modules scanning
15:42:56.734 Disk 0 trace - called modules:
15:42:56.750 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
15:42:56.750 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8add4ab8]
15:42:56.750 3 CLASSPNP.SYS[ba0f8fd7] -> nt!IofCallDriver -> \Device\0000005e[0x8adf0f18]
15:42:56.750 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8adce940]
15:42:57.437 AVAST engine scan C:\WINDOWS
15:43:21.906 AVAST engine scan C:\WINDOWS\system32
15:48:42.421 AVAST engine scan C:\WINDOWS\system32\drivers
15:48:58.984 AVAST engine scan C:\Documents and Settings\Karl Shanholtzer
16:07:15.125 File: C:\Documents and Settings\Karl Shanholtzer\Application Data\legis.dll **INFECTED** Win32:Medfos-A [Trj]
16:10:30.250 AVAST engine scan C:\Documents and Settings\All Users
16:11:30.703 Scan finished successfully
16:13:19.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Karl Shanholtzer\Desktop\MBR.dat"
16:13:19.843 The log file has been saved successfully to "C:\Documents and Settings\Karl Shanholtzer\Desktop\aswMBR.txt"


EsetThreats

C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.13 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.14 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.15 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting (after the next restart) - quarantined
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Program Files\pdfforge Toolbar\IE\6.2\pdfforgeToolbarIE.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\Karl Shanholtzer\Local Settings\temp\NOD558.tmp a variant of Win32/Toolbar.Widgi application cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\Karl Shanholtzer\Local Settings\temp\NOD6D3.tmp a variant of Win32/Toolbar.Widgi application cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\Karl Shanholtzer\My Documents\Downloads\PDFCreator-1_2_3_setup.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Documents and Settings\Karl Shanholtzer\Application Data\legis.dll a variant of Win32/Medfos.BN trojan cleaned by deleting (after the next restart) - quarantined
C:\Documents and Settings\Karl Shanholtzer\Application Data\{7E1FB9CD-DB94-11E1-8270-B8AC6F996F26}\chrome\content\browser.xul JS/Redirector.NIQ trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1121\A0048941.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1146\A0050372.exe a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1146\A0050373.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1146\A0050374.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1146\A0050375.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1146\A0050376.dll a variant of Win32/Medfos.BN trojan cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1060\A0047973.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1060\A0047974.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1060\A0047977.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1063\A0048070.dll a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1128\A0048999.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1128\A0049002.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1128\A0049987.rbf a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1087\A0048411.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1087\A0048412.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1087\A0048415.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1137\A0050080.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1137\A0050083.RBF a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\System Volume Information\_restore{F99457CD-EB54-44AD-A57A-8267F73E213D}\RP1137\A0050110.rbf a variant of Win32/Toolbar.Widgi application cleaned by deleting - quarantined
D:\DVR_60FPS\s_install.exe Win32/RiskWare.WebServer.SmallHTTP.305 application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:45 AM

Posted 02 August 2012 - 05:39 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#5 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 02 August 2012 - 11:37 PM

Ran Malwarebytes with no errors.

At each start up I get the error "error loading legis.dll file could not be found"

=========================================================================================

Farbar Service Scanner Version: 26-07-2012
Ran by Karl Shanholtzer (administrator) on 03-08-2012 at 00:08:41
Running from "C:\Documents and Settings\Karl Shanholtzer\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
ATTENTION!=====> Unable to retrieve HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\\EnableFirewall value. The value does not exist.


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
fssfltr(10) Gpc(6) IPSec(4) NetBT(5) Tcpip(3)
0x0A0000000900000008000000070000000400000001000000020000000300000005000000060000000A000000


**** End of log ****

MiniToolBox by Farbar Version: 23-07-2012
Ran by Karl Shanholtzer (administrator) on 03-08-2012 at 00:02:15
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "127.0.0.1"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8169/8110 Family Gigabit Ethernet NIC = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=static addr=8.8.8.8 register=PRIMARY
add dns name="Local Area Connection 2" addr=8.8.4.4 index=2
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : me1

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Mixed

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : westell.com



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : westell.com

Description . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ethernet NIC

Physical Address. . . . . . . . . : 00-16-EC-00-03-40

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.27

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 8.8.8.8

8.8.4.4

Lease Obtained. . . . . . . . . . : Thursday, August 02, 2012 10:26:34 PM

Lease Expires . . . . . . . . . . : Friday, August 03, 2012 10:26:34 PM

Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: google.com
Addresses: 74.125.225.66, 74.125.225.65, 74.125.225.68, 74.125.225.67
74.125.225.78, 74.125.225.64, 74.125.225.72, 74.125.225.70, 74.125.225.69
74.125.225.71, 74.125.225.73



Pinging google.com [74.125.225.66] with 32 bytes of data:



Reply from 74.125.225.66: bytes=32 time=39ms TTL=56

Reply from 74.125.225.66: bytes=32 time=39ms TTL=56



Ping statistics for 74.125.225.66:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 39ms, Maximum = 39ms, Average = 39ms

Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: yahoo.com
Addresses: 209.191.122.70, 72.30.38.140, 98.139.183.24



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:



Reply from 209.191.122.70: bytes=32 time=73ms TTL=53

Reply from 209.191.122.70: bytes=32 time=73ms TTL=53



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 73ms, Maximum = 73ms, Average = 73ms

Server: google-public-dns-a.google.com
Address: 8.8.8.8

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 16 ec 00 03 40 ...... Realtek RTL8169/8110 Family Gigabit Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.27 30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.27 192.168.1.27 30
192.168.1.27 255.255.255.255 127.0.0.1 127.0.0.1 30
192.168.1.255 255.255.255.255 192.168.1.27 192.168.1.27 30
224.0.0.0 240.0.0.0 192.168.1.27 192.168.1.27 30
255.255.255.255 255.255.255.255 192.168.1.27 192.168.1.27 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/02/2012 05:46:03 PM) (Source: Application Error) (User: )
Description: Faulting application FlashPlayerUpdateService.exe, version 11.3.300.268, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000113c0.
Processing media-specific event for [FlashPlayerUpdateService.exe!ws!]

Error: (08/02/2012 05:33:31 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (08/02/2012 05:33:30 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.

Error: (08/02/2012 05:33:30 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory

Error: (08/02/2012 05:33:22 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.7680

Error: (08/02/2012 05:33:20 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{A38B334A-A0A2-436D-BAA0-34FE5E517E44}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log.

Error: (08/02/2012 05:33:20 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory

Error: (08/02/2012 05:31:09 AM) (Source: NativeWrapper) (User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (08/02/2012 05:31:08 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.

Error: (08/02/2012 05:31:08 AM) (Source: MsiInstaller) (User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory


System errors:
=============
Error: (08/02/2012 10:27:27 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
uagp35

Error: (08/02/2012 10:26:48 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (08/02/2012 05:33:33 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2686509).

Error: (08/02/2012 05:33:31 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).

Error: (08/02/2012 05:33:22 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).

Error: (08/02/2012 05:31:57 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2686509).

Error: (08/02/2012 05:31:14 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656353).

Error: (08/02/2012 05:31:03 AM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).

Error: (08/01/2012 11:42:57 PM) (Source: Service Control Manager) (User: )
Description: The Windows Image Acquisition (WIA) service terminated unexpectedly. It has done this 1 time(s).

Error: (08/01/2012 11:42:28 PM) (Source: Service Control Manager) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly. It has done this 1 time(s).


Microsoft Office Sessions:
=========================
Error: (08/02/2012 05:46:03 PM) (Source: Application Error)(User: )
Description: FlashPlayerUpdateService.exe11.3.300.268ntdll.dll5.1.2600.6055000113c0

Error: (08/02/2012 05:33:31 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (08/02/2012 05:33:30 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log

Error: (08/02/2012 05:33:30 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory(NULL)(NULL)(NULL)

Error: (08/02/2012 05:33:22 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1705.5046kb26563701033643finstallx865.1.2600.2.3.0.7680

Error: (08/02/2012 05:33:20 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{A38B334A-A0A2-436D-BAA0-34FE5E517E44}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2656370-X86\NDP1.1sp1-KB2656370-X86-msi.0.log

Error: (08/02/2012 05:33:20 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory(NULL)(NULL)(NULL)

Error: (08/02/2012 05:31:09 AM) (Source: NativeWrapper)(User: )
Description: visualstudio7x80updatemsiexec.exe1.0.1701.5039kb26563531033643finstallx865.1.2600.2.3.0.7680

Error: (08/02/2012 05:31:08 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Microsoft .NET Framework 1.1{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}1603C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log

Error: (08/02/2012 05:31:08 AM) (Source: MsiInstaller)(User: NT AUTHORITY)NT AUTHORITY
Description: Product: Microsoft .NET Framework 1.1 -- Internal Error 2705. Directory(NULL)(NULL)(NULL)


=========================== Installed Programs ============================

2001 TurboTax Home & Business
2600 (Version: 43.0.217.000)
2600_Help (Version: 43.0.217.000)
2600Trb (Version: 43.0.217.000)
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Active@ File Recovery
Adobe AIR (Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (Version: 11.3.300.270)
Adobe Photoshop 5.0 (Version: 5.0)
Adobe Photoshop Album 2.0 Starter Edition (Version: 2.00.100)
Adobe Reader 9.5.1 (Version: 9.5.1)
AiO_Scan (Version: 43.0.217.000)
AiOSoftware (Version: 43.0.217.000)
AnswerWorks 4.0 Runtime - English (Version: 4.0.101)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
Apple Software Update (Version: 2.1.1.116)
ASUS Gamer OSD (Version: 2.05.1023)
ASUS nVidia Driver (Version: 5.00.0000)
ASUS Smart Doctor (Version: 5.085)
ASUS Utilities (Version: 1.00.0000)
ASUS VideoSecurity Online (Version: 3.5.1.3)
Audit Support Center 1.0 (Version: 1.0)
AutoUpdate (Version: 1.0)
BufferChm (Version: 43.1.5.000)
CED Data Collector
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Uninstaller
Critical Update for Windows Media Player 11 (KB959772)
CuteFTP
CwGet V1.60
Destinations (Version: 43.1.5.000)
Director (Version: 43.1.5.000)
DivX (Version: 5.2.1)
DivX Player (Version: 2.6)
Dr Watson for Microsoft Windows OneCare Live v1.0.0971.36 (Version: 1.0.0971.36)
DYMO Label Software
Easy Internet Sign-up
EM6800-U External Modem Files
ESET Online Scanner v3
Fax (Version: 43.0.217.000)
GameSpy Arcade
GdiplusUpgrade (Version: 1.00.01)
Ghost Explorer
Google Chrome (Version: 21.0.1180.60)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.3.2710.138)
Google Update Helper (Version: 1.3.21.115)
HostsMan 3.2.73 (Version: 3.2.73)
HP Diagnostic Assistant (Version: 1.0.1.0)
HP Image Zone 4.2 (Version: 4.2)
hp instant support (Version: 4.03.00)
HP Print Diagnostic Utility (Version: 1.11.0001)
HP PSC & OfficeJet 4.2
HP Software Update (Version: 2.0.39.20040212)
HP Unload DLL Patch (Version: 1.00.0000)
HPSystemDiagnostics (Version: 1.5.0.0)
ImgBurn (Version: 2.4.4.0)
Internet Explorer Q903235
IsoBuster 2.4 (Version: 2.4)
ItsDeductible Express (Version: 1.00.0000)
iTunes (Version: 6.0.5.20)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
Lowrance Mapping
Macromedia Shockwave Player (Version: 10.1.0.11)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Medal of Honor Allied Assault
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft PhotoDraw 2000
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works 6-9 Converter (Version: 9.7.0621)
Mozilla Firefox 14.0.1 (x86 en-US) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB925672) (Version: 4.20.9839.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Netcraft Toolbar (Version: 1.0.0.0)
Norton PC Checkup (Version: 3.0.1.46.0)
NVIDIA Display Driver
NVIDIA Drivers
On Target v1.10
Opera 10.53 (Version: 10.53)
Overland (Version: 2.1.5)
Palm Desktop (Version: 4.1.0410)
PDFCreator (Version: 1.2.3)
pdfforge Toolbar v6.2 (Version: 6.2)
Pocket Tunes 3.1.6
Polaroid PolaColor Insight v4.5 (Remove only)
ProductContext (Version: 43.0.217.000)
QFolder (Version: 1.00.0000)
Quicken Basic 99
QuickTime (Version: 7.55.90.70)
Readme (Version: 43.0.217.000)
RealPlayer
Realtek AC'97 Audio
REALTEK Gigabit and Fast Ethernet NIC Driver (Version: 1.70)
Realtek High Definition Audio Driver (Version: 1.91)
RealUpgrade 1.0 (Version: 1.0.0)
Rhapsody Player Engine (Version: 1.0.604)
Rhapsody Player Engine (Version: 1.1.0)
SafeCast Shared Components
Scan (Version: 4.1.0.0)
SeaTools for Windows (Version: 1.2.0.1)
Segoe UI (Version: 14.0.4327.805)
Sierra Print Artist 4.5
Sierra Utilities
SiS 900 PCI Fast Ethernet Adapter Driver
SiS VGA Utilities
Sound Forge 4.0 for Windows 95 and NT (x86)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Spybot - Search & Destroy 1.2 (Version: 1.2)
Symbol CS1504 SDK (Version: 1.3.5)
TrayApp (Version: 43.1.5.000)
True Internet Color®
TurboTax 2008
TurboTax 2008 WinPerFedFormset (Version: 008.000.0341)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0219)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0197)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1007)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0433)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2008 wwviper (Version: 008.000.0126)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.2163)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2009 wwviper (Version: 009.000.0657)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.4227)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0483)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0214)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2010 wwviper (Version: 010.000.1322)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0474)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2011 wwviper (Version: 011.000.1493)
TurboTax Audit Support Center 3.0
TurboTax Deluxe 2002
TurboTax Deluxe 2003
TurboTax Deluxe 2004
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005 (Version: 9.05.0000)
TurboTax ItsDeductible 2006 (Version: 10.00.0000)
Unload (Version: 4.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
URGE (Version: 1.1.8115.0)
Verizon Online
Visual IP InSight 4.3 (VerizonDSL)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 43.1.5.000)
WexTech AnswerWorks (Version: 1.00.000)
Windows Defender Signatures (Version: 1.20.0.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0017.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20061027.150806)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8064.0206)
Windows Live Communications Platform (Version: 14.0.8064.206)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
Windows XP Uninstall
WinFox V1.0 Setup
WinRAR archiver
WinZip
XviD MPEG-4 Video Codec
Yahoo! Toolbar

========================= Memory info: ===================================

Percentage of memory in use: 26%
Total physical RAM: 3071.29 MB
Available physical RAM: 2263.07 MB
Total Pagefile: 4015.41 MB
Available Pagefile: 3299.81 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.98 MB

========================= Partitions: =====================================

2 Drive c: (WIN_ME) (Fixed) (Total:97.64 GB) (Free:39.19 GB) FAT32
3 Drive d: (DISK_2) (Fixed) (Total:136.06 GB) (Free:119.74 GB) FAT32

========================= Users: ========================================

User accounts for \\ME1

Administrator Guest HelpAssistant
Karl Shanholtzer SUPPORT_388945a0


**** End of log ****


# AdwCleaner v1.800 - Logfile created 08/03/2012 at 00:12:07
# Updated 01/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Karl Shanholtzer - ME1
# Running from : C:\Documents and Settings\Karl Shanholtzer\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Application Updater

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\Karl Shanholtzer\Application Data\pdfforge
Folder Deleted : C:\Documents and Settings\Karl Shanholtzer\Application Data\Search Settings
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\pdfforge Toolbar
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\spigot

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Application Updater
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\pdfforge
Key Deleted : HKLM\SOFTWARE\Search Settings
Key Deleted : HKLM\SOFTWARE\Viewpoint
Key Deleted : HKLM\SOFTWARE\Wise Solutions

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Opera v10.53.3374.0

File : C:\Documents and Settings\Karl Shanholtzer\Application Data\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2607 octets] - [03/08/2012 00:10:55]
AdwCleaner[S1].txt - [2600 octets] - [03/08/2012 00:12:07]

########## EOF - C:\AdwCleaner[S1].txt - [2728 octets] ##########

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:45 AM

Posted 02 August 2012 - 11:50 PM

Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#7 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 03 August 2012 - 12:31 AM

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "ASUSGamerOSD" "ASUS GamerOSD" "ASUSTeK Computer Inc." "c:\program files\asus\gamerosd\gamerosd.exe"
+ "HP Component Manager" "HP Framework Component Manager Service" "Hewlett-Packard Company" "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
+ "HP Software Update" "hpwuSchd" "Hewlett-Packard Company" "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "HPDJ Taskbar Utility" "" "HP" "c:\windows\system32\spool\drivers\w32x86\3\hpztsb05.exe"
+ "legis" "" "" "File not found: C:\Documents and Settings\Karl Shanholtzer\Application Data\legis.dll"
+ "Malwarebytes' Anti-Malware" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamgui.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "nwiz" "NVIDIA nView Wizard, Version 111.32 " "NVIDIA Corporation" "c:\windows\system32\nwiz.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\common files\real\update_ob\realsched.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "HP Digital Imaging Monitor (CUE)" "Hewlett-Packard Co." "c:\program files\hp\digital imaging\bin\hpqtra08.exe"
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files\microsoft office\office\osa9.exe"
+ "Quicken Startup.lnk" "Quicken Load DLLs" "Intuit" "c:\quickenw\qwdlls.exe"
"C:\Documents and Settings\Karl Shanholtzer\Start Menu\Programs\Startup" "" "" ""
+ "HotSync Manager.lnk" "HotSync® Manager Application" "Palm, Inc." "c:\program files\palmone\hotsync.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Power Policy Settings" "" "" "File not found: setupx.dll"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "ASUS SmartDoctor" "SmartDoctor" "ASUSTeK Inc." "c:\program files\asus\smartdoctor\smartdoctor.exe"
+ "msnmsgr" "Windows Live Messenger" "Microsoft Corporation" "c:\program files\windows live\messenger\msnmsgr.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "cetihpz" "HPCETIUI Protocol Handler Module" "Hewlett-Packard Company" "c:\program files\hp\hpcoretech\comp\hpuiprot.dll"
+ "livecall" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll"
+ "msnim" "Windows Live Messenger Protocol Handler Module" "Microsoft Corporation" "c:\program files\windows live\messenger\msgrapp.14.0.8089.0726.dll"
+ "wlmailhtml" "Windows Live Mail" "Microsoft Corporation" "c:\program files\windows live\mail\mailcomm.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "CuteFTP" "CuteShell DLL" "" "c:\program files\globalscape\cuteftp\cuteshell.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "" "" "c:\program files\winzip\wzshlext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "CuteFTP" "CuteShell DLL" "" "c:\program files\globalscape\cuteftp\cuteshell.dll"
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "" "" "c:\program files\winzip\wzshlext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "" "" "c:\program files\winzip\wzshlext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "00nView" "NVIDIA Desktop Explorer, Version 111.32 " "NVIDIA Corporation" "c:\windows\system32\nvshell.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "nView" "NVIDIA Desktop Explorer, Version 111.32 " "NVIDIA Corporation" "c:\windows\system32\nvshell.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "" "" "c:\program files\winzip\wzshlext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WinZip" "" "" "c:\program files\winzip\wzshlext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "Windows Live Sign-in Helper" "WindowsLiveLogin.dll" "Microsoft Corporation" "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Yahoo! Toolbar Helper" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn0\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Netcraft Toolbar" "Netcraft Toolbar" "Netcraft" "c:\program files\netcraft toolbar\nctb.dll"
+ "Yahoo! Toolbar" "Yahoo! Toolbar" "Yahoo! Inc." "c:\program files\yahoo!\companion\installs\cpn0\yt.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.3 r300" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "Microsoft Antimalware Scheduled Scan.job" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "MpIdleTask.job" "Microsoft Malware Protection Command Line Utility" "Microsoft Corporation" "c:\program files\microsoft security client\mpcmdrun.exe"
+ "PC Checkup 3 Weekly Scan.job" "NortonLive Updater" "Symantec Corporation" "c:\program files\norton pc checkup 3.0\nlapplauncher.exe"
+ "RealUpgradeLogonTaskS-1-5-21-1482476501-261478967-725345543-1004.job" "RealUpgrade Launcher " "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-1482476501-261478967-725345543-1004.job" "RealUpgrade Launcher " "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "ATKKeyboardService" "ASUS Keyboard Service " "ASUSTeK COMPUTER INC." "c:\windows\atkkbservice.exe"
+ "fsssvc" "This service enables Family Safety on the computer. If this service is not running, Family Safety will not work." "Microsoft Corporation" "c:\program files\windows live\family safety\fsssvc.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "IntuitUpdateService" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files\common files\intuit\update service\intuitupdateservice.exe"
+ "IntuitUpdateServiceV4" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files\common files\intuit\update service v4\intuitupdateservice.exe"
+ "iPodService" "iPod hardware management services" "Apple Computer, Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "Norton PC Checkup Application Launcher" "Provides consolidated application launching facility" "Symantec Corporation" "c:\program files\norton pc checkup 3.0\symcpcculaunchsvc.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "Pml Driver HPZ12" "PML Driver" "HP" "c:\windows\system32\hpzipm12.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ALCXWDM" "Realtek AC'97 Audio Driver (WDM)" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\alcxwdm.sys"
+ "asusgsb" "ASUS Virtual Video Capture Device Driver" "ASUSTeK Computer Inc." "c:\windows\system32\drivers\asusgsb.sys"
+ "asuskbnt" "ASUS Help driver For Keyboard Service." "ASUSTeK COMPUTER INC." "c:\windows\system32\drivers\atkkbnt.sys"
+ "ASUSVRC" "AsusVRC" "ASUSTeK COMPUTER INC." "c:\windows\system32\drivers\asusvrc.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "EIO_XP" "ASUS Kernel Mode Driver for NT " "ASUSTeK Computer Inc." "c:\windows\system32\drivers\eio_xp.sys"
+ "fvntdftg" "" "" "File not found: C:\WINDOWS\system32\drivers\fvntdftg.sys"
+ "GEARAspiWDM" "CDRom Class Filter Driver" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HPZid412" "IEEE-1284.4-1999 Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzid412.sys"
+ "HPZipr12" "IEEE-1284.4-1999 Print Class Driver" "HP" "c:\windows\system32\drivers\hpzipr12.sys"
+ "HPZius12" "1284.4<->Usb Datalink Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzius12.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 169.21 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "PalmUSBD" "USB Driver for Palm OS Handheld Devices" "Palm, Inc." "c:\windows\system32\drivers\palmusbd.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "RTL8023xp" "Realtek 10/100/1000 NDIS 5.1 Driver " "Realtek Semiconductor Corporation " "c:\windows\system32\drivers\rtlnicxp.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SiS315" "SiS Compatible Super VGA Driver" "Silicon Integrated Systems Corporation" "c:\windows\system32\drivers\sisgrp.sys"
+ "SiSkp" "SiS VGA Driver Manager" "Silicon Integrated Systems Corporation" "c:\windows\system32\drivers\srvkp.sys"
+ "SISNIC" "SiS PCI Fast Ethernet Adapter Driver" "SiS Corporation" "c:\windows\system32\drivers\sisnic.sys"
+ "Video3D" "ASUS Video3D driver" "ASUSTeK COMPUTER INC." "c:\windows\system32\drivers\video3d32.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "msacm.voxacm160" "Voxware Audio Compression Manager Driver" "Voxware, Inc." "c:\windows\system32\vct3216.acm"
+ "vidc.asv2" "" "" "c:\windows\system32\asusasv2.dll"
+ "VIDC.BT20" "" "" "File not found: btvvc32.drv"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX® Codec for Windows" "DivXNetworks, Inc." "c:\windows\system32\divx.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "VIDC.TSCC" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\system32\tsccvid.dll"
+ "VIDC.VDOM" "" "" "File not found: vdowave.drv"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
+ "VIDC.Y41P" "" "" "File not found: btvvc32.drv"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Audio Plug-In Chainer" "Audio Plug-In Chainer" "Sonic Foundry, Inc." "c:\program files\sound forge\sfqgraph.dll"
+ "Audio Plug-In Chainer" "Audio Plug-In Chainer" "Sonic Foundry, Inc." "c:\program files\sound forge\sfqgraph.dll"
+ "Indeo® video 4.3 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.3 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.3 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.3 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ASUS ASV2 Video CODEC" "ASUS Video Compression Filter" "MyCompanyName" "c:\program files\asus\asus videosecurity\asusasv2.ax"
+ "ASUS PFConverter Filter" "" "" "c:\program files\asus\asus videosecurity\asus_converter.ax"
+ "ASUS SBS RTP Render Filter" "NetVideo for SBS" "ASUSTeK Computer Inc." "c:\windows\system32\netvideo_sbs.ax"
+ "ASUS SBS RTP Source Filter" "NetVideo for SBS" "ASUSTeK Computer Inc." "c:\windows\system32\netvideo_sbs.ax"
+ "ASUS VS Sender" "RtpSource" "ASUSTeK Inc." "c:\program files\asus\asus videosecurity\rtpsender.ax"
+ "BDA MPEG2 Transport Information Filter" "" "" "File not found: C:\WINDOWS\SYSTEM32\PSISRNDR.AX"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture File Writer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "DivX Decoder Filter" "DivX® Decoder Filter" "DivXNetworks, Inc." "c:\windows\system32\divxdec.ax"
+ "DivX for Blizzard Decoder Filter" "" "" "File not found: C:\PROGRAM FILES\WARCRAFT III\BLIZZARD.AX"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "H263 Decode Filter" "H.263 Codec" "Microsoft Corporation" "c:\program files\asus\asus videosecurity\h263_32.ax"
+ "H263 Encode Transform Filter" "H.263 Codec" "Microsoft Corporation" "c:\program files\asus\asus videosecurity\h263_32.ax"
+ "Indeo Video ® 5.0 Progressive Download Source" "Intel Indeo® video IVF Source Filter 5.10" "Intel Corporation" "c:\windows\system32\ivfsrc.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.04 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.04 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Live Video Acquisition Filters" "Microsoft Corporation" "c:\program files\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "XviD MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpzlnt10" "" "HP" "c:\windows\system32\hpzlnt10.dll"
+ "PDFCreator" "" "" "c:\windows\system32\pdfcmnnt.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:45 AM

Posted 03 August 2012 - 12:45 AM

Launch autoruns and uncheck this entry

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "legis" "" "" "File not found: C:\Documents and Settings\Karl Shanholtzer\Application Data\legis.dll"

That looks good

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#9 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 03 August 2012 - 08:18 AM

Is there another place to download TFC, I am trying to find TFC but I get the following error message:
====================================================================
Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator, webmaster@oldtimer.geekstogo.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.22 (Unix) mod_ssl/2.2.22 OpenSSL/1.0.0-fips mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 Server at oldtimer.geekstogo.com Port 80

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:45 AM

Posted 03 August 2012 - 08:31 AM

Download from here

http://www.itxassociates.com/OT-Tools/TFC.exe

#11 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 03 August 2012 - 10:36 AM

TFC locks up the computer
Updates fail to install
flash fails to install

I have to leave and will be back tuesday, I will be in contact then and we can figure this out.

Thanks

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:45 AM

Posted 03 August 2012 - 12:57 PM

Run TFC in safemode

#13 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 10 August 2012 - 06:54 PM

I am back now,
TFC locks up the computer
Updates fail to install
flash fails to install

Any ideas?

K

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:04:45 AM

Posted 10 August 2012 - 07:34 PM

Did you run TFC in safemode?

Please explain when you say fails to install? Errors?

Edited by narenxp, 10 August 2012 - 07:34 PM.


#15 kshan

kshan
  • Topic Starter

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:04:45 AM

Posted 10 August 2012 - 09:47 PM

I will try it in safe mode
The updates are
Security Update KB2686509 with error 0x8007f0f4
Net framework security update KB2656353 error 0x80070643
Net framework security update KB2656370 error 0x80070643

here is a line from the log file
MSI (s) (10:68) [17:34:00:296]: Product: Microsoft .NET Framework 1.1 - Update '{0213C6AF-5562-4D09-884C-2ADCFC8C2F35}' could not be installed. Error code 1603. Additional information is available in the log file C:\WINDOWS\TEMP\NDP1.1sp1-KB2656353-X86\NDP1.1sp1-KB2656353-X86-msi.0.log.

do you want the log files?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users