Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

No Safe boot and firewall


  • Please log in to reply
12 replies to this topic

#1 leedsfan2

leedsfan2

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 20 September 2012 - 02:46 AM

A few weeks ago I had an issue where on boot up the pc hung at the welcome screen, previous to this I had noted what I presume to have been a virus disabled Safe Boot and firewall wont switch on. Had a guy in who, as the PC is very old buts does the job, said its broke get a new one or recondition, thanks mate. then after hitting every key at random it started then went back to the hanging. Then by accident found tyhat if I disconnected the net I could boot up then re-connect. Switched off some odd start up progs including ACQTMAPP and it now boots up. But I am still missing safe boot and cant switch on the windows firewall. PC seems very slow although old is normally ok. your team helped a few years ago and sorted my prob then.

Edited by hamluis, 20 September 2012 - 05:38 AM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 20 September 2012 - 04:05 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 leedsfan2

leedsfan2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 21 September 2012 - 05:44 AM

Thanks for the prompt reply, as instructed please note the following:-


06:57:10.0648 0960 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
06:57:11.0229 0960 ============================================================
06:57:11.0229 0960 Current date / time: 2012/09/21 06:57:11.0229
06:57:11.0229 0960 SystemInfo:
06:57:11.0229 0960
06:57:11.0229 0960 OS Version: 5.1.2600 ServicePack: 3.0
06:57:11.0229 0960 Product type: Workstation
06:57:11.0229 0960 ComputerName: BLANDIES
06:57:11.0229 0960 UserName: Jackson
06:57:11.0229 0960 Windows directory: C:\windows
06:57:11.0229 0960 System windows directory: C:\windows
06:57:11.0229 0960 Processor architecture: Intel x86
06:57:11.0229 0960 Number of processors: 1
06:57:11.0229 0960 Page size: 0x1000
06:57:11.0229 0960 Boot type: Normal boot
06:57:11.0229 0960 ============================================================
06:57:13.0653 0960 Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
06:57:13.0713 0960 ============================================================
06:57:13.0713 0960 \Device\Harddisk0\DR0:
06:57:13.0713 0960 MBR partitions:
06:57:13.0713 0960 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
06:57:13.0713 0960 ============================================================
06:57:13.0753 0960 C: <-> \Device\Harddisk0\DR0\Partition1
06:57:13.0753 0960 ============================================================
06:57:13.0753 0960 Initialize success
06:57:13.0753 0960 ============================================================
06:58:14.0170 1228 ============================================================
06:58:14.0170 1228 Scan started
06:58:14.0170 1228 Mode: Manual; TDLFS;
06:58:14.0170 1228 ============================================================
06:58:16.0062 1228 ================ Scan system memory ========================
06:58:16.0062 1228 System memory - ok
06:58:16.0072 1228 ================ Scan services =============================
06:58:16.0233 1228 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
06:58:16.0253 1228 !SASCORE - ok
06:58:16.0423 1228 [ 0352A73CD6B1782EA3ED7A03A8268F55 ] Aavmker4 C:\windows\system32\drivers\Aavmker4.sys
06:58:16.0433 1228 Aavmker4 - ok
06:58:16.0453 1228 Abiosdsk - ok
06:58:16.0463 1228 abp480n5 - ok
06:58:16.0513 1228 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\windows\system32\DRIVERS\ACPI.sys
06:58:16.0523 1228 ACPI - ok
06:58:16.0573 1228 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\windows\system32\drivers\ACPIEC.sys
06:58:16.0593 1228 ACPIEC - ok
06:58:16.0613 1228 adpu160m - ok
06:58:16.0653 1228 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\windows\system32\drivers\aec.sys
06:58:16.0663 1228 aec - ok
06:58:16.0703 1228 [ A7B8A3A79D35215D798A300DF49ED23F ] Afc C:\windows\system32\drivers\Afc.sys
06:58:16.0723 1228 Afc - ok
06:58:16.0783 1228 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\windows\System32\drivers\afd.sys
06:58:16.0813 1228 AFD - ok
06:58:16.0833 1228 Aha154x - ok
06:58:16.0843 1228 aic78u2 - ok
06:58:16.0863 1228 aic78xx - ok
06:58:16.0913 1228 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\windows\system32\alrsvc.dll
06:58:16.0934 1228 Alerter - ok
06:58:16.0964 1228 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\windows\System32\alg.exe
06:58:16.0964 1228 ALG - ok
06:58:16.0984 1228 AliIde - ok
06:58:17.0024 1228 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\windows\system32\DRIVERS\amdk7.sys
06:58:17.0054 1228 AmdK7 - ok
06:58:17.0074 1228 amsint - ok
06:58:17.0114 1228 appliand - ok
06:58:17.0134 1228 appliandMP - ok
06:58:17.0154 1228 AppMgmt - ok
06:58:17.0174 1228 asc - ok
06:58:17.0194 1228 asc3350p - ok
06:58:17.0214 1228 asc3550 - ok
06:58:17.0304 1228 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
06:58:17.0394 1228 aspnet_state - ok
06:58:17.0444 1228 [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk C:\windows\system32\drivers\aswFsBlk.sys
06:58:17.0444 1228 aswFsBlk - ok
06:58:17.0474 1228 [ 2B9B1DF809E965EF63402CBBA6DB50AE ] aswMon2 C:\windows\system32\drivers\aswMon2.sys
06:58:17.0484 1228 aswMon2 - ok
06:58:17.0544 1228 [ B7D5E4486BA658ED08624D8084ABB830 ] aswRdr C:\windows\system32\drivers\aswRdr.sys
06:58:17.0544 1228 aswRdr - ok
06:58:17.0685 1228 [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx C:\windows\system32\drivers\aswSnx.sys
06:58:17.0735 1228 aswSnx - ok
06:58:17.0795 1228 [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP C:\windows\system32\drivers\aswSP.sys
06:58:17.0815 1228 aswSP - ok
06:58:17.0865 1228 [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi C:\windows\system32\drivers\aswTdi.sys
06:58:17.0885 1228 aswTdi - ok
06:58:17.0935 1228 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
06:58:17.0935 1228 AsyncMac - ok
06:58:17.0965 1228 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\windows\system32\DRIVERS\atapi.sys
06:58:17.0965 1228 atapi - ok
06:58:17.0985 1228 Atdisk - ok
06:58:18.0035 1228 [ A2EAEB497CA29ECAEAF0DF66AD85C57D ] Ati HotKey Poller C:\windows\system32\Ati2evxx.exe
06:58:18.0095 1228 Ati HotKey Poller - ok
06:58:18.0145 1228 [ 312A17DFF710A0F4E6D4DD1D52EAD1A8 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
06:58:18.0205 1228 ATI Smart - ok
06:58:18.0295 1228 [ 492BD2A5F65F218D4EDE5764A3BB67E9 ] ati2mtag C:\windows\system32\DRIVERS\ati2mtag.sys
06:58:18.0396 1228 ati2mtag - ok
06:58:18.0446 1228 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\windows\system32\DRIVERS\atmarpc.sys
06:58:18.0466 1228 Atmarpc - ok
06:58:18.0506 1228 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\windows\System32\audiosrv.dll
06:58:18.0516 1228 AudioSrv - ok
06:58:18.0556 1228 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\windows\system32\DRIVERS\audstub.sys
06:58:18.0576 1228 audstub - ok
06:58:18.0706 1228 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
06:58:18.0716 1228 avast! Antivirus - ok
06:58:18.0736 1228 AVFSFilter - ok
06:58:18.0796 1228 [ FA6336F05695E39995884D0C959C9608 ] Avgfwdx C:\windows\system32\DRIVERS\avgfwdx.sys
06:58:18.0836 1228 Avgfwdx - ok
06:58:18.0846 1228 [ FA6336F05695E39995884D0C959C9608 ] Avgfwfd C:\windows\system32\DRIVERS\avgfwdx.sys
06:58:18.0856 1228 Avgfwfd - ok
06:58:18.0906 1228 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\windows\system32\drivers\Beep.sys
06:58:18.0906 1228 Beep - ok
06:58:18.0966 1228 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
06:58:19.0377 1228 BITS - ok
06:58:19.0427 1228 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\windows\System32\browser.dll
06:58:19.0437 1228 Browser - ok
06:58:19.0457 1228 btaudio - ok
06:58:19.0477 1228 BTDriver - ok
06:58:19.0517 1228 [ B279426E3C0C344893ED78A613A73BDE ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
06:58:19.0527 1228 BthEnum - ok
06:58:19.0557 1228 [ FCA6F069597B62D42495191ACE3FC6C1 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
06:58:19.0597 1228 BTHMODEM - ok
06:58:19.0617 1228 [ 80602B8746D3738F5886CE3D67EF06B6 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
06:58:19.0627 1228 BthPan - ok
06:58:19.0687 1228 [ 662BFD909447DD9CC15B1A1C366583B4 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
06:58:19.0718 1228 BTHPORT - ok
06:58:19.0758 1228 [ F4C43C66471B87996D95DB7A3A664A37 ] BthServ C:\windows\System32\bthserv.dll
06:58:19.0758 1228 BthServ - ok
06:58:19.0808 1228 [ 61364CD71EF63B0F038B7E9DF00F1EFA ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
06:58:19.0808 1228 BTHUSB - ok
06:58:19.0828 1228 BTWDNDIS - ok
06:58:19.0848 1228 btwhid - ok
06:58:19.0898 1228 [ A1DA2B09932F7BA210174695644F1490 ] btwmodem C:\windows\system32\DRIVERS\btwmodem.sys
06:58:19.0918 1228 btwmodem - ok
06:58:19.0938 1228 BTWUSB - ok
06:58:19.0978 1228 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\windows\system32\drivers\cbidf2k.sys
06:58:19.0978 1228 cbidf2k - ok
06:58:19.0998 1228 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\windows\system32\DRIVERS\CCDECODE.sys
06:58:20.0048 1228 CCDECODE - ok
06:58:20.0068 1228 cd20xrnt - ok
06:58:20.0108 1228 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\windows\system32\drivers\Cdaudio.sys
06:58:20.0118 1228 Cdaudio - ok
06:58:20.0138 1228 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\windows\system32\drivers\Cdfs.sys
06:58:20.0138 1228 Cdfs - ok
06:58:20.0188 1228 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\windows\system32\DRIVERS\cdrom.sys
06:58:20.0218 1228 Cdrom - ok
06:58:20.0238 1228 Changer - ok
06:58:20.0288 1228 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\windows\system32\cisvc.exe
06:58:20.0298 1228 cisvc - ok
06:58:20.0338 1228 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\windows\system32\clipsrv.exe
06:58:20.0338 1228 ClipSrv - ok
06:58:20.0378 1228 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:58:20.0489 1228 clr_optimization_v2.0.50727_32 - ok
06:58:20.0509 1228 CmdIde - ok
06:58:20.0529 1228 COMSysApp - ok
06:58:20.0569 1228 Cpqarray - ok
06:58:20.0699 1228 [ 3411FDF098AA20193EEE5FFA36BA43B2 ] cpuz135 C:\windows\system32\drivers\cpuz135_x32.sys
06:58:20.0699 1228 cpuz135 - ok
06:58:20.0739 1228 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\windows\System32\cryptsvc.dll
06:58:20.0739 1228 CryptSvc - ok
06:58:20.0759 1228 CSS DVP - ok
06:58:20.0779 1228 dac2w2k - ok
06:58:20.0789 1228 dac960nt - ok
06:58:20.0889 1228 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\windows\system32\rpcss.dll
06:58:20.0939 1228 DcomLaunch - ok
06:58:20.0989 1228 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\windows\System32\dhcpcsvc.dll
06:58:20.0999 1228 Dhcp - ok
06:58:21.0029 1228 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\windows\system32\DRIVERS\disk.sys
06:58:21.0029 1228 Disk - ok
06:58:21.0069 1228 dmadmin - ok
06:58:21.0200 1228 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\windows\system32\drivers\dmboot.sys
06:58:21.0230 1228 dmboot - ok
06:58:21.0260 1228 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\windows\system32\drivers\dmio.sys
06:58:21.0270 1228 dmio - ok
06:58:21.0310 1228 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\windows\system32\drivers\dmload.sys
06:58:21.0310 1228 dmload - ok
06:58:21.0370 1228 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\windows\System32\dmserver.dll
06:58:21.0380 1228 dmserver - ok
06:58:21.0410 1228 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\windows\system32\drivers\DMusic.sys
06:58:21.0410 1228 DMusic - ok
06:58:21.0470 1228 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\windows\System32\dnsrslvr.dll
06:58:21.0480 1228 Dnscache - ok
06:58:21.0520 1228 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\windows\System32\dot3svc.dll
06:58:21.0530 1228 Dot3svc - ok
06:58:21.0540 1228 dpti2o - ok
06:58:21.0590 1228 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
06:58:21.0610 1228 drmkaud - ok
06:58:21.0690 1228 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\windows\System32\eapsvc.dll
06:58:21.0710 1228 EapHost - ok
06:58:21.0760 1228 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\windows\System32\ersvc.dll
06:58:21.0760 1228 ERSvc - ok
06:58:21.0831 1228 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\windows\system32\services.exe
06:58:21.0881 1228 Eventlog - ok
06:58:21.0951 1228 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
06:58:21.0961 1228 EventSystem - ok
06:58:22.0001 1228 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\windows\system32\drivers\Fastfat.sys
06:58:22.0011 1228 Fastfat - ok
06:58:22.0061 1228 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll
06:58:22.0081 1228 FastUserSwitchingCompatibility - ok
06:58:22.0131 1228 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\windows\system32\DRIVERS\fdc.sys
06:58:22.0131 1228 Fdc - ok
06:58:22.0151 1228 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\windows\system32\drivers\Fips.sys
06:58:22.0161 1228 Fips - ok
06:58:22.0181 1228 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
06:58:22.0191 1228 Flpydisk - ok
06:58:22.0241 1228 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
06:58:22.0251 1228 FltMgr - ok
06:58:22.0331 1228 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
06:58:22.0341 1228 FontCache3.0.0.0 - ok
06:58:22.0401 1228 FreshIO - ok
06:58:22.0431 1228 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
06:58:22.0441 1228 Fs_Rec - ok
06:58:22.0471 1228 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\windows\system32\DRIVERS\ftdisk.sys
06:58:22.0481 1228 Ftdisk - ok
06:58:22.0502 1228 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\windows\system32\DRIVERS\gameenum.sys
06:58:22.0522 1228 gameenum - ok
06:58:22.0572 1228 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
06:58:22.0592 1228 GEARAspiWDM - ok
06:58:22.0632 1228 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\windows\system32\DRIVERS\msgpc.sys
06:58:22.0662 1228 Gpc - ok
06:58:22.0752 1228 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
06:58:22.0752 1228 gupdate - ok
06:58:22.0832 1228 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
06:58:22.0842 1228 gupdatem - ok
06:58:22.0912 1228 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
06:58:22.0972 1228 helpsvc - ok
06:58:23.0022 1228 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\windows\System32\hidserv.dll
06:58:23.0022 1228 HidServ - ok
06:58:23.0072 1228 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
06:58:23.0082 1228 HidUsb - ok
06:58:23.0132 1228 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\windows\System32\kmsvc.dll
06:58:23.0162 1228 hkmsvc - ok
06:58:23.0182 1228 hpn - ok
06:58:23.0203 1228 hpt3xx - ok
06:58:23.0373 1228 hSONYPVh - ok
06:58:23.0433 1228 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\windows\system32\Drivers\HTTP.sys
06:58:23.0453 1228 HTTP - ok
06:58:23.0503 1228 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\windows\System32\w3ssl.dll
06:58:23.0543 1228 HTTPFilter - ok
06:58:23.0563 1228 i2omgmt - ok
06:58:23.0583 1228 i2omp - ok
06:58:23.0603 1228 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
06:58:23.0613 1228 i8042prt - ok
06:58:23.0723 1228 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
06:58:23.0753 1228 IDriverT - ok
06:58:23.0863 1228 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:58:23.0904 1228 idsvc - ok
06:58:23.0954 1228 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\windows\system32\DRIVERS\imapi.sys
06:58:23.0954 1228 Imapi - ok
06:58:24.0014 1228 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\System32\imapi.exe
06:58:24.0024 1228 ImapiService - ok
06:58:24.0044 1228 ini910u - ok
06:58:24.0074 1228 IntelIde - ok
06:58:24.0214 1228 [ F61BD411A315B9721DDEF61E44D34474 ] IntelS51 C:\windows\system32\DRIVERS\IntelS51.sys
06:58:24.0314 1228 IntelS51 - ok
06:58:24.0344 1228 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\windows\system32\drivers\ip6fw.sys
06:58:24.0354 1228 ip6fw - ok
06:58:24.0384 1228 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
06:58:24.0394 1228 IpFilterDriver - ok
06:58:24.0404 1228 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\windows\system32\DRIVERS\ipinip.sys
06:58:24.0414 1228 IpInIp - ok
06:58:24.0444 1228 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\windows\system32\DRIVERS\ipnat.sys
06:58:24.0484 1228 IpNat - ok
06:58:24.0514 1228 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\windows\system32\DRIVERS\ipsec.sys
06:58:24.0524 1228 IPSec - ok
06:58:24.0554 1228 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\windows\system32\DRIVERS\irenum.sys
06:58:24.0554 1228 IRENUM - ok
06:58:24.0595 1228 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\windows\system32\DRIVERS\isapnp.sys
06:58:24.0605 1228 isapnp - ok
06:58:24.0675 1228 [ 9AA67569D5257462E230767510B0C815 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
06:58:24.0685 1228 JavaQuickStarterService - ok
06:58:24.0725 1228 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
06:58:24.0735 1228 Kbdclass - ok
06:58:24.0765 1228 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
06:58:24.0765 1228 kbdhid - ok
06:58:24.0825 1228 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\windows\system32\drivers\kmixer.sys
06:58:24.0835 1228 kmixer - ok
06:58:24.0895 1228 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\windows\system32\drivers\KSecDD.sys
06:58:24.0895 1228 KSecDD - ok
06:58:24.0925 1228 [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver C:\windows\System32\srvsvc.dll
06:58:24.0925 1228 lanmanserver - ok
06:58:24.0985 1228 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\windows\System32\wkssvc.dll
06:58:25.0055 1228 lanmanworkstation - ok
06:58:25.0065 1228 lbrtfdc - ok
06:58:25.0135 1228 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\windows\System32\lmhsvc.dll
06:58:25.0135 1228 LmHosts - ok
06:58:25.0145 1228 lxdd_device - ok
06:58:25.0175 1228 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\windows\System32\msgsvc.dll
06:58:25.0185 1228 Messenger - ok
06:58:25.0235 1228 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\windows\system32\drivers\mnmdd.sys
06:58:25.0255 1228 mnmdd - ok
06:58:25.0296 1228 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
06:58:25.0306 1228 mnmsrvc - ok
06:58:25.0346 1228 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\windows\system32\drivers\Modem.sys
06:58:25.0356 1228 Modem - ok
06:58:25.0396 1228 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\windows\system32\drivers\MODEMCSA.sys
06:58:25.0416 1228 MODEMCSA - ok
06:58:25.0446 1228 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\windows\system32\DRIVERS\mouclass.sys
06:58:25.0446 1228 Mouclass - ok
06:58:25.0496 1228 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
06:58:25.0496 1228 mouhid - ok
06:58:25.0526 1228 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\windows\system32\drivers\MountMgr.sys
06:58:25.0526 1228 MountMgr - ok
06:58:25.0606 1228 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
06:58:25.0636 1228 MozillaMaintenance - ok
06:58:25.0786 1228 MpKsld546b2a0 - ok
06:58:25.0806 1228 mraid35x - ok
06:58:25.0876 1228 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\windows\system32\DRIVERS\mrxdav.sys
06:58:25.0886 1228 MRxDAV - ok
06:58:25.0966 1228 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\windows\system32\DRIVERS\mrxsmb.sys
06:58:26.0007 1228 MRxSmb - ok
06:58:26.0057 1228 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
06:58:26.0067 1228 MSDTC - ok
06:58:26.0107 1228 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\windows\system32\drivers\Msfs.sys
06:58:26.0117 1228 Msfs - ok
06:58:26.0137 1228 MSIServer - ok
06:58:26.0167 1228 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
06:58:26.0177 1228 MSKSSRV - ok
06:58:26.0207 1228 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
06:58:26.0227 1228 MSPCLOCK - ok
06:58:26.0247 1228 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\windows\system32\drivers\MSPQM.sys
06:58:26.0247 1228 MSPQM - ok
06:58:26.0297 1228 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
06:58:26.0297 1228 mssmbios - ok
06:58:26.0327 1228 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\windows\system32\drivers\MSTEE.sys
06:58:26.0327 1228 MSTEE - ok
06:58:26.0367 1228 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\windows\system32\drivers\msmpu401.sys
06:58:26.0367 1228 ms_mpu401 - ok
06:58:26.0427 1228 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\windows\system32\drivers\Mup.sys
06:58:26.0427 1228 Mup - ok
06:58:26.0467 1228 [ 88705DC61B9275B82E48904D53031F5B ] n558 C:\windows\system32\Drivers\n558.sys
06:58:26.0477 1228 n558 - ok
06:58:26.0487 1228 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\windows\system32\DRIVERS\NABTSFEC.sys
06:58:26.0507 1228 NABTSFEC - ok
06:58:26.0567 1228 [ 0102140028FAD045756796E1C685D695 ] napagent C:\windows\System32\qagentrt.dll
06:58:26.0627 1228 napagent - ok
06:58:26.0688 1228 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\windows\system32\drivers\NDIS.sys
06:58:26.0698 1228 NDIS - ok
06:58:26.0748 1228 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\windows\system32\DRIVERS\NdisIP.sys
06:58:26.0748 1228 NdisIP - ok
06:58:26.0808 1228 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
06:58:26.0828 1228 NdisTapi - ok
06:58:26.0868 1228 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
06:58:26.0888 1228 Ndisuio - ok
06:58:26.0928 1228 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
06:58:26.0928 1228 NdisWan - ok
06:58:26.0978 1228 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\windows\system32\drivers\NDProxy.sys
06:58:26.0978 1228 NDProxy - ok
06:58:27.0028 1228 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
06:58:27.0028 1228 NetBIOS - ok
06:58:27.0058 1228 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\windows\system32\DRIVERS\netbt.sys
06:58:27.0068 1228 NetBT - ok
06:58:27.0108 1228 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\windows\system32\netdde.exe
06:58:27.0118 1228 NetDDE - ok
06:58:27.0138 1228 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\windows\system32\netdde.exe
06:58:27.0148 1228 NetDDEdsdm - ok
06:58:27.0198 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\windows\System32\lsass.exe
06:58:27.0198 1228 Netlogon - ok
06:58:27.0238 1228 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\windows\System32\netman.dll
06:58:27.0248 1228 Netman - ok
06:58:27.0298 1228 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
06:58:27.0308 1228 NetTcpPortSharing - ok
06:58:27.0348 1228 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\windows\System32\mswsock.dll
06:58:27.0369 1228 Nla - ok
06:58:27.0429 1228 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\windows\system32\drivers\Npfs.sys
06:58:27.0439 1228 Npfs - ok
06:58:27.0489 1228 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\windows\system32\drivers\Ntfs.sys
06:58:27.0509 1228 Ntfs - ok
06:58:27.0539 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\windows\System32\lsass.exe
06:58:27.0539 1228 NtLmSsp - ok
06:58:27.0599 1228 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\windows\system32\ntmssvc.dll
06:58:27.0639 1228 NtmsSvc - ok
06:58:27.0679 1228 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\windows\system32\drivers\Null.sys
06:58:27.0679 1228 Null - ok
06:58:27.0729 1228 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\windows\system32\DRIVERS\nwlnkflt.sys
06:58:27.0729 1228 NwlnkFlt - ok
06:58:27.0759 1228 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\windows\system32\DRIVERS\nwlnkfwd.sys
06:58:27.0759 1228 NwlnkFwd - ok
06:58:27.0829 1228 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:58:27.0839 1228 ose - ok
06:58:27.0969 1228 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\windows\system32\DRIVERS\parport.sys
06:58:27.0969 1228 Parport - ok
06:58:27.0999 1228 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\windows\system32\drivers\PartMgr.sys
06:58:27.0999 1228 PartMgr - ok
06:58:28.0039 1228 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\windows\system32\drivers\ParVdm.sys
06:58:28.0039 1228 ParVdm - ok
06:58:28.0090 1228 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\windows\system32\DRIVERS\pccsmcfd.sys
06:58:28.0100 1228 pccsmcfd - ok
06:58:28.0110 1228 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\windows\system32\DRIVERS\pci.sys
06:58:28.0120 1228 PCI - ok
06:58:28.0140 1228 PCIDump - ok
06:58:28.0160 1228 PCIIde - ok
06:58:28.0190 1228 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\windows\system32\drivers\Pcmcia.sys
06:58:28.0200 1228 Pcmcia - ok
06:58:28.0220 1228 PDCOMP - ok
06:58:28.0230 1228 PDFRAME - ok
06:58:28.0260 1228 PDRELI - ok
06:58:28.0270 1228 PDRFRAME - ok
06:58:28.0300 1228 perc2 - ok
06:58:28.0310 1228 perc2hib - ok
06:58:28.0390 1228 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\windows\system32\services.exe
06:58:28.0400 1228 PlugPlay - ok
06:58:28.0450 1228 [ BCE50BC860AF68232891BA632FD94D35 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
06:58:28.0490 1228 PnkBstrA - ok
06:58:28.0510 1228 [ C1C7F4DB9674C4F9C32337FF63848696 ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
06:58:28.0540 1228 PnkBstrB - ok
06:58:28.0570 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\windows\System32\lsass.exe
06:58:28.0580 1228 PolicyAgent - ok
06:58:28.0620 1228 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
06:58:28.0630 1228 PptpMiniport - ok
06:58:28.0680 1228 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\windows\system32\DRIVERS\processr.sys
06:58:28.0700 1228 Processor - ok
06:58:28.0761 1228 [ 18D9789A4664BF417EEA944D2776091A ] prodrv06 C:\windows\System32\drivers\prodrv06.sys
06:58:28.0761 1228 prodrv06 - ok
06:58:28.0791 1228 [ 8CC9671A7ED2902E747EE0892E1C8575 ] prohlp02 C:\windows\system32\drivers\prohlp02.sys
06:58:28.0801 1228 prohlp02 - ok
06:58:28.0821 1228 [ 960BCE3ED38761B446AABAC06C76BADF ] prosync1 C:\windows\system32\drivers\prosync1.sys
06:58:28.0831 1228 prosync1 - ok
06:58:28.0871 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\windows\system32\lsass.exe
06:58:28.0881 1228 ProtectedStorage - ok
06:58:28.0901 1228 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\windows\system32\DRIVERS\psched.sys
06:58:28.0901 1228 PSched - ok
06:58:28.0931 1228 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\windows\system32\DRIVERS\ptilink.sys
06:58:28.0931 1228 Ptilink - ok
06:58:28.0971 1228 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
06:58:28.0971 1228 PxHelp20 - ok
06:58:28.0991 1228 ql1080 - ok
06:58:29.0011 1228 Ql10wnt - ok
06:58:29.0031 1228 ql12160 - ok
06:58:29.0051 1228 ql1240 - ok
06:58:29.0071 1228 ql1280 - ok
06:58:29.0101 1228 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
06:58:29.0101 1228 RasAcd - ok
06:58:29.0141 1228 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\windows\System32\rasauto.dll
06:58:29.0151 1228 RasAuto - ok
06:58:29.0191 1228 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
06:58:29.0201 1228 Rasl2tp - ok
06:58:29.0251 1228 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\windows\System32\rasmans.dll
06:58:29.0271 1228 RasMan - ok
06:58:29.0301 1228 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
06:58:29.0311 1228 RasPppoe - ok
06:58:29.0341 1228 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\windows\system32\DRIVERS\raspti.sys
06:58:29.0341 1228 Raspti - ok
06:58:29.0401 1228 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\windows\system32\DRIVERS\rdbss.sys
06:58:29.0411 1228 Rdbss - ok
06:58:29.0431 1228 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
06:58:29.0441 1228 RDPCDD - ok
06:58:29.0512 1228 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
06:58:29.0532 1228 RDPWD - ok
06:58:29.0582 1228 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
06:58:29.0592 1228 RDSessMgr - ok
06:58:29.0622 1228 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\windows\system32\DRIVERS\redbook.sys
06:58:29.0632 1228 redbook - ok
06:58:29.0692 1228 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\windows\System32\mprdim.dll
06:58:29.0702 1228 RemoteAccess - ok
06:58:29.0742 1228 [ 851C30DF2807FCFA21E4C681A7D6440E ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
06:58:29.0742 1228 RFCOMM - ok
06:58:29.0852 1228 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\windows\system32\Drivers\RootMdm.sys
06:58:29.0852 1228 ROOTMODEM - ok
06:58:29.0892 1228 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\windows\System32\locator.exe
06:58:29.0902 1228 RpcLocator - ok
06:58:29.0962 1228 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\windows\system32\rpcss.dll
06:58:29.0982 1228 RpcSs - ok
06:58:30.0012 1228 RPSKT - ok
06:58:30.0052 1228 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\windows\System32\rsvp.exe
06:58:30.0062 1228 RSVP - ok
06:58:30.0102 1228 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\windows\system32\DRIVERS\RTL8139.SYS
06:58:30.0112 1228 rtl8139 - ok
06:58:30.0153 1228 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\windows\system32\lsass.exe
06:58:30.0163 1228 SamSs - ok
06:58:30.0333 1228 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
06:58:30.0333 1228 SASDIFSV - ok
06:58:30.0353 1228 SASENUM - ok
06:58:30.0383 1228 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
06:58:30.0383 1228 SASKUTIL - ok
06:58:30.0413 1228 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\windows\System32\SCardSvr.exe
06:58:30.0423 1228 SCardSvr - ok
06:58:30.0473 1228 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\windows\system32\schedsvc.dll
06:58:30.0493 1228 Schedule - ok
06:58:30.0573 1228 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\windows\system32\DRIVERS\secdrv.sys
06:58:30.0573 1228 Secdrv - ok
06:58:30.0593 1228 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\windows\System32\seclogon.dll
06:58:30.0603 1228 seclogon - ok
06:58:30.0643 1228 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\windows\system32\sens.dll
06:58:30.0653 1228 SENS - ok
06:58:30.0703 1228 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\windows\system32\DRIVERS\serenum.sys
06:58:30.0713 1228 serenum - ok
06:58:30.0733 1228 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\windows\system32\DRIVERS\serial.sys
06:58:30.0733 1228 Serial - ok
06:58:30.0773 1228 [ 1F16931C722C69E4A7866244796C66A0 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
06:58:30.0783 1228 sermouse - ok
06:58:30.0874 1228 [ 8988D1F32F56B3CD3F0F6C39F8A91A98 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
06:58:30.0934 1228 ServiceLayer - ok
06:58:31.0004 1228 [ 00DE597B81B381053CB5B21A7F20E365 ] sfdrv01 C:\windows\system32\drivers\sfdrv01.sys
06:58:31.0014 1228 sfdrv01 - ok
06:58:31.0044 1228 [ 462AEE0EA0481EA8BD45CAC876A4CCC4 ] sfhlp01 C:\windows\system32\drivers\sfhlp01.sys
06:58:31.0064 1228 sfhlp01 - ok
06:58:31.0094 1228 [ 64B9AB76F1B16EB059CB6CDD906C067A ] sfhlp02 C:\windows\system32\drivers\sfhlp02.sys
06:58:31.0124 1228 sfhlp02 - ok
06:58:31.0144 1228 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\windows\system32\drivers\Sfloppy.sys
06:58:31.0144 1228 Sfloppy - ok
06:58:31.0184 1228 [ 798D918D8F20380008277CE3CE5319D1 ] sfsync02 C:\windows\system32\drivers\sfsync02.sys
06:58:31.0204 1228 sfsync02 - ok
06:58:31.0284 1228 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\windows\System32\ipnathlp.dll
06:58:31.0304 1228 SharedAccess - ok
06:58:31.0344 1228 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\windows\System32\shsvcs.dll
06:58:31.0354 1228 ShellHWDetection - ok
06:58:31.0374 1228 Simbad - ok
06:58:31.0404 1228 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\windows\system32\DRIVERS\SLIP.sys
06:58:31.0404 1228 SLIP - ok
06:58:31.0474 1228 [ A2E9CAEF31863CAB5486267A65FE322C ] snpstd C:\windows\system32\DRIVERS\snpstd.sys
06:58:31.0524 1228 snpstd - ok
06:58:31.0545 1228 Sparrow - ok
06:58:31.0585 1228 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\windows\system32\drivers\splitter.sys
06:58:31.0585 1228 splitter - ok
06:58:31.0635 1228 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\windows\system32\spoolsv.exe
06:58:31.0665 1228 Spooler - ok
06:58:31.0695 1228 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\windows\system32\DRIVERS\sr.sys
06:58:31.0705 1228 sr - ok
06:58:31.0765 1228 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll
06:58:31.0785 1228 srservice - ok
06:58:31.0845 1228 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\windows\system32\DRIVERS\srv.sys
06:58:31.0865 1228 Srv - ok
06:58:31.0925 1228 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
06:58:31.0935 1228 SSDPSRV - ok
06:58:31.0985 1228 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\windows\system32\DRIVERS\serscan.sys
06:58:32.0005 1228 StillCam - ok
06:58:32.0075 1228 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\windows\system32\wiaservc.dll
06:58:32.0105 1228 stisvc - ok
06:58:32.0145 1228 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\windows\system32\DRIVERS\StreamIP.sys
06:58:32.0145 1228 streamip - ok
06:58:32.0175 1228 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\windows\system32\DRIVERS\swenum.sys
06:58:32.0185 1228 swenum - ok
06:58:32.0205 1228 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\windows\system32\drivers\swmidi.sys
06:58:32.0225 1228 swmidi - ok
06:58:32.0236 1228 SwPrv - ok
06:58:32.0266 1228 symc810 - ok
06:58:32.0286 1228 symc8xx - ok
06:58:32.0296 1228 sym_hi - ok
06:58:32.0316 1228 sym_u3 - ok
06:58:32.0366 1228 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\windows\system32\drivers\sysaudio.sys
06:58:32.0376 1228 sysaudio - ok
06:58:32.0426 1228 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\windows\system32\smlogsvc.exe
06:58:32.0426 1228 SysmonLog - ok
06:58:32.0476 1228 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\windows\System32\tapisrv.dll
06:58:32.0496 1228 TapiSrv - ok
06:58:32.0556 1228 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\windows\system32\DRIVERS\tcpip.sys
06:58:32.0586 1228 Tcpip - ok
06:58:32.0636 1228 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\windows\system32\drivers\TDPIPE.sys
06:58:32.0636 1228 TDPIPE - ok
06:58:32.0656 1228 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\windows\system32\drivers\TDTCP.sys
06:58:32.0666 1228 TDTCP - ok
06:58:32.0716 1228 [ 88155247177638048422893737429D9E ] TermDD C:\windows\system32\DRIVERS\termdd.sys
06:58:32.0716 1228 TermDD - ok
06:58:32.0786 1228 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\windows\System32\termsrv.dll
06:58:32.0806 1228 TermService - ok
06:58:32.0846 1228 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\windows\System32\shsvcs.dll
06:58:32.0856 1228 Themes - ok
06:58:32.0886 1228 TosIde - ok
06:58:32.0916 1228 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\windows\system32\trkwks.dll
06:58:32.0927 1228 TrkWks - ok
06:58:32.0977 1228 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\windows\system32\drivers\Udfs.sys
06:58:32.0987 1228 Udfs - ok
06:58:32.0997 1228 ultra - ok
06:58:33.0067 1228 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\windows\system32\DRIVERS\update.sys
06:58:33.0097 1228 Update - ok
06:58:33.0127 1228 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\windows\System32\upnphost.dll
06:58:33.0147 1228 upnphost - ok
06:58:33.0167 1228 upperdev - ok
06:58:33.0197 1228 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\windows\System32\ups.exe
06:58:33.0207 1228 UPS - ok
06:58:33.0237 1228 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\windows\system32\drivers\usbaudio.sys
06:58:33.0247 1228 usbaudio - ok
06:58:33.0287 1228 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
06:58:33.0297 1228 usbccgp - ok
06:58:33.0327 1228 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
06:58:33.0337 1228 usbhub - ok
06:58:33.0367 1228 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\windows\system32\DRIVERS\usbohci.sys
06:58:33.0367 1228 usbohci - ok
06:58:33.0387 1228 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
06:58:33.0387 1228 usbprint - ok
06:58:33.0407 1228 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
06:58:33.0417 1228 usbscan - ok
06:58:33.0437 1228 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
06:58:33.0437 1228 USBSTOR - ok
06:58:33.0467 1228 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
06:58:33.0467 1228 usbuhci - ok
06:58:33.0497 1228 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\windows\System32\drivers\vga.sys
06:58:33.0497 1228 VgaSave - ok
06:58:33.0537 1228 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\windows\system32\DRIVERS\viaagp.sys
06:58:33.0547 1228 viaagp - ok
06:58:33.0587 1228 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\windows\system32\DRIVERS\viaide.sys
06:58:33.0597 1228 ViaIde - ok
06:58:33.0638 1228 [ D956827780A0B7EAE97930116E5649F7 ] VIAPFD C:\windows\System32\Drivers\VIAPFD.SYS
06:58:33.0658 1228 VIAPFD - ok
06:58:33.0708 1228 [ 2EB851C1BF81C62DDEF8912740EBC906 ] VIAudio C:\windows\system32\drivers\viaudio.sys
06:58:33.0728 1228 VIAudio - ok
06:58:33.0808 1228 [ 303F1100F686453DE134FE9DEBB431FC ] vmfilter323 C:\windows\system32\drivers\vmfilter323.sys
06:58:33.0828 1228 vmfilter323 - ok
06:58:33.0878 1228 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\windows\system32\drivers\VolSnap.sys
06:58:33.0878 1228 VolSnap - ok
06:58:33.0938 1228 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\windows\System32\vssvc.exe
06:58:33.0958 1228 VSS - ok
06:58:34.0008 1228 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\System32\w32time.dll
06:58:34.0018 1228 W32Time - ok
06:58:34.0048 1228 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\windows\system32\DRIVERS\wanarp.sys
06:58:34.0058 1228 Wanarp - ok
06:58:34.0118 1228 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\windows\system32\Drivers\wdf01000.sys
06:58:34.0178 1228 Wdf01000 - ok
06:58:34.0198 1228 WDICA - ok
06:58:34.0248 1228 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\windows\system32\drivers\wdmaud.sys
06:58:34.0288 1228 wdmaud - ok
06:58:34.0379 1228 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\windows\System32\webclnt.dll
06:58:34.0389 1228 WebClient - ok
06:58:34.0479 1228 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\windows\system32\wbem\WMIsvc.dll
06:58:34.0499 1228 winmgmt - ok
06:58:34.0649 1228 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\windows\system32\WsmSvc.dll
06:58:34.0759 1228 WinRM - ok
06:58:34.0839 1228 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
06:58:34.0839 1228 WmdmPmSN - ok
06:58:34.0909 1228 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
06:58:34.0909 1228 WmiApSrv - ok
06:58:35.0020 1228 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
06:58:35.0070 1228 WMPNetworkSvc - ok
06:58:35.0130 1228 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\windows\system32\DRIVERS\wpdusb.sys
06:58:35.0140 1228 WpdUsb - ok
06:58:35.0190 1228 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\windows\System32\drivers\ws2ifsl.sys
06:58:35.0190 1228 WS2IFSL - ok
06:58:35.0240 1228 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\windows\system32\wscsvc.dll
06:58:35.0250 1228 wscsvc - ok
06:58:35.0270 1228 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\windows\system32\DRIVERS\WSTCODEC.SYS
06:58:35.0280 1228 WSTCODEC - ok
06:58:35.0300 1228 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\windows\system32\wuauserv.dll
06:58:35.0450 1228 wuauserv - ok
06:58:35.0510 1228 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\windows\system32\DRIVERS\WudfPf.sys
06:58:35.0510 1228 WudfPf - ok
06:58:35.0540 1228 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\windows\System32\WUDFSvc.dll
06:58:35.0550 1228 WudfSvc - ok
06:58:35.0600 1228 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\windows\System32\wzcsvc.dll
06:58:35.0650 1228 WZCSVC - ok
06:58:35.0700 1228 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\windows\System32\xmlprov.dll
06:58:35.0861 1228 xmlprov - ok
06:58:35.0911 1228 [ EA1ECC8EC7602A29CCA4E2E47663F8CB ] ZSMC326 C:\windows\system32\Drivers\usbvm323.sys
06:58:35.0921 1228 ZSMC326 - ok
06:58:35.0961 1228 ================ Scan global ===============================
06:58:36.0001 1228 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\windows\system32\basesrv.dll
06:58:36.0051 1228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\windows\system32\winsrv.dll
06:58:36.0091 1228 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\windows\system32\winsrv.dll
06:58:36.0131 1228 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\windows\system32\services.exe
06:58:36.0141 1228 [Global] - ok
06:58:36.0141 1228 ================ Scan MBR ==================================
06:58:36.0161 1228 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
06:58:36.0402 1228 \Device\Harddisk0\DR0 - ok
06:58:36.0412 1228 ================ Scan VBR ==================================
06:58:36.0422 1228 [ AA51DC4B5A25AC6F1E1D7DE4F1B7DF7D ] \Device\Harddisk0\DR0\Partition1
06:58:36.0422 1228 \Device\Harddisk0\DR0\Partition1 - ok
06:58:36.0432 1228 ============================================================
06:58:36.0432 1228 Scan finished
06:58:36.0432 1228 ============================================================


-0++++++++++++++++++++++++++++++++++++++++6

Log

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-21 07:43:22
-----------------------------
07:43:22.103 OS Version: Windows 5.1.2600 Service Pack 3
07:43:22.103 Number of processors: 1 586 0x602
07:43:22.103 ComputerName: BLANDIES UserName: Jackson
07:43:24.236 Initialize success
07:43:25.498 AVAST engine defs: 12092001
07:43:49.493 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
07:43:49.493 Disk 0 Vendor: ST380021A 3.19 Size: 76319MB BusType: 3
07:43:49.513 Disk 0 MBR read successfully
07:43:49.513 Disk 0 MBR scan
07:43:49.533 Disk 0 Windows XP default MBR code
07:43:49.543 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
07:43:49.553 Disk 0 scanning sectors +156280320
07:43:49.703 Disk 0 scanning C:\windows\system32\drivers
07:44:23.442 Service scanning
07:44:44.542 Modules scanning
07:45:14.285 Disk 0 trace - called modules:
07:45:14.315 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll prosync1.sys sfsync02.sys atapi.sys viaide.sys PCIIDEX.SYS
07:45:14.315 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x833d7ab8]
07:45:14.325 3 CLASSPNP.SYS[f87f6fd7] -> nt!IofCallDriver -> \Device\0000006c[0x83395190]
07:45:14.325 5 ACPI.sys[f876d620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x833da940]
07:45:14.325 \Driver\atapi[0x83395518] -> IRP_MJ_INTERNAL_DEVICE_CONTROL -> prosync1.sys[0xf8cbe6c1]
07:45:14.805 AVAST engine scan C:\
09:08:51.068 Scan finished successfully
09:12:41.710 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Jackson\My Documents\Council Letters\MBR.dat"
09:12:41.870 The log file has been saved successfully to "C:\Documents and Settings\Jackson\My Documents\Council Letters\aswMBR.txt"


Esset File

C:\Documents and Settings\Jackson\My Documents\Downloads\comodo-system-cleaner-s32-downloader.exe a variant of Win32/Soft32Downloader.A application cleaned by deleting - quarantined
C:\Documents and Settings\Jackson\My Documents\Downloads\radarsync.exe a variant of Win32/InstallCore.W application cleaned by deleting - quarantined
C:\Documents and Settings\Jackson\My Documents\Downloads\SoftonicDownloader_for_comodo-cleaning-essentials.exe a variant of Win32/SoftonicDownloader.E applicationcleaned by deleting - quarantined
C:\Documents and Settings\Jackson\My Documents\Downloads\speedupmypc3plc.exe Win32/SpeedUpMyPC application cleaned by deleting - quarantined
C:\Documents and Settings\Jackson\My Documents\Downloads\vlcmediaplayer-setup.exe Win32/DownloadAdmin.A.Gen application cleaned by deleting - quarantined

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 21 September 2012 - 08:50 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#5 leedsfan2

leedsfan2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 23 September 2012 - 01:23 AM

Again thanks for the help, info as requested:-



Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.22.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Jackson :: BLANDIES [administrator]

9/22/2012 19:19:29
mbam-log-2012-09-22 (19-19-29).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 277534
Time elapsed: 2 hour(s), 9 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)


MiniToolBox by Farbar Version: 23-07-2012
Ran by Jackson (administrator) on 23-09-2012 at 06:40:57
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP Configuration Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 13101 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================



# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "anjaigels"

set address name="anjaigels" source=dhcp
set dns name="anjaigels" source=dhcp register=PRIMARY
set wins name="anjaigels" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : Blandies Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Mixed IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : Home Ethernet adapter anjaigels: Connection-specific DNS Suffix . : Home Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC Physical Address. . . . . . . . . : 00-C0-DF-11-E4-07 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 192.168.0.2 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.0.1 DHCP Server . . . . . . . . . . . : 192.168.0.1 DNS Servers . . . . . . . . . . . : 192.168.0.1 Lease Obtained. . . . . . . . . . : 23 September 2012 06:31:27 Lease Expires . . . . . . . . . . : 24 September 2012 06:31:27 Server: SkyRouter.Home
Address: 192.168.0.1

Name: google.com
Addresses: 173.194.34.136, 173.194.34.137, 173.194.34.142, 173.194.34.128
173.194.34.129, 173.194.34.130, 173.194.34.131, 173.194.34.132, 173.194.34.133
173.194.34.134, 173.194.34.135

Pinging google.com [173.194.34.135] with 32 bytes of data: Reply from 173.194.34.135: bytes=32 time=24ms TTL=57 Reply from 173.194.34.135: bytes=32 time=23ms TTL=57 Ping statistics for 173.194.34.135: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 23ms, Maximum = 24ms, Average = 23ms Server: SkyRouter.Home
Address: 192.168.0.1

Name: yahoo.com
Addresses: 72.30.38.140, 98.138.253.109, 98.139.183.24

Pinging yahoo.com [72.30.38.140] with 32 bytes of data: Reply from 72.30.38.140: bytes=32 time=268ms TTL=54 Reply from 72.30.38.140: bytes=32 time=193ms TTL=54 Ping statistics for 72.30.38.140: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 193ms, Maximum = 268ms, Average = 230ms Server: SkyRouter.Home
Address: 192.168.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data: Reply from 208.43.87.2: Destination host unreachable. Reply from 208.43.87.2: Destination host unreachable. Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms Pinging 127.0.0.1 with 32 bytes of data: Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms ===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 c0 df 11 e4 07 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.2 192.168.0.2 20
192.168.0.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.2 192.168.0.2 20
224.0.0.0 240.0.0.0 192.168.0.2 192.168.0.2 20
255.255.255.255 255.255.255.255 192.168.0.2 192.168.0.2 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\wshbth.dll [108032] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/19/2012 11:43:54 AM) (Source: MsiInstaller) (User: BLANDIES)BLANDIES
Description: Product: Nokia Ovi Player -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.

Error: (09/17/2012 04:50:05 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 21.0.1180.89, faulting module datamngr.dll, version 1.0.0.1, fault address 0x0006bfaa.
Processing media-specific event for [chrome.exe!ws!]

Error: (09/17/2012 04:48:07 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 21.0.1180.89, faulting module datamngr.dll, version 1.0.0.1, fault address 0x0006bfaa.
Processing media-specific event for [chrome.exe!ws!]

Error: (07/30/2012 02:01:51 PM) (Source: Application Error) (User: )
Description: Faulting application rundll32.exe, version 5.1.2600.5512, faulting module , version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [rundll32.exe!ws!]

Error: (06/13/2012 04:04:10 PM) (Source: Windows Product Activation) (User: )
Description: Due to hardware changes on this computer, you will need to reactivate your Windows product.

Error: (05/13/2012 10:46:35 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/13/2012 10:46:34 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/09/2012 01:39:56 PM) (Source: Application Error) (User: )
Description: Faulting application chrome.exe, version 0.0.0.0, faulting module chrome.dll, version 2.0.172.33, fault address 0x001e4c23.
Processing media-specific event for [chrome.exe!ws!]


System errors:
=============
Error: (09/23/2012 06:44:36 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:35 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:34 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:34 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:33 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:32 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:32 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:31 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:31 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}

Error: (09/23/2012 06:44:30 AM) (Source: DCOM) (User: BLANDIES)
Description: DCOM got error "%%1058" attempting to start the service netman with arguments ""
in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}


Microsoft Office Sessions:
=========================
Error: (09/19/2012 11:43:54 AM) (Source: MsiInstaller)(User: BLANDIES)BLANDIES
Description: Product: Nokia Ovi Player -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.(NULL)(NULL)(NULL)

Error: (09/17/2012 04:50:05 PM) (Source: Application Error)(User: )
Description: chrome.exe21.0.1180.89datamngr.dll1.0.0.10006bfaa

Error: (09/17/2012 04:48:07 PM) (Source: Application Error)(User: )
Description: chrome.exe21.0.1180.89datamngr.dll1.0.0.10006bfaa

Error: (07/30/2012 02:01:51 PM) (Source: Application Error)(User: )
Description: rundll32.exe5.1.2600.55120.0.0.000000000

Error: (06/13/2012 04:04:10 PM) (Source: Windows Product Activation)(User: )
Description:

Error: (05/13/2012 10:46:35 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/13/2012 10:46:34 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (05/09/2012 01:39:56 PM) (Source: Application Error)(User: )
Description: chrome.exe0.0.0.0chrome.dll2.0.172.33001e4c23


=========================== Installed Programs ============================

AC3Filter (remove only)
Acrobat.com (Version: 2.1.0)
Acrobat.com (Version: 2.1.0.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Reader 8.1.2 (Version: 8.1.2)
Adobe Reader X (10.1.4) (Version: 10.1.4)
AMD APP SDK Runtime (Version: 2.5.793.1)
AMD Catalyst Install Manager (Version: 3.0.851.0)
ATI Catalyst Control Center (Version: 1.2.2314.20337)
ATI Display Driver (Version: 8.252-060503a-038185C-ATI)
avast! Free Antivirus (Version: 7.0.1466.0)
CCleaner (Version: 3.20)
CPUID HWMonitor 1.19
Digital Clock Screen Saver (Version: v1.01)
DivX Converter (Version: 7.1.0)
DivX Plus DirectShow Filters
DivX Setup (Version: 2.6.1.5)
EAX4 Unified Redist (Version: 4.001)
ESET Online Scanner v3
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
Google Chrome (Version: 21.0.1180.89)
Google Earth (Version: 6.2.2.6613)
Google Gears (Version: 0.4.24.0)
Google Update Helper (Version: 1.3.21.123)
Intel® 536EP Modem
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 30 (Version: 6.0.300)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Standard Edition 2003 (Version: 11.0.8173.0)
Microsoft User-Mode Driver Framework Feature Pack 1.7
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
MS Access 97 SP2
MSVC80_x86 (Version: 1.0.1.0)
MSVC80_x86_v2 (Version: 1.0.3.0)
MSVC90_x86 (Version: 1.0.1.2)
MSXML 4.0 (Version: 4.20.9818.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML4 Parser (Version: 1.0.0)
Multi-Direction Opitcal Mouse 2.0
NewFreeScreensaver nfsCarbonDigitalMetal2
Nokia Connectivity Cable Driver (Version: 7.1.23.0)
Nokia_Multimedia_Common_Components_2_5 (Version: 2.6.86)
OpenOffice.org Installer 1.0 (Version: 1.0.9221)
PC Connectivity Solution (Version: 9.45.0.0)
PowerDVD
Revo Uninstaller 1.94 (Version: 1.94)
RPS CRT (Version: 8.0.28)
Samsung PC Studio 3 USB Driver Installer (Version: 1.00.0000)
Samsung Samples Installer (Version: 1.00.0000)
Senior Word Games
Serif MediaPlus 1.0 (Version: 1.0)
Serif PagePlus 10.0 Resource CD-ROM (Version: 10.0)
Serif PhotoPlus 9.0 (Version: 9.00)
Spybot - Search & Destroy (Version: 1.6.2)
Star Wars® Knights of the Old Republic® II: The Sith Lords™ (Version: 1.00.0000)
SUPERAntiSpyware (Version: 5.0.1148)
swMSM (Version: 12.0.0.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB975364) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 8.0 ATL (x86) WinSXS MSM (Version: 8.0.50727.762)
Visual C++ 8.0 CRT (x86) WinSXS MSM (Version: 8.0.50727.762)
WebFldrs XP (Version: 9.50.5318)
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0) (Version: 08/22/2008 7.0.0.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
Works Suite OS Pack (Version: 1.0.0.0000)
Works Synchronization (Version: 1.0.0.0000)

========================= Memory info: ===================================

Percentage of memory in use: 81%
Total physical RAM: 511.49 MB
Available physical RAM: 96.33 MB
Total Pagefile: 1247.52 MB
Available Pagefile: 862.68 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.3 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:74.52 GB) (Free:50.35 GB) NTFS

========================= Users: ========================================

User accounts for \\BLANDIES

Administrator Guest HelpAssistant
Jackson SUPPORT_388945a0


**** End of log ****

(end)



Farbar Service Scanner Version: 19-09-2012
Ran by Jackson (administrator) on 23-09-2012 at 06:48:23
Running from "C:\Documents and Settings\Jackson\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.

netman Service is not running. Checking service configuration:
The start type of netman service is set to Disabled. The default start type is 3.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is set to Demand. The default start type is Auto.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\windows\system32\dhcpcsvc.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\netbt.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\Drivers\ipsec.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\netman.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\srsvc.dll => MD5 is legit
C:\windows\system32\Drivers\sr.sys => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuauserv.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(14) Avgfwfd(13) Gpc(3) IPSec(5) NetBT(6) PSched(7) RFCOMM(11) Tcpip(4)
0x0F00000005000000010000000200000003000000040000000E000000060000000700000008000000090000000A0000000B0000000C0000000D0000000F000000
IpSec Tag value is correct.

**** End of log ****


# AdwCleaner v2.002 - Logfile created 09/23/2012 at 07:00:03
# Updated 16/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Jackson - BLANDIES
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Jackson\My Documents\Downloads\adwcleaner(3).exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\doshrgzy.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
File Deleted : C:\user.js
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\Conduit
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\ConduitCommon
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\CT2438727
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\CT3018509
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\extensions\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f}
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}(2)
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\doshrgzy.default\Conduit
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\doshrgzy.default\CT2438727
Folder Deleted : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\doshrgzy.default\SweetIMToolbarData
Folder Deleted : C:\Documents and Settings\Jackson\Local Settings\Application Data\Wajam
Folder Deleted : C:\Program Files\FantastiGames Toolbar
Folder Deleted : C:\Program Files\uTorrentBar

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\MarketPrecision
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\uTorrentBar
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{439419E9-1C54-4525-8B62-F56C6485A54D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4D6E87A-1005-415E-A52A-A9B6575321E7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A97B89CD-B65C-49DD-AF46-2B772C627456}
Key Deleted : HKLM\Software\OpenCandy
Key Deleted : HKLM\Software\uTorrentBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=113480&tt=3112_4&babsrc=HP_ss&mntrId=649d80b800000000000000c0df11e407 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=113480&tt=3112_4&babsrc=NT_ss&mntrId=649d80b800000000000000c0df11e407 --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\doshrgzy.default\prefs.js

C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\doshrgzy.default\user.js ... Deleted !

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Profile name : Default User [Profil par défaut]
File : C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\prefs.js

C:\Documents and Settings\Jackson\Application Data\Mozilla\Firefox\Profiles\0w9478zt.Default User\user.js ... Deleted !

Deleted : user_pref("CT2438727..clientLogIsEnabled", true);
Deleted : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2438727.AppTrackingLastCheckTime", "Wed Dec 21 2011 21:18:09 GMT+0000 (GMT Standard Tim[...]
Deleted : user_pref("CT2438727.CTID", "CT2438727");
Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Deleted : user_pref("CT2438727.CurrentServerDate", "22-1-2012");
Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2438727.DialogsGetterLastCheckTime", "Sun Jan 22 2012 07:19:23 GMT+0000 (GMT Standard T[...]
Deleted : user_pref("CT2438727.DownloadReferralCookieData", "");
Deleted : user_pref("CT2438727.FirstServerDate", "31-8-2010");
Deleted : user_pref("CT2438727.FirstTime", true);
Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2438727.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2438727.GroupingInvalidateCache", false);
Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0");
Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2438727.HasUserGlobalKeys", true);
Deleted : user_pref("CT2438727.HomePageProtectorEnabled", false);
Deleted : user_pref("CT2438727.Initialize", true);
Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2438727.InstalledDate", "Tue Aug 31 2010 00:07:38 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2438727.InvalidateCache", false);
Deleted : user_pref("CT2438727.IsAlertDBUpdated", true);
Deleted : user_pref("CT2438727.IsGrouping", false);
Deleted : user_pref("CT2438727.IsMulticommunity", false);
Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Sun Jan 22 2012 07:19:22 GMT+0000 (GMT Standard Ti[...]
Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Mon Apr 25 2011 06:54:38 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2438727.LastLogin_3.5.0.12", "Thu Aug 11 2011 22:50:32 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT2438727.LastLogin_3.8.1.0", "Wed Dec 21 2011 20:54:54 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("CT2438727.LastLogin_3.9.0.3", "Sun Jan 22 2012 07:19:22 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("CT2438727.LatestVersion", "3.9.0.3");
Deleted : user_pref("CT2438727.Locale", "en");
Deleted : user_pref("CT2438727.LoginCache", 4);
Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2438727.MyStuffEnabledAtInstallation", false);
Deleted : user_pref("CT2438727.RadioLastCheckTime", "0");
Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0");
Deleted : user_pref("CT2438727.SearchBoxWidth", 130);
Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2438727.SearchEngineBeforeUnload", "Google");
Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sun Jan 22 2012 07:19:18 GMT+0000 (GMT Standard [...]
Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Deleted : user_pref("CT2438727.SearchProtectorEnabled", false);
Deleted : user_pref("CT2438727.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT2438727.ServiceMapLastCheckTime", "Sun Jan 22 2012 07:19:18 GMT+0000 (GMT Standard Time[...]
Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Sun Jan 22 2012 07:19:16 GMT+0000 (GMT Standard Time)"[...]
Deleted : user_pref("CT2438727.SettingsLastUpdate", "1326723880");
Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Sun Jan 22 2012 07:19:16 GMT+0000 (GMT Standar[...]
Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT2438727.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Deleted : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT2438727.Uninstall", true);
Deleted : user_pref("CT2438727.UserID", "UN19017968481436211");
Deleted : user_pref("CT2438727.ValidationData_Search", 2);
Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2438727.alertChannelId", "832836");
Deleted : user_pref("CT2438727.backendstorage.currentgame", "7A796E6761");
Deleted : user_pref("CT2438727.clientLogIsEnabled", true);
Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Sun Jan 22 2012 07:19:20 GMT+0000 (GMT Stan[...]
Deleted : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT2438727.initDone", true);
Deleted : user_pref("CT2438727.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2438727.myStuffEnabled", true);
Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2438727.oldAppsList", "129017707048431316,129017707048587567,111,129509324767711885,129[...]
Deleted : user_pref("CT2438727.revertSettingsEnabled", true);
Deleted : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT2438727.testingCtid", "");
Deleted : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Sun Jan 22 2012 07:19:20 GMT+0000 (GMT Stand[...]
Deleted : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Sun Jan 22 2012 07:19:20 GMT+0000 (GMT Stand[...]
Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2438727.usagesFlag", 2);
Deleted : user_pref("CT3018509..clientLogIsEnabled", true);
Deleted : user_pref("CT3018509..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3018509..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3018509.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Deleted : user_pref("CT3018509.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3018509.BrowserCompStateIsOpen_129683388555092712", true);
Deleted : user_pref("CT3018509.BrowserCompStateIsOpen_129774349446762757", true);
Deleted : user_pref("CT3018509.CT3018509", "CT3018509");
Deleted : user_pref("CT3018509.CurrentServerDate", "23-9-2012");
Deleted : user_pref("CT3018509.DSInstall", false);
Deleted : user_pref("CT3018509.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3018509.DialogsGetterLastCheckTime", "Thu Sep 20 2012 12:35:50 GMT+0100 (GMT Daylight T[...]
Deleted : user_pref("CT3018509.DownloadReferralCookieData", "");
Deleted : user_pref("CT3018509.ExternalComponentPollDate129510405198305199", "Wed Apr 18 2012 22:02:23 GMT+010[...]
Deleted : user_pref("CT3018509.ExternalComponentPollDate129510405203040747", "Wed Apr 18 2012 22:02:23 GMT+010[...]
Deleted : user_pref("CT3018509.FirstServerDate", "19-3-2012");
Deleted : user_pref("CT3018509.FirstTime", true);
Deleted : user_pref("CT3018509.FirstTimeFF3", true);
Deleted : user_pref("CT3018509.FixPageNotFoundErrors", false);
Deleted : user_pref("CT3018509.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3018509.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3018509.HPInstall", false);
Deleted : user_pref("CT3018509.HasUserGlobalKeys", true);
Deleted : user_pref("CT3018509.HomePageProtectorEnabled", false);
Deleted : user_pref("CT3018509.HomepageBeforeUnload", "hxxp://www.google.co.uk/");
Deleted : user_pref("CT3018509.Initialize", true);
Deleted : user_pref("CT3018509.InitializeCommonPrefs", true);
Deleted : user_pref("CT3018509.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT3018509.InstallationType", "Unknown");
Deleted : user_pref("CT3018509.InstalledDate", "Mon Mar 19 2012 12:42:46 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("CT3018509.InvalidateCache", false);
Deleted : user_pref("CT3018509.IsAlertDBUpdated", true);
Deleted : user_pref("CT3018509.IsGrouping", false);
Deleted : user_pref("CT3018509.IsInitSetupIni", true);
Deleted : user_pref("CT3018509.IsMulticommunity", false);
Deleted : user_pref("CT3018509.IsOpenThankYouPage", true);
Deleted : user_pref("CT3018509.IsOpenUninstallPage", true);
Deleted : user_pref("CT3018509.IsProtectorsInit", true);
Deleted : user_pref("CT3018509.LanguagePackLastCheckTime", "Sat Sep 22 2012 13:05:24 GMT+0100 (GMT Daylight Ti[...]
Deleted : user_pref("CT3018509.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3018509.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3018509.LastLogin_3.10.0.1", "Mon Mar 19 2012 17:24:48 GMT+0000 (GMT Standard Time)");
Deleted : user_pref("CT3018509.LastLogin_3.12.0.7", "Mon Apr 30 2012 16:17:47 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3018509.LastLogin_3.12.2.3", "Wed May 30 2012 09:19:02 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3018509.LastLogin_3.13.0.6", "Tue Jul 17 2012 09:56:12 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3018509.LastLogin_3.14.1.0", "Tue Aug 21 2012 15:12:13 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3018509.LastLogin_3.15.1.0", "Sun Sep 23 2012 06:37:24 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3018509.LatestVersion", "3.15.1.0");
Deleted : user_pref("CT3018509.Locale", "en-us");
Deleted : user_pref("CT3018509.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3018509.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3018509.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3018509.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3018509.OriginalFirstVersion", "3.10.0.1");
Deleted : user_pref("CT3018509.RadioIsPodcast", false);
Deleted : user_pref("CT3018509.RadioLastCheckTime", "Wed Apr 18 2012 22:02:24 GMT+0100 (GMT Daylight Time)");
Deleted : user_pref("CT3018509.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3018509.RadioLastUpdateServer", "3");
Deleted : user_pref("CT3018509.RadioMediaID", "9962");
Deleted : user_pref("CT3018509.RadioMediaType", "Media Player");
Deleted : user_pref("CT3018509.RadioMenuSelectedID", "EBRadioMenu_CT30185099962");
Deleted : user_pref("CT3018509.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3018509.RadioStationName", "California%20Rock");
Deleted : user_pref("CT3018509.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT3018509.SearchCaption", "Game Master 2.1 Customized Web Search");
Deleted : user_pref("CT3018509.SearchEngineBeforeUnload", "AVG Secure Search");
Deleted : user_pref("CT3018509.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3018509.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT301[...]
Deleted : user_pref("CT3018509.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3018509.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3018509.SearchInNewTabLastCheckTime", "Sat Sep 22 2012 13:04:57 GMT+0100 (GMT Daylight [...]
Deleted : user_pref("CT3018509.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3018509.SearchInNewTabUserEnabled", false);
Deleted : user_pref("CT3018509.SearchProtectorEnabled", false);
Deleted : user_pref("CT3018509.SearchProtectorToolbarDisabled", false);
Deleted : user_pref("CT3018509.SendProtectorDataViaLogin", true);
Deleted : user_pref("CT3018509.ServiceMapLastCheckTime", "Sat Sep 22 2012 13:05:19 GMT+0100 (GMT Daylight Time[...]
Deleted : user_pref("CT3018509.SettingsLastCheckTime", "Sun Sep 23 2012 06:37:04 GMT+0100 (GMT Daylight Time)"[...]
Deleted : user_pref("CT3018509.SettingsLastUpdate", "1347287073");
Deleted : user_pref("CT3018509.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3018509&SearchSource=13");
Deleted : user_pref("CT3018509.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3018509.ThirdPartyComponentsLastCheck", "Mon Mar 19 2012 12:42:42 GMT+0000 (GMT Standar[...]
Deleted : user_pref("CT3018509.ThirdPartyComponentsLastUpdate", "1312887586");
Deleted : user_pref("CT3018509.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3018509.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3018509");
Deleted : user_pref("CT3018509.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3018509.UserID", "UN90395780877432178");
Deleted : user_pref("CT3018509.ValidationData_Toolbar", 2);
Deleted : user_pref("CT3018509.alertChannelId", "1410096");
Deleted : user_pref("CT3018509.backendstorage.cbfirsttime", "4D6F6E204D617220313920323031322031323A34323A35342[...]
Deleted : user_pref("CT3018509.backendstorage.shoppingapp.gk.exipres", "4D6F6E2041707220323320323031322032323A[...]
Deleted : user_pref("CT3018509.backendstorage.shoppingapp.gk.geolocation", "756E69746564206B696E67646F6D");
Deleted : user_pref("CT3018509.backendstorage.url_history0001", "687474703A2F2F7777772E676F6F676C652E636F2E756[...]
Deleted : user_pref("CT3018509.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3018509.globalFirstTimeInfoLastCheckTime", "Mon Mar 19 2012 12:42:44 GMT+0000 (GMT Stan[...]
Deleted : user_pref("CT3018509.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3018509.initDone", true);
Deleted : user_pref("CT3018509.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3018509.isFirstRadioInstallation", false);
Deleted : user_pref("CT3018509.myStuffEnabled", true);
Deleted : user_pref("CT3018509.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3018509.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3018509.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3018509.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3018509.navigateToUrlOnSearch", false);
Deleted : user_pref("CT3018509.revertSettingsEnabled", true);
Deleted : user_pref("CT3018509.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3018509.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3018509.testingCtid", "");
Deleted : user_pref("CT3018509.toolbarAppMetaDataLastCheckTime", "Sat Sep 22 2012 13:05:19 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CT3018509.toolbarContextMenuLastCheckTime", "Mon Mar 19 2012 12:42:47 GMT+0000 (GMT Stand[...]
Deleted : user_pref("CT3018509.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT3018509/CT3018509[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/UK", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1410096/1405754/UK", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3018509", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2786678",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3018509",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/7/176/CT1764407/Images/63421989998628125[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/images/skins/zynga/seperator.gif", "\"46[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"15c[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Jackson\\Applicati[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.0.7");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://listen.grooveshark.com/ ", "222x92");
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://oryte.com/content/games/mario/marioplayer[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://listen.grooveshark.com/ ", "800x598");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?sourceid=na[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT3018509");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT3018509");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3018509");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Apr 25 2011 06:54:48 GMT+0100 (GMT D[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Apr 25 2011 06:54:34 GMT+0100 (GMT Dayli[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{04f4d40e-bc65-4b9f-8700-b1e7e3ee918b}");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Mar 08 2012 15:18:55 GMT+0000 (GMT[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "794818c4-f61f-410d-8fef-7aced3c9e7e7");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2786678");
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Apr 18 2012 22:02:2[...]
Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Apr 18 2012 22:02:33 GMT+010[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Apr 18 2012 22:02:24 GMT+0100 (G[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "73648e94-0533-4ec3-9ba1-c050cd01751d");
Deleted : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.co.uk/");
Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Yahoo");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15551");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://www.google.com/search?babsrc=TB_ggl&q=");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=3112_4");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.110:49:17");
Deleted : user_pref("extensions.IObitBar.openSearchURL", "hxxp://results.myway.com/opensearch.jhtml?id=YH&ptb=[...]

Profile name : default
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\805m9emw.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Jackson\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [32852 octets] - [23/09/2012 06:59:20]
AdwCleaner[S4].txt - [33729 octets] - [23/09/2012 07:00:03]

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 23 September 2012 - 06:44 AM

Download

Windows repair tool

Extract and launch the Repair_Windows.exe file

Click on Start repairs tab-click on Start

check mark following options alone

Reset registry permissions
reset file permissions
Repair WMI
Repair Windows Firewall.
Remove Policies Set By Infections
Repair Winsock & DNS Cache


Checkmark Restart System When Finished option
click the Start button

System should restart after repair


Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#7 leedsfan2

leedsfan2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 23 September 2012 - 08:04 AM

Hope this is ok:-


Farbar Service Scanner Version: 19-09-2012
Ran by Jackson (administrator) on 23-09-2012 at 13:50:16
Running from "C:\Documents and Settings\Jackson\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is OK.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.

netman Service is not running. Checking service configuration:
The start type of netman service is set to Disabled. The default start type is 3.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============
cryptsvc Service is not running. Checking service configuration:
The start type of cryptsvc service is set to Demand. The default start type is Auto.
The ImagePath of cryptsvc service is OK.
The ServiceDll of cryptsvc service is OK.


Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\windows\system32\dhcpcsvc.dll => MD5 is legit
C:\windows\system32\Drivers\afd.sys => MD5 is legit
C:\windows\system32\Drivers\netbt.sys => MD5 is legit
C:\windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\windows\system32\Drivers\ipsec.sys => MD5 is legit
C:\windows\system32\dnsrslvr.dll => MD5 is legit
C:\windows\system32\ipnathlp.dll => MD5 is legit
C:\windows\system32\netman.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\srsvc.dll => MD5 is legit
C:\windows\system32\Drivers\sr.sys => MD5 is legit
C:\windows\system32\wscsvc.dll => MD5 is legit
C:\windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\windows\system32\wuauserv.dll => MD5 is legit
C:\windows\system32\qmgr.dll => MD5 is legit
C:\windows\system32\es.dll => MD5 is legit
C:\windows\system32\cryptsvc.dll => MD5 is legit
C:\windows\system32\svchost.exe => MD5 is legit
C:\windows\system32\rpcss.dll => MD5 is legit
C:\windows\system32\services.exe => MD5 is legit

Extra List:
=======
aswTdi(14) Avgfwfd(13) Gpc(3) IPSec(5) NetBT(6) PSched(7) RFCOMM(11) Tcpip(4)
0x0F00000005000000010000000200000003000000040000000E000000060000000700000008000000090000000A0000000B0000000C0000000D0000000F000000
IpSec Tag value is correct.

**** End of log ****


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/23/2012 01:53:03 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* Network Connections (Netman) is not Running.
Startup Type set to: Disabled

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 13121 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 09/23/2012 01:54:19 PM
Execution time: 0 hours(s), 1 minute(s), and 15 seconds(s)
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "RDP Clip Monitor" "Microsoft Corporation" "c:\windows\system32\rdpclip.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit" "" "" ""
+ "C:\WINDOWS\system32\userinit.exe" "Userinit Logon Application" "Microsoft Corporation" "c:\windows\system32\userinit.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\VmApplet" "" "" ""
+ "rundll32" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell" "" "" ""
+ "Explorer.exe" "Windows Explorer" "Microsoft Corporation" "c:\windows\explorer.exe"
"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\AlternateShell" "" "" ""
+ "cmd.exe" "Windows Command Processor" "Microsoft Corporation" "c:\windows\system32\cmd.exe"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Browser Customizations" "IEAK branding" "Microsoft Corporation" "c:\windows\system32\iedkcs32.dll"
+ "Browser Customizations" "IEAK branding" "Microsoft Corporation" "c:\windows\system32\iedkcs32.dll"
+ "Internet Explorer" "IE Per-User Initialization Utility" "Microsoft Corporation" "c:\windows\system32\ie4uinit.exe"
+ "Internet Explorer" "IE Per-User Initialization Utility" "Microsoft Corporation" "c:\windows\system32\ie4uinit.exe"
+ "Internet Explorer Version Update" "IE Per User Active Setup Uninstall Utility" "Microsoft Corporation" "c:\windows\system32\ieudinit.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Windows Media Player" "ADVPACK" "Microsoft Corporation" "c:\windows\system32\advpack.dll"
+ "n/a" "Microsoft .NET IE SECURITY REGISTRATION" "Microsoft Corporation" "c:\windows\system32\mscories.dll"
+ "NetMeeting 3.01" "ADVPACK" "Microsoft Corporation" "c:\windows\system32\advpack.dll"
+ "Outlook Express" "Windows NT User Data Migration Tool" "Microsoft Corporation" "c:\windows\system32\shmgrate.exe"
+ "Themes Setup" "Windows Theme API" "Microsoft Corporation" "c:\windows\system32\themeui.dll"
+ "Windows Desktop Update" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Windows Media Player" "Microsoft Windows Media Player Setup Utility" "Microsoft Corporation" "c:\windows\inf\unregmp2.exe"
+ "Windows Messenger 4.7" "ADVPACK" "Microsoft Corporation" "c:\windows\system32\advpack.dll"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Facebook Update" "Facebook Installer" "Facebook Inc." "c:\documents and settings\jackson\local settings\application data\facebook\update\facebookupdate.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/octet-stream" "Microsoft .NET Runtime Execution Engine" "Microsoft Corporation" "c:\windows\system32\mscoree.dll"
+ "application/x-complus" "Microsoft .NET Runtime Execution Engine" "Microsoft Corporation" "c:\windows\system32\mscoree.dll"
+ "application/x-msdownload" "Microsoft .NET Runtime Execution Engine" "Microsoft Corporation" "c:\windows\system32\mscoree.dll"
+ "Class Install Handler" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "deflate" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "gzip" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "lzdhtml" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "text/webviewhtml" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office11\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "about" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "cdl" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "dvd" "ActiveX control for streaming video" "Microsoft Corporation" "c:\windows\system32\msvidctl.dll"
+ "file" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "ftp" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "gopher" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "http" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "https" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "its" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\windows\system32\itss.dll"
+ "javascript" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "lid" "ActiveX control for streaming video" "Microsoft Corporation" "c:\windows\system32\msvidctl.dll"
+ "local" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "mailto" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "mhtml" "Microsoft Internet Messaging API" "Microsoft Corporation" "c:\windows\system32\inetcomm.dll"
+ "mk" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "ms-its" "Microsoft® InfoTech Storage System Library" "Microsoft Corporation" "c:\windows\system32\itss.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
+ "res" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "sysimage" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "tv" "ActiveX control for streaming video" "Microsoft Corporation" "c:\windows\system32\msvidctl.dll"
+ "vbscript" "Microsoft ® HTML Viewer" "Microsoft Corporation" "c:\windows\system32\mshtml.dll"
+ "wia" "WIA Scripting Layer" "Microsoft Corporation" "c:\windows\system32\wiascr.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler" "" "" ""
+ "Browseui preloader" "Shell Browser UI Library" "Microsoft Corporation" "c:\windows\system32\browseui.dll"
+ "Component Categories cache daemon" "Shell Browser UI Library" "Microsoft Corporation" "c:\windows\system32\browseui.dll"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad" "" "" ""
+ "CDBurn" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "PostBootReminder" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "SysTray" "Systray shell service object" "Microsoft Corporation" "c:\windows\system32\stobject.dll"
+ "UPnPMonitor" "UPNP Tray Monitor and Folder" "Microsoft Corporation" "c:\windows\system32\upnpui.dll"
+ "WebCheck" "Web Site Monitor" "Microsoft Corporation" "c:\windows\system32\webcheck.dll"
+ "WPDShServiceObj" "Windows Portable Device Shell Service Object" "Microsoft Corporation" "c:\windows\system32\wpdshserviceobj.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks" "" "" ""
+ "SABShellExecuteHook Class" "ShellExecuteHook" "SuperAdBlocker.com" "c:\program files\superantispyware\sasseh.dll"
+ "URL Exec Hook" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "Offline Files" "Client Side Caching UI" "Microsoft Corporation" "c:\windows\system32\cscui.dll"
+ "Open With" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Open With EncryptionMenu" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "Start Menu Pin" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "CryptoSignMenu" "Crypto Shell Extensions" "Microsoft Corporation" "c:\windows\system32\cryptext.dll"
+ "Microsoft DocProp Shell Ext" "Microsoft DocProp Shell Ext" "Microsoft Corporation" "c:\windows\system32\docprop2.dll"
+ "OLE Docfile Property Page" "OLE DocFile Property Page" "Microsoft Corporation" "c:\windows\system32\docprop.dll"
+ "Security Shell Extension" "Security Shell Extension" "Microsoft Corporation" "c:\windows\system32\rshx32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "Send To" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\PropertySheetHandlers" "" "" ""
+ "Previous Versions Property Page" "Previous Versions property page" "Microsoft Corporation" "c:\windows\system32\twext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EncryptionMenu" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Offline Files" "Client Side Caching UI" "Microsoft Corporation" "c:\windows\system32\cscui.dll"
+ "SASContextMenu Class" "SUPERAntiSpyware Context Menu Extension" "SUPERAntiSpyware.com" "c:\program files\superantispyware\sasctxmn.dll"
+ "Sharing" "Shell extensions for sharing" "Microsoft Corporation" "c:\windows\system32\ntshrui.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\PropertySheetHandlers" "" "" ""
+ "DfsShell Class" "Distributed File System shell extension" "Microsoft Corporation" "c:\windows\system32\dfsshlex.dll"
+ "Folder Customization Tab" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "Previous Versions Property Page" "Previous Versions property page" "Microsoft Corporation" "c:\windows\system32\twext.dll"
+ "Security Shell Extension" "Security Shell Extension" "Microsoft Corporation" "c:\windows\system32\rshx32.dll"
+ "Sharing" "Shell extensions for sharing" "Microsoft Corporation" "c:\windows\system32\ntshrui.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "CDF" "Shell Doc Object and Control Library" "Microsoft Corporation" "c:\windows\system32\shdocvw.dll"
+ "FileSystem" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "MyDocuments" "My Documents Folder UI" "Microsoft Corporation" "c:\windows\system32\mydocs.dll"
+ "PIDirectoryHook" "" "" "c:\program files\arcsoft\software suite\photoimpression 5\share\pihook.dll"
+ "Sharing" "Shell extensions for sharing" "Microsoft Corporation" "c:\windows\system32\ntshrui.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "New" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{0D2E74C4-3C34-11d2-A27E-00C04FC30871}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "{24F14F01-7B1C-11d1-838f-0000F80461CF}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "{24F14F02-7B1C-11d1-838f-0000F80461CF}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "{66742402-F9B9-11D1-A202-0000F81FEDEE}" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "Compressed (zipped) Folder Right Drag Handler" "Compressed (zipped) Folders" "Microsoft Corporation" "c:\windows\system32\zipfldr.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "Offline Files" "Client Side Caching UI" "Microsoft Corporation" "c:\windows\system32\cscui.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "DivX Plus Web Player HTML5 <video>" "DivX Plus Web Player HTML5 <video> version 2.1.2.145" "DivX, LLC" "c:\program files\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks" "" "" ""
+ "Microsoft Url Search Hook" "Internet Explorer" "Microsoft Corporation" "c:\windows\system32\ieframe.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Diagnose Connection Problems..." "Network Diagnostic for Windows XP" "Microsoft Corporation" "c:\windows\network diagnostic\xpnetdiag.exe"
"Task Scheduler" "" "" ""
+ "avast! Emergency Update.job" "avast! Emergency Update" "AVAST Software" "c:\program files\avast software\avast\avastemupdate.exe"
+ "FacebookUpdateTaskUserS-1-5-21-776561741-842925246-854245398-1009Core.job" "Facebook Installer" "Facebook Inc." "c:\documents and settings\jackson\local settings\application data\facebook\update\facebookupdate.exe"
+ "FacebookUpdateTaskUserS-1-5-21-776561741-842925246-854245398-1009UA.job" "Facebook Installer" "Facebook Inc." "c:\documents and settings\jackson\local settings\application data\facebook\update\facebookupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-776561741-842925246-854245398-1009Core.job" "Google Installer" "Google Inc." "c:\documents and settings\jackson\local settings\application data\google\update\googleupdate.exe"
+ "GoogleUpdateTaskUserS-1-5-21-776561741-842925246-854245398-1009UA.job" "Google Installer" "Google Inc." "c:\documents and settings\jackson\local settings\application data\google\update\googleupdate.exe"
+ "User_Feed_Synchronization-{3227E605-394F-4904-8F36-4AB199AD5722}.job" "Microsoft Feeds Synchronization" "Microsoft Corporation" "c:\windows\system32\msfeedssync.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ALG" "Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall." "Microsoft Corporation" "c:\windows\system32\alg.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\windows\System32\appmgmts.dll"
+ "aspnet_state" "Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe"
+ "AudioSrv" "Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\audiosrv.dll"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "BITS" "Transfers files in the background using idle network bandwidth. If the service is stopped, features such as Windows Update, and MSN Explorer will be unable to automatically download programs and other information. If this service is disabled, any services that explicitly depend on it may fail to transfer files if they do not have a fail safe mechanism to transfer files directly through IE in case BITS has been disabled." "Microsoft Corporation" "c:\windows\system32\qmgr.dll"
+ "clr_optimization_v2.0.50727_32" "Microsoft .NET Framework NGEN" "Microsoft Corporation" "c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe"
+ "COMSysApp" "Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\dllhost.exe"
+ "CryptSvc" "Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\cryptsvc.dll"
+ "DcomLaunch" "Provides launch functionality for DCOM services." "Microsoft Corporation" "c:\windows\system32\rpcss.dll"
+ "Dhcp" "Manages network configuration by registering and updating IP addresses and DNS names." "Microsoft Corporation" "c:\windows\system32\dhcpcsvc.dll"
+ "dmadmin" "Configures hard disk drives and volumes. The service only runs for configuration processes and then stops." "Microsoft Corp., Veritas Software" "c:\windows\system32\dmadmin.exe"
+ "dmserver" "Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corp." "c:\windows\system32\dmserver.dll"
+ "Dnscache" "Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\dnsrslvr.dll"
+ "Dot3svc" "This service performs IEEE 802.1X authentication on Ethernet interfaces" "Microsoft Corporation" "c:\windows\system32\dot3svc.dll"
+ "EapHost" "Provides windows clients Extensible Authentication Protocol Service" "Microsoft Corporation" "c:\windows\system32\eapsvc.dll"
+ "Eventlog" "Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped." "Microsoft Corporation" "c:\windows\system32\services.exe"
+ "EventSystem" "Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\es.dll"
+ "FontCache3.0.0.0" "Optimizes performance of Windows Presentation Foundation (WPF) applications by caching commonly used font data. WPF applications will start this service if it is not already running. It can be disabled, though doing so will degrade the performance of WPF applications." "Microsoft Corporation" "c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe"
+ "HidServ" "Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\hidserv.dll"
+ "hkmsvc" "Manages health certificates and keys (used by NAP)" "Microsoft Corporation" "c:\windows\system32\kmsvc.dll"
+ "HTTPFilter" "This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\w3ssl.dll"
+ "ImapiService" "Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\imapi.exe"
+ "lanmanserver" "Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\srvsvc.dll"
+ "lanmanworkstation" "Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\wkssvc.dll"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MSDTC" "Coordinates transactions that span multiple resource managers, such as databases, message queues, and file systems. If this service is stopped, these transactions will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. " "Microsoft Corporation" "c:\windows\system32\msdtc.exe"
+ "MSIServer" "Adds, modifies, and removes applications provided as a Windows Installer (*.msi) package. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\msiexec.exe"
+ "Nla" "Collects and stores network configuration and location information, and notifies applications when this information changes." "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "NtmsSvc" "Removable Storage Manager" "Microsoft Corporation" "c:\windows\system32\ntmssvc.dll"
+ "PlugPlay" "Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability." "Microsoft Corporation" "c:\windows\system32\services.exe"
+ "PolicyAgent" "Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "ProtectedStorage" "Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "PSEXESVC" "PsExec Service" "Sysinternals" "c:\windows\psexesvc.exe"
+ "RasAuto" "Creates a connection to a remote network whenever a program references a remote DNS or NetBIOS name or address." "Microsoft Corporation" "c:\windows\system32\rasauto.dll"
+ "RasMan" "Creates a network connection." "Microsoft Corporation" "c:\windows\system32\rasmans.dll"
+ "RpcLocator" "Manages the RPC name service database." "Microsoft Corporation" "c:\windows\system32\locator.exe"
+ "RpcSs" "Provides the endpoint mapper and other miscellaneous RPC services." "Microsoft Corporation" "c:\windows\system32\rpcss.dll"
+ "SamSs" "Stores security information for local user accounts." "Microsoft Corporation" "c:\windows\system32\lsass.exe"
+ "Schedule" "Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\schedsvc.dll"
+ "seclogon" "Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\seclogon.dll"
+ "SENS" "Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events." "Microsoft Corporation" "c:\windows\system32\sens.dll"
+ "SharedAccess" "Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network." "Microsoft Corporation" "c:\windows\system32\ipnathlp.dll"
+ "ShellHWDetection" "Provides notifications for AutoPlay hardware events." "Microsoft Corporation" "c:\windows\system32\shsvcs.dll"
+ "Spooler" "Loads files to memory for later printing." "Microsoft Corporation" "c:\windows\system32\spoolsv.exe"
+ "srservice" "Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties" "Microsoft Corporation" "c:\windows\system32\srsvc.dll"
+ "SwPrv" "Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\dllhost.exe"
+ "TapiSrv" "Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service." "Microsoft Corporation" "c:\windows\system32\tapisrv.dll"
+ "Themes" "Provides user experience theme management." "Microsoft Corporation" "c:\windows\system32\shsvcs.dll"
+ "upnphost" "Provides support to host Universal Plug and Play devices." "Microsoft Corporation" "c:\windows\system32\upnphost.dll"
+ "UPS" "Manages an uninterruptible power supply (UPS) connected to the computer." "Microsoft Corporation" "c:\windows\system32\ups.exe"
+ "VSS" "Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\vssvc.exe"
+ "winmgmt" "Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\wbem\wmisvc.dll"
+ "WinRM" "Allows access to management information from local and remote machines." "Microsoft Corporation" "c:\windows\system32\wsmsvc.dll"
+ "WmiApSrv" "Provides performance library information from WMI HiPerf providers." "Microsoft Corporation" "c:\windows\system32\wbem\wmiapsrv.exe"
+ "wscsvc" "Monitors system security settings and configurations." "Microsoft Corporation" "c:\windows\system32\wscsvc.dll"
+ "wuauserv" "Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site." "Microsoft Corporation" "c:\windows\system32\wuauserv.dll"
+ "WudfSvc" "Manages user-mode driver host processes" "Microsoft Corporation" "c:\windows\system32\wudfsvc.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Aavmker4" "avast! Asynchronous Virus Monitor" "AVAST Software" "c:\windows\system32\drivers\aavmker4.sys"
+ "ACPI" "ACPI Driver for NT" "Microsoft Corporation" "c:\windows\system32\drivers\acpi.sys"
+ "aec" "Microsoft Acoustic Echo Canceller" "Microsoft Corporation" "c:\windows\system32\drivers\aec.sys"
+ "Afc" "Arcsoft® ASPI Shell" "Arcsoft, Inc." "c:\windows\system32\drivers\afc.sys"
+ "AFD" "AFD Networking Support Environment" "Microsoft Corporation" "c:\windows\system32\drivers\afd.sys"
+ "AmdK7" "Processor Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\amdk7.sys"
+ "appliand" "" "" "File not found: C:\windows\System32\Drivers\appliand.sys"
+ "appliandMP" "" "" "File not found: C:\windows\System32\Drivers\appliandMP.sys"
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMon2" "avast! Standard Shield Support" "AVAST Software" "c:\windows\system32\drivers\aswmon2.sys"
+ "aswRdr" "avast! TDI Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "AsyncMac" "RAS Asynchronous Media Driver" "Microsoft Corporation" "c:\windows\system32\drivers\asyncmac.sys"
+ "atapi" "IDE/ATAPI Port Driver" "Microsoft Corporation" "c:\windows\system32\drivers\atapi.sys"
+ "ati2mtag" "ATI Radeon WindowsNT Miniport Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\ati2mtag.sys"
+ "Atmarpc" "ATM ARP Client Protocol" "Microsoft Corporation" "c:\windows\system32\drivers\atmarpc.sys"
+ "audstub" "AudStub Driver" "Microsoft Corporation" "c:\windows\system32\drivers\audstub.sys"
+ "AVFSFilter" "Preventon File System Filter Service" "" "File not found: C:\windows\System32\Drivers\AVFSFilter.sys"
+ "Avgfwdx" "AVG Firewall intermediate miniport driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgfwdx.sys"
+ "Avgfwfd" "AVG Firewall intermediate miniport driver" "AVG Technologies CZ, s.r.o." "c:\windows\system32\drivers\avgfwdx.sys"
+ "Beep" "BEEP Driver" "Microsoft Corporation" "c:\windows\system32\drivers\beep.sys"
+ "btaudio" "" "" "File not found: C:\windows\System32\Drivers\btaudio.sys"
+ "BTDriver" "" "" "File not found: C:\windows\System32\Drivers\BTDriver.sys"
+ "BthEnum" "Bluetooth Bus Extender" "Microsoft Corporation" "c:\windows\system32\drivers\bthenum.sys"
+ "BTHMODEM" "Bluetooth Communications Driver" "Microsoft Corporation" "c:\windows\system32\drivers\bthmodem.sys"
+ "BthPan" "Bluetooth Device (Personal Area Network)" "Microsoft Corporation" "c:\windows\system32\drivers\bthpan.sys"
+ "BTHPORT" "Bluetooth Bus Driver" "Microsoft Corporation" "c:\windows\system32\drivers\bthport.sys"
+ "BTHUSB" "Bluetooth Miniport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\bthusb.sys"
+ "BTWDNDIS" "" "" "File not found: C:\windows\System32\Drivers\BTWDNDIS.sys"
+ "btwhid" "" "" "File not found: C:\windows\System32\Drivers\btwhid.sys"
+ "btwmodem" "Bluetooth BTPORT Driver for Windows 2000" "Broadcom Corporation." "c:\windows\system32\drivers\btwmodem.sys"
+ "BTWUSB" "" "" "File not found: C:\windows\System32\Drivers\BTWUSB.sys"
+ "CCDECODE" "WDM Closed Caption VBI Codec" "Microsoft Corporation" "c:\windows\system32\drivers\ccdecode.sys"
+ "Cdaudio" "CD-ROM Audio Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\cdaudio.sys"
+ "Cdrom" "SCSI CD-ROM Driver" "Microsoft Corporation" "c:\windows\system32\drivers\cdrom.sys"
+ "Changer" "" "" "File not found: C:\windows\System32\Drivers\Changer.sys"
+ "cpuz135" "CPUID Driver" "CPUID" "c:\windows\system32\drivers\cpuz135_x32.sys"
+ "CSS DVP" "CSS-DVP" "" "File not found: C:\windows\System32\Drivers\CSS DVP.sys"
+ "Disk" "PnP Disk Driver" "Microsoft Corporation" "c:\windows\system32\drivers\disk.sys"
+ "DMusic" "Microsoft Kernel DLS Synthesizer" "Microsoft Corporation" "c:\windows\system32\drivers\dmusic.sys"
+ "drmkaud" "Microsoft Kernel DRM Audio Descrambler Filter" "Microsoft Corporation" "c:\windows\system32\drivers\drmkaud.sys"
+ "Fdc" "Floppy Disk Controller Driver" "Microsoft Corporation" "c:\windows\system32\drivers\fdc.sys"
+ "Fips" "FIPS Crypto Driver" "Microsoft Corporation" "c:\windows\system32\drivers\fips.sys"
+ "Flpydisk" "Floppy Driver" "Microsoft Corporation" "c:\windows\system32\drivers\flpydisk.sys"
+ "FltMgr" "File System Filter Manager Driver" "Microsoft Corporation" "c:\windows\system32\drivers\fltmgr.sys"
+ "FreshIO" "" "" "File not found: C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys"
+ "Ftdisk" "FT Disk Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ftdisk.sys"
+ "gameenum" "Game Port Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\gameenum.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "Gpc" "Generic Packet Classifier" "Microsoft Corporation" "c:\windows\system32\drivers\msgpc.sys"
+ "HidUsb" "USB Miniport Driver for Input Devices" "Microsoft Corporation" "c:\windows\system32\drivers\hidusb.sys"
+ "hSONYPVh" "" "" "File not found: C:\DOCUME~1\Jackson\LOCALS~1\Temp\hSONYPVh.sys"
+ "HTTP" "This service implements the hypertext transfer protocol (HTTP). If this service is disabled, any services that explicitly depend on it will fail to start." "Microsoft Corporation" "c:\windows\system32\drivers\http.sys"
+ "i2omgmt" "" "" "File not found: C:\windows\System32\Drivers\i2omgmt.sys"
+ "i8042prt" "i8042 Port Driver" "Microsoft Corporation" "c:\windows\system32\drivers\i8042prt.sys"
+ "Imapi" "IMAPI Kernel Driver" "Microsoft Corporation" "c:\windows\system32\drivers\imapi.sys"
+ "IntelS51" "Intel V.92 Modem" "Intel Corporation" "c:\windows\system32\drivers\intels51.sys"
+ "ip6fw" "Provides intrusion prevention service for a home or small office network." "Microsoft Corporation" "c:\windows\system32\drivers\ip6fw.sys"
+ "IpFilterDriver" "IP Traffic Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ipfltdrv.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ipinip.sys"
+ "IpNat" "IP Network Address Translator" "Microsoft Corporation" "c:\windows\system32\drivers\ipnat.sys"
+ "IPSec" "IPSEC driver" "Microsoft Corporation" "c:\windows\system32\drivers\ipsec.sys"
+ "IRENUM" "Infra-Red Bus Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\irenum.sys"
+ "isapnp" "PNP ISA Bus Driver" "Microsoft Corporation" "c:\windows\system32\drivers\isapnp.sys"
+ "Kbdclass" "Keyboard Class Driver" "Microsoft Corporation" "c:\windows\system32\drivers\kbdclass.sys"
+ "kbdhid" "HID Mouse Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\kbdhid.sys"
+ "kmixer" "Kernel Mode Audio Mixer" "Microsoft Corporation" "c:\windows\system32\drivers\kmixer.sys"
+ "KSecDD" "Kernel Security Support Provider Interface" "Microsoft Corporation" "c:\windows\system32\drivers\ksecdd.sys"
+ "lbrtfdc" "" "" "File not found: C:\windows\System32\Drivers\lbrtfdc.sys"
+ "mnmdd" "Frame buffer simulator" "Microsoft Corporation" "c:\windows\system32\drivers\mnmdd.sys"
+ "Modem" "Modem Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\modem.sys"
+ "MODEMCSA" "Unimodem CSA Filter" "Microsoft Corporation" "c:\windows\system32\drivers\modemcsa.sys"
+ "Mouclass" "Mouse Class Driver" "Microsoft Corporation" "c:\windows\system32\drivers\mouclass.sys"
+ "mouhid" "HID Mouse Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\mouhid.sys"
+ "MountMgr" "Mount Manager" "Microsoft Corporation" "c:\windows\system32\drivers\mountmgr.sys"
+ "MpKsld546b2a0" "" "" "File not found: c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{F9829134-E9A0-4FAD-B8FC-A3E0C998FA41}\MpKsld546b2a0.sys"
+ "MRxDAV" "WebDav Client Redirector" "Microsoft Corporation" "c:\windows\system32\drivers\mrxdav.sys"
+ "MRxSmb" "MRXSMB" "Microsoft Corporation" "c:\windows\system32\drivers\mrxsmb.sys"
+ "ms_mpu401" "MPU401 Adapter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\msmpu401.sys"
+ "Msfs" "Mailslot driver" "Microsoft Corporation" "c:\windows\system32\drivers\msfs.sys"
+ "MSKSSRV" "MS KS Server" "Microsoft Corporation" "c:\windows\system32\drivers\mskssrv.sys"
+ "MSPCLOCK" "MS Proxy Clock" "Microsoft Corporation" "c:\windows\system32\drivers\mspclock.sys"
+ "MSPQM" "MS Proxy Quality Manager" "Microsoft Corporation" "c:\windows\system32\drivers\mspqm.sys"
+ "mssmbios" "System Management BIOS Driver" "Microsoft Corporation" "c:\windows\system32\drivers\mssmbios.sys"
+ "MSTEE" "WDM Tee/Communication Transform Filter " "Microsoft Corporation" "c:\windows\system32\drivers\mstee.sys"
+ "Mup" "Multiple UNC Provider driver" "Microsoft Corporation" "c:\windows\system32\drivers\mup.sys"
+ "n558" "HP BlueTooth Laser Mobile Mouse Driver" "" "c:\windows\system32\drivers\n558.sys"
+ "NABTSFEC" "WDM NABTS/FEC VBI Codec" "Microsoft Corporation" "c:\windows\system32\drivers\nabtsfec.sys"
+ "NDIS" "NDIS 5.1 wrapper driver" "Microsoft Corporation" "c:\windows\system32\drivers\ndis.sys"
+ "NdisIP" "Microsoft IP Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ndisip.sys"
+ "NdisTapi" "Remote Access NDIS TAPI Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ndistapi.sys"
+ "Ndisuio" "NDIS Usermode I/O Protocol" "Microsoft Corporation" "c:\windows\system32\drivers\ndisuio.sys"
+ "NdisWan" "Remote Access NDIS WAN Driver" "Microsoft Corporation" "c:\windows\system32\drivers\ndiswan.sys"
+ "NDProxy" "NDIS Proxy" "Microsoft Corporation" "c:\windows\system32\drivers\ndproxy.sys"
+ "NetBIOS" "NetBIOS Interface" "Microsoft Corporation" "c:\windows\system32\drivers\netbios.sys"
+ "NetBT" "NetBios over Tcpip" "Microsoft Corporation" "c:\windows\system32\drivers\netbt.sys"
+ "Npfs" "NPFS Driver" "Microsoft Corporation" "c:\windows\system32\drivers\npfs.sys"
+ "Null" "NULL Driver" "Microsoft Corporation" "c:\windows\system32\drivers\null.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "Microsoft Corporation" "c:\windows\system32\drivers\nwlnkfwd.sys"
+ "Parport" "Parallel Port Driver" "Microsoft Corporation" "c:\windows\system32\drivers\parport.sys"
+ "PartMgr" "Partition Manager" "Microsoft Corporation" "c:\windows\system32\drivers\partmgr.sys"
+ "ParVdm" "VDM Parallel Driver" "Microsoft Corporation" "c:\windows\system32\drivers\parvdm.sys"
+ "pccsmcfd" "PCCS Mode Change Filter Driver" "Nokia" "c:\windows\system32\drivers\pccsmcfd.sys"
+ "PCI" "NT Plug and Play PCI Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\pci.sys"
+ "PCIDump" "" "" "File not found: C:\windows\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\windows\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\windows\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\windows\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\windows\System32\Drivers\PDRFRAME.sys"
+ "PptpMiniport" "WAN Miniport (PPTP)" "Microsoft Corporation" "c:\windows\system32\drivers\raspptp.sys"
+ "Processor" "Processor Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\processr.sys"
+ "prodrv06" "StarForce Protection Environment Driver" "Protection Technology" "c:\windows\system32\drivers\prodrv06.sys"
+ "prohlp02" "StarForce Protection Helper Driver" "Protection Technology" "c:\windows\system32\drivers\prohlp02.sys"
+ "prosync1" "StarForce Protection Synchronization Driver" "Protection Technology" "c:\windows\system32\drivers\prosync1.sys"
+ "PSched" "QoS Packet Scheduler" "Microsoft Corporation" "c:\windows\system32\drivers\psched.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "RasAcd" "Remote Access Auto Connection Driver" "Microsoft Corporation" "c:\windows\system32\drivers\rasacd.sys"
+ "Rasl2tp" "WAN Miniport (L2TP)" "Microsoft Corporation" "c:\windows\system32\drivers\rasl2tp.sys"
+ "RasPppoe" "Remote Access PPPOE Driver" "Microsoft Corporation" "c:\windows\system32\drivers\raspppoe.sys"
+ "Raspti" "Direct Parallel" "Microsoft Corporation" "c:\windows\system32\drivers\raspti.sys"
+ "Rdbss" "Rdbss" "Microsoft Corporation" "c:\windows\system32\drivers\rdbss.sys"
+ "RDPCDD" "RDP Miniport" "Microsoft Corporation" "c:\windows\system32\drivers\rdpcdd.sys"
+ "RDPWD" "RDP Terminal Stack Driver (US/Canada Only, Not for Export)" "Microsoft Corporation" "c:\windows\system32\drivers\rdpwd.sys"
+ "redbook" "Redbook Audio Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\redbook.sys"
+ "RFCOMM" "Bluetooth Device (RFCOMM Protocol TDI)" "Microsoft Corporation" "c:\windows\system32\drivers\rfcomm.sys"
+ "ROOTMODEM" "Legacy Non-Pnp Modem Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\rootmdm.sys"
+ "RPSKT" "" "" "File not found: C:\windows\System32\Drivers\RPSKT.sys"
+ "rtl8139" "Realtek RTL8139 NDIS 5.0 Driver" "Realtek Semiconductor Corporation" "c:\windows\system32\drivers\rtl8139.sys"
+ "SASDIFSV" "SASDIFSV.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\sasdifsv.sys"
+ "SASENUM" "" "" "File not found: C:\Program Files\SUPERAntiSpyware\SASENUM.SYS"
+ "SASKUTIL" "SASKUTIL.SYS" "SUPERAdBlocker.com and SUPERAntiSpyware.com" "c:\program files\superantispyware\saskutil.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "serenum" "Serial Port Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\serenum.sys"
+ "Serial" "Serial Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\serial.sys"
+ "sermouse" "Serial Mouse Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\sermouse.sys"
+ "sfdrv01" "StarForce Protection Environment Driver" "Protection Technology" "c:\windows\system32\drivers\sfdrv01.sys"
+ "sfhlp01" "StarForce Protection Helper Driver" "Protection Technology" "c:\windows\system32\drivers\sfhlp01.sys"
+ "sfhlp02" "StarForce Protection Helper Driver" "Protection Technology" "c:\windows\system32\drivers\sfhlp02.sys"
+ "Sfloppy" "SCSI Floppy Driver" "Microsoft Corporation" "c:\windows\system32\drivers\sfloppy.sys"
+ "sfsync02" "StarForce Protection Synchronization Driver" "Protection Technology" "c:\windows\system32\drivers\sfsync02.sys"
+ "SLIP" "Microsoft Slip Deframing Filter Minidriver" "Microsoft Corporation" "c:\windows\system32\drivers\slip.sys"
+ "snpstd" "PC Camera driver" "" "c:\windows\system32\drivers\snpstd.sys"
+ "splitter" "Microsoft Kernel Audio Splitter" "Microsoft Corporation" "c:\windows\system32\drivers\splitter.sys"
+ "sr" "System Restore Filesystem Filter Driver" "Microsoft Corporation" "c:\windows\system32\drivers\sr.sys"
+ "Srv" "Srv" "Microsoft Corporation" "c:\windows\system32\drivers\srv.sys"
+ "StillCam" "Serial Imaging Device Driver" "Microsoft Corporation" "c:\windows\system32\drivers\serscan.sys"
+ "streamip" "Microsoft IP Test Driver" "Microsoft Corporation" "c:\windows\system32\drivers\streamip.sys"
+ "swenum" "Plug and Play Software Device Enumerator" "Microsoft Corporation" "c:\windows\system32\drivers\swenum.sys"
+ "swmidi" "Microsoft GS Wavetable Synthesizer" "Microsoft Corporation" "c:\windows\system32\drivers\swmidi.sys"
+ "sysaudio" "System Audio WDM Filter" "Microsoft Corporation" "c:\windows\system32\drivers\sysaudio.sys"
+ "Tcpip" "TCP/IP Protocol Driver" "Microsoft Corporation" "c:\windows\system32\drivers\tcpip.sys"
+ "TDPIPE" "Named Pipe Transport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\tdpipe.sys"
+ "TDTCP" "TCP Transport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\tdtcp.sys"
+ "TermDD" "Terminal Server Driver" "Microsoft Corporation" "c:\windows\system32\drivers\termdd.sys"
+ "Update" "Update Driver" "Microsoft Corporation" "c:\windows\system32\drivers\update.sys"
+ "upperdev" "" "" "File not found: system32\DRIVERS\usbser_lowerflt.sys"
+ "usbaudio" "USB Audio Class Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbaudio.sys"
+ "usbccgp" "USB Common Class Generic Parent Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbccgp.sys"
+ "usbhub" "Default Hub Driver for USB" "Microsoft Corporation" "c:\windows\system32\drivers\usbhub.sys"
+ "usbohci" "OHCI USB Miniport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbohci.sys"
+ "usbprint" "USB Printer driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbprint.sys"
+ "usbscan" "USB Scanner Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbscan.sys"
+ "USBSTOR" "USB Mass Storage Class Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbstor.sys"
+ "usbuhci" "UHCI USB Miniport Driver" "Microsoft Corporation" "c:\windows\system32\drivers\usbuhci.sys"
+ "VgaSave" "Controls the VGA display adapter to provide basic display capabilities." "Microsoft Corporation" "c:\windows\system32\drivers\vga.sys"
+ "viaagp" "VIA NT AGP Filter" "Microsoft Corporation" "c:\windows\system32\drivers\viaagp.sys"
+ "ViaIde" "Generic PCI IDE Bus Driver" "Microsoft Corporation" "c:\windows\system32\drivers\viaide.sys"
+ "VIAPFD" "VIA PFD driver" "VIA Technologies. Inc." "c:\windows\system32\drivers\viapfd.sys"
+ "VIAudio" "VIA AC'97 Enhanced Audio WDM Driver " "VIA Technologies, Inc." "c:\windows\system32\drivers\viaudio.sys"
+ "vmfilter323" "VC323, MRD, Feature(VGA), FaceTracking" "Vimicro Corporation" "c:\windows\system32\drivers\vmfilter323.sys"
+ "VolSnap" "Volume Shadow Copy Driver" "Microsoft Corporation" "c:\windows\system32\drivers\volsnap.sys"
+ "Wanarp" "Remote Access IP ARP Driver" "Microsoft Corporation" "c:\windows\system32\drivers\wanarp.sys"
+ "Wdf01000" "WDF Dynamic" "Microsoft Corporation" "c:\windows\system32\drivers\wdf01000.sys"
+ "WDICA" "" "" "File not found: C:\windows\System32\Drivers\WDICA.sys"
+ "wdmaud" "MMSYSTEM Wave/Midi API mapper" "Microsoft Corporation" "c:\windows\system32\drivers\wdmaud.sys"
+ "WpdUsb" "WPD USB Driver" "Microsoft Corporation" "c:\windows\system32\drivers\wpdusb.sys"
+ "WS2IFSL" "Winsock2 IFS Layer" "Microsoft Corporation" "c:\windows\system32\drivers\ws2ifsl.sys"
+ "WSTCODEC" "WDM WST Codec Driver" "Microsoft Corporation" "c:\windows\system32\drivers\wstcodec.sys"
+ "WudfPf" "Provide communciation services for UMDF components." "Microsoft Corporation" "c:\windows\system32\drivers\wudfpf.sys"
+ "ZSMC326" "VM323 Video Driver" "Vimicro Corporation" "c:\windows\system32\drivers\usbvm323.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "aux" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "midi" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "midi1" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "midi2" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "midimapper" "Microsoft MIDI Mapper" "Microsoft Corporation" "c:\windows\system32\midimap.dll"
+ "mixer" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "mixer1" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "msacm.ac3filter" "" "" "c:\windows\system32\ac3filter.acm"
+ "msacm.imaadpcm" "IMA ADPCM CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\imaadp32.acm"
+ "msacm.l3acm" "MPEG Audio Layer-3 Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecp.acm"
+ "msacm.lhacm" "Lernout & Hauspie Codecs" "Microsoft Corporation" "c:\windows\system32\lhacm.acm"
+ "msacm.msadpcm" "Microsoft ADPCM CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msadp32.acm"
+ "msacm.msaudio1" "Windows Media Audio" "Microsoft Corporation" "c:\windows\system32\msaud32.acm"
+ "msacm.msg711" "Microsoft CCITT G.711 (A-Law and u-Law) CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msg711.acm"
+ "msacm.msg723" "Microsoft G.723.1 CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msg723.acm"
+ "msacm.msgsm610" "Microsoft GSM 6.10 Audio CODEC for MSACM" "Microsoft Corporation" "c:\windows\system32\msgsm32.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "MSVideo8" "VfW MM Driver for WDM Video Capture Devices" "Microsoft Corporation" "c:\windows\system32\vfwwdm32.dll"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "VIDC.IYUV" "Intel Indeo® Video YUV Codec" "Microsoft Corporation" "c:\windows\system32\iyuv_32.dll"
+ "vidc.M261" "Microsoft H.261 ICM Driver" "Microsoft Corporation" "c:\windows\system32\msh261.drv"
+ "vidc.M263" "Microsoft H.263 ICM Driver" "Microsoft Corporation" "c:\windows\system32\msh263.drv"
+ "VIDC.MJPG" "" "" "c:\windows\system32\mtkjpeg.dll"
+ "vidc.mrle" "Microsoft RLE Compressor" "Microsoft Corporation" "c:\windows\system32\msrle32.dll"
+ "vidc.msvc" "Microsoft Video 1 Compressor" "Microsoft Corporation" "c:\windows\system32\msvidc32.dll"
+ "VIDC.UYVY" "Microsoft UYVY Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msyuv.dll"
+ "VIDC.YUY2" "Microsoft UYVY Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msyuv.dll"
+ "vidc.yv12" "DivX" "DivX, Inc." "c:\windows\system32\divx.dll"
+ "VIDC.YVU9" "Toshiba Video Codec" "Microsoft Corporation" "c:\windows\system32\tsbyuv.dll"
+ "VIDC.YVYU" "Microsoft UYVY Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msyuv.dll"
+ "wave" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "wave1" "WDM Audio driver mapper" "Microsoft Corporation" "c:\windows\system32\wdmaud.drv"
+ "wave2" "Unimodem Serial Wave driver" "Microsoft Corporation" "c:\windows\system32\serwvdrv.dll"
+ "wave4" "Unimodem Serial Wave driver" "Microsoft Corporation" "c:\windows\system32\serwvdrv.dll"
+ "wave5" "Unimodem Serial Wave driver" "Microsoft Corporation" "c:\windows\system32\serwvdrv.dll"
+ "wave6" "Unimodem Serial Wave driver" "Microsoft Corporation" "c:\windows\system32\serwvdrv.dll"
+ "wave7" "Unimodem Serial Wave driver" "Microsoft Corporation" "c:\windows\system32\serwvdrv.dll"
+ "wave8" "Unimodem Serial Wave driver" "Microsoft Corporation" "c:\windows\system32\serwvdrv.dll"
+ "wavemapper" "Microsoft Sound Mapper" "Microsoft Corporation" "c:\windows\system32\msacm32.drv"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ ".RAM Parser" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3 Parser Filter" "DirectShow MPEG-2 Splitter." "Microsoft Corporation" "c:\windows\system32\mpg2splt.ax"
+ "AC3Filter" "ac3filter" "" "c:\program files\ac3filter\ac3filter.ax"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "ACM Wrapper" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ASF ACM Handler" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF Animation Handler" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF DIB Handler" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF DJPEG Handler" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF ICM Handler" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF JPEG Handler" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASF URL Handler" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASX File Parser" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "ASX v.2 File Parser" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "AVI Decompressor" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "AVI Draw Filter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "AVI mux" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "AVI Splitter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "AVI/WAV File Source" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "BDA MPEG2 Transport Information Filter" "Microsoft Transport Information Filter for MPEG2 based networks." "Microsoft Corporation" "c:\windows\system32\psisrndr.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Color Space Converter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Cutlist File Source" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcut.dll"
+ "CyberLink Audio Decoder" "CyberLink Audio Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd\claudfx.ax"
+ "CyberLink DxVA Filter 2" "" "" "c:\program files\cyberlink\powerdvd\cldxva.ax"
+ "Default Video Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "DivX AAC Decoder" "AAC audio decoder filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter" "DivX Decoder Filter" "DivX, Inc." "c:\program files\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)" "DivX Plus DMF Navigator Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder" "DivX H.264 Decoder Filter" "DivX, Inc." "c:\program files\divx\divx plus directshow filters\divxdech264.ax"
+ "DivXAntiFreeze" "DivX AntiFreeze Filter" "" "c:\windows\system32\divxaf.ax"
+ "DV Muxer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qdv.dll"
+ "DV Splitter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qdv.dll"
+ "DV Video Decoder" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qdv.dll"
+ "DVD Navigator" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "Emuzed AAC/AAC+ Decoder TFilter" "Emuzed AAC/AAC+ Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzaacdecfilter.dll"
+ "Emuzed AMR/3GPP/MP4/MP3 Multiplexer-Filter" "Emuzed MP4/3GP2/AMR/QCP Multiplexer/Sink Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdmp4muxfilter.dll"
+ "Emuzed AMR/QCP/3GPP/MP4/3G2 Source Filter" "Emuzed MP4/3GP2/AMR/QCP Source Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp4source.dll"
+ "Emuzed H264 Video Decoder-Filter" "Emuzed H.264 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\ezdh264dectfilter.dll"
+ "Emuzed MP3 Source/Decoder Filter" "Emuzed MP3 Source/Decoder Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzmp3sourcefilter.dll"
+ "Emuzed MP4SP/H263 Video Decoder-Filter" "Emuzed MP4SP/H.263 Video Transform Filter" "Emuzed Inc. " "c:\program files\common files\nokia\codecs\emzdecmp4_h263.dll"
+ "File Source (Async.)" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "File Source (URL)" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "File stream renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "File Writer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Full Screen Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "G.711 Codec" "Intel G711 CODEC" "Microsoft Corporation" "c:\windows\system32\g711codc.ax"
+ "Indeo® Video 5.2 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® Video 5.2 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Infinite Pin Tee Filter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "Internal LMRT Renderer" "Liquid Motion Renderer Filter" "Microsoft Corporation" "c:\windows\system32\lmrtrend.dll"
+ "Internal Text Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Line 21 Decoder" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "Line 21 Decoder 2" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Microsoft MPEG-4 Video Decompressor" "Microsoft MPEG-4 Video Decompressor" "Microsoft Corporation" "c:\windows\system32\mp4sds32.ax"
+ "Microsoft MPEG-4 Video Decompressor" "Microsoft MPEG-4 Video Decompressor" "Microsoft Corporation" "c:\windows\system32\mpg4ds32.ax"
+ "Microsoft Screen Video Decompressor" "Microsoft Screen Video Decompressor" "Microsoft Corporation" "c:\windows\system32\msscds32.ax"
+ "MIDI Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MJPEG Decompressor" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MPEG Audio Codec" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MPEG Video Codec" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "MPEG-2 Demultiplexer" "DirectShow MPEG-2 Splitter." "Microsoft Corporation" "c:\windows\system32\mpg2splt.ax"
+ "MPEG-2 Sections and Tables" "Microsoft MPEG-2 Section and Table Acquisition Module" "Microsoft Corporation" "c:\windows\system32\mpeg2data.ax"
+ "MPEG-2 Splitter" "DirectShow MPEG-2 Splitter." "Microsoft Corporation" "c:\windows\system32\mpg2splt.ax"
+ "Mpeg-2 Video Stream Analysis" "DirectShow Stream Buffer Filter." "Microsoft Corporation" "c:\windows\system32\sbe.dll"
+ "MPEG-I Stream Splitter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Multi-file Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "NSC File Parser" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Null Renderer" "DirectShow Editing." "Microsoft Corporation" "c:\windows\system32\qedit.dll"
+ "Overlay Mixer" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "Overlay Mixer2" "DirectShow DVD PlayBack Runtime." "Microsoft Corporation" "c:\windows\system32\qdvd.dll"
+ "QT Decompressor" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "QuickTime Movie Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SAMI (CC) Reader" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Sample Grabber" "DirectShow Editing." "Microsoft Corporation" "c:\windows\system32\qedit.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Simple Text Reader" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Smart Tee Filter" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\qcap.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "StreamBufferSink" "DirectShow Stream Buffer Filter." "Microsoft Corporation" "c:\windows\system32\sbe.dll"
+ "StreamBufferSource" "DirectShow Stream Buffer Filter." "Microsoft Corporation" "c:\windows\system32\sbe.dll"
+ "TrueMotion 2.0 Decompressor" "TrueMotion 2.0 Decompressor" "The Duck Corporation" "c:\windows\system32\tm20dec.ax"
+ "URL StreamRenderer" "Liquid Motion Renderer Filter" "Microsoft Corporation" "c:\windows\system32\lmrtrend.dll"
+ "VBI Surface Allocator" "VBI Surface Allocator Filter" "Microsoft Corporation" "c:\windows\system32\vbisurf.ax"
+ "VGA 16 color ditherer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Video Mixing Renderer 9" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Video Port Manager" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Video Renderer" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "Wave Parser" "DirectShow Runtime." "Microsoft Corporation" "c:\windows\system32\quartz.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Audio Decoder" "Windows Media Audio Decoder" "Microsoft Corporation" "c:\windows\system32\msadds32.ax"
+ "Windows Media Audio Voice v9 Decoder" "Windows Media Audio Voice Decoder" "Microsoft Corporation" "c:\windows\system32\wmavds32.ax"
+ "Windows Media Multiplexer" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "Windows Media splitter" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media Update" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media URL File Source" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
+ "Windows Media Video Decoder" "Windows Media Video Decoder" "Microsoft Corporation" "c:\windows\system32\wmvds32.ax"
+ "Windows Media Video Decoder" "Windows Media Video Decoder V8" "Microsoft Corporation" "c:\windows\system32\wmv8ds32.ax"
+ "WM ASF Reader" "DirectShow ASF Support" "Microsoft Corporation" "c:\windows\system32\qasf.dll"
+ "WM ASF Writer" "DirectShow ASF Support" "Microsoft Corporation" "c:\windows\system32\qasf.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMEnc Screen Capture Filter" "WMPSrcWp Module" "Microsoft Corporation" "c:\windows\system32\wmpsrcwp.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "World Standard Teletext Decoder" "WST Decoder Filter" "Microsoft Corporation" "c:\windows\system32\wstdecod.dll"
+ "XML-based ASX Parser" "Windows Media Player Filter Shim" "Microsoft Corporation" "c:\windows\system32\wmpasf.dll"
"HKLM\Software\Classes\CLSID\{AC757296-3522-4E11-9862-C17BE5A1767E}\Instance" "" "" ""
+ "{0131BE10-2001-4C5F-A9B0-CC88FAB64CE8}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{114F5598-0B22-40A0-86A1-C83EA495ADBD}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{1A34F5C1-4A5A-46DC-B644-1F4567E7A676}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{27949969-876A-41D7-9447-568F6A35A4DC}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{69BE8BB4-D66D-47C8-865A-ED1589433782}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{AC4CE3CB-E1C1-44CD-8215-5A1665509EC2}" "Windows Media Photo Codec" "Microsoft Corporation" "c:\windows\system32\wmphoto.dll"
"HKLM\Software\Classes\CLSID\{7ED96837-96F0-4812-B211-F13C24117ED3}\Instance" "" "" ""
+ "{381DDA3C-9CE9-4834-A23E-1F98F8FC52BE}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{389EA17B-5078-4CDE-B6EF-25C15175C751}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{6B462062-7CBF-400D-9FDB-813DD10F2778}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{9456A480-E88B-43EA-9E73-0B2D9B71B1CA}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{A26CEC36-234C-4950-AE16-E34AACE71D0D}" "Windows Media Photo Codec" "Microsoft Corporation" "c:\windows\system32\wmphoto.dll"
+ "{B54E85D9-FE23-499F-8B88-6ACEA713752B}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{C61BFCDF-2E0F-4AAD-A8D7-E06BAFEBCDFE}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
"HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance" "" "" ""
+ "{00108226-EE41-44A2-9E9C-4BE4D5B1D2CD}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{076C2A6C-F78F-4C46-A723-3583E70876EA}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{122EC645-CD7E-44D8-B186-2C8C20C3B50F}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{1249B20C-5DD0-44FE-B0B3-8F92C8E6D080}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{1765E14E-1BD4-462E-B6B1-590BF1262AC6}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{22C21F93-7DDB-411C-9B17-C5B7BD064ABC}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{5C5C1935-0235-4434-80BC-251BC1EC39C6}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{6D68D1DE-D432-4B0F-923A-091183A9BDA7}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{7B19A919-A9D6-49E5-BD45-02C34E4E4CD5}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{8ADE5386-8E9B-4F4C-ACF2-F0008706B238}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{A09CCA86-27BA-4F39-9053-121FA4DC08FC}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{B1EBFC28-C9BD-47A2-8D33-B948769777A7}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{B5EBAFB9-253E-4A72-A744-0762D2685683}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{C9A14CDA-C339-460B-9078-D4DEBCFABE91}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{CB8C13E4-62B5-4C96-A48B-6BA6ACE39C76}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{D049B20C-5DD0-44FE-B0B3-8F92C8E6D080}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{ED822C8C-D6BE-4301-A631-0E1416BAD28F}" "Microsoft Windows Codecs Extended Library" "Microsoft Corporation" "c:\windows\system32\windowscodecsext.dll"
+ "{EE366069-1832-420F-B381-0479AD066F19}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
+ "{F3C633A2-46C8-498E-8FBB-CC6F721BBCDE}" "Microsoft Windows Codecs Library" "Microsoft Corporation" "c:\windows\system32\windowscodecs.dll"
"HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute" "" "" ""
+ "autocheck autochk *" "Auto Check Utility" "Microsoft Corporation" "c:\windows\system32\autochk.exe"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options" "" "" ""
+ "Your Image File Name Here without a path" "Symbolic Debugger for Windows 2000" "Microsoft Corporation" "c:\windows\system32\ntsd.exe"
"HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls" "" "" ""
+ "advapi32" "Advanced Windows 32 Base API" "Microsoft Corporation" "c:\windows\system32\advapi32.dll"
+ "comdlg32" "Common Dialogs DLL" "Microsoft Corporation" "c:\windows\system32\comdlg32.dll"
+ "gdi32" "GDI Client DLL" "Microsoft Corporation" "c:\windows\system32\gdi32.dll"
+ "imagehlp" "Windows NT Image Helper" "Microsoft Corporation" "c:\windows\system32\imagehlp.dll"
+ "kernel32" "Windows NT BASE API Client DLL" "Microsoft Corporation" "c:\windows\system32\kernel32.dll"
+ "lz32" "LZ Expand/Compress API DLL" "Microsoft Corporation" "c:\windows\system32\lz32.dll"
+ "ole32" "Microsoft OLE for Windows" "Microsoft Corporation" "c:\windows\system32\ole32.dll"
+ "oleaut32" "" "Microsoft Corporation" "c:\windows\system32\oleaut32.dll"
+ "olecli32" "Object Linking and Embedding Client Library" "Microsoft Corporation" "c:\windows\system32\olecli32.dll"
+ "olecnv32" "Microsoft OLE for Windows" "Microsoft Corporation" "c:\windows\system32\olecnv32.dll"
+ "olesvr32" "Object Linking and Embedding Server Library" "Microsoft Corporation" "c:\windows\system32\olesvr32.dll"
+ "olethk32" "Microsoft OLE for Windows" "Microsoft Corporation" "c:\windows\system32\olethk32.dll"
+ "rpcrt4" "Remote Procedure Call Runtime" "Microsoft Corporation" "c:\windows\system32\rpcrt4.dll"
+ "shell32" "Windows Shell Common Dll" "Microsoft Corporation" "c:\windows\system32\shell32.dll"
+ "url" "Internet Shortcut Shell Extension DLL" "Microsoft Corporation" "c:\windows\system32\url.dll"
+ "urlmon" "OLE32 Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\urlmon.dll"
+ "user32" "Windows XP USER API Client DLL" "Microsoft Corporation" "c:\windows\system32\user32.dll"
+ "version" "Version Checking and File Installation Libraries" "Microsoft Corporation" "c:\windows\system32\version.dll"
+ "wininet" "Internet Extensions for Win32" "Microsoft Corporation" "c:\windows\system32\wininet.dll"
+ "wldap32" "Win32 LDAP API DLL" "Microsoft Corporation" "c:\windows\system32\wldap32.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UIHost" "" "" ""
+ "logonui.exe" "Windows Logon UI" "Microsoft Corporation" "c:\windows\system32\logonui.exe"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "AtiExtEvent" "ATI External Event Utility DLL Module" "ATI Technologies Inc." "c:\windows\system32\ati2evxx.dll"
+ "crypt32chain" "Crypto API32" "Microsoft Corporation" "c:\windows\system32\crypt32.dll"
+ "cryptnet" "Crypto Network Related API" "Microsoft Corporation" "c:\windows\system32\cryptnet.dll"
+ "cscdll" "Offline Network Agent" "Microsoft Corporation" "c:\windows\system32\cscdll.dll"
+ "dimsntfy" "DIMS Notification Handler" "Microsoft Corporation" "c:\windows\system32\dimsntfy.dll"
+ "ScCertProp" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "Schedule" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "sclgntfy" "Secondary Logon Service Notification DLL" "Microsoft Corporation" "c:\windows\system32\sclgntfy.dll"
+ "SensLogn" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "termsrv" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
+ "WgaLogon" "Windows Genuine Advantage Notification" "Microsoft Corporation" "c:\windows\system32\wgalogon.dll"
+ "wlballoon" "Common DLL to receive Winlogon notifications" "Microsoft Corporation" "c:\windows\system32\wlnotify.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\windows\xdclock.scr" "Digital Clock Screen Saver" "Xequte Software" "c:\windows\xdclock.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries" "" "" ""
+ "000000000001" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000002" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000003" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000004" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000005" "Microsoft Windows Rsvp 1.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\rsvpsp.dll"
+ "000000000006" "Microsoft Windows Rsvp 1.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\rsvpsp.dll"
+ "000000000007" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000008" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000009" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000010" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000011" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000012" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000013" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000014" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000015" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000016" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000017" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000018" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000019" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "000000000020" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "Bluetooth Namespace" "Windows Sockets Helper DLL" "Microsoft Corporation" "c:\windows\system32\wshbth.dll"
+ "Network Location Awareness (NLA) Namespace" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
+ "NTDS" "LDAP RnR Provider DLL" "Microsoft Corporation" "c:\windows\system32\winrnr.dll"
+ "Tcpip" "Microsoft Windows Sockets 2.0 Service Provider" "Microsoft Corporation" "c:\windows\system32\mswsock.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "2500 Series Port" "Printer Communication System" " " "c:\windows\system32\lxddlmpm.dll"
+ "BJ Language Monitor" "Langage Monitor for Canon Bubble-Jet Printer" "Microsoft Corporation" "c:\windows\system32\cnbjmon.dll"
+ "hpzlnt04" "" "HP" "c:\windows\system32\hpzlnt04.dll"
+ "Local Port" "Local Spooler DLL" "Microsoft Corporation" "c:\windows\system32\localspl.dll"
+ "Microsoft Document Imaging Writer Monitor" "Microsoft® Document Imaging" "Microsoft Corporation" "c:\windows\system32\mdimon.dll"
+ "PJL Language Monitor" "PJL Language monitor" "Microsoft Corporation" "c:\windows\system32\pjlmon.dll"
+ "Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Microsoft Corporation" "c:\windows\system32\tcpmon.dll"
+ "USB Monitor" "Standard Dynamic Printing Port Monitor DLL" "Microsoft Corporation" "c:\windows\system32\usbmon.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders" "" "" ""
+ "digest.dll" "Digest SSPI Authentication Package" "Microsoft Corporation" "c:\windows\system32\digest.dll"
+ "msapsspc.dll" "DPA Client for 32 bit platforms" "Microsoft Corporation" "c:\windows\system32\msapsspc.dll"
+ "msnsspc.dll" "MSN Internet Access" "Microsoft Corporation" "c:\windows\system32\msnsspc.dll"
+ "schannel.dll" "TLS / SSL Security Provider" "Microsoft Corporation" "c:\windows\system32\schannel.dll"
+ "zwebauth.dll" "Zone Web Authentication SSP" "Microsoft Corporation" "c:\windows\system32\zwebauth.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages" "" "" ""
+ "msv1_0" "Microsoft Authentication Package v1.0" "Microsoft Corporation" "c:\windows\system32\msv1_0.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Notification Packages" "" "" ""
+ "scecli" "Windows Security Configuration Editor Client Engine" "Microsoft Corporation" "c:\windows\system32\scecli.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Security Packages" "" "" ""
+ "kerberos" "Kerberos Security Package" "Microsoft Corporation" "c:\windows\system32\kerberos.dll"
+ "msv1_0" "Microsoft Authentication Package v1.0" "Microsoft Corporation" "c:\windows\system32\msv1_0.dll"
+ "schannel" "TLS / SSL Security Provider" "Microsoft Corporation" "c:\windows\system32\schannel.dll"
+ "wdigest" "Microsoft Digest Access" "Microsoft Corporation" "c:\windows\system32\wdigest.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order" "" "" ""
+ "LanmanWorkstation" "Microsoft Windows Network" "Microsoft Corporation" "c:\windows\system32\ntlanman.dll"
+ "RDPNP" "Microsoft Terminal Services" "Microsoft Corporation" "c:\windows\system32\drprov.dll"
+ "WebClient" "Web Client Network" "Microsoft Corporation" "c:\windows\system32\davclnt.dll"

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 23 September 2012 - 08:10 AM

Press windows+R key and type

cmd and click ok and run these command

net start cryptsvc

Do you receive any error?

#9 leedsfan2

leedsfan2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 23 September 2012 - 08:41 AM

Run as requested, box flashes up no error

#10 leedsfan2

leedsfan2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 23 September 2012 - 08:46 AM

Sorry should have said;-


The requested service has already started

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 23 September 2012 - 08:53 AM

Are you able to start firewall?

Do you still have issues with safemode?

#12 leedsfan2

leedsfan2
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:48 PM

Posted 24 September 2012 - 01:58 AM

Hi Again

Tried F8 to no avail, also MSCONFIG tabs

General
System.ini
Win.ini
Services
Startuo
Tools

General has no "use original boot.ini"


Tried starting firewall from recommendations - "turn firewall on for all network connections" "enable now* were sorry windows cannot enable firewall try turning it on yourself"

Windows firewall - Windows settings cannot be displayed because the associated service is not running , do you want to start the the windows firewall internet connection sharing (ICS) service.

Then cannot start the service


Thanks again

Nigel










In security center it instructs - Recommendations - turn on for all network

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:01:48 PM

Posted 24 September 2012 - 02:03 AM

Lets look at safemode issue first

Go to msconfig and change the startup type to normal.

Download Safeboot repair

http://download.bleepingcomputer.com/sUBs/SafeBootKeyRepair.exe

Run this tool,after scan finishes,try to boot into safemode

Let me know how it goes




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users