Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have a Google redirect virus, likely bts.scour.com


  • Please log in to reply
12 replies to this topic

#1 JustKarl

JustKarl

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 01 October 2012 - 07:37 PM

I am running windows xp and get redirects in both FF and IE browsing, at least one of which was an attempted redirect to bts.scour.com, as well as sites that seem asscoaited with this type of virus, based on my reading.

So far, I tried:

Switching my LAN setting to a proxy server;

Ran Rkill;

Checked the hosts file (localhost is only entry, looks okay);

Ran TDSSKiller, which found no threats;

...but I still get redirects.

Any help would be *most* appreciated!

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:45 AM

Posted 01 October 2012 - 09:33 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 JustKarl

JustKarl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 01 October 2012 - 09:48 PM

Thanks for the quick reply! Getting started now.

#4 JustKarl

JustKarl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 02 October 2012 - 01:24 AM

narenxp,

OK, took some time, but no crashes. Here's the TDSSkiller log:

19:14:31.0953 3076 TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
19:14:32.0234 3076 ============================================================
19:14:32.0234 3076 Current date / time: 2012/10/01 19:14:32.0234
19:14:32.0234 3076 SystemInfo:
19:14:32.0234 3076
19:14:32.0234 3076 OS Version: 5.1.2600 ServicePack: 3.0
19:14:32.0234 3076 Product type: Workstation
19:14:32.0234 3076 ComputerName: D80W4621
19:14:32.0234 3076 UserName: Karl Bade
19:14:32.0234 3076 Windows directory: C:\WINDOWS
19:14:32.0234 3076 System windows directory: C:\WINDOWS
19:14:32.0234 3076 Processor architecture: Intel x86
19:14:32.0234 3076 Number of processors: 1
19:14:32.0234 3076 Page size: 0x1000
19:14:32.0234 3076 Boot type: Normal boot
19:14:32.0234 3076 ============================================================
19:14:34.0531 3076 Drive \Device\Harddisk0\DR0 - Size: 0x1BF08EB000 (111.76 Gb), SectorSize: 0x200, Cylinders: 0x38FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:14:34.0546 3076 Drive \Device\Harddisk1\DR3 - Size: 0x773FFE00 (1.86 Gb), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:14:34.0546 3076 ============================================================
19:14:34.0546 3076 \Device\Harddisk0\DR0:
19:14:34.0578 3076 MBR partitions:
19:14:34.0578 3076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xFB04, BlocksNum 0xDF741B9
19:14:34.0578 3076 \Device\Harddisk1\DR3:
19:14:34.0578 3076 MBR partitions:
19:14:34.0578 3076 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x6, StartLBA 0x81, BlocksNum 0x3B9D3F
19:14:34.0578 3076 ============================================================
19:14:34.0656 3076 C: <-> \Device\Harddisk0\DR0\Partition1
19:14:34.0671 3076 ============================================================
19:14:34.0671 3076 Initialize success
19:14:34.0671 3076 ============================================================
19:15:05.0312 3472 ============================================================
19:15:05.0312 3472 Scan started
19:15:05.0312 3472 Mode: Manual;
19:15:05.0312 3472 ============================================================
19:15:07.0000 3472 ================ Scan system memory ========================
19:15:07.0000 3472 System memory - ok
19:15:07.0000 3472 ================ Scan services =============================
19:15:07.0171 3472 Abiosdsk - ok
19:15:07.0218 3472 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\System32\DRIVERS\ABP480N5.SYS
19:15:07.0234 3472 abp480n5 - ok
19:15:07.0281 3472 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:15:07.0281 3472 ACPI - ok
19:15:07.0328 3472 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
19:15:07.0328 3472 ACPIEC - ok
19:15:07.0437 3472 [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
19:15:07.0437 3472 AdobeActiveFileMonitor6.0 - ok
19:15:07.0484 3472 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\System32\DRIVERS\adpu160m.sys
19:15:07.0484 3472 adpu160m - ok
19:15:07.0531 3472 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
19:15:07.0531 3472 aec - ok
19:15:07.0562 3472 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
19:15:07.0562 3472 AFD - ok
19:15:07.0593 3472 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
19:15:07.0609 3472 agp440 - ok
19:15:07.0640 3472 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\System32\DRIVERS\agpCPQ.sys
19:15:07.0640 3472 agpCPQ - ok
19:15:07.0671 3472 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\System32\DRIVERS\aha154x.sys
19:15:07.0671 3472 Aha154x - ok
19:15:07.0687 3472 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\System32\DRIVERS\aic78u2.sys
19:15:07.0687 3472 aic78u2 - ok
19:15:07.0718 3472 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\System32\DRIVERS\aic78xx.sys
19:15:07.0718 3472 aic78xx - ok
19:15:07.0765 3472 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
19:15:07.0765 3472 Alerter - ok
19:15:07.0781 3472 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
19:15:07.0796 3472 ALG - ok
19:15:07.0828 3472 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\System32\DRIVERS\aliide.sys
19:15:07.0828 3472 AliIde - ok
19:15:07.0859 3472 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\System32\DRIVERS\alim1541.sys
19:15:07.0859 3472 alim1541 - ok
19:15:07.0921 3472 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\System32\DRIVERS\amdagp.sys
19:15:07.0921 3472 amdagp - ok
19:15:07.0953 3472 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\System32\DRIVERS\amsint.sys
19:15:07.0953 3472 amsint - ok
19:15:08.0046 3472 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:15:08.0046 3472 Apple Mobile Device - ok
19:15:08.0062 3472 AppMgmt - ok
19:15:08.0109 3472 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:15:08.0109 3472 Arp1394 - ok
19:15:08.0125 3472 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\System32\DRIVERS\asc.sys
19:15:08.0125 3472 asc - ok
19:15:08.0156 3472 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\System32\DRIVERS\asc3350p.sys
19:15:08.0156 3472 asc3350p - ok
19:15:08.0171 3472 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\System32\DRIVERS\asc3550.sys
19:15:08.0171 3472 asc3550 - ok
19:15:08.0265 3472 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:15:08.0312 3472 aspnet_state - ok
19:15:08.0343 3472 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:15:08.0343 3472 AsyncMac - ok
19:15:08.0375 3472 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
19:15:08.0375 3472 atapi - ok
19:15:08.0390 3472 Atdisk - ok
19:15:08.0406 3472 [ E63719611F3A13AE65ACA73422807442 ] AtlsAud C:\WINDOWS\system32\drivers\AtlsAud.sys
19:15:08.0421 3472 AtlsAud - ok
19:15:08.0453 3472 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:15:08.0453 3472 Atmarpc - ok
19:15:08.0515 3472 [ DC1DB2C8CC59BED857F9182B36395150 ] ATWPKT2 C:\Program Files\America Online 8.0\ATWPKT2.SYS
19:15:08.0515 3472 ATWPKT2 - ok
19:15:08.0546 3472 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
19:15:08.0546 3472 AudioSrv - ok
19:15:08.0578 3472 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
19:15:08.0578 3472 audstub - ok
19:15:08.0609 3472 [ 1B9C81AB9A456EABD9F8335F04B5F495 ] basic2 C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
19:15:08.0609 3472 basic2 - ok
19:15:08.0671 3472 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:15:08.0671 3472 Beep - ok
19:15:08.0718 3472 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
19:15:08.0718 3472 BITS - ok
19:15:09.0000 3472 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:15:09.0031 3472 Bonjour Service - ok
19:15:09.0046 3472 Browser - ok
19:15:09.0093 3472 [ 248DFA5762DDE38DFDDBBD44149E9D7A ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
19:15:09.0109 3472 BVRPMPR5 - ok
19:15:09.0109 3472 bvrp_pci - ok
19:15:09.0171 3472 [ 2C8DD508D8736394D931F38EB4016FB2 ] C-DillaCdaC11BA C:\WINDOWS\System32\drivers\CDAC11BA.EXE
19:15:09.0171 3472 C-DillaCdaC11BA - ok
19:15:09.0203 3472 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\System32\DRIVERS\cbidf2k.sys
19:15:09.0203 3472 cbidf - ok
19:15:09.0218 3472 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
19:15:09.0218 3472 cbidf2k - ok
19:15:09.0265 3472 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:15:09.0281 3472 CCDECODE - ok
19:15:09.0328 3472 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\System32\DRIVERS\cd20xrnt.sys
19:15:09.0328 3472 cd20xrnt - ok
19:15:09.0359 3472 [ 69419792390122EEFD84E598D896715B ] CdaC15BA C:\WINDOWS\System32\drivers\CdaC15BA.SYS
19:15:09.0359 3472 CdaC15BA - ok
19:15:09.0375 3472 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
19:15:09.0375 3472 Cdaudio - ok
19:15:09.0406 3472 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
19:15:09.0406 3472 Cdfs - ok
19:15:09.0437 3472 [ 9714B7C918C6543D69074EC101F86AC4 ] Cdr4_xp C:\WINDOWS\system32\drivers\Cdr4_xp.sys
19:15:09.0453 3472 Cdr4_xp - ok
19:15:09.0468 3472 [ 0D856D16C08440BFB566D6CDD9948D4E ] Cdralw2k C:\WINDOWS\system32\drivers\Cdralw2k.sys
19:15:09.0468 3472 Cdralw2k - ok
19:15:09.0500 3472 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:15:09.0500 3472 Cdrom - ok
19:15:09.0515 3472 Changer - ok
19:15:09.0546 3472 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
19:15:09.0546 3472 CiSvc - ok
19:15:09.0578 3472 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
19:15:09.0578 3472 ClipSrv - ok
19:15:09.0625 3472 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:15:09.0734 3472 clr_optimization_v2.0.50727_32 - ok
19:15:09.0781 3472 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:15:09.0781 3472 clr_optimization_v4.0.30319_32 - ok
19:15:09.0828 3472 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\System32\DRIVERS\cmdide.sys
19:15:09.0828 3472 CmdIde - ok
19:15:09.0843 3472 COMSysApp - ok
19:15:09.0875 3472 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\System32\DRIVERS\cpqarray.sys
19:15:09.0875 3472 Cpqarray - ok
19:15:09.0921 3472 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\System32\CTsvcCDA.exe
19:15:09.0921 3472 Creative Service for CDROM Access - ok
19:15:09.0953 3472 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
19:15:09.0953 3472 CryptSvc - ok
19:15:10.0000 3472 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\System32\DRIVERS\dac2w2k.sys
19:15:10.0015 3472 dac2w2k - ok
19:15:10.0031 3472 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\System32\DRIVERS\dac960nt.sys
19:15:10.0031 3472 dac960nt - ok
19:15:10.0093 3472 [ B1AD007F9A7DD8CFC981958D5C167D2D ] DcCam C:\WINDOWS\system32\DRIVERS\DcCam.sys
19:15:10.0093 3472 DcCam - ok
19:15:10.0140 3472 [ 5FD20284CAAF112201311619FF89FA44 ] DcFpoint C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
19:15:10.0140 3472 DcFpoint - ok
19:15:10.0156 3472 [ 867F7E6841B15D32481C3F1B83364E3A ] DCFS2K C:\WINDOWS\system32\drivers\dcfs2k.sys
19:15:10.0156 3472 DCFS2K - ok
19:15:10.0218 3472 [ 1B889AC45FAF088FF2AF690779368956 ] DcLps C:\WINDOWS\system32\DRIVERS\DcLps.sys
19:15:10.0218 3472 DcLps - ok
19:15:10.0265 3472 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:15:10.0265 3472 DcomLaunch - ok
19:15:10.0312 3472 [ 4AFAEA300A82F0470DC8B8ABD619ABA8 ] DcPTP C:\WINDOWS\system32\DRIVERS\DcPTP.sys
19:15:10.0312 3472 DcPTP - ok
19:15:10.0343 3472 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
19:15:10.0343 3472 Dhcp - ok
19:15:10.0375 3472 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
19:15:10.0375 3472 Disk - ok
19:15:10.0390 3472 dmadmin - ok
19:15:10.0453 3472 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
19:15:10.0453 3472 dmboot - ok
19:15:10.0484 3472 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
19:15:10.0484 3472 dmio - ok
19:15:10.0515 3472 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
19:15:10.0515 3472 dmload - ok
19:15:10.0546 3472 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
19:15:10.0546 3472 dmserver - ok
19:15:10.0578 3472 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
19:15:10.0578 3472 DMusic - ok
19:15:10.0625 3472 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:15:10.0625 3472 Dnscache - ok
19:15:10.0671 3472 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
19:15:10.0671 3472 Dot3svc - ok
19:15:10.0718 3472 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\System32\DRIVERS\dpti2o.sys
19:15:10.0718 3472 dpti2o - ok
19:15:10.0750 3472 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:15:10.0750 3472 drmkaud - ok
19:15:10.0812 3472 [ FE80901578E7E3DA70299A5AEB2B7FBD ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
19:15:10.0812 3472 DSBrokerService - ok
19:15:10.0890 3472 [ 413F2D5F9D802688242C23B38F767ECB ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
19:15:10.0890 3472 DSproct - ok
19:15:10.0921 3472 [ DFEABB7CFFFADEA4A912AB95BDC3177A ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
19:15:10.0921 3472 dsunidrv - ok
19:15:10.0984 3472 [ 98ED0BEA10477B0F252CCA35EB50F838 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
19:15:11.0000 3472 E100B - ok
19:15:11.0015 3472 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:15:11.0015 3472 EapHost - ok
19:15:11.0093 3472 [ 6E883BF518296A40959131C2304AF714 ] EL90XBC C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
19:15:11.0093 3472 EL90XBC - ok
19:15:11.0109 3472 [ 277F9B5A4E6D6AAA734E0578A4C8174A ] EMATCORE C:\WINDOWS\system32\Drivers\AtlsVid.sys
19:15:11.0109 3472 EMATCORE - ok
19:15:11.0171 3472 [ F9472131367D39435D750F5FA3D23582 ] Eplpdx02 C:\WINDOWS\System32\Drivers\EPLPDX02.SYS
19:15:11.0171 3472 Eplpdx02 - ok
19:15:11.0203 3472 [ 8AB495F0D82F81458BC9AC85E018FBBF ] EPSONStatusAgent2 C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
19:15:11.0203 3472 EPSONStatusAgent2 - ok
19:15:11.0218 3472 EraserUtilDrv11210 - ok
19:15:11.0250 3472 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
19:15:11.0250 3472 ERSvc - ok
19:15:11.0296 3472 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
19:15:11.0296 3472 Eventlog - ok
19:15:11.0343 3472 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
19:15:11.0343 3472 EventSystem - ok
19:15:11.0421 3472 [ 7AE55F93DA22F0732993BCE6093105DD ] Exportit C:\WINDOWS\system32\DRIVERS\exportit.sys
19:15:11.0437 3472 Exportit - ok
19:15:11.0500 3472 [ C823DEBE2548656549F84A875D65237B ] Fallback C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
19:15:11.0531 3472 Fallback - ok
19:15:11.0578 3472 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
19:15:11.0578 3472 Fastfat - ok
19:15:11.0656 3472 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:15:11.0656 3472 FastUserSwitchingCompatibility - ok
19:15:11.0671 3472 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
19:15:11.0671 3472 Fdc - ok
19:15:11.0687 3472 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
19:15:11.0703 3472 Fips - ok
19:15:11.0781 3472 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:15:11.0937 3472 FLEXnet Licensing Service - ok
19:15:11.0984 3472 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
19:15:11.0984 3472 Flpydisk - ok
19:15:12.0031 3472 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:15:12.0031 3472 FltMgr - ok
19:15:12.0125 3472 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:15:12.0125 3472 FontCache3.0.0.0 - ok
19:15:12.0187 3472 [ 6483414841D4CAB6C3B4DB2AC6EDD70B ] Fsks C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
19:15:12.0203 3472 Fsks - ok
19:15:12.0234 3472 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:15:12.0234 3472 Fs_Rec - ok
19:15:12.0265 3472 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:15:12.0265 3472 Ftdisk - ok
19:15:12.0312 3472 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
19:15:12.0312 3472 gameenum - ok
19:15:12.0359 3472 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:15:12.0359 3472 GEARAspiWDM - ok
19:15:12.0406 3472 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:15:12.0406 3472 Gpc - ok
19:15:12.0468 3472 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:15:12.0468 3472 gupdate - ok
19:15:12.0484 3472 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:15:12.0484 3472 gupdatem - ok
19:15:12.0562 3472 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:15:12.0562 3472 helpsvc - ok
19:15:12.0609 3472 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
19:15:12.0609 3472 HidServ - ok
19:15:12.0656 3472 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:15:12.0656 3472 HidUsb - ok
19:15:12.0703 3472 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
19:15:12.0703 3472 hkmsvc - ok
19:15:12.0750 3472 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\System32\DRIVERS\hpn.sys
19:15:12.0750 3472 hpn - ok
19:15:12.0812 3472 [ 95B894B508DB03507B61FE213EF6FE19 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
19:15:12.0812 3472 HSFHWBS2 - ok
19:15:12.0921 3472 [ F66402179CA2B2AE68493103DB5FA48C ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
19:15:12.0984 3472 HSF_DP - ok
19:15:13.0062 3472 [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
19:15:13.0109 3472 hsf_msft - ok
19:15:13.0171 3472 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
19:15:13.0171 3472 HTTP - ok
19:15:13.0203 3472 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
19:15:13.0203 3472 HTTPFilter - ok
19:15:13.0218 3472 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
19:15:13.0218 3472 i2omgmt - ok
19:15:13.0265 3472 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\System32\DRIVERS\i2omp.sys
19:15:13.0265 3472 i2omp - ok
19:15:13.0296 3472 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:15:13.0312 3472 i8042prt - ok
19:15:13.0375 3472 [ 06B7EF73BA5F302EECC294CDF7E19702 ] i81x C:\WINDOWS\system32\DRIVERS\i81xnt5.sys
19:15:13.0390 3472 i81x - ok
19:15:13.0421 3472 [ 7B5B44EFE5EB9DADFB8EE29700885D23 ] iAimFP0 C:\WINDOWS\system32\DRIVERS\wADV01nt.sys
19:15:13.0421 3472 iAimFP0 - ok
19:15:13.0484 3472 [ EB1F6BAB6C22EDE0BA551B527475F7E9 ] iAimFP1 C:\WINDOWS\system32\DRIVERS\wADV02NT.sys
19:15:13.0484 3472 iAimFP1 - ok
19:15:13.0500 3472 [ 03CE989D846C1AA81145CB22FCB86D06 ] iAimFP2 C:\WINDOWS\system32\DRIVERS\wADV05NT.sys
19:15:13.0500 3472 iAimFP2 - ok
19:15:13.0546 3472 [ 525849B4469DE021D5D61B4DB9BE3A9D ] iAimFP3 C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys
19:15:13.0546 3472 iAimFP3 - ok
19:15:13.0578 3472 [ 589C2BCDB5BD602BF7B63D210407EF8C ] iAimFP4 C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys
19:15:13.0578 3472 iAimFP4 - ok
19:15:13.0625 3472 [ D83BDD5C059667A2F647A6BE5703A4D2 ] iAimTV0 C:\WINDOWS\system32\DRIVERS\wATV01nt.sys
19:15:13.0625 3472 iAimTV0 - ok
19:15:13.0703 3472 [ ED968D23354DAA0D7C621580C012A1F6 ] iAimTV1 C:\WINDOWS\system32\DRIVERS\wATV02NT.sys
19:15:13.0703 3472 iAimTV1 - ok
19:15:13.0718 3472 iAimTV2 - ok
19:15:13.0781 3472 [ D738273F218A224C1DDAC04203F27A84 ] iAimTV3 C:\WINDOWS\system32\DRIVERS\wATV04nt.sys
19:15:13.0781 3472 iAimTV3 - ok
19:15:13.0843 3472 [ 0052D118995CBAB152DAABE6106D1442 ] iAimTV4 C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys
19:15:13.0843 3472 iAimTV4 - ok
19:15:13.0984 3472 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
19:15:13.0984 3472 IDriverT - ok
19:15:14.0078 3472 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:15:14.0125 3472 idsvc - ok
19:15:14.0156 3472 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\drivers\Imapi.sys
19:15:14.0156 3472 Imapi - ok
19:15:14.0203 3472 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\System32\Imapi.exe
19:15:14.0203 3472 ImapiService - ok
19:15:14.0265 3472 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\System32\DRIVERS\ini910u.sys
19:15:14.0265 3472 ini910u - ok
19:15:14.0296 3472 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\System32\DRIVERS\intelide.sys
19:15:14.0296 3472 IntelIde - ok
19:15:14.0359 3472 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:15:14.0359 3472 intelppm - ok
19:15:14.0437 3472 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
19:15:14.0437 3472 IntuitUpdateService - ok
19:15:14.0546 3472 [ 1663A135865F0BA6E853353E98E67F2A ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
19:15:14.0578 3472 IntuitUpdateServiceV4 - ok
19:15:14.0640 3472 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
19:15:14.0640 3472 ip6fw - ok
19:15:14.0703 3472 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:15:14.0703 3472 IpFilterDriver - ok
19:15:14.0750 3472 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:15:14.0750 3472 IpInIp - ok
19:15:14.0812 3472 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:15:14.0828 3472 IpNat - ok
19:15:15.0250 3472 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:15:15.0296 3472 iPod Service - ok
19:15:15.0343 3472 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:15:15.0343 3472 IPSec - ok
19:15:15.0359 3472 IPVNMon - ok
19:15:15.0375 3472 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
19:15:15.0375 3472 IRENUM - ok
19:15:15.0406 3472 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:15:15.0406 3472 isapnp - ok
19:15:15.0500 3472 [ 5E06A9D23727DAF96FAA796F1135FDCD ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
19:15:15.0500 3472 JavaQuickStarterService - ok
19:15:15.0546 3472 [ 9C5E3FDBFCC30CF71A49CA178B9AD442 ] K56 C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
19:15:15.0562 3472 K56 - ok
19:15:15.0593 3472 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:15:15.0593 3472 Kbdclass - ok
19:15:15.0640 3472 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
19:15:15.0656 3472 kmixer - ok
19:15:15.0703 3472 [ 4E1060D2F3B745931CF83B3649BE8A57 ] KodakCCS C:\WINDOWS\system32\drivers\KodakCCS.exe
19:15:15.0734 3472 KodakCCS - ok
19:15:15.0781 3472 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
19:15:15.0781 3472 KSecDD - ok
19:15:15.0812 3472 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
19:15:15.0828 3472 lanmanserver - ok
19:15:15.0890 3472 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:15:15.0890 3472 lanmanworkstation - ok
19:15:15.0906 3472 lbrtfdc - ok
19:15:15.0953 3472 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
19:15:15.0953 3472 LmHosts - ok
19:15:15.0968 3472 [ A1E9D936EAC07EE9386E87BAC1377FAD ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
19:15:15.0984 3472 mdmxsdk - ok
19:15:16.0031 3472 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
19:15:16.0031 3472 Messenger - ok
19:15:16.0078 3472 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
19:15:16.0078 3472 mnmdd - ok
19:15:16.0125 3472 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
19:15:16.0125 3472 mnmsrvc - ok
19:15:16.0156 3472 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
19:15:16.0156 3472 Modem - ok
19:15:16.0218 3472 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
19:15:16.0218 3472 MODEMCSA - ok
19:15:16.0250 3472 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:15:16.0250 3472 Mouclass - ok
19:15:16.0296 3472 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:15:16.0296 3472 mouhid - ok
19:15:16.0359 3472 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
19:15:16.0359 3472 MountMgr - ok
19:15:16.0421 3472 [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:15:16.0421 3472 MozillaMaintenance - ok
19:15:16.0468 3472 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\System32\DRIVERS\mraid35x.sys
19:15:16.0468 3472 mraid35x - ok
19:15:16.0515 3472 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:15:16.0515 3472 MRxDAV - ok
19:15:16.0578 3472 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:15:16.0578 3472 MRxSmb - ok
19:15:16.0656 3472 [ 3421B35E19F63C0E6BB326AAF59E4634 ] MSCSPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
19:15:16.0656 3472 MSCSPTISRV - ok
19:15:16.0703 3472 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:15:16.0703 3472 MSDTC - ok
19:15:16.0734 3472 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:15:16.0734 3472 Msfs - ok
19:15:16.0750 3472 MSIServer - ok
19:15:16.0812 3472 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:15:16.0812 3472 MSKSSRV - ok
19:15:16.0859 3472 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:15:16.0859 3472 MSPCLOCK - ok
19:15:16.0890 3472 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:15:16.0890 3472 MSPQM - ok
19:15:16.0937 3472 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:15:16.0937 3472 mssmbios - ok
19:15:16.0953 3472 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:15:16.0953 3472 MSTEE - ok
19:15:17.0000 3472 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
19:15:17.0000 3472 Mup - ok
19:15:17.0078 3472 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:15:17.0078 3472 NABTSFEC - ok
19:15:17.0140 3472 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
19:15:17.0171 3472 napagent - ok
19:15:17.0187 3472 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
19:15:17.0187 3472 NDIS - ok
19:15:17.0250 3472 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:15:17.0250 3472 NdisIP - ok
19:15:17.0312 3472 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:15:17.0312 3472 NdisTapi - ok
19:15:17.0375 3472 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:15:17.0375 3472 Ndisuio - ok
19:15:17.0390 3472 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:15:17.0390 3472 NdisWan - ok
19:15:17.0421 3472 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:15:17.0421 3472 NDProxy - ok
19:15:17.0437 3472 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:15:17.0437 3472 NetBIOS - ok
19:15:17.0468 3472 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:15:17.0468 3472 NetBT - ok
19:15:17.0515 3472 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
19:15:17.0515 3472 NetDDE - ok
19:15:17.0531 3472 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
19:15:17.0531 3472 NetDDEdsdm - ok
19:15:17.0578 3472 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\System32\lsass.exe
19:15:17.0578 3472 Netlogon - ok
19:15:17.0609 3472 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
19:15:17.0609 3472 Netman - ok
19:15:17.0656 3472 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:15:17.0656 3472 NetTcpPortSharing - ok
19:15:17.0687 3472 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:15:17.0703 3472 NIC1394 - ok
19:15:17.0750 3472 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
19:15:17.0750 3472 Nla - ok
19:15:17.0781 3472 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
19:15:17.0781 3472 nm - ok
19:15:17.0828 3472 [ 847D6D775524FA5E58D851DDEC566A12 ] NMSCFG C:\WINDOWS\System32\drivers\NMSCFG.SYS
19:15:17.0828 3472 NMSCFG - ok
19:15:17.0937 3472 [ 89F315B13245C3DFDA4438694F302B2E ] NMSSvc C:\WINDOWS\System32\NMSSvc.exe
19:15:17.0984 3472 NMSSvc - ok
19:15:18.0015 3472 [ D21FEE8DB254BA762656878168AC1DB6 ] NPF C:\WINDOWS\system32\drivers\npf.sys
19:15:18.0015 3472 NPF - ok
19:15:18.0031 3472 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:15:18.0031 3472 Npfs - ok
19:15:18.0078 3472 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:15:18.0093 3472 Ntfs - ok
19:15:18.0109 3472 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
19:15:18.0109 3472 NtLmSsp - ok
19:15:18.0171 3472 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
19:15:18.0187 3472 NtmsSvc - ok
19:15:18.0203 3472 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
19:15:18.0203 3472 Null - ok
19:15:18.0312 3472 [ 71DBDC08DF86B80511E72953FA1AD6B0 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
19:15:18.0359 3472 nv - ok
19:15:18.0390 3472 [ 5ED834603C36414B579979B3A9C90F54 ] NVSvc C:\WINDOWS\System32\nvsvc32.exe
19:15:18.0406 3472 NVSvc - ok
19:15:18.0453 3472 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:15:18.0453 3472 NwlnkFlt - ok
19:15:18.0484 3472 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:15:18.0484 3472 NwlnkFwd - ok
19:15:18.0500 3472 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:15:18.0515 3472 ohci1394 - ok
19:15:18.0562 3472 [ 1D98907D80461371437A7C898C58C8AE ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
19:15:18.0562 3472 omci - ok
19:15:18.0671 3472 [ E433C553D00D76FBC616294B60A7A530 ] P16X C:\WINDOWS\system32\drivers\P16X.sys
19:15:18.0718 3472 P16X - ok
19:15:18.0750 3472 [ C90018BAFDC7098619A4A95B046B30F3 ] P3 C:\WINDOWS\system32\DRIVERS\p3.sys
19:15:18.0750 3472 P3 - ok
19:15:18.0796 3472 [ 3A5DCD91483821E4CF3CF294DAB6E56B ] PACSPTISVR C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
19:15:18.0812 3472 PACSPTISVR - ok
19:15:18.0859 3472 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
19:15:18.0859 3472 Parport - ok
19:15:18.0875 3472 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
19:15:18.0875 3472 PartMgr - ok
19:15:18.0906 3472 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
19:15:18.0906 3472 ParVdm - ok
19:15:18.0921 3472 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
19:15:18.0921 3472 PCI - ok
19:15:18.0937 3472 PCIDump - ok
19:15:18.0968 3472 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
19:15:18.0968 3472 PCIIde - ok
19:15:19.0000 3472 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
19:15:19.0015 3472 Pcmcia - ok
19:15:19.0031 3472 PDCOMP - ok
19:15:19.0046 3472 PDFRAME - ok
19:15:19.0046 3472 PDRELI - ok
19:15:19.0062 3472 PDRFRAME - ok
19:15:19.0093 3472 [ 4A108CC9CC0E0605E68CCE7021479879 ] PenClass C:\WINDOWS\system32\Drivers\PenClass.sys
19:15:19.0093 3472 PenClass - ok
19:15:19.0140 3472 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\System32\DRIVERS\perc2.sys
19:15:19.0140 3472 perc2 - ok
19:15:19.0203 3472 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\System32\DRIVERS\perc2hib.sys
19:15:19.0203 3472 perc2hib - ok
19:15:19.0265 3472 [ ED2E7F396B4098608C95BC3806BDF6FC ] pfc C:\WINDOWS\system32\drivers\pfc.sys
19:15:19.0265 3472 pfc - ok
19:15:19.0328 3472 [ 2F5532F9B0F903B26847DA674B4F55B2 ] PfModNT C:\WINDOWS\System32\PfModNT.sys
19:15:19.0328 3472 PfModNT - ok
19:15:19.0359 3472 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
19:15:19.0359 3472 PlugPlay - ok
19:15:19.0375 3472 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
19:15:19.0375 3472 PolicyAgent - ok
19:15:19.0406 3472 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:15:19.0406 3472 PptpMiniport - ok
19:15:19.0437 3472 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
19:15:19.0437 3472 Processor - ok
19:15:19.0453 3472 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:15:19.0453 3472 ProtectedStorage - ok
19:15:19.0468 3472 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
19:15:19.0468 3472 PSched - ok
19:15:19.0484 3472 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:15:19.0484 3472 Ptilink - ok
19:15:19.0531 3472 [ 892E8BC66EC37639649EE5871875A00E ] pxark C:\WINDOWS\system32\drivers\pxark.sys
19:15:19.0531 3472 pxark - ok
19:15:19.0546 3472 [ 40FEDD328F98245AD201CF5F9F311724 ] PxHelp20 C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
19:15:19.0546 3472 PxHelp20 - ok
19:15:19.0593 3472 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\System32\DRIVERS\ql1080.sys
19:15:19.0593 3472 ql1080 - ok
19:15:19.0609 3472 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\System32\DRIVERS\ql10wnt.sys
19:15:19.0609 3472 Ql10wnt - ok
19:15:19.0640 3472 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\System32\DRIVERS\ql12160.sys
19:15:19.0640 3472 ql12160 - ok
19:15:19.0656 3472 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\System32\DRIVERS\ql1240.sys
19:15:19.0656 3472 ql1240 - ok
19:15:19.0671 3472 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\System32\DRIVERS\ql1280.sys
19:15:19.0671 3472 ql1280 - ok
19:15:19.0718 3472 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:15:19.0718 3472 RasAcd - ok
19:15:19.0750 3472 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:15:19.0750 3472 RasAuto - ok
19:15:19.0765 3472 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:15:19.0781 3472 Rasl2tp - ok
19:15:19.0812 3472 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:15:19.0812 3472 RasMan - ok
19:15:19.0843 3472 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:15:19.0843 3472 RasPppoe - ok
19:15:19.0875 3472 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
19:15:19.0875 3472 Raspti - ok
19:15:19.0890 3472 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:15:19.0890 3472 Rdbss - ok
19:15:19.0906 3472 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:15:19.0906 3472 RDPCDD - ok
19:15:19.0937 3472 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:15:19.0937 3472 rdpdr - ok
19:15:20.0000 3472 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
19:15:20.0000 3472 RDPWD - ok
19:15:20.0062 3472 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
19:15:20.0062 3472 RDSessMgr - ok
19:15:20.0078 3472 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
19:15:20.0078 3472 redbook - ok
19:15:20.0125 3472 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:15:20.0125 3472 RemoteAccess - ok
19:15:20.0171 3472 [ BB7549BD94D1AAC3599C7606C50C48A0 ] Rksample C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys
19:15:20.0171 3472 Rksample - ok
19:15:20.0234 3472 Roxio UPnP Renderer 11 - ok
19:15:20.0281 3472 [ 67C607857CCD6EBFFE768DAD5B2CA239 ] rpcapd C:\Program Files\WinPcap\rpcapd.exe
19:15:20.0281 3472 rpcapd - ok
19:15:20.0328 3472 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
19:15:20.0328 3472 RpcLocator - ok
19:15:20.0359 3472 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:15:20.0359 3472 RpcSs - ok
19:15:20.0421 3472 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
19:15:20.0437 3472 RSVP - ok
19:15:20.0468 3472 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
19:15:20.0468 3472 SamSs - ok
19:15:20.0515 3472 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
19:15:20.0515 3472 SCardSvr - ok
19:15:20.0562 3472 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:15:20.0562 3472 Schedule - ok
19:15:20.0609 3472 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:15:20.0609 3472 Secdrv - ok
19:15:20.0640 3472 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
19:15:20.0656 3472 seclogon - ok
19:15:20.0671 3472 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
19:15:20.0671 3472 SENS - ok
19:15:20.0718 3472 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
19:15:20.0718 3472 serenum - ok
19:15:20.0750 3472 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
19:15:20.0750 3472 Serial - ok
19:15:20.0812 3472 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
19:15:20.0812 3472 Sfloppy - ok
19:15:20.0890 3472 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:15:20.0921 3472 SharedAccess - ok
19:15:20.0968 3472 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:15:20.0968 3472 ShellHWDetection - ok
19:15:20.0984 3472 Simbad - ok
19:15:21.0046 3472 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\System32\DRIVERS\sisagp.sys
19:15:21.0062 3472 sisagp - ok
19:15:21.0093 3472 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:15:21.0093 3472 SLIP - ok
19:15:21.0140 3472 [ D9E8E0CE154A2F6430D9EFABDF730867 ] SoftFax C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys
19:15:21.0156 3472 SoftFax - ok
19:15:21.0203 3472 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\System32\DRIVERS\sparrow.sys
19:15:21.0203 3472 Sparrow - ok
19:15:21.0234 3472 [ 6C843C43FD7F0B42CFE477CE88D0F9B3 ] SpeakerPhone C:\WINDOWS\system32\DRIVERS\HSF_SPKP.sys
19:15:21.0250 3472 SpeakerPhone - ok
19:15:21.0281 3472 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
19:15:21.0281 3472 splitter - ok
19:15:21.0328 3472 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
19:15:21.0328 3472 Spooler - ok
19:15:21.0375 3472 [ 09EEDFD8E748DCFD742EC37638C99A59 ] SPTISRV C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
19:15:21.0375 3472 SPTISRV - ok
19:15:21.0406 3472 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
19:15:21.0406 3472 sr - ok
19:15:21.0453 3472 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\System32\srsvc.dll
19:15:21.0453 3472 srservice - ok
19:15:21.0531 3472 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:15:21.0531 3472 Srv - ok
19:15:21.0546 3472 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:15:21.0562 3472 SSDPSRV - ok
19:15:21.0578 3472 ssfs0bbc - ok
19:15:21.0656 3472 [ 8564BC9598BE1705477B7FA61D657C2B ] SSKBFD C:\WINDOWS\system32\Drivers\sskbfd.sys
19:15:21.0656 3472 SSKBFD - ok
19:15:21.0718 3472 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
19:15:21.0718 3472 stisvc - ok
19:15:21.0750 3472 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:15:21.0750 3472 streamip - ok
19:15:21.0781 3472 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
19:15:21.0781 3472 swenum - ok
19:15:21.0828 3472 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
19:15:21.0828 3472 swmidi - ok
19:15:21.0843 3472 SwPrv - ok
19:15:21.0875 3472 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\System32\DRIVERS\symc810.sys
19:15:21.0875 3472 symc810 - ok
19:15:21.0906 3472 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\System32\DRIVERS\symc8xx.sys
19:15:21.0906 3472 symc8xx - ok
19:15:21.0937 3472 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\System32\DRIVERS\sym_hi.sys
19:15:21.0937 3472 sym_hi - ok
19:15:21.0968 3472 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\System32\DRIVERS\sym_u3.sys
19:15:21.0968 3472 sym_u3 - ok
19:15:22.0015 3472 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
19:15:22.0015 3472 sysaudio - ok
19:15:22.0046 3472 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
19:15:22.0046 3472 SysmonLog - ok
19:15:22.0140 3472 [ 70EAA3F434AAA317851754574182010E ] TabletService C:\WINDOWS\System32\Tablet.exe
19:15:22.0156 3472 TabletService - ok
19:15:22.0203 3472 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:15:22.0203 3472 TapiSrv - ok
19:15:22.0281 3472 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:15:22.0281 3472 Tcpip - ok
19:15:22.0343 3472 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
19:15:22.0343 3472 TDPIPE - ok
19:15:22.0406 3472 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
19:15:22.0406 3472 TDTCP - ok
19:15:22.0468 3472 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
19:15:22.0484 3472 TermDD - ok
19:15:22.0546 3472 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
19:15:22.0562 3472 TermService - ok
19:15:22.0578 3472 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
19:15:22.0593 3472 Themes - ok
19:15:22.0609 3472 [ 8021A499DB46B2961C285168671CB9AF ] Tones C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys
19:15:22.0609 3472 Tones - ok
19:15:22.0656 3472 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\System32\DRIVERS\toside.sys
19:15:22.0656 3472 TosIde - ok
19:15:22.0687 3472 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
19:15:22.0703 3472 TrkWks - ok
19:15:22.0734 3472 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
19:15:22.0734 3472 Udfs - ok
19:15:22.0765 3472 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\System32\DRIVERS\ultra.sys
19:15:22.0781 3472 ultra - ok
19:15:22.0812 3472 [ AB0A7CA90D9E3D6A193905DC1715DED0 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
19:15:22.0828 3472 UMWdf - ok
19:15:22.0875 3472 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
19:15:22.0875 3472 Update - ok
19:15:22.0921 3472 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:15:22.0921 3472 upnphost - ok
19:15:22.0953 3472 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
19:15:22.0953 3472 UPS - ok
19:15:23.0000 3472 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
19:15:23.0015 3472 usbaudio - ok
19:15:23.0062 3472 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:15:23.0078 3472 usbccgp - ok
19:15:23.0125 3472 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:15:23.0125 3472 usbehci - ok
19:15:23.0156 3472 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:15:23.0156 3472 usbhub - ok
19:15:23.0218 3472 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:15:23.0218 3472 usbprint - ok
19:15:23.0250 3472 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:15:23.0250 3472 usbscan - ok
19:15:23.0281 3472 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:15:23.0296 3472 USBSTOR - ok
19:15:23.0312 3472 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:15:23.0312 3472 usbuhci - ok
19:15:23.0359 3472 [ 269C0ADE94B90029B12497747BE408CB ] V124 C:\WINDOWS\system32\DRIVERS\HSF_V124.sys
19:15:23.0375 3472 V124 - ok
19:15:23.0406 3472 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
19:15:23.0406 3472 VgaSave - ok
19:15:23.0453 3472 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\System32\DRIVERS\viaagp.sys
19:15:23.0453 3472 viaagp - ok
19:15:23.0484 3472 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\System32\DRIVERS\viaide.sys
19:15:23.0484 3472 ViaIde - ok
19:15:23.0546 3472 [ 5F974FDE801C73952770736BECDE11E7 ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
19:15:23.0546 3472 Viewpoint Manager Service - ok
19:15:23.0593 3472 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
19:15:23.0593 3472 VolSnap - ok
19:15:23.0640 3472 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
19:15:23.0656 3472 VSS - ok
19:15:23.0703 3472 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
19:15:23.0703 3472 w32time - ok
19:15:23.0734 3472 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:15:23.0734 3472 Wanarp - ok
19:15:23.0781 3472 [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
19:15:23.0781 3472 wanatw - ok
19:15:23.0828 3472 [ 909F2DC0DA7F57D229A05EE90647B2C3 ] WANMiniportService C:\WINDOWS\wanmpsvc.exe
19:15:23.0828 3472 WANMiniportService - ok
19:15:23.0843 3472 WDICA - ok
19:15:23.0875 3472 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
19:15:23.0875 3472 wdmaud - ok
19:15:23.0890 3472 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:15:23.0906 3472 WebClient - ok
19:15:24.0000 3472 [ FE71B3857BED54600E02288B212E7B7C ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
19:15:24.0031 3472 winachsf - ok
19:15:24.0125 3472 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:15:24.0125 3472 winmgmt - ok
19:15:24.0187 3472 [ 581176F60885AEF8F78C6E38DCC3CDF9 ] WMDM PMSP Service C:\WINDOWS\System32\MsPMSPSv.exe
19:15:24.0187 3472 WMDM PMSP Service - ok
19:15:24.0218 3472 [ 140EF97B64F560FD78643CAE2CDAD838 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
19:15:24.0218 3472 WmdmPmSN - ok
19:15:24.0296 3472 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:15:24.0296 3472 WmiApSrv - ok
19:15:24.0515 3472 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:15:24.0546 3472 WPFFontCache_v0400 - ok
19:15:24.0625 3472 [ D87DC5964F19820931DD3D33F60CD258 ] WRkrn C:\WINDOWS\system32\drivers\WRkrn.sys
19:15:24.0625 3472 WRkrn - ok
19:15:24.0718 3472 [ 36114E340CCDD83B2711E0A9E5A4279A ] WRSVC C:\Program Files\Webroot\WRSA.exe
19:15:24.0765 3472 WRSVC - ok
19:15:24.0812 3472 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
19:15:24.0828 3472 wscsvc - ok
19:15:24.0859 3472 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:15:24.0859 3472 WSTCODEC - ok
19:15:24.0890 3472 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
19:15:24.0890 3472 wuauserv - ok
19:15:24.0953 3472 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
19:15:24.0968 3472 WZCSVC - ok
19:15:25.0000 3472 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
19:15:25.0000 3472 xmlprov - ok
19:15:25.0031 3472 ================ Scan global ===============================
19:15:25.0078 3472 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:15:25.0125 3472 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:15:25.0187 3472 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
19:15:25.0218 3472 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:15:25.0234 3472 [Global] - ok
19:15:25.0234 3472 ================ Scan MBR ==================================
19:15:25.0265 3472 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:15:25.0468 3472 \Device\Harddisk0\DR0 - ok
19:15:25.0484 3472 [ 06449E7C4AF0550B77E260798769AA40 ] \Device\Harddisk1\DR3
19:15:25.0484 3472 \Device\Harddisk1\DR3 - ok
19:15:25.0500 3472 ================ Scan VBR ==================================
19:15:25.0500 3472 [ 37769E6A3EC0317D8DD5EBC3D576230E ] \Device\Harddisk0\DR0\Partition1
19:15:25.0500 3472 \Device\Harddisk0\DR0\Partition1 - ok
19:15:25.0515 3472 [ 0674B6DBD22A14292B212F568D0BEF26 ] \Device\Harddisk1\DR3\Partition1
19:15:25.0515 3472 \Device\Harddisk1\DR3\Partition1 - ok
19:15:25.0515 3472 ============================================================
19:15:25.0515 3472 Scan finished
19:15:25.0515 3472 ============================================================
19:15:25.0546 0336 Detected object count: 0
19:15:25.0546 0336 Actual detected object count: 0
19:15:34.0281 2008 Deinitialize success


Here's the aswMBR log:


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-01 21:46:55
-----------------------------
21:46:55.140 OS Version: Windows 5.1.2600 Service Pack 3
21:46:55.140 Number of processors: 1 586 0x207
21:46:55.140 ComputerName: D80W4621 UserName:
21:46:56.765 Initialize success
21:48:05.796 AVAST engine defs: 12100101
21:48:43.656 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
21:48:43.656 Disk 0 Vendor: WDC_WD1200JB-75CRA0 16.06V16 Size: 114440MB BusType: 3
21:48:43.687 Disk 0 MBR read successfully
21:48:43.687 Disk 0 MBR scan
21:48:43.765 Disk 0 Windows XP default MBR code
21:48:43.765 Disk 0 Partition 1 00 DE Dell Utility Dell 4.1 31 MB offset 63
21:48:43.781 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 114408 MB offset 64260
21:48:43.781 Disk 0 scanning sectors +234372285
21:48:43.859 Disk 0 scanning C:\WINDOWS\system32\drivers
21:48:59.546 Service scanning
21:49:20.265 Modules scanning
21:49:28.812 Disk 0 trace - called modules:
21:49:28.843 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys PCIIDEX.SYS
21:49:29.203 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873a1ab8]
21:49:29.203 3 CLASSPNP.SYS[f766ffd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8738ad98]
21:49:30.187 AVAST engine scan C:\WINDOWS
21:50:05.875 AVAST engine scan C:\WINDOWS\system32
21:54:30.140 AVAST engine scan C:\WINDOWS\system32\drivers
21:55:02.109 AVAST engine scan C:\Documents and Settings\Karl Bade
23:01:44.390 AVAST engine scan C:\Documents and Settings\All Users
23:16:37.484 Scan finished successfully
23:17:15.890 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
23:17:15.890 The log file has been saved successfully to "C:\aswMBR.txt"


And here's the ESET log:

C:\Documents and Settings\Karl Bade\Application Data\Mozilla\Firefox\Profiles\ir9b775a.default\user.js JS/SecurityDisabler.A.Gen application cleaned by deleting - quarantined
C:\Documents and Settings\Karl Bade\Local Settings\Temporary Internet Files\Content.IE5\KMBHXQZ7\download[1].htm HTML/ScrInject.B.Gen virus deleted - quarantined
C:\Documents and Settings\Karl Bade\My Documents\Xvid-Setup-dm-9.exe Win32/Toolbar.Zugo application cleaned by deleting - quarantined

Thanks again for your help!

#5 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:45 AM

Posted 02 October 2012 - 01:26 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

Launch it . For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#6 JustKarl

JustKarl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 02 October 2012 - 08:41 AM

Wow, thanks again for the quick reply. Was sleeping in my timezone. Will work on this.

#7 JustKarl

JustKarl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 02 October 2012 - 06:21 PM

OK, sorry about the delay... Scans did not complete before work.

Here's Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.02.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Karl Bade :: D80W4621 [administrator]

Protection: Enabled

10/2/2012 8:46:18 AM
mbam-log-2012-10-02 (08-46-18).txt

Scan type: Full scan (C:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 371443
Time elapsed: 2 hour(s), 1 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 1
C:\Documents and Settings\Karl Bade\Local Settings\Application Data\Apple\Adobe\chjtssb.dll (Trojan.Happili) -> Delete on reboot.

Registry Keys Detected: 11
HKCR\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKCR\TypeLib\{3C2D2A1E-031F-4397-9614-87C932A848E0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKCR\Interface\{04A38F6B-006F-4247-BA4C-02A139D5531C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKCR\MiniBugTransporter.MiniBugTransporterX.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKCR\MiniBugTransporter.MiniBugTransporterX (Adware.Minibug) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (Adware.Minibug) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6F7D-442C-93E3-4A4827C2E4C8} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000EF1-0786-4633-87C6-1AA7A44296DA} (Adware.F1Organizer) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{13197ACE-6851-45C3-A7FF-C281324D5489} (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C559105-9ECF-42B8-B3F7-832E75EDD959} (Adware.ISTBar) -> Quarantined and deleted successfully.

Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Adobe (Trojan.Happili) -> Data: rundll32.exe "C:\Documents and Settings\Karl Bade\Local Settings\Application Data\Apple\Adobe\chjtssb.dll",iTunesHelperMainEntryPointW -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 3
C:\Documents and Settings\Karl Bade\Local Settings\Application Data\Apple\Adobe\chjtssb.dll (Trojan.Happili) -> Delete on reboot.
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Documents and Settings\Karl Bade\Application Data\logs.dat (Bifrose.Trace) -> Quarantined and deleted successfully.

(end)



Here's the mini toolbox log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Karl Bade (administrator) on 02-10-2012 at 17:41:37
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)
1394 Net Adapter = 1394 Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration Host Name . . . . . . . . . . . . : D80W4621 Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : hsd1.il.comcast.net.Ethernet adapter Local Area Connection: Connection-specific DNS Suffix . : hsd1.il.comcast.net. Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection Physical Address. . . . . . . . . : 00-07-E9-C6-F6-54 Dhcp Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IP Address. . . . . . . . . . . . : 98.215.194.129 Subnet Mask . . . . . . . . . . . : 255.255.254.0 Default Gateway . . . . . . . . . : 98.215.194.1 DHCP Server . . . . . . . . . . . : 69.252.202.4 DNS Servers . . . . . . . . . . . : 75.75.75.75 75.75.76.76 Lease Obtained. . . . . . . . . . : Tuesday, October 02, 2012 10:50:57 AM Lease Expires . . . . . . . . . . : Friday, October 05, 2012 1:11:45 AMServer: cdns01.comcast.net
Address: 75.75.75.75

Name: google.com
Addresses: 74.125.225.34, 74.125.225.32, 74.125.225.39, 74.125.225.37
74.125.225.40, 74.125.225.41, 74.125.225.36, 74.125.225.46, 74.125.225.35
74.125.225.38, 74.125.225.33

Pinging google.com [74.125.225.71] with 32 bytes of data:Reply from 74.125.225.71: bytes=32 time=13ms TTL=56Reply from 74.125.225.71: bytes=32 time=12ms TTL=56Ping statistics for 74.125.225.71: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 12ms, Maximum = 13ms, Average = 12msServer: cdns01.comcast.net
Address: 75.75.75.75

Name: yahoo.com
Addresses: 98.139.183.24, 98.138.253.109, 72.30.38.140

Pinging yahoo.com [72.30.38.140] with 32 bytes of data:Reply from 72.30.38.140: bytes=32 time=694ms TTL=52Reply from 72.30.38.140: bytes=32 time=936ms TTL=52Ping statistics for 72.30.38.140: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 694ms, Maximum = 936ms, Average = 815msServer: cdns01.comcast.net
Address: 75.75.75.75

Name: bleepingcomputer.com
Address: 208.43.87.2

Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:Reply from 208.43.87.2: Destination host unreachable.Reply from 208.43.87.2: Destination host unreachable.Ping statistics for 208.43.87.2: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1: Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 07 e9 c6 f6 54 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 98.215.194.1 98.215.194.129 20
98.215.194.0 255.255.254.0 98.215.194.129 98.215.194.129 20
98.215.194.129 255.255.255.255 127.0.0.1 127.0.0.1 20
98.255.255.255 255.255.255.255 98.215.194.129 98.215.194.129 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 98.215.194.129 98.215.194.129 20
224.0.0.0 240.0.0.0 98.215.194.129 98.215.194.129 20
255.255.255.255 255.255.255.255 98.215.194.129 98.215.194.129 1
Default Gateway: 98.215.194.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/18/2012 08:28:36 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/18/2012 11:24:01 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/12/2012 01:44:52 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/12/2012 01:44:50 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/12/2012 01:44:50 PM) (Source: Application Hang) (User: )
Description: Hanging application rundll32.exe, version 5.1.2600.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/30/2012 06:17:48 PM) (Source: Application Error) (User: )
Description: Faulting application waol.exe, version 8.0.0.0, faulting module mshtml.dll, version 8.0.6001.19258, fault address 0x000dd497.
Processing media-specific event for [waol.exe!ws!]

Error: (07/25/2012 06:11:52 PM) (Source: Application Error) (User: )
Description: Faulting application waol.exe, version 8.0.0.0, faulting module mshtml.dll, version 8.0.6001.19258, fault address 0x000dd497.
Processing media-specific event for [waol.exe!ws!]

Error: (07/19/2012 06:35:45 PM) (Source: Application Error) (User: )
Description: Faulting application waol.exe, version 8.0.0.0, faulting module mshtml.dll, version 8.0.6001.19258, fault address 0x000dd497.
Processing media-specific event for [waol.exe!ws!]

Error: (07/18/2012 10:29:42 PM) (Source: Application Error) (User: )
Description: Faulting application waol.exe, version 8.0.0.0, faulting module mshtml.dll, version 8.0.6001.19258, fault address 0x000dd497.
Processing media-specific event for [waol.exe!ws!]

Error: (07/18/2012 10:27:56 PM) (Source: Application Error) (User: )
Description: Faulting application waol.exe, version 8.0.0.0, faulting module mshtml.dll, version 8.0.6001.19258, fault address 0x000dd497.
Processing media-specific event for [waol.exe!ws!]


System errors:
=============
Error: (10/02/2012 10:51:32 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Cdr4_xp

Error: (10/02/2012 10:51:22 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%126

Error: (10/02/2012 10:51:22 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (10/02/2012 10:51:22 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (10/01/2012 10:05:35 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (10/01/2012 10:05:02 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (10/01/2012 09:53:50 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (10/01/2012 09:53:37 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (10/01/2012 07:28:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Cdr4_xp

Error: (10/01/2012 07:28:13 PM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service terminated with the following error:
%%126


Microsoft Office Sessions:
=========================
Error: (09/18/2012 08:28:36 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/18/2012 11:24:01 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/12/2012 01:44:52 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (08/12/2012 01:44:50 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (08/12/2012 01:44:50 PM) (Source: Application Hang)(User: )
Description: rundll32.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (07/30/2012 06:17:48 PM) (Source: Application Error)(User: )
Description: waol.exe8.0.0.0mshtml.dll8.0.6001.19258000dd497

Error: (07/25/2012 06:11:52 PM) (Source: Application Error)(User: )
Description: waol.exe8.0.0.0mshtml.dll8.0.6001.19258000dd497

Error: (07/19/2012 06:35:45 PM) (Source: Application Error)(User: )
Description: waol.exe8.0.0.0mshtml.dll8.0.6001.19258000dd497

Error: (07/18/2012 10:29:42 PM) (Source: Application Error)(User: )
Description: waol.exe8.0.0.0mshtml.dll8.0.6001.19258000dd497

Error: (07/18/2012 10:27:56 PM) (Source: Application Error)(User: )
Description: waol.exe8.0.0.0mshtml.dll8.0.6001.19258000dd497


=========================== Installed Programs ============================

2001 TurboTax Deluxe
7-Zip 9.20
ABBYY FineReader 5.0 Sprint (Version: 5.0.0.3412)
Acrobat.com (Version: 1.6.65)
Ad-aware 6 Personal (Version: 6.0)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.278)
Adobe Flash Player 11 Plugin (Version: 11.1.102.62)
Adobe Photoshop Elements 6.0 (Version: 6.0)
Adobe Reader 9.1.3 (Version: 9.1.3)
Adobe Shockwave Player (Version: 10.2.0.23)
Amazon MP3 Downloader 1.0.15 (Version: 1.0.15)
America Online
AnswerWorks 4.0 Runtime - English (Version: 4.0.101)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
AOL Coach Version 1.0(Build:20020929.1)
Apple Application Support (Version: 1.5.2)
Apple Mobile Device Support (Version: 3.4.1.2)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoImpression
Ask Toolbar (Version: 1.6.6.0)
AT&T Self Support Tool
Atlantis (Version: 1.50)
Bonjour (Version: 2.0.5.0)
BroadJump Client Foundation
CardRd81 (Version: 4.00.0000.0004)
CCHelp (Version: 4.00.0000.0001)
CCScore (Version: 4.00.0001.0001)
Classic PhoneTools (Version: 4.19)
Conexant HSF V92 56K RTAD Speakerphone PCI Modem
CR2 (Version: 4.00.0000.0003)
del.icio.us Buttons for Internet Explorer (Version: 1.0.8)
Dell Modem-On-Hold (Version: 1.42)
Dell Movie Studio Diagnostics (Version: 1.50)
Dell Picture Studio - Dell Image Expert (Version: 3.4.1)
Dell Solution Center (Version: 1.00.0000)
DellSupport (Version: 6.0.3062)
Digital Line Detect (Version: 1.06.2)
Dream Station
Dropbox (Version: 1.4.7)
DVDSentry (Version: 1.00.0001)
Easy CD Creator 5 Platinum (Version: 5.0.0.0000)
EPSON Copy Utility
EPSON Photo Print
EPSON Print CD
EPSON Printer Software
EPSON Scan
EPSON Smart Panel
EPSON SP R200 Reference Guide
ESET Online Scanner v3
ESSPDock (Version: 4.00.0002.0001)
EZ Vinyl/Tape Converter 7.4 by MixMeister
Film Factory
FLV Player (Version: 1.33)
GearDrvs (Version: 1.00.0000)
GearDrvs (Version: 5.0.0.2)
Google Earth Plug-in (Version: 6.0.3.2197)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.79)
Help and Support Customization (Version: 1.00.0000)
HLPPDOCK (Version: 4.00.0000.0002)
HTML Executable IERuntime (Version: 3.2.2.2)
ieSpell (Version: 2.5.1 (build 106))
ImagXpress (Version: 7.0.74.0)
Ink Monitor
Intel® PRO Ethernet Adapter and Software
Intel® PROSet II (Version: 2.00.0020)
iPod for Windows 2005-02-07 (Version: 3.1.0)
iPod for Windows 2006-03-23 (Version: 4.7.0)
ItsDeductible Express (Version: 1.00.0000)
iTunes (Version: 10.3.1.55)
J2SE Runtime Environment 5.0 Update 5 (Version: 1.5.0.50)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Kai's Power Goo
Kodak EasyShare software
KPT® Collection
KSU (Version: 632.62.0002.0001)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Microsoft .NET Framework (English) (Version: 1.0.3705)
Microsoft .NET Framework (English) v1.0.3705
Microsoft .NET Framework 1.0 Hotfix (KB928367)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Data Access Components KB870669
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer (Version: 12.0.6219.1000)
Microsoft Office PowerPoint Viewer 2003 (Version: 11.0.6458.0)
Microsoft Publisher 97
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Word 2002 (Version: 10.0.2627.01)
Microsoft Works 6.0 (Version: 06.00.0000)
Microsoft Works Suite Add-in for Microsoft Word (Version: 2.0.0.0000)
Modem Helper
Move Networks Media Player for Internet Explorer
Mozilla Firefox 15.0.1 (x86 en-US) (Version: 15.0.1)
Mozilla Maintenance Service (Version: 15.0.1)
Mp3tag v2.49 (Version: v2.49)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyDVD
MyFonts Order M895443 (Version: 1.0)
neroxml (Version: 1.0.0)
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
OpenMG Secure Module 4.6.01 (Version: 4.6.01.10041)
P.I.M. II Plug-In
Painter 5.0
PowerDVD
Prevx CSI
QuickTime (Version: 7.69.80.9)
RealPlayer
Rhapsody Player Engine (Version: 1.0.604)
Roxio VideoWave Movie Creator (Version: 1.6.635.0)
SafeCast Shared Components
SBC Yahoo! Applications
ScanToWeb
SFR (Version: 3.03.0001.0002)
SFR2 (Version: 3.03.0000.0002)
SmartSound Quicktracks Plugin (Version: 3.0.8.0)
SnagIt 7 (Version: 7.2.4)
Sonic Foundry Noise Reduction Plug-In 2.0a
Sonic Foundry Sound Forge 6.0 (Version: 6.0.132)
Sonic Foundry Vegas 3.0a (Version: 3.0.107)
Sound Blaster Live!
Spotify (Version: 0.5.2)
SureThing CD Labeler Deluxe 3.0
tagtraum industries beaTunes 1.1.4
Topaz Adjust (Version: 2.4)
TurboTax 2008
TurboTax 2008 wiliper (Version: 008.000.0117)
TurboTax 2008 WinPerFedFormset (Version: 008.000.0338)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0218)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0190)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1000)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0428)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2009
TurboTax 2009 wiliper (Version: 009.000.0767)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2163)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 wiliper (Version: 010.000.1266)
TurboTax 2010 WinPerFedFormset (Version: 010.000.4012)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0457)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0213)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 wiliper (Version: 011.000.1545)
TurboTax 2011 WinPerFedFormset (Version: 011.000.2955)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0463)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax Deluxe 2002
TurboTax Deluxe 2003
TurboTax Deluxe 2004
TurboTax Deluxe 2005
TurboTax Deluxe 2007
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2005 (Version: 9.05.0000)
TurboTax ItsDeductible 2006 (Version: 10.00.0000)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows Internet Explorer 8 (KB2362765) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Manager (Remove Only)
Viewpoint Media Player (Remove Only)
Visual IP InSight(SBC)
Wacom Tablet Driver
WebFldrs XP (Version: 9.50.6513)
Webroot SecureAnywhere (Version: 8.0.2.14)
WexTech AnswerWorks (Version: 1.00.000)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.7.0018.5)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPcap 3.1 (Version: 3.1.0.27)
WinRAR archiver
WM Recorder 11.2
Works Suite OS Pack (Version: 1.0.0.0000)
Works Synchronization (Version: 1.0.0.0000)
Xvid 1.2.2 final uninstall (Version: 1.2)
Yahoo! Install Manager

========================= Memory info: ===================================

Percentage of memory in use: 50%
Total physical RAM: 1023 MB
Available physical RAM: 507.61 MB
Total Pagefile: 1439.58 MB
Available Pagefile: 999.96 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.78 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:111.73 GB) (Free:13.5 GB) NTFS
6 Drive g: (Cruzer) (Removable) (Total:1.86 GB) (Free:1.59 GB) FAT

========================= Users: ========================================

User accounts for \\D80W4621

Administrator Guest HelpAssistant
Karl Bade SUPPORT_388945a0 SUPPORT_3f151ab9

========================= Restore Points ==================================

05-07-2012 07:15:02 System Checkpoint
06-07-2012 08:15:03 System Checkpoint
07-07-2012 09:15:03 System Checkpoint
08-07-2012 10:14:44 System Checkpoint
09-07-2012 11:14:45 System Checkpoint
10-07-2012 12:14:40 System Checkpoint
11-07-2012 08:00:23 Software Distribution Service 3.0
12-07-2012 08:00:19 Software Distribution Service 3.0
13-07-2012 08:26:04 System Checkpoint
14-07-2012 09:26:00 System Checkpoint
15-07-2012 10:25:45 System Checkpoint
16-07-2012 11:25:40 System Checkpoint
17-07-2012 12:25:41 System Checkpoint
18-07-2012 13:25:41 System Checkpoint
19-07-2012 15:46:59 System Checkpoint
20-07-2012 16:26:46 System Checkpoint
21-07-2012 17:08:51 System Checkpoint
22-07-2012 18:44:02 System Checkpoint
23-07-2012 19:25:18 System Checkpoint
24-07-2012 20:25:19 System Checkpoint
25-07-2012 21:25:20 System Checkpoint
26-07-2012 22:25:19 System Checkpoint
28-07-2012 01:11:19 System Checkpoint
29-07-2012 01:41:31 System Checkpoint
30-07-2012 03:24:17 System Checkpoint
31-07-2012 05:46:33 System Checkpoint
01-08-2012 06:24:56 System Checkpoint
02-08-2012 07:24:56 System Checkpoint
03-08-2012 08:24:56 System Checkpoint
04-08-2012 09:24:56 System Checkpoint
05-08-2012 10:24:33 System Checkpoint
06-08-2012 11:24:34 System Checkpoint
07-08-2012 12:24:34 System Checkpoint
08-08-2012 14:29:11 System Checkpoint
09-08-2012 15:24:34 System Checkpoint
10-08-2012 15:25:39 System Checkpoint
11-08-2012 18:36:23 System Checkpoint
12-08-2012 18:37:16 System Checkpoint
13-08-2012 18:46:27 System Checkpoint
15-08-2012 04:31:30 System Checkpoint
15-08-2012 08:00:18 Software Distribution Service 3.0
16-08-2012 08:34:54 System Checkpoint
17-08-2012 09:34:54 System Checkpoint
18-08-2012 10:34:54 System Checkpoint
19-08-2012 11:34:38 System Checkpoint
20-08-2012 12:34:33 System Checkpoint
21-08-2012 14:30:50 System Checkpoint
22-08-2012 14:35:39 System Checkpoint
23-08-2012 15:40:37 System Checkpoint
24-08-2012 16:14:21 System Checkpoint
25-08-2012 18:07:41 System Checkpoint
26-08-2012 18:34:10 System Checkpoint
27-08-2012 19:34:09 System Checkpoint
28-08-2012 20:34:09 System Checkpoint
29-08-2012 21:34:09 System Checkpoint
30-08-2012 22:34:11 System Checkpoint
31-08-2012 23:26:49 System Checkpoint
01-09-2012 23:34:10 System Checkpoint
03-09-2012 00:48:02 System Checkpoint
04-09-2012 02:58:13 System Checkpoint
05-09-2012 06:07:35 System Checkpoint
06-09-2012 06:25:30 System Checkpoint
07-09-2012 06:33:41 System Checkpoint
08-09-2012 07:33:34 System Checkpoint
09-09-2012 08:33:19 System Checkpoint
10-09-2012 09:33:12 System Checkpoint
11-09-2012 10:33:16 System Checkpoint
12-09-2012 11:33:12 System Checkpoint
13-09-2012 08:00:28 Software Distribution Service 3.0
14-09-2012 08:33:12 System Checkpoint
15-09-2012 09:33:17 System Checkpoint
16-09-2012 10:33:03 System Checkpoint
17-09-2012 11:32:52 System Checkpoint
18-09-2012 12:32:52 System Checkpoint
19-09-2012 12:53:57 System Checkpoint
20-09-2012 13:32:56 System Checkpoint
21-09-2012 14:08:31 System Checkpoint
22-09-2012 08:00:18 Software Distribution Service 3.0
23-09-2012 08:15:27 System Checkpoint
24-09-2012 09:15:30 System Checkpoint
25-09-2012 10:15:31 System Checkpoint
26-09-2012 11:15:27 System Checkpoint
27-09-2012 12:15:27 System Checkpoint
28-09-2012 13:15:26 System Checkpoint
29-09-2012 14:15:03 System Checkpoint
30-09-2012 15:15:01 System Checkpoint
02-10-2012 06:43:31 System Checkpoint

**** End of log ****


Here's Farbar:


Farbar Service Scanner Version: 19-09-2012
Ran by Karl Bade (administrator) on 02-10-2012 at 17:43:58
Running from "C:\Documents and Settings\Karl Bade\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A000000040000000100000002000000030000000A0000000900000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****


Here's adware:

# AdwCleaner v2.003 - Logfile created 10/02/2012 at 17:45:30
# Updated 23/09/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Karl Bade - D80W4621
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Karl Bade\My Documents\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Viewpoint
File Deleted : C:\Documents and Settings\Karl Bade\Application Data\Mozilla\Firefox\Profiles\ir9b775a.default\searchplugins\Askcom.xml
File Deleted : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Karl Bade\Application Data\Mozilla\Firefox\Profiles\ir9b775a.default\extensions\toolbar@ask.com
Folder Deleted : C:\Documents and Settings\Karl Bade\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Karl Bade\Local Settings\Application Data\AskToolbar
Folder Deleted : C:\Program Files\Ask.com
Folder Deleted : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\AskToolbarInfo
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AskToolbar
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Viewpoint
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9DBB28C1-1925-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\Software\Viewpoint
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Karl Bade\Application Data\Mozilla\Firefox\Profiles\ir9b775a.default\prefs.js

Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Deleted : user_pref("browser.search.order.1", "Ask.com");
Deleted : user_pref("extensions.asktb.cbid", "W5");
Deleted : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://www.ask.com/web?q={query}&o={o}&l={l}[...]
Deleted : user_pref("extensions.asktb.fresh-install", false);
Deleted : user_pref("extensions.asktb.l", "dis");
Deleted : user_pref("extensions.asktb.last-config-req", "1278718187536");
Deleted : user_pref("extensions.asktb.locale", "en_US");
Deleted : user_pref("extensions.asktb.o", "13993");
Deleted : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Deleted : user_pref("extensions.asktb.qsrc", "2871");
Deleted : user_pref("extensions.asktb.r", "2");
Deleted : user_pref("extensions.asktb.search-plugin-suggestions-url", "hxxp://ss.websearch.ask.com/query?qsrc=[...]
Deleted : user_pref("extensions.asktb.search-suggestions-enabled", true);
Deleted : user_pref("extensions.asktb.search-suggestions-uri", "hxxp://ss.websearch.ask.com/query?qsrc=2922&li[...]
Deleted : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=WBR&o=13993&locale=e[...]

*************************

AdwCleaner[S1].txt - [7549 octets] - [02/10/2012 17:45:30]

########## EOF - C:\AdwCleaner[S1].txt - [7609 octets] ##########


And Junkware:


Junkware Removal Tool (JRT) by Thisisu
Version: 1.2.2 (10.02.2012)
OS: Microsoft Windows XP x86
Ran by Karl Bade on Tue 10/02/2012 at 18:07:28.07
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}



*** Files: 0 Detections



*** Folders: 0 Detections



*** FireFox detected and repaired

Trojan:Win32/Tracur.AV Detected!
Successfully deleted: akzkpzvrkn@akzkpzvrkn.org.xpi


*** Event Viewer Logs - NOT cleared

Thanks again for your time and expertise!


**************************************************************
Scan was completed on Tue 10/02/2012 at 18:07:55.39
End of Report

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:45 AM

Posted 02 October 2012 - 06:22 PM

Run malwarebytes scan once again and post the log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#9 JustKarl

JustKarl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 02 October 2012 - 06:34 PM

OK, back to scanning...

#10 JustKarl

JustKarl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 02 October 2012 - 10:31 PM

OK, Malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.02.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Karl Bade :: D80W4621 [administrator]

Protection: Enabled

10/2/2012 8:19:08 PM
mbam-log-2012-10-02 (20-19-08).txt

Scan type: Full scan (C:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 370398
Time elapsed: 1 hour(s), 58 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



Rkill:

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/02/2012 10:20:05 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE (PID: 1684) [WD-HEUR]
* C:\WINDOWS\System32\drivers\CDAC11BA.EXE (PID: 396) [WD-HEUR]
* C:\WINDOWS\System32\CTsvcCDA.exe (PID: 672) [WD-HEUR]
* C:\WINDOWS\System32\Tablet.exe (PID: 2616) [WD-HEUR]
* C:\WINDOWS\wanmpsvc.exe (PID: 2868) [WD-HEUR]
* C:\WINDOWS\System32\MsPMSPSv.exe (PID: 2960) [WD-HEUR]

6 proccesses terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/02/2012 10:21:08 PM
Execution time: 0 hours(s), 1 minute(s), and 2 seconds(s)


Autoruns


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "5snP35g" "" "" "File not found: hidisn.exe"
+ "BJCFD" "" "" "c:\program files\broadjump\client foundation\cfd.exe"
+ "diagent" "Creative Diagnostics Agent" "Creative Technology Ltd" "c:\program files\creative\sblive\diagnostics\diagent.exe"
+ "Ink Monitor" "Ink Monitor by Bill Pytlovany" "BillP Studios" "c:\program files\epson\ink monitor\inkmonitor.exe"
+ "IPInSightLAN 01" "IP Session Statistics" "Visual Networks" "c:\program files\visual networks\visual ip insight\sbc\ipclient.exe"
+ "IPInSightMonitor 01" "IP Monitor" "Visual Networks" "c:\program files\visual networks\visual ip insight\sbc\ipmon32.exe"
+ "Motive SmartBridge" "AT&T Self Support Tool Alerts" "Motive, Inc." "c:\program files\sbc self support tool\smartbridge\motivesb.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "nwiz" "NVIDIA nView Wizard, Version 52.16 " "NVIDIA Corporation" "c:\windows\system32\nwiz.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "UpdReg" "Creative UpdReg" "Creative Technology Ltd." "c:\windows\updreg.exe"
+ "WRSVC" "Webroot SecureAnywhere" "Webroot" "c:\program files\webroot\wrsa.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "America Online 8.0 Tray Icon.lnk" "AOL Tray Icon" "America Online, Inc." "c:\program files\america online 8.0\aoltray.exe"
+ "AT&T Self Support Tool.lnk" "Motive Chorus Command Line Interface" "Motive Communications, Inc." "c:\program files\sbc self support tool\bin\matcli.exe"
+ "Digital Line Detect.lnk" "Digital Line Detection" "BVRP Software" "c:\program files\digital line detect\dlg.exe"
+ "EPSON Status Monitor 3 Environment Check 2.lnk" "StatusMonitor3 Environment Check" "SEIKO EPSON CORPORATION" "c:\windows\system32\spool\drivers\w32x86\3\e_srcv02.exe"
+ "TabUserW.lnk" "TABUSERW" "Wacom Technology, Corp." "c:\program files\wacom\tabuserw.exe"
"C:\Documents and Settings\Karl Bade\Start Menu\Programs\Startup" "" "" ""
+ "Dropbox.lnk" "Dropbox" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropbox.exe"
+ "PowerReg SchedulerV2.exe" "PRegScheduler MFC Application" "" "c:\documents and settings\karl bade\start menu\programs\startup\powerreg schedulerv2.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "KB4FRRM5O" "" "" "File not found: halcrt.exe"
+ "Microsoft Works Update Detection" "" "" "File not found: C:\Program Files\Microsoft Works\WkDetect.exe"
+ "MSMSGS" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "Spotify Web Helper" "" "" "c:\program files\spotify\data\spotifywebhelper.exe"
+ "SsAAD.exe" "SonicStage Atrac Hard Disk Monitor" "" "c:\program files\sony\sonicstage\ssaad.exe"
+ "Yahoo! Pager" "" "" "File not found: 1"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "cdo" "Microsoft SharePoint Portal Server Object Model" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web folders\pkmcdo.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "Cover Designer" "Cover Designer" "Nero AG" "c:\program files\nero\nero 9\nero coverdesigner\coveredextension.dll"
+ "SnagItMainShellExt" "SnagIt Shell Extension DLL" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitshellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\wrusr.dll"
+ "Yahoo! Mail" "YMMAPI Module" "Yahoo! Inc." "c:\program files\yahoo!\common\ymmapi.dll"
"HKLM\Software\Classes\*\ShellEx\PropertySheetHandlers" "" "" ""
+ "KodakPage" "Shell Extension Resource DLL" "Eastman Kodak Company" "c:\program files\common files\kodak\ifscore\kodakshx.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "SnagItMainShellExt" "SnagIt Shell Extension DLL" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitshellext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "7-Zip" "7-Zip Shell Extension" "Igor Pavlov" "c:\program files\7-zip\7-zip.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "DropboxExt" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "NeroDigitalColumnHandler Class" "" "" "File not found: C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
+ "WRShellExt" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\wrusr.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "WinRAR" "" "" "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "DropboxExt1" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt4" "Dropbox Shell Extension" "Dropbox, Inc." "c:\documents and settings\karl bade\application data\dropbox\bin\dropboxext.14.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "del.icio.us Toolbar Helper" "del.icio.us Buttons for Internet Explorer" "del.icio.us, a Yahoo! Company" "c:\program files\del.icio.us\internet explorer buttons\dlcsie.dll"
+ "HelperObject Class" "SnagIt Browser Helper Object for Internet Explorer" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitbho.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "del.icio.us" "del.icio.us Buttons for Internet Explorer" "del.icio.us, a Yahoo! Company" "c:\program files\del.icio.us\internet explorer buttons\dlcsie.dll"
+ "SnagIt" "SnagIt Add-in for Internet Explorer" "TechSmith Corporation" "c:\program files\techsmith\snagit 7\snagitieaddin.dll"
"HKCU\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Post to Wordpress" "" "" "c:\program files\vodpod\wpbutton\wpbutton_ie.html"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "ieSpell" "" "" "File not found: C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM"
+ "ieSpell Options" "" "" "File not found: C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
+ "Yahoo! Login" "ylogin" "Yahoo! Inc." "c:\program files\yahoo!\common\ylogin.dll"
+ "Yahoo! Messenger" "YhExBMes" "Yahoo! Inc." "c:\program files\yahoo!\messenger\yhexbmes.dll"
"Task Scheduler" "" "" ""
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "Norton Internet Security - Run Full System Scan - Karl Bade.job" "" "" "File not found: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca""
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeActiveFileMonitor6.0" "Tracks files that are managed by Adobe Photoshop Elements" "" "c:\program files\adobe\photoshop elements 6.0\photoshopelementsfileagent.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "Browser" "Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start." "" "File not found: C:\WINDOWS\System32\browser.dll"
+ "C-DillaCdaC11BA" "Macrovision RTS Service" "Macrovision" "c:\windows\system32\drivers\cdac11ba.exe"
+ "Creative Service for CDROM Access" "Creative Service for CDROM Access" "Creative Technology Ltd" "c:\windows\system32\ctsvccda.exe"
+ "DSBrokerService" "Gteko BrkrSvc Application" "" "c:\program files\dellsupport\brkrsvc.exe"
+ "EPSONStatusAgent2" "EPSON Printer Status Agent" "SEIKO EPSON CORPORATION" "c:\program files\common files\epson\ebapi\sagent2.exe"
+ "FLEXnet Licensing Service" "This service performs licensing functions on behalf of FLEXnet enabled products." "Macrovision Europe Ltd." "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "IntuitUpdateService" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files\common files\intuit\update service\intuitupdateservice.exe"
+ "IntuitUpdateServiceV4" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files\common files\intuit\update service v4\intuitupdateservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MSCSPTISRV" "MSCSPTISRV Module" "Sony Corporation" "c:\program files\common files\sony shared\avlib\mscsptisrv.exe"
+ "NMSSvc" "Intel® NIC Management Service" "Intel Corporation" "c:\windows\system32\nmssvc.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "PACSPTISVR" "PACSPTISVR Module" "Sony Corporation" "c:\program files\common files\sony shared\avlib\pacsptisvr.exe"
+ "Roxio UPnP Renderer 11" "" "" "File not found: C:\Program Files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe"
+ "rpcapd" "Allows to capture traffic on this machine from a remote machine." "CACE Technologies" "c:\program files\winpcap\rpcapd.exe"
+ "SPTISRV" "SPTISRV Module" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sptisrv.exe"
+ "TabletService" "WacomService" "Wacom Technology, Corp." "c:\windows\system32\tablet.exe"
+ "WANMiniportService" "Wan Miniport (ATW) Service" "America Online, Inc." "c:\windows\wanmpsvc.exe"
+ "WRSVC" "Webroot SecureAnywhere Antivirus v8.0.2.14" "Webroot" "c:\program files\webroot\wrsa.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AtlsAud" "Dell Movie Studio Audio Device Driver" "Dell Computer Corporation" "c:\windows\system32\drivers\atlsaud.sys"
+ "ATWPKT2" "ATW Protocol Driver" "America Online" "c:\program files\america online 8.0\atwpkt2.sys"
+ "basic2" "NTRksample driver" "Conexant" "c:\windows\system32\drivers\hsf_bsc2.sys"
+ "bvrp_pci" "" "" "File not found: C:\WINDOWS\System32\Drivers\bvrp_pci.sys"
+ "BVRPMPR5" "BVRP NDIS 5.0 MPR Protocol Driver" "Avanquest Software" "c:\windows\system32\drivers\bvrpmpr5.sys"
+ "CdaC15BA" "" "" "c:\windows\system32\drivers\cdac15ba.sys"
+ "Cdr4_xp" "CDR4 CD and DVD Place Holder Driver (see PxHelp)" "Sonic Solutions" "c:\windows\system32\drivers\cdr4_xp.sys"
+ "Cdralw2k" "CDRAL Place Holder Driver (see PxHelp)" "Sonic Solutions" "c:\windows\system32\drivers\cdralw2k.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DcCam" "Kodak Digital Camera Driver" "Eastman Kodak Company" "c:\windows\system32\drivers\dccam.sys"
+ "DcFpoint" "Kodak Digital Camera FP Driver" "Eastman Kodak Company" "c:\windows\system32\drivers\dcfpoint.sys"
+ "DCFS2K" "Kodak DC File System Driver (NT)" "Eastman Kodak Company" "c:\windows\system32\drivers\dcfs2k.sys"
+ "DcLps" "Kodak Digital Camera LPS Driver" "Eastman Kodak Company" "c:\windows\system32\drivers\dclps.sys"
+ "DcPTP" "Kodak Digital Camera PTP Driver" "Eastman Kodak Company" "c:\windows\system32\drivers\dcptp.sys"
+ "DSproct" "Process Trigger Driver" "Gteko Ltd." "c:\program files\dellsupport\gtaction\triggers\dsproct.sys"
+ "dsunidrv" "GUniDriver" "Gteko Ltd." "c:\windows\system32\drivers\dsunidrv.sys"
+ "E100B" "NDIS 5 driver" "Intel Corporation" "c:\windows\system32\drivers\e100b325.sys"
+ "EL90XBC" "3Com EtherLink PCI Driver" "3Com Corporation" "c:\windows\system32\drivers\el90xbc5.sys"
+ "EMATCORE" "Dell Movie Studio Video Device Driver" "Dell Computer Corporation" "c:\windows\system32\drivers\atlsvid.sys"
+ "Eplpdx02" "LPT I/O driver for EPSON PRINTER" "MK Systems CO., LTD." "c:\windows\system32\drivers\eplpdx02.sys"
+ "EraserUtilDrv11210" "" "" "File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11210.sys"
+ "Exportit" "Kodak DC File System driver" "Eastman Kodak Company" "c:\windows\system32\drivers\exportit.sys"
+ "Fallback" "Fallback driver" "Conexant" "c:\windows\system32\drivers\hsf_fall.sys"
+ "Fsks" "FSKsNT driver" "Conexant" "c:\windows\system32\drivers\hsf_fsks.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems" "c:\windows\system32\drivers\hsf_dp.sys"
+ "hsf_msft" "WinACHSF driver" "Conexant" "c:\windows\system32\drivers\hsf_msft.sys"
+ "HSFHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems" "c:\windows\system32\drivers\hsfhwbs2.sys"
+ "i81x" "Miniport Driver for Intel Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\i81xnt5.sys"
+ "iAimFP0" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\wadv01nt.sys"
+ "iAimFP1" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\wadv02nt.sys"
+ "iAimFP2" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\wadv05nt.sys"
+ "iAimFP3" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\wsiintxx.sys"
+ "iAimFP4" "Local Flat Panel Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\wvchntxx.sys"
+ "iAimTV0" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\watv01nt.sys"
+ "iAimTV1" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\watv02nt.sys"
+ "iAimTV2" "" "" "File not found: System32\DRIVERS\wATV03nt.sys"
+ "iAimTV3" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\watv04nt.sys"
+ "iAimTV4" "Digital Display Minidriver for Intel® Graphics Driver" "Intel® Corporation" "c:\windows\system32\drivers\wch7xxnt.sys"
+ "IPVNMon" "" "" "File not found: C:\WINDOWS\System32\Drivers\IPVNMon.sys"
+ "K56" "K56NT driver" "Conexant" "c:\windows\system32\drivers\hsf_k56k.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mdmxsdk" "Diagnostic Interface DRIVER" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "NMSCFG" "Intel® NIC Management Service Configuration Driver" "Intel Corporation" "c:\windows\system32\drivers\nmscfg.sys"
+ "NPF" "npf" "CACE Technologies" "c:\windows\system32\drivers\npf.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 52.16 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "omci" "OMCI Device Driver" "Dell Computer Corporation" "c:\windows\system32\drivers\omci.sys"
+ "P16X" "WDM Audio Miniport" "Creative Technology Ltd." "c:\windows\system32\drivers\p16x.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "PenClass" "Pen Class Driver" "Wacom Technology Corporation" "c:\windows\system32\drivers\penclass.sys"
+ "pfc" "Padus® ASPI Shell" "Padus, Inc." "c:\windows\system32\drivers\pfc.sys"
+ "PfModNT" "PCI/ISA Device Info. Service" "Creative Technology Ltd." "c:\windows\system32\pfmodnt.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "pxark" "Prevx CSI Rootkit Detecion and Removal Engine" "" "c:\windows\system32\drivers\pxark.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "Rksample" "Rksample WDM driver" "Conexant" "c:\windows\system32\drivers\hsf_samp.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SoftFax" "FaxNT driver" "Conexant" "c:\windows\system32\drivers\hsf_faxx.sys"
+ "SpeakerPhone" "SpkpNT driver" "Conexant" "c:\windows\system32\drivers\hsf_spkp.sys"
+ "ssfs0bbc" "Spy Sweeper File System Filter Driver" "" "File not found: system32\DRIVERS\ssfs0bbc.sys"
+ "SSKBFD" "Spy Sweeper Keyboard Filter Driver" "Webroot Software Inc (www.webroot.com)" "c:\windows\system32\drivers\sskbfd.sys"
+ "Tones" "TonesNT driver" "Conexant" "c:\windows\system32\drivers\hsf_tone.sys"
+ "V124" "V124NT driver" "Conexant" "c:\windows\system32\drivers\hsf_v124.sys"
+ "wanatw" "Wan Miniport (ATW)" "America Online, Inc." "c:\windows\system32\drivers\wanatw4.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf" "WinACHSF driver" "Conexant Systems" "c:\windows\system32\drivers\hsf_cnxt.sys"
+ "WRkrn" "Webroot SecureAnywhere" "Webroot" "c:\windows\system32\drivers\wrkrn.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.ctmp3" "MP3 CODEC for MSACM" "Creative Technology Ltd." "c:\windows\system32\ctmp3.acm"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "vidc.tscc" "TechSmith Screen Capture Codec" "TechSmith Corporation" "c:\windows\system32\tsccvid.dll"
+ "vidc.XVID" "" "" "c:\windows\system32\xvidvfw.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "PVTimeScale Plugin" "AMSDSPVT" "Creative Technology Ltd." "c:\program files\creative\sharedll\audplug\amsdspvt.dll"
+ "PVTimeScale Plugin" "AMSDSPVT" "Creative Technology Ltd." "c:\program files\creative\sharedll\audplug\amsdspvt.dll"
+ "Sonic Foundry Acoustic Mirror" "Sonic Foundry Acoustic Mirror" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfmirror.dll"
+ "Sonic Foundry Acoustic Mirror" "Sonic Foundry Acoustic Mirror" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfmirror.dll"
+ "Sonic Foundry Amplitude Modulation" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Amplitude Modulation" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Chorus" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Chorus" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Click and Crackle Removal" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Click and Crackle Removal" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Clipped Peak Restoration" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Clipped Peak Restoration" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Distortion" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Distortion" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Dither" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry Dither" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry ExpressFX Amplitude Modulation" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Amplitude Modulation" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Chorus" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Chorus" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Delay" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Delay" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Distortion" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry ExpressFX Distortion" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry ExpressFX Equalization" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Equalization" "Sonic Foundry ExpressFX 2 " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx2.dll"
+ "Sonic Foundry ExpressFX Flange/Wah-Wah" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry ExpressFX Flange/Wah-Wah" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry ExpressFX Reverb" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry ExpressFX Reverb" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry ExpressFX Stutter" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry ExpressFX Stutter" "Sonic Foundry ExpressFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfxpfx1.dll"
+ "Sonic Foundry Flange/Wah-wah" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Flange/Wah-wah" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Gapper/Snipper" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Gapper/Snipper" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Graphic Dynamics" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Graphic Dynamics" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Graphic EQ" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Graphic EQ" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Multi-Band Dynamics" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Multi-Band Dynamics" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Multi-Tap Delay" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Multi-Tap Delay" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Noise Gate" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Noise Gate" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Noise Reduction" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Noise Reduction" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Paragraphic EQ" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Paragraphic EQ" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Parametric EQ" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Parametric EQ" "Sonic Foundry XFX 2 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack2.dll"
+ "Sonic Foundry Pitch Shift" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Pitch Shift" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Reverb" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Reverb" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Simple Delay" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Simple Delay" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Smooth/Enhance" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Smooth/Enhance" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Time Stretch" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Time Stretch" "Sonic Foundry XFX 1 Plug-In Pack " "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack1.dll"
+ "Sonic Foundry Track Compressor" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry Track Compressor" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry Track EQ" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry Track EQ" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry Track Noise Gate" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry Track Noise Gate" "Sonic Foundry TrackFX 1" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sftrkfx1.dll"
+ "Sonic Foundry Vibrato" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Vibrato" "Sonic Foundry XFX 3 Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfppack3.dll"
+ "Sonic Foundry Vinyl Restoration" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Vinyl Restoration" "Sonic Foundry Noise Reduction Plug-In Pack" "Sonic Foundry, Inc." "c:\program files\sonic foundry noise reduction plug-in\sfnrpack.dll"
+ "Sonic Foundry Wave Hammer" "Sonic Foundry Wave Hammer" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfhammer.dll"
+ "Sonic Foundry Wave Hammer" "Sonic Foundry Wave Hammer" "Sonic Foundry, Inc." "c:\program files\sonic foundry\shared plug-ins\audio\sfhammer.dll"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "AC3 Source Filter" "Creative AC3 Source Filter" "Creative Technology Ltd." "c:\program files\creative\sharedll\audplug\ac3filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Chunker" "Chunker Filter (Sample)" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\chunker.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Creative EAX Dream" "Creative EAX Dream" "Creative Technology Ltd" "c:\program files\creative\sharedll\audplug\ctdream.ax"
+ "CyberLink Audio Decoder" "CyberLink Audio Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\claud.ax"
+ "CyberLink Audio Effect" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd\claudfx.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\clnav.ax"
+ "CyberLink DxVA Filter" "" "" "c:\program files\cyberlink\powerdvd\cldxva.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\clline21.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd\clvsd.ax"
+ "Dump" "RealProducer" "MGI" "c:\program files\common files\roxio shared\sharedcom\realproducer.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® video 5.03 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.03 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Ligos Audio Decoder Filter" "Ligos MPEG Audio Decoder" "Ligos Corporation" "c:\program files\common files\sonic shared\ligos\decoders\lmpgad.ax"
+ "Ligos DV Intercept (Version 1.7)" "GoMotion.DV® Frame Interceptor" "Ligos Corporation" "c:\program files\common files\sonic shared\ligos\gomotion\dvintcpt.ax"
+ "Ligos GoMotion Analog to MPEG Filter" "GoMotion® Analog Capture Encoder" "Ligos Corporation" "c:\program files\common files\sonic shared\ligos\gomotion\gomotionanalogtompeg1_1.ax"
+ "Ligos GoMotion DV to MPEG Filter (Version 1.7)" "GoMotion.DV® MPEG Encoder" "Ligos Corporation" "c:\program files\common files\sonic shared\ligos\gomotion\gomotiondvtompeg.ax"
+ "Ligos MPEG Splitter" "Ligos MPEG Splitter" "Ligos Corporation" "c:\program files\common files\sonic shared\ligos\decoders\lmpgspl.ax"
+ "Ligos MPEG Video Decoder" "Ligos MPEG Video Decoder" "Ligos Corporation" "c:\program files\common files\sonic shared\ligos\decoders\lmpgvd.ax"
+ "Ligos Virtual Source (Version 1.7)" "GoMotion.DV Virtual Source Filter" "Ligos Corporation" "c:\program files\common files\sonic shared\ligos\gomotion\virtsrc.ax"
+ "MainConcept MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept" "c:\program files\sonic foundry\shared plug-ins\file formats\mcmpeg\mcdsmpeg.ax"
+ "MainConcept MPEG Audio Encoder" "MPEG Audio Encoder" "MainConcept AG" "c:\program files\common files\sonic shared\mainconcept\mceampeg.ax"
+ "MainConcept MPEG Encoder" "MPEG Encoder and Muxer" "MainConcept" "c:\program files\sonic foundry\shared plug-ins\file formats\mcmpeg\mcesmpeg.ax"
+ "MainConcept MPEG Splitter" "MainConcept Mpeg I/II Splitter" "MainConcept GmbH" "c:\program files\sonic foundry\shared plug-ins\file formats\mcmpeg\mcspmpeg.ax"
+ "MainConcept MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept" "c:\program files\sonic foundry\shared plug-ins\file formats\mcmpeg\mcdsmpeg.ax"
+ "MainConcept MPEG Video Encoder" "MPEG Video Encoder" "MainConcept AG" "c:\program files\common files\sonic shared\mainconcept\mcevmpeg.ax"
+ "MGI CrossGraph Renderer" "MGICGFilter.ax" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\mgicgfilter.ax"
+ "MGI CrossGraph Source" "MGICGFilter.ax" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\mgicgfilter.ax"
+ "MGI MPEG-1 Demuxer" "" "" "File not found: C:\Program Files\Roxio\VideoWaveMC\DemuxMPEG.ax"
+ "MGI Scene Detector" "Video Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\scenedetector.ax"
+ "MGI-DV-Scene-Change-Detector-Tee" "DV-Frame-Detector (Sample)" "MyCompanyName" "c:\program files\common files\roxio shared\sharedcom\dvscenecdtee.ax"
+ "MP3 Source Filter" "Creative MP3 Source Filter" "Creative Technology Ltd." "c:\program files\creative\sharedll\audplug\ctmp3sft.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "muvee Music Analyser 125" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\roxio shared\sharedcom\mv125manalyse.ax"
+ "muvee Video Analyser 125" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\roxio shared\sharedcom\mv125vanalyse.ax"
+ "Noise Reduction" "Sample" "MyCompanyName" "c:\program files\creative\sharedll\audplug\dsnoiser.ax"
+ "NVF Filter" "Nomad Voice File Source Filter" "Creative Technology Ltd." "c:\program files\creative\sharedll\audplug\ctnvfflt.dll"
+ "OMG TRANSFORM" "OmgTransform Filter " "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgtrans.ax"
+ "OmgDsee Filter" "" "" "c:\program files\common files\sony shared\openmg\omgdseefilter.ax"
+ "OmgGenericSrcFilter" "OmgGenericSrcFilter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omggenericsrcfilter.ax"
+ "OmgMP4Decoder2" "OmgMP4Decoder2" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgmp4decoder2.ax"
+ "OmgPushSrc" "OmgPushSrc" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgpushsrc.ax"
+ "OpenMG Async. File Source" "OpenMG Async. File Source" "Sony Corporation" "c:\program files\common files\sony shared\avlib\omgafs.ax"
+ "OpenMG Audio Decrypt" "OpenMG Decrypt Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgdec.ax"
+ "OpenMG OmgSource Filter" "OpenMG OmgSource Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\omgsrc.ax"
+ "Partition Filter" "ROXIO Partition Filter" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\partitionfilter.dll"
+ "PVTimeScale Plugin" "AMSDSPVT" "Creative Technology Ltd." "c:\program files\creative\sharedll\audplug\amsdspvt.dll"
+ "R DVD Audio Decoders" "ROXIO Audio Decoder" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgidvdaudio.dll"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Render Dib" "Special Effects Sample" "ArcSoft" "c:\program files\arcsoft\photoimpression 4\ezrgb24.ax"
+ "ROXIO AVI File Writer" "MGI AVI File Writer Filter" "MGI Soft" "c:\program files\common files\roxio shared\sharedcom\mgiaviwriter.ax"
+ "ROXIO MPEG Audio Encoder" "ROXIO MPEG Audio Encoder" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgiaudioenc.dll"
+ "ROXIO MPEG-1 Muxer" "ROXIO MPEG MUXER" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgimpegmuxer.dll"
+ "ROXIO MPEG-1 Video Encoder" "ROXIO Video Codec" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgivideompeg.dll"
+ "ROXIO MPEG-2 Demuxer" "ROXIO MPEG Demuxer" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgimpegdemuxer.dll"
+ "ROXIO MPEG-2 Muxer" "ROXIO MPEG MUXER" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgimpegmuxer.dll"
+ "ROXIO MPEG-2 Video Decoder" "ROXIO Video Codec" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgivideompeg.dll"
+ "ROXIO MPEG-2 Video Encoder" "ROXIO Video Codec" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgivideompeg.dll"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\mgirawwriter.dll"
+ "ROXIO Time Shifting Reader" "MGI Time Shifting Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\mgitimeshifting.ax"
+ "ROXIO Time Shifting Writer" "MGI Time Shifting Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\mgitimeshifting.ax"
+ "ROXIO WAV Dest" "MGI Filter" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\wavhead.ax"
+ "SAL Input Converter" "SAL Input Converter Source Filter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\saliconv.ax"
+ "SAL Output Converter" "SAL Output Converter RendererFilter" "Sony Corporation" "c:\program files\common files\sony shared\openmg\saloconv.ax"
+ "Seamless Play" "Seamless-Play Filter (Sample)" "Sony Corporation" "c:\program files\common files\sony shared\openmg\seamlessfilter.ax"
+ "Sewer" "MVWcDSutil" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\mvwcdsutil.dll"
+ "ShotBoundaryDet" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SmartSound SDS Reader" "SDS Media File Reader Filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\sdsreader.dll"
+ "SmartSound Soundtrack" "Quicktracks Soundtrack source filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\directqx.dll"
+ "Sonic DVD LPCM Converter" "DVDLPCMConverter" "Sonic Solutions" "c:\program files\common files\sonic shared\dvdlpcmconverter.ax"
+ "Sonic MPEG-4 Video Decoder" "" "" "File not found: C:\Program Files\Common Files\Sonic Shared\SonicMC02\sonic75m4vd.ax"
+ "Sonic Rainbow Fix" "SonicRainbowFix" "Sonic Solutions" "c:\program files\common files\sonic shared\sonicrainbowfix.ax"
+ "Sonic RT Stream Source" "RT Stream File Source Filter" "Sonic Solutions" "c:\program files\common files\sonic shared\sonicrtstreamsource.ax"
+ "Sonic Scaler" "Sonic Scaler" "MyCompanyName" "c:\program files\common files\sonic shared\sonicdsscaler.ax"
+ "Sonic SP Video Renderer" "Sonic SP Video Renderer" "Microsoft Corporation" "c:\program files\common files\sonic shared\snicspvr.ax"
+ "Sony Audio CD Source Filter" "OpenMG CdSource Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\cdsrc.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonycdsrcwriter.ax"
+ "SonyMSAConv" "OpenMG Converter Filter" "Sony Corporation" "c:\program files\common files\sony shared\avlib\sonymsaconverter3.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\subpictenc.dll"
+ "SubPicture Encoder" "ROXIO Color Space Converter" "Roxio, Inc." "c:\program files\common files\roxio shared\sharedcom\colorspconv.dll"
+ "Track1Filter" "" "" "c:\program files\adobe\photoshop elements 6.0\track1filter.dll"
+ "Track2Filter" "" "" "c:\program files\adobe\photoshop elements 6.0\track2filter.dll"
+ "VW AlphaSplitter" "AlphaSplitter Filter (Sample)" "MGI Software" "c:\program files\common files\roxio shared\sharedcom\alphasplitter.ax"
+ "VW Audio Source" "VW Audio Source" "MGI Software" "c:\program files\common files\roxio shared\sharedcom\audiosrc.ax"
+ "VW AudioConvert" "AudioConvert Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\audconv.ax"
+ "VW AudioGrabber" "VideoWave Frame Grabber" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\thumbnailgraber.ax"
+ "VW AudioMixFlt" "AudioFlt Filter" "MyCompanyName" "c:\program files\common files\roxio shared\sharedcom\audmf.ax"
+ "VW De-Interlace Filter" "Video Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\deinter.ax"
+ "VW Input Selector" "Video Effect Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\inputselector.ax"
+ "VW Latency" "Latency Filter (Sample)" "MyCompanyName" "c:\program files\common files\roxio shared\sharedcom\latency.ax"
+ "VW Looper" "Looper Filter (Sample)" "MGI Software" "c:\program files\common files\roxio shared\sharedcom\looper.ax"
+ "VW MediaPlacer" "VW MediaPlacer Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\mediaplacer.ax"
+ "VW Pan Zoom Filter" "Video Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\panzoom.ax"
+ "VW QuickGrabber" "VideoWave Frame Grabber" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\thumbnailgraber.ax"
+ "VW SpyPos" "Null-In-Place (Sample)" "MyCompanyName" "c:\program files\common files\roxio shared\sharedcom\mginullip.ax"
+ "VW Switch Filter" "MGI FilterGraph Routing filter" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\mgiswitch.ax"
+ "VW ThumbnailGrabber" "VideoWave Frame Grabber" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\thumbnailgraber.ax"
+ "VW Video Effect" "Video Effect Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\videoeffect.ax"
+ "VW Video Image/Color Source" "Colour Frame Source" "MyCompanyName" "c:\program files\common files\roxio shared\sharedcom\imagesource.ax"
+ "VW Video Resampler Filter" "Video Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\vresamfilt.ax"
+ "VW Video Transition" "VW VInfo Transcoder" "MGI Software Corp." "c:\program files\common files\roxio shared\sharedcom\vwvinfoxcoder.ax"
+ "VW Video Transition" "Video Effect Filter" "MGI Software Corp" "c:\program files\common files\roxio shared\sharedcom\videotransition.ax"
+ "VW VideoCutList" "Video CutList Filter" "MGI Software" "c:\program files\common files\roxio shared\sharedcom\vcutlist.ax"
+ "VW vlooper" "Video Looper Filter (Sample)" "MGI Software" "c:\program files\common files\roxio shared\sharedcom\vlooper.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "Windows Media Pad VU Data Grabber" "Windows Movie Maker" "Microsoft Corporation" "c:\program files\movie maker\wmmfilt.dll"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMS Filter" "Creative Windows Media Source Filter" "Creative Technology Ltd." "c:\program files\creative\sharedll\audplug\ctwmsflt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Xvid MPEG-4 Video Decoder" "" "" "c:\windows\system32\xvid.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "EPSON Printer Port" "Eplpmx02 Epson Printer Monitor for Windows2000" "MK Systems CO.,LTD." "c:\windows\system32\eplpmx02.dll"
+ "EPSON V3 2KMonitor352" "EPSON Bidirectional Monitor" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_sl2352.dll"
+ "EPSON V6 2KMonitor" "EPSON Bi-directional Monitor" "SEIKO EPSON CORPORATION" "c:\windows\system32\ebpmon24.dll"


As always, thanks for your time and patience.

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:45 AM

Posted 02 October 2012 - 10:34 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#12 JustKarl

JustKarl
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:08:45 AM

Posted 02 October 2012 - 10:39 PM

Thank you VERY much! You and the rest of the regulars here deserve a medal or something!

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:45 AM

Posted 02 October 2012 - 10:40 PM

You're welcome and appreciate your feedback :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users