Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

virus or malware problem....need help


  • Please log in to reply
26 replies to this topic

#1 pirimid

pirimid

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 14 October 2012 - 08:38 PM

Hello,
I have a big problem that I need some help with. My 12 year old was trying to do some work on our pc and somehow ended up getting some type of virus or spyware Im not sure. I have an HP comp, running Xp media center Ed.2002. it shows now sp2! & i think now IE6.
prior to this I could get all microsoft updates, had IE8 & sp3 for quite a while. this virus shut down my IE where when I click on the IE icon it opens for a moment and closes. but firefox will run fine. I tried almost everything... I cant downlaod any file or open any exe file. I finally was able to delete IE8 and the SP3. but in order for me to run things I had to use my laptop. same downloads on to a scandisc. and load them on the the main pc to open them. I also tried dougknox.
it seems like something edited my registries. I did run mbam in safe mode a few times and microsoft malicious software remover, and mbam did see some items and quarantine them. also I earlier before this problem got stuck with not only the whitesmoke toolbar only in Firefox though. but on IE the search, babylon toolbar.
The computer runs now. i can open and run IE but only in version 6. I still can't get any security or any updates from the microsoft website. the temporary AVG 2012 free version now cant be unistalled. its on the bottom with a exclamation point through it.

Thank you for any help in advance. you guys helped me a few years back and I never forgot that.

James.

*Moderator Edit: Moved topic from XP to the more appropriate forum. ~ Queen-Evie*

Edited by Queen-Evie, 14 October 2012 - 10:00 PM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 PM

Posted 15 October 2012 - 12:22 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 15 October 2012 - 01:20 PM

06:43:02.0546 1516 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
06:43:02.0843 1516 ============================================================
06:43:02.0843 1516 Current date / time: 2012/10/15 06:43:02.0843
06:43:02.0843 1516 SystemInfo:
06:43:02.0843 1516
06:43:02.0843 1516 OS Version: 5.1.2600 ServicePack: 2.0
06:43:02.0843 1516 Product type: Workstation
06:43:02.0843 1516 ComputerName: FAMILY
06:43:02.0843 1516 UserName: HP_Administrator
06:43:02.0843 1516 Windows directory: C:\WINDOWS
06:43:02.0843 1516 System windows directory: C:\WINDOWS
06:43:02.0843 1516 Processor architecture: Intel x86
06:43:02.0843 1516 Number of processors: 2
06:43:02.0843 1516 Page size: 0x1000
06:43:02.0843 1516 Boot type: Normal boot
06:43:02.0843 1516 ============================================================
06:43:05.0578 1516 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
06:43:05.0609 1516 ============================================================
06:43:05.0609 1516 \Device\Harddisk0\DR0:
06:43:05.0609 1516 MBR partitions:
06:43:05.0609 1516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2427B5BF
06:43:05.0609 1516 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x2427B5FE, BlocksNum 0x11B20C3
06:43:05.0609 1516 ============================================================
06:43:05.0609 1516 C: <-> \Device\Harddisk0\DR0\Partition1
06:43:05.0640 1516 D: <-> \Device\Harddisk0\DR0\Partition2
06:43:05.0640 1516 ============================================================
06:43:05.0640 1516 Initialize success
06:43:05.0640 1516 ============================================================
06:43:51.0734 3060 ============================================================
06:43:51.0734 3060 Scan started
06:43:51.0734 3060 Mode: Manual; TDLFS;
06:43:51.0734 3060 ============================================================
06:43:51.0953 3060 ================ Scan system memory ========================
06:43:51.0953 3060 System memory - ok
06:43:51.0953 3060 ================ Scan services =============================
06:43:52.0062 3060 Abiosdsk - ok
06:43:52.0078 3060 abp480n5 - ok
06:43:52.0109 3060 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
06:43:52.0125 3060 ACPI - ok
06:43:52.0140 3060 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
06:43:52.0140 3060 ACPIEC - ok
06:43:52.0218 3060 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
06:43:52.0218 3060 AdobeFlashPlayerUpdateSvc - ok
06:43:52.0218 3060 adpu160m - ok
06:43:52.0250 3060 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
06:43:52.0312 3060 aec - ok
06:43:52.0328 3060 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
06:43:52.0343 3060 AFD - ok
06:43:52.0406 3060 [ 994A42D273C35B43EE9D1E8A5D8BC639 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
06:43:52.0437 3060 AgereSoftModem - ok
06:43:52.0453 3060 Aha154x - ok
06:43:52.0453 3060 aic78u2 - ok
06:43:52.0468 3060 aic78xx - ok
06:43:52.0500 3060 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
06:43:52.0515 3060 Alerter - ok
06:43:52.0531 3060 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
06:43:52.0531 3060 ALG - ok
06:43:52.0546 3060 AliIde - ok
06:43:52.0578 3060 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
06:43:52.0578 3060 AmdK8 - ok
06:43:52.0578 3060 amsint - ok
06:43:52.0625 3060 [ 8D3A55F7B7BE6B374479E5195F477226 ] AnyDVD C:\WINDOWS\system32\Drivers\AnyDVD.sys
06:43:52.0640 3060 AnyDVD - ok
06:43:52.0765 3060 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
06:43:52.0781 3060 Apple Mobile Device - ok
06:43:52.0812 3060 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
06:43:52.0843 3060 AppMgmt - ok
06:43:52.0843 3060 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys
06:43:52.0843 3060 aracpi - ok
06:43:52.0859 3060 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
06:43:52.0859 3060 arhidfltr - ok
06:43:52.0859 3060 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
06:43:52.0859 3060 arkbcfltr - ok
06:43:52.0875 3060 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
06:43:52.0875 3060 armoucfltr - ok
06:43:52.0890 3060 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
06:43:52.0921 3060 Arp1394 - ok
06:43:52.0937 3060 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys
06:43:52.0937 3060 ARPolicy - ok
06:43:52.0953 3060 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe
06:43:54.0390 3060 ARSVC - ok
06:43:54.0390 3060 asc - ok
06:43:54.0406 3060 asc3350p - ok
06:43:54.0406 3060 asc3550 - ok
06:43:54.0515 3060 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
06:43:54.0546 3060 aspnet_state - ok
06:43:54.0562 3060 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
06:43:54.0562 3060 AsyncMac - ok
06:43:54.0593 3060 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
06:43:54.0593 3060 atapi - ok
06:43:54.0593 3060 Atdisk - ok
06:43:54.0640 3060 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
06:43:54.0671 3060 Atmarpc - ok
06:43:54.0718 3060 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
06:43:54.0734 3060 AudioSrv - ok
06:43:54.0781 3060 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
06:43:54.0781 3060 audstub - ok
06:43:54.0937 3060 [ F6A528DE535396C2FB1A4E3C6F00CEC4 ] AVGIDSAgent C:\Program Files\AVG\AVG2012\avgidsagent.exe
06:43:55.0031 3060 AVGIDSAgent - ok
06:43:55.0046 3060 AVGIDSHX - ok
06:43:55.0093 3060 [ A4B2D9B833A00FCDA09027641400AB54 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
06:43:55.0093 3060 avgtp - ok
06:43:55.0140 3060 [ EA1145DEBCD508FD25BD1E95C4346929 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe
06:43:55.0156 3060 avgwd - ok
06:43:55.0156 3060 [ 7270D070173B20AC9487EA16BB08B45F ] bb-run C:\WINDOWS\system32\DRIVERS\bb-run.sys
06:43:55.0156 3060 bb-run - ok
06:43:55.0171 3060 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
06:43:55.0171 3060 Beep - ok
06:43:55.0234 3060 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\system32\qmgr.dll
06:43:55.0296 3060 BITS - ok
06:43:55.0328 3060 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
06:43:55.0343 3060 Bonjour Service - ok
06:43:55.0375 3060 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
06:43:55.0375 3060 Browser - ok
06:43:55.0484 3060 [ 2D2C0C773DD4EFDAA89B0C7AA73B5EC8 ] Browser Manager C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.639.201\{16cdff19-861d-48e3-a751-d99a27784753}\browsermngr.exe
06:43:55.0515 3060 Browser Manager - ok
06:43:55.0531 3060 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
06:43:55.0546 3060 cbidf2k - ok
06:43:55.0546 3060 cd20xrnt - ok
06:43:55.0578 3060 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
06:43:55.0578 3060 Cdaudio - ok
06:43:55.0625 3060 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
06:43:55.0671 3060 Cdfs - ok
06:43:55.0687 3060 [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
06:43:55.0718 3060 Cdrom - ok
06:43:55.0718 3060 Changer - ok
06:43:55.0750 3060 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
06:43:55.0796 3060 CiSvc - ok
06:43:55.0828 3060 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
06:43:55.0875 3060 ClipSrv - ok
06:43:55.0921 3060 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
06:43:56.0000 3060 clr_optimization_v2.0.50727_32 - ok
06:43:56.0046 3060 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
06:43:56.0093 3060 clr_optimization_v4.0.30319_32 - ok
06:43:56.0093 3060 CmdIde - ok
06:43:56.0109 3060 COMSysApp - ok
06:43:56.0125 3060 Cpqarray - ok
06:43:56.0140 3060 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
06:43:56.0140 3060 CryptSvc - ok
06:43:56.0140 3060 dac2w2k - ok
06:43:56.0156 3060 dac960nt - ok
06:43:56.0187 3060 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
06:43:56.0187 3060 DcomLaunch - ok
06:43:56.0234 3060 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
06:43:56.0234 3060 Dhcp - ok
06:43:56.0296 3060 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
06:43:56.0312 3060 Disk - ok
06:43:56.0328 3060 dmadmin - ok
06:43:56.0375 3060 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
06:43:56.0453 3060 dmboot - ok
06:43:56.0453 3060 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
06:43:56.0484 3060 dmio - ok
06:43:56.0500 3060 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
06:43:56.0500 3060 dmload - ok
06:43:56.0515 3060 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
06:43:56.0546 3060 dmserver - ok
06:43:56.0578 3060 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
06:43:56.0609 3060 DMusic - ok
06:43:56.0625 3060 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
06:43:56.0656 3060 Dnscache - ok
06:43:56.0656 3060 dpti2o - ok
06:43:56.0671 3060 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
06:43:56.0687 3060 drmkaud - ok
06:43:56.0765 3060 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
06:43:56.0765 3060 ehRecvr - ok
06:43:56.0812 3060 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
06:43:56.0812 3060 ehSched - ok
06:43:56.0859 3060 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
06:43:56.0859 3060 ElbyCDIO - ok
06:43:56.0890 3060 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
06:43:56.0906 3060 ERSvc - ok
06:43:56.0953 3060 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
06:43:57.0015 3060 Eventlog - ok
06:43:57.0046 3060 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\system32\es.dll
06:43:57.0046 3060 EventSystem - ok
06:43:57.0062 3060 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
06:43:57.0093 3060 Fastfat - ok
06:43:57.0125 3060 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
06:43:57.0171 3060 FastUserSwitchingCompatibility - ok
06:43:57.0203 3060 [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax C:\WINDOWS\system32\fxssvc.exe
06:43:57.0265 3060 Fax - ok
06:43:57.0296 3060 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
06:43:57.0328 3060 Fdc - ok
06:43:57.0328 3060 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
06:43:57.0359 3060 Fips - ok
06:43:57.0359 3060 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
06:43:57.0390 3060 Flpydisk - ok
06:43:57.0390 3060 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
06:43:57.0421 3060 FltMgr - ok
06:43:57.0500 3060 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
06:43:57.0500 3060 FontCache3.0.0.0 - ok
06:43:57.0515 3060 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
06:43:57.0515 3060 Fs_Rec - ok
06:43:57.0531 3060 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
06:43:57.0531 3060 Ftdisk - ok
06:43:57.0546 3060 [ 22399D3CE5840C6082844679CCA5D2FC ] ftsata2 C:\WINDOWS\system32\DRIVERS\ftsata2.sys
06:43:57.0546 3060 ftsata2 - ok
06:43:57.0578 3060 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
06:43:57.0578 3060 GEARAspiWDM - ok
06:43:57.0625 3060 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
06:43:57.0656 3060 Gpc - ok
06:43:57.0703 3060 [ 952BDB84AC2BC601FD1B954BAEBA77F6 ] GSService C:\WINDOWS\system32\GSService.exe
06:43:57.0875 3060 GSService - ok
06:43:57.0953 3060 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
06:43:57.0968 3060 gupdate - ok
06:43:57.0968 3060 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
06:43:57.0968 3060 gupdatem - ok
06:43:58.0015 3060 [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
06:43:58.0015 3060 HDAudBus - ok
06:43:58.0031 3060 hechttwb - ok
06:43:58.0093 3060 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
06:43:58.0093 3060 helpsvc - ok
06:43:58.0140 3060 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
06:43:58.0140 3060 HidServ - ok
06:43:58.0171 3060 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
06:43:58.0187 3060 HidUsb - ok
06:43:58.0187 3060 hpn - ok
06:43:58.0218 3060 [ 9F1D80908658EB7F1BF70809E0B51470 ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
06:43:58.0218 3060 HPZid412 - ok
06:43:58.0234 3060 [ F7E3E9D50F9CD3DE28085A8FDAA0A1C3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
06:43:58.0234 3060 HPZipr12 - ok
06:43:58.0250 3060 [ CF1B7951B4EC8D13F3C93B74BB2B461B ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
06:43:58.0250 3060 HPZius12 - ok
06:43:58.0265 3060 [ 1F5C64B0C6B2E2F48735A77AE714CCB8 ] HSXHWBS2 C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys
06:43:58.0281 3060 HSXHWBS2 - ok
06:43:58.0312 3060 [ A7F8C9228898A1E871D2AE7082F50AC3 ] HSX_DP C:\WINDOWS\system32\DRIVERS\HSX_DP.sys
06:43:58.0328 3060 HSX_DP - ok
06:43:58.0359 3060 [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
06:43:58.0359 3060 HTTP - ok
06:43:58.0406 3060 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
06:43:58.0437 3060 HTTPFilter - ok
06:43:58.0437 3060 i2omgmt - ok
06:43:58.0437 3060 i2omp - ok
06:43:58.0468 3060 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
06:43:58.0500 3060 i8042prt - ok
06:43:58.0578 3060 [ 2CCFCCA7A425A6BA45E0D521B573DD27 ] IBUpdaterService C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe
06:43:58.0593 3060 IBUpdaterService - ok
06:43:58.0640 3060 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
06:43:58.0640 3060 IDriverT - ok
06:43:58.0734 3060 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
06:43:58.0750 3060 idsvc - ok
06:43:58.0781 3060 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
06:43:58.0828 3060 Imapi - ok
06:43:58.0859 3060 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\system32\imapi.exe
06:43:58.0875 3060 ImapiService - ok
06:43:58.0875 3060 ini910u - ok
06:43:59.0046 3060 [ 4716F7EE8FB7FD02596ECE1EC70AFF53 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
06:43:59.0093 3060 IntcAzAudAddService - ok
06:43:59.0140 3060 [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
06:43:59.0156 3060 IntelIde - ok
06:43:59.0156 3060 intelppm - ok
06:43:59.0203 3060 [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
06:43:59.0234 3060 Ip6Fw - ok
06:43:59.0265 3060 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
06:43:59.0265 3060 IpFilterDriver - ok
06:43:59.0281 3060 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
06:43:59.0328 3060 IpInIp - ok
06:43:59.0328 3060 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
06:43:59.0328 3060 IpNat - ok
06:43:59.0375 3060 [ B84A28B3984185EDA8867541AF14CDDB ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
06:43:59.0390 3060 iPod Service - ok
06:43:59.0406 3060 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
06:43:59.0468 3060 IPSec - ok
06:43:59.0484 3060 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
06:43:59.0515 3060 IRENUM - ok
06:43:59.0515 3060 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
06:43:59.0546 3060 isapnp - ok
06:43:59.0671 3060 [ 381B25DC8E958D905B33130D500BBF29 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
06:43:59.0671 3060 JavaQuickStarterService - ok
06:43:59.0687 3060 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
06:43:59.0718 3060 Kbdclass - ok
06:43:59.0718 3060 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
06:43:59.0750 3060 kbdhid - ok
06:43:59.0765 3060 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
06:43:59.0765 3060 kmixer - ok
06:43:59.0765 3060 [ 674D3E5A593475915DC6643317192403 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
06:43:59.0828 3060 KSecDD - ok
06:43:59.0859 3060 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
06:43:59.0859 3060 lanmanserver - ok
06:43:59.0890 3060 [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
06:43:59.0937 3060 lanmanworkstation - ok
06:43:59.0937 3060 lbrtfdc - ok
06:44:00.0000 3060 [ 5D4B38A8D8525356798F5E560C3A3090 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
06:44:00.0000 3060 LightScribeService - ok
06:44:00.0046 3060 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
06:44:00.0062 3060 LmHosts - ok
06:44:00.0078 3060 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
06:44:00.0078 3060 McrdSvc - ok
06:44:00.0125 3060 [ E246A32C445056996074A397DA56E815 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
06:44:00.0125 3060 mdmxsdk - ok
06:44:00.0140 3060 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
06:44:00.0171 3060 Messenger - ok
06:44:00.0203 3060 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
06:44:00.0203 3060 MHN - ok
06:44:00.0218 3060 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
06:44:00.0218 3060 MHNDRV - ok
06:44:00.0234 3060 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
06:44:00.0234 3060 mnmdd - ok
06:44:00.0265 3060 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
06:44:00.0312 3060 mnmsrvc - ok
06:44:00.0343 3060 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
06:44:00.0343 3060 Modem - ok
06:44:00.0375 3060 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
06:44:00.0406 3060 Mouclass - ok
06:44:00.0421 3060 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
06:44:00.0453 3060 MountMgr - ok
06:44:00.0500 3060 [ 15D5398EED42C2504BB3D4FC875C15D1 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
06:44:00.0500 3060 MozillaMaintenance - ok
06:44:00.0531 3060 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
06:44:00.0531 3060 MpFilter - ok
06:44:00.0656 3060 [ A69630D039C38018689190234F866D77 ] MpKsl41e03b68 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E519CB09-805D-42F9-8FB6-C636CE5FA881}\MpKsl41e03b68.sys
06:44:00.0671 3060 MpKsl41e03b68 - ok
06:44:00.0671 3060 mraid35x - ok
06:44:00.0687 3060 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
06:44:00.0718 3060 MRxDAV - ok
06:44:00.0734 3060 [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
06:44:00.0781 3060 MRxSmb - ok
06:44:00.0796 3060 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
06:44:00.0875 3060 Msfs - ok
06:44:00.0875 3060 MSIServer - ok
06:44:00.0890 3060 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
06:44:00.0906 3060 MSKSSRV - ok
06:44:00.0968 3060 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
06:44:00.0968 3060 MsMpSvc - ok
06:44:01.0000 3060 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
06:44:01.0015 3060 MSPCLOCK - ok
06:44:01.0031 3060 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
06:44:01.0046 3060 MSPQM - ok
06:44:01.0062 3060 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
06:44:01.0062 3060 mssmbios - ok
06:44:01.0078 3060 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
06:44:01.0109 3060 Mup - ok
06:44:01.0187 3060 [ 48DAF84FDE43FF61C6877131A79230AB ] NBService C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
06:44:01.0281 3060 NBService - ok
06:44:01.0281 3060 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
06:44:01.0312 3060 NDIS - ok
06:44:01.0343 3060 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
06:44:01.0359 3060 NdisTapi - ok
06:44:01.0375 3060 [ EEFA1CE63805D2145978621BE5C6D955 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
06:44:01.0390 3060 Ndisuio - ok
06:44:01.0390 3060 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
06:44:01.0453 3060 NdisWan - ok
06:44:01.0453 3060 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
06:44:01.0484 3060 NDProxy - ok
06:44:01.0500 3060 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
06:44:01.0531 3060 NetBIOS - ok
06:44:01.0562 3060 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
06:44:01.0656 3060 NetBT - ok
06:44:01.0703 3060 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
06:44:01.0781 3060 NetDDE - ok
06:44:01.0796 3060 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
06:44:01.0796 3060 NetDDEdsdm - ok
06:44:01.0828 3060 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\system32\lsass.exe
06:44:01.0843 3060 Netlogon - ok
06:44:01.0875 3060 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
06:44:01.0890 3060 Netman - ok
06:44:01.0906 3060 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
06:44:01.0921 3060 NetTcpPortSharing - ok
06:44:01.0953 3060 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
06:44:01.0953 3060 NIC1394 - ok
06:44:01.0984 3060 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
06:44:01.0984 3060 Nla - ok
06:44:02.0031 3060 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
06:44:02.0062 3060 Npfs - ok
06:44:02.0078 3060 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
06:44:02.0109 3060 Ntfs - ok
06:44:02.0125 3060 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
06:44:02.0125 3060 NtLmSsp - ok
06:44:02.0156 3060 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
06:44:02.0218 3060 NtmsSvc - ok
06:44:02.0250 3060 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
06:44:02.0250 3060 Null - ok
06:44:02.0359 3060 [ 642A87877F83313EB5302749CD479024 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
06:44:02.0421 3060 nv - ok
06:44:02.0484 3060 [ 22EEDB34C4D7613A25B10C347C6C4C21 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
06:44:02.0484 3060 NVENETFD - ok
06:44:02.0484 3060 [ 5E3F6AD5CAD0F12D3CCCD06FD964087A ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
06:44:02.0484 3060 nvnetbus - ok
06:44:02.0515 3060 [ B0903C021BFCD6055C053A569EF98AEF ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
06:44:02.0515 3060 NVSvc - ok
06:44:02.0546 3060 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
06:44:02.0546 3060 NwlnkFlt - ok
06:44:02.0562 3060 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
06:44:02.0562 3060 NwlnkFwd - ok
06:44:02.0656 3060 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
06:44:02.0656 3060 odserv - ok
06:44:02.0703 3060 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
06:44:02.0703 3060 ohci1394 - ok
06:44:02.0750 3060 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
06:44:02.0750 3060 ose - ok
06:44:02.0765 3060 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
06:44:02.0812 3060 Parport - ok
06:44:02.0828 3060 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
06:44:02.0843 3060 PartMgr - ok
06:44:02.0859 3060 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
06:44:02.0859 3060 ParVdm - ok
06:44:02.0875 3060 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
06:44:02.0906 3060 PCI - ok
06:44:02.0921 3060 PCIDump - ok
06:44:02.0921 3060 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
06:44:02.0921 3060 PCIIde - ok
06:44:02.0937 3060 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
06:44:02.0968 3060 Pcmcia - ok
06:44:02.0984 3060 PDCOMP - ok
06:44:02.0984 3060 PDFRAME - ok
06:44:03.0000 3060 PDRELI - ok
06:44:03.0000 3060 PDRFRAME - ok
06:44:03.0015 3060 perc2 - ok
06:44:03.0015 3060 perc2hib - ok
06:44:03.0062 3060 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
06:44:03.0062 3060 PlugPlay - ok
06:44:03.0109 3060 [ 9D84376931440F3679BEEF2A414FA493 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
06:44:03.0109 3060 Pml Driver HPZ12 - ok
06:44:03.0125 3060 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
06:44:03.0125 3060 PolicyAgent - ok
06:44:03.0171 3060 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
06:44:03.0234 3060 PptpMiniport - ok
06:44:03.0281 3060 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
06:44:03.0312 3060 Processor - ok
06:44:03.0328 3060 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
06:44:03.0328 3060 ProtectedStorage - ok
06:44:03.0343 3060 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
06:44:03.0343 3060 Ps2 - ok
06:44:03.0359 3060 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
06:44:03.0406 3060 PSched - ok
06:44:03.0406 3060 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
06:44:03.0406 3060 Ptilink - ok
06:44:03.0421 3060 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
06:44:03.0421 3060 PxHelp20 - ok
06:44:03.0437 3060 ql1080 - ok
06:44:03.0437 3060 Ql10wnt - ok
06:44:03.0453 3060 ql12160 - ok
06:44:03.0453 3060 ql1240 - ok
06:44:03.0468 3060 ql1280 - ok
06:44:03.0484 3060 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
06:44:03.0484 3060 RasAcd - ok
06:44:03.0515 3060 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
06:44:03.0546 3060 RasAuto - ok
06:44:03.0578 3060 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
06:44:03.0609 3060 Rasl2tp - ok
06:44:03.0656 3060 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
06:44:03.0656 3060 RasMan - ok
06:44:03.0656 3060 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
06:44:03.0687 3060 RasPppoe - ok
06:44:03.0703 3060 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
06:44:03.0703 3060 Raspti - ok
06:44:03.0734 3060 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
06:44:03.0781 3060 Rdbss - ok
06:44:03.0796 3060 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
06:44:03.0796 3060 RDPCDD - ok
06:44:03.0812 3060 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
06:44:03.0812 3060 rdpdr - ok
06:44:03.0843 3060 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
06:44:03.0843 3060 RDPWD - ok
06:44:03.0859 3060 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
06:44:03.0921 3060 RDSessMgr - ok
06:44:03.0953 3060 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
06:44:03.0984 3060 redbook - ok
06:44:04.0015 3060 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
06:44:04.0046 3060 RemoteAccess - ok
06:44:04.0062 3060 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
06:44:04.0093 3060 RemoteRegistry - ok
06:44:04.0156 3060 [ 7728B6AEDC83BC0DEFD0A53371D4613B ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
06:44:04.0156 3060 RichVideo - ok
06:44:04.0171 3060 RimUsb - ok
06:44:04.0203 3060 [ D9B34325EE5DF78B8F28A3DE9F577C7D ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
06:44:04.0203 3060 RimVSerPort - ok
06:44:04.0250 3060 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
06:44:04.0250 3060 ROOTMODEM - ok
06:44:04.0296 3060 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\system32\locator.exe
06:44:04.0343 3060 RpcLocator - ok
06:44:04.0375 3060 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\system32\rpcss.dll
06:44:04.0375 3060 RpcSs - ok
06:44:04.0421 3060 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
06:44:04.0421 3060 RSVP - ok
06:44:04.0453 3060 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
06:44:04.0453 3060 rtl8139 - ok
06:44:04.0468 3060 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
06:44:04.0484 3060 SamSs - ok
06:44:04.0500 3060 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
06:44:04.0562 3060 SCardSvr - ok
06:44:04.0593 3060 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
06:44:04.0640 3060 Schedule - ok
06:44:04.0687 3060 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
06:44:04.0687 3060 Secdrv - ok
06:44:04.0703 3060 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
06:44:04.0734 3060 seclogon - ok
06:44:04.0750 3060 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
06:44:04.0750 3060 SENS - ok
06:44:04.0781 3060 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
06:44:04.0781 3060 Serial - ok
06:44:04.0812 3060 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
06:44:04.0828 3060 Sfloppy - ok
06:44:04.0875 3060 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
06:44:04.0875 3060 SharedAccess - ok
06:44:04.0906 3060 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
06:44:04.0906 3060 ShellHWDetection - ok
06:44:04.0921 3060 Simbad - ok
06:44:04.0953 3060 [ 1339E2824D1567A18604AD0157D82E7B ] SMServer C:\WINDOWS\system32\snmvtsvc.exe
06:44:05.0031 3060 SMServer - ok
06:44:05.0078 3060 [ 7C2D2B593B837FD59C17EF649CDA1EA6 ] SndTAudio C:\WINDOWS\system32\drivers\SndTAudio.sys
06:44:05.0109 3060 SndTAudio - ok
06:44:05.0109 3060 Sparrow - ok
06:44:05.0125 3060 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
06:44:05.0140 3060 splitter - ok
06:44:05.0156 3060 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
06:44:05.0187 3060 Spooler - ok
06:44:05.0203 3060 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
06:44:05.0250 3060 sr - ok
06:44:05.0265 3060 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\system32\srsvc.dll
06:44:05.0265 3060 srservice - ok
06:44:05.0281 3060 [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
06:44:05.0281 3060 Srv - ok
06:44:05.0328 3060 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\WINDOWS\system32\DRIVERS\ssadbus.sys
06:44:05.0328 3060 ssadbus - ok
06:44:05.0359 3060 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
06:44:05.0359 3060 ssadmdfl - ok
06:44:05.0390 3060 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
06:44:05.0390 3060 ssadmdm - ok
06:44:05.0437 3060 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\WINDOWS\system32\DRIVERS\ssadserd.sys
06:44:05.0437 3060 ssadserd - ok
06:44:05.0468 3060 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
06:44:05.0500 3060 SSDPSRV - ok
06:44:05.0562 3060 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
06:44:05.0562 3060 stisvc - ok
06:44:05.0593 3060 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
06:44:05.0609 3060 swenum - ok
06:44:05.0625 3060 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
06:44:05.0656 3060 swmidi - ok
06:44:05.0656 3060 SwPrv - ok
06:44:05.0671 3060 symc810 - ok
06:44:05.0687 3060 symc8xx - ok
06:44:05.0687 3060 sym_hi - ok
06:44:05.0703 3060 sym_u3 - ok
06:44:05.0718 3060 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
06:44:05.0750 3060 sysaudio - ok
06:44:05.0796 3060 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
06:44:05.0859 3060 SysmonLog - ok
06:44:05.0875 3060 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
06:44:05.0875 3060 TapiSrv - ok
06:44:05.0906 3060 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
06:44:05.0953 3060 Tcpip - ok
06:44:05.0984 3060 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
06:44:05.0984 3060 TDPIPE - ok
06:44:06.0000 3060 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
06:44:06.0000 3060 TDTCP - ok
06:44:06.0031 3060 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
06:44:06.0031 3060 TermDD - ok
06:44:06.0062 3060 [ C29A5286E64D97385178452D5F307B98 ] TermService C:\WINDOWS\System32\termsrv.dll
06:44:06.0062 3060 TermService - ok
06:44:06.0093 3060 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
06:44:06.0093 3060 Themes - ok
06:44:06.0140 3060 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
06:44:06.0171 3060 TlntSvr - ok
06:44:06.0187 3060 TosIde - ok
06:44:06.0234 3060 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
06:44:06.0265 3060 TrkWks - ok
06:44:06.0281 3060 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
06:44:06.0312 3060 Udfs - ok
06:44:06.0328 3060 ultra - ok
06:44:06.0343 3060 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
06:44:06.0359 3060 Update - ok
06:44:06.0375 3060 [ 8827911A8C37E40C027CBFC88E69D967 ] uploadmgr C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
06:44:06.0375 3060 uploadmgr - ok
06:44:06.0390 3060 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
06:44:06.0437 3060 upnphost - ok
06:44:06.0453 3060 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
06:44:06.0515 3060 UPS - ok
06:44:06.0562 3060 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
06:44:06.0593 3060 USBAAPL - ok
06:44:06.0625 3060 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
06:44:06.0656 3060 usbccgp - ok
06:44:06.0687 3060 [ 7481D843E672B51039B7E8A161B746B8 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
06:44:06.0718 3060 usbehci - ok
06:44:06.0718 3060 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
06:44:06.0765 3060 usbhub - ok
06:44:06.0781 3060 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
06:44:06.0796 3060 usbohci - ok
06:44:06.0796 3060 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
06:44:06.0828 3060 usbprint - ok
06:44:06.0828 3060 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
06:44:06.0859 3060 usbscan - ok
06:44:06.0859 3060 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
06:44:06.0890 3060 usbstor - ok
06:44:06.0906 3060 [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
06:44:06.0921 3060 usbuhci - ok
06:44:06.0953 3060 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
06:44:06.0968 3060 VgaSave - ok
06:44:06.0984 3060 [ 59CB1338AD3654417BEA49636457F65D ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
06:44:07.0015 3060 ViaIde - ok
06:44:07.0031 3060 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
06:44:07.0062 3060 VolSnap - ok
06:44:07.0093 3060 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
06:44:07.0156 3060 VSS - ok
06:44:07.0218 3060 [ 055F176255DD7BEDB2D32A764332B739 ] vToolbarUpdater13.1.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.1.0\ToolbarUpdater.exe
06:44:07.0234 3060 vToolbarUpdater13.1.0 - ok
06:44:07.0265 3060 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\system32\w32time.dll
06:44:07.0296 3060 W32Time - ok
06:44:07.0312 3060 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
06:44:07.0343 3060 Wanarp - ok
06:44:07.0375 3060 [ D6EFAF429FD30C5DF613D220E344CCE7 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys
06:44:07.0375 3060 WDC_SAM - ok
06:44:07.0390 3060 WDICA - ok
06:44:07.0406 3060 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
06:44:07.0453 3060 wdmaud - ok
06:44:07.0500 3060 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
06:44:07.0531 3060 WebClient - ok
06:44:07.0562 3060 [ 11EC1AFCEB5C917CE73D3C301FF4291E ] winachsx C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
06:44:07.0578 3060 winachsx - ok
06:44:07.0640 3060 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
06:44:07.0640 3060 winmgmt - ok
06:44:07.0718 3060 [ 18F347402DA544A780949B8FDF83351B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
06:44:07.0765 3060 WinRM - ok
06:44:07.0796 3060 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
06:44:07.0796 3060 WmdmPmSN - ok
06:44:07.0859 3060 [ 1081C185AED0660B2B5F173C3E023B23 ] Wmi C:\WINDOWS\System32\advapi32.dll
06:44:07.0859 3060 Wmi - ok
06:44:07.0890 3060 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
06:44:07.0968 3060 WmiApSrv - ok
06:44:08.0046 3060 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
06:44:08.0062 3060 WMPNetworkSvc - ok
06:44:08.0078 3060 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
06:44:08.0078 3060 WpdUsb - ok
06:44:08.0156 3060 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
06:44:08.0171 3060 WPFFontCache_v0400 - ok
06:44:08.0218 3060 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
06:44:08.0218 3060 wscsvc - ok
06:44:08.0234 3060 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
06:44:08.0234 3060 wuauserv - ok
06:44:08.0265 3060 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
06:44:08.0265 3060 WudfPf - ok
06:44:08.0296 3060 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
06:44:08.0296 3060 WudfRd - ok
06:44:08.0328 3060 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
06:44:08.0359 3060 WudfSvc - ok
06:44:08.0375 3060 [ 247520EDED53A08AE89EA4FAE04F54D8 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
06:44:08.0437 3060 WZCSVC - ok
06:44:08.0453 3060 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
06:44:08.0500 3060 xmlprov - ok
06:44:08.0515 3060 ================ Scan global ===============================
06:44:08.0546 3060 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
06:44:08.0593 3060 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
06:44:08.0640 3060 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
06:44:08.0656 3060 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
06:44:08.0656 3060 [Global] - ok
06:44:08.0656 3060 ================ Scan MBR ==================================
06:44:08.0687 3060 [ D11C727E03BB7318DCDA069B06E652F0 ] \Device\Harddisk0\DR0
06:44:08.0906 3060 \Device\Harddisk0\DR0 - ok
06:44:08.0906 3060 ================ Scan VBR ==================================
06:44:08.0906 3060 [ ED1F4F7151C3D52BA7E3B1F67FE025C8 ] \Device\Harddisk0\DR0\Partition1
06:44:08.0906 3060 \Device\Harddisk0\DR0\Partition1 - ok
06:44:08.0921 3060 [ 827B4E7275ECCA4CA63978FD19858D8A ] \Device\Harddisk0\DR0\Partition2
06:44:08.0921 3060 \Device\Harddisk0\DR0\Partition2 - ok
06:44:08.0921 3060 ============================================================
06:44:08.0921 3060 Scan finished
06:44:08.0921 3060 ============================================================
06:44:08.0937 4060 Detected object count: 0
06:44:08.0937 4060 Actual detected object count: 0

Wow huge log...took only 30 seconds or so to run...

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-10-15 06:49:20
-----------------------------
06:49:20.890 OS Version: Windows 5.1.2600 Service Pack 2
06:49:20.890 Number of processors: 2 586 0x4B02
06:49:20.890 ComputerName: FAMILY UserName:
06:49:21.890 Initialize success
06:52:32.625 AVAST engine defs: 12101500
06:53:02.859 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5
06:53:02.875 Disk 0 Vendor: WDC_WD3200AAKX-001CA0 15.01H15 Size: 305245MB BusType: 3
06:53:02.875 Disk 0 MBR read successfully
06:53:02.875 Disk 0 MBR scan
06:53:02.906 Disk 0 unknown MBR code
06:53:02.906 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 296182 MB offset 63
06:53:02.937 Disk 0 Partition 2 00 0C FAT32 LBA RECOVERY 9060 MB offset 606582270
06:53:04.265 Disk 0 scanning sectors +625137345
06:53:04.343 Disk 0 scanning C:\WINDOWS\system32\drivers
06:53:20.765 Service scanning
06:53:33.171 Service MpKsl41e03b68 c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E519CB09-805D-42F9-8FB6-C636CE5FA881}\MpKsl41e03b68.sys **LOCKED** 32
06:53:46.234 Modules scanning
06:53:51.390 Disk 0 trace - called modules:
06:53:51.421 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
06:53:51.421 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b2c2ab8]
06:53:51.421 3 CLASSPNP.SYS[ba10905b] -> nt!IofCallDriver -> \Device\0000006c[0x8b251f18]
06:53:51.437 5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-5[0x8b2f0940]
06:53:52.593 AVAST engine scan C:\WINDOWS
06:54:18.250 AVAST engine scan C:\WINDOWS\system32
07:00:14.687 AVAST engine scan C:\WINDOWS\system32\drivers
07:00:46.859 AVAST engine scan C:\Documents and Settings\HP_Administrator
07:33:51.906 AVAST engine scan C:\Documents and Settings\All Users
07:40:30.578 Scan finished successfully
07:42:53.062 Disk 0 MBR has been saved successfully to "C:\MBR.dat"
07:42:53.078 The log file has been saved successfully to "C:\aswMBR.txt"

These are the first two scans you asked for I finished the ESET scanner and it found 11 threats and contained them but, for some reason I can't save this file anywhere to send you the log. I came home for lunch to check this I have a udisk port. disc I can try to save it to this...I havn't closed the ap. & I still have the results on my desktop...
Thanks...

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 PM

Posted 15 October 2012 - 01:23 PM

The path to the log file is "C:\Program Files\ESET\EsetOnlineScanner\log.txt"

Post the contents here

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#5 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 15 October 2012 - 05:41 PM

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=a3c66b61acec5643bf209059474a73b3
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-15 01:52:46
# local_time=2012-10-15 09:52:46 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 2
# compatibility_mode=1024 16777175 100 0 70919 70919 0 0
# compatibility_mode=5891 16776869 42 93 0 3076405 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=178681
# found=11
# cleaned=11
# scan_time=7305
C:\Documents and Settings\All Users\Application Data\IBUpdaterService\ibsvc.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\101PandaPDFconverterV.2.exe Win32/InstallBrain application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\Rainy_Day_Screensaver.exe Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\Livesets\FreeYouTubeDownloaderSetup.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\Livesets\Rainy_Day_Screensaver.exe Win32/Toolbar.Babylon application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Application Updater\ApplicationUpdater(2).exe probably a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Common Files\ZugoInstaller.exe multiple threats (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\Yontoo\YontooIEClient.dll a variant of Win32/Adware.Yontoo.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Program Files\YouTube Downloader Toolbar\IE\4.6\youtubedownloaderToolbarIE.dll a variant of Win32/Toolbar.Widgi application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP946\A0121240.exe a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
D:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP946\A0121241.exe a variant of Win32/Toolbar.MyWebSearch application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
Yoooo guys.....I found it...Im going to run the rest now...here is that log for you...thanks

#6 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 15 October 2012 - 07:46 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.15.13

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 6.0.2900.2180
HP_Administrator :: FAMILY [administrator]

10/15/2012 7:07:40 PM
mbam-log-2012-10-15 (19-07-40).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 414999
Time elapsed: 1 hour(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


MiniToolBox by Farbar Version: 23-07-2012
Ran by HP_Administrator (administrator) on 15-10-2012 at 20:39:36
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
NVIDIA nForce Networking Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : Family

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Mixed

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : hsd1.fl.comcast.net.



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : hsd1.fl.comcast.net.

Description . . . . . . . . . . . : NVIDIA nForce Networking Controller

Physical Address. . . . . . . . . : 00-18-F3-94-E5-A8

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.100

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 192.168.0.1

Lease Obtained. . . . . . . . . . : Monday, October 15, 2012 8:33:34 PM

Lease Expires . . . . . . . . . . : Monday, October 22, 2012 8:33:34 PM

1.0.168.192.in-addr.arpa
primary name server = localhost
responsible mail addr = nobody.invalid
serial = 1
refresh = 600 (10 mins)
retry = 1200 (20 mins)
expire = 604800 (7 days)
default TTL = 10800 (3 hours)
Server: UnKnown
Address: 192.168.0.1

Name: google.com.hsd1.fl.comcast.net
Address: 208.69.32.145



Pinging google.com [74.125.139.100] with 32 bytes of data:



Reply from 74.125.139.100: bytes=32 time=29ms TTL=47

Reply from 74.125.139.100: bytes=32 time=28ms TTL=47



Ping statistics for 74.125.139.100:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 28ms, Maximum = 29ms, Average = 28ms

Server: UnKnown
Address: 192.168.0.1

Name: yahoo.com.hsd1.fl.comcast.net
Address: 208.69.32.145



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=98ms TTL=48

Reply from 98.139.183.24: bytes=32 time=74ms TTL=50



Ping statistics for 98.139.183.24:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 74ms, Maximum = 98ms, Average = 86ms

Server: UnKnown
Address: 192.168.0.1

Name: bleepingcomputer.com.hsd1.fl.comcast.net
Address: 208.69.32.145



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 f3 94 e5 a8 ...... NVIDIA nForce Networking Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.100 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.100 192.168.0.100 20
192.168.0.0 255.255.255.0 192.168.0.100 192.168.0.100 20
192.168.0.100 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.100 192.168.0.100 20
224.0.0.0 240.0.0.0 192.168.0.100 192.168.0.100 20
255.255.255.255 255.255.255.255 192.168.0.100 192.168.0.100 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/15/2012 08:33:40 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 08:33:40 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 08:33:40 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 08:33:40 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 08:14:41 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 08:14:41 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 07:19:45 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 07:19:45 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 06:37:41 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (10/15/2012 06:37:40 PM) (Source: Userenv) (User: NT AUTHORITY)NT AUTHORITY
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.


System errors:
=============
Error: (10/15/2012 08:33:59 PM) (Source: Service Control Manager) (User: )
Description: The vToolbarUpdater13.1.0 service failed to start due to the following error:
%%2

Error: (10/15/2012 08:33:59 PM) (Source: Service Control Manager) (User: )
Description: The Upload Manager service failed to start due to the following error:
%%1079

Error: (10/15/2012 08:33:59 PM) (Source: Service Control Manager) (User: )
Description: The Media Center Extender Service service depends on the SSDP Discovery Service service which failed to start because of the following error:
%%1058

Error: (10/15/2012 08:33:59 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the following nonexistent service: AVGIDSDriver

Error: (10/15/2012 08:30:58 PM) (Source: Service Control Manager) (User: )
Description: The Pml Driver HPZ12 service terminated unexpectedly. It has done this 1 time(s).

Error: (10/15/2012 07:14:42 AM) (Source: 0) (User: )
Description: \Device\Ide\IdePort2

Error: (10/15/2012 06:24:42 AM) (Source: Service Control Manager) (User: )
Description: The Upload Manager service failed to start due to the following error:
%%1079

Error: (10/15/2012 06:24:42 AM) (Source: Service Control Manager) (User: )
Description: The Media Center Extender Service service depends on the SSDP Discovery Service service which failed to start because of the following error:
%%1058

Error: (10/15/2012 06:24:42 AM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the following nonexistent service: AVGIDSDriver

Error: (10/14/2012 09:02:26 PM) (Source: Service Control Manager) (User: )
Description: The Upload Manager service failed to start due to the following error:
%%1079


Microsoft Office Sessions:
=========================
Error: (05/01/2012 08:24:49 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1077 seconds with 120 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

2570 (Version: 50.0.214.000)
2570_Help (Version: 50.0.214.000)
2570Trb (Version: 50.0.214.000)
Adobe AIR (Version: 2.7.0.19530)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.287)
Adobe Flash Player 11 Plugin (Version: 11.4.402.287)
Adobe Reader 7.0.5 (Version: 7.0.5)
Adobe Reader X (10.1.4) (Version: 10.1.4)
Adobe Shockwave Player 11.6 (Version: 11.6.1.629)
Agere Systems PCI-SV92PP Soft Modem
AiO_Scan_CDA (Version: 50.0.214.000)
AiOSoftwareNPI (Version: 50.0.214.000)
Any DVD Converter Professional 4.4.1
AnyDVD (Version: 7.0.8.0)
Apple Application Support (Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
Art Effects for PDR10 (Version: 2.0)
AutoUpdate (Version: 1.0)
AVG 2012 (Version: 12.0.2180)
AVG 2012 (Version: 2012.0.2221)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 70.0.170.000)
Can You See What I See?
Can You See What I See? Dream Machine
Christmas Puzzle
CloneDVD2 (Version: 2.9.3.0)
ConvertHelper 2.2
CP_AtenaShokunin1Config (Version: 70.0.170.000)
CP_CalendarTemplates1 (Version: 70.0.170.000)
cp_LightScribeConfig (Version: 70.0.170.000)
cp_OnlineProjectsConfig (Version: 70.0.170.000)
CP_Package_Basic1 (Version: 70.0.170.000)
CP_Package_Variety1 (Version: 70.0.170.000)
CP_Package_Variety2 (Version: 70.0.170.000)
CP_Package_Variety3 (Version: 70.0.170.000)
CP_Panorama1Config (Version: 70.0.170.000)
cp_PosterPrintConfig (Version: 70.0.170.000)
cp_UpdateProjectsConfig (Version: 70.0.170.000)
CueTour (Version: 70.0.170.000)
Cursed House
CustomerResearchQFolder (Version: 1.00.0000)
CyberLink PowerDirector 10 (Version: 10.0.0.1005)
D-Link Toolbar
Data Fax SoftModem with SmartCP
Destinations (Version: 70.0.170.000)
DeviceFunctionQFolder (Version: 1.00.0000)
DISCover (Version: 3.33)
DivX (Version: 5.2.1)
DocProc (Version: 5.2.0.0)
DocumentViewer (Version: 53.0.13.000)
DocumentViewerQFolder (Version: 1.00.0000)
Enhanced Multimedia Keyboard Solution
ESET Online Scanner v3
eSupportQFolder (Version: 1.00.0000)
Fax_CDA (Version: 50.0.214.000)
Free Realms
GemMaster Mystic
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.123)
Heaven & Hell
High Definition Audio Driver Package - KB888111 (Version: 20040219.000000)
HP Boot Optimizer (Version: 3.0.0)
HP DigitalMedia Archive (Version: 2.0)
HP Document Viewer 5.3 (Version: 5.3)
HP DVD Play 2.1
HP Extended Capabilities 5.3 (Version: 5.3)
HP Imaging Device Functions 7.0 (Version: 7.0)
HP Photosmart for Media Center PC
HP Photosmart Premier Software 6.5 (Version: 6.5)
HP PSC & OfficeJet 5.3.A
HP Software Update (Version: 3.0.7.014)
HP Solution Center & Imaging Support Tools 5.3 (Version: 5.3)
HP Web Helper
HPPhotoSmartExpress (Version: 70.0.170.000)
HPProductAssistant (Version: 53.0.13.000)
HpSdpAppCoreApp (Version: 3.00.0000)
InstantShareDevices (Version: 70.0.170.000)
iTunes (Version: 10.2.2.14)
Java Auto Updater (Version: 2.0.4.1)
Java™ 6 Update 29 (Version: 6.0.290)
Jewel Match
Jewel Match - Winter Wonderland
Jewel Match 2
Jewel Match 3
Jewel Quest
Jewel Quest Mysteries: The Seventh Gate
Jewel Quest: The Sleepless Star
LightScribe 1.4.105.1 (Version: 1.4.105.1)
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
MarketResearch (Version: 53.0.13.000)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Away Mode (Version: 6.0.0160.0)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.1.0522.0)
Microsoft Security Essentials (Version: 4.1.522.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Mozilla Firefox 13.0.1 (x86 en-US) (Version: 13.0.1)
Mozilla Maintenance Service (Version: 13.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
muvee autoProducer 5.0 (Version: 5.00.050)
muvee autoProducer unPlugged 2.0 (Version: 2.0.0)
My HP Games (Version: HPCMPQ1404)
Mystery Case Files &reg;: 13th Skull ™
Mystery Case Files&reg;: Dire Grove™ Collector's Edition
Mystika: Between Light and Shadow
Nero 7 Ultra Edition (Version: 7.01.9440)
Nero PhotoShow Express 4 (Version: 4.0)
Netscape Browser (remove only)
NewCopy_CDA (Version: 50.0.214.000)
NVIDIA Drivers
OpenOffice.org 3.1 (Version: 3.1.9399)
OptionalContentQFolder (Version: 1.00.0000)
Otto
PandaPDFConverter
PanoStandAlone (Version: 53.0.13.000)
PDFCreator (Version: 1.5.0)
PhotoGallery (Version: 70.0.170.000)
PMB (Version: 5.2.00.03250)
ProductContextNPI (Version: 50.0.214.000)
Puzzle Quest 2
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3 (Version: 2.2.3)
RandMap (Version: 70.0.170.000)
Readme (Version: 50.0.214.000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 5.10.0.6363)
RealUpgrade 1.1 (Version: 1.1.0)
Safari Quest
Scan (Version: 5.2.0.0)
ScannerCopy (Version: 5.2.0.0)
SkinsHP1 (Version: 70.0.170.000)
SlideShow (Version: 70.0.170.000)
SlideShowMusic (Version: 70.0.170.000)
Slingo Quest
Slingo Quest Hawaii
Slingo Supreme
SmartSound Quicktracks 5 (Version: 5.1.8)
SolutionCenter (Version: 50.0.152.000)
Sonic MyDVD Plus (Version: 6.2.0)
Sonic RecordNow Audio (Version: 2.0.6)
Sonic RecordNow Copy (Version: 2.0.6)
Sonic RecordNow Data (Version: 2.0.6)
Sonic Update Manager (Version: 3.0.0)
Sonic_PrimoSDK (Version: 70.0.170.000)
SoundTaxi 4.2.1
SoundTaxi Media Suite 4.2.1 (Version: 4.2.1)
SpongeBob Atlantis SquareOff
Status (Version: 53.0.13.000)
swMSM (Version: 12.0.0.1)
The Enchanting Islands
The Price is Right
TrayApp (Version: 53.0.13.000)
Unload (Version: 7.0.0)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Windows (KB971513)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB904942) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB912945) (Version: 1)
Update for Windows XP (KB914882) (Version: 1)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB925876) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB953356) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
Vacation Quest: The Hawaiian Islands
VLC media player 2.0.3 (Version: 2.0.3)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 53.0.13.000)
WildTangent Web Driver
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Feature Pack for Storage (32-bit) - Smart Card driver (Version: 1.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer 3.1 (KB893803)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB883667 (Version: 20040812.104354)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB887742 (Version: 20041103.095002)
Windows XP Hotfix - KB888113 (Version: 20041116.131036)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB890175 (Version: 20041201.233338)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
Windows XP Hotfix - KB892050 (Version: 3)
Windows XP Hotfix - KB893066 (Version: 1)
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Wizard101 (Version: 1.0.0)
Wizard101 Test (Version: 1.0.0)
Yahoo! Toolbar
Yard Sale Hidden Treasures: Sunnyville
YouTube Downloader Toolbar v4.6 (Version: 4.6)

========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 3006.48 MB
Available physical RAM: 2509.33 MB
Total Pagefile: 4892.24 MB
Available Pagefile: 4543.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.8 MB

========================= Partitions: =====================================

1 Drive c: (HP_PAVILION) (Fixed) (Total:289.24 GB) (Free:148.27 GB) NTFS
2 Drive d: (HP_RECOVERY) (Fixed) (Total:8.83 GB) (Free:0.96 GB) FAT32

========================= Users: ========================================

User accounts for \\FAMILY

Administrator ASPNET Guest
HelpAssistant HP_Administrator SUPPORT_388945a0
SUPPORT_fddfa904

========================= Restore Points ==================================

18-07-2012 07:56:52 Software Distribution Service 3.0
19-07-2012 07:56:51 Software Distribution Service 3.0
20-07-2012 07:56:32 Software Distribution Service 3.0
21-07-2012 07:57:04 Software Distribution Service 3.0
22-07-2012 05:45:44 Software Distribution Service 3.0
23-07-2012 06:39:26 System Checkpoint
24-07-2012 00:46:00 Software Distribution Service 3.0
25-07-2012 00:50:21 Software Distribution Service 3.0
26-07-2012 01:19:25 Software Distribution Service 3.0
27-07-2012 01:19:33 Software Distribution Service 3.0
28-07-2012 01:22:13 Software Distribution Service 3.0
29-07-2012 01:22:31 Software Distribution Service 3.0
29-07-2012 06:17:42 Software Distribution Service 3.0
29-07-2012 17:14:51 Restore Operation
29-07-2012 23:04:58 Software Distribution Service 3.0
30-07-2012 23:04:59 Software Distribution Service 3.0
30-07-2012 23:24:44 Installed Windows XP -- Software Updates KB952013.
30-07-2012 23:26:12 Installed Windows XP -- Software Updates KB952011.
01-08-2012 00:52:54 System Checkpoint
01-08-2012 01:37:47 Software Distribution Service 3.0
01-08-2012 02:41:03 Configured easy Internet sign-up
01-08-2012 02:42:55 Removed Nero Toolbar.
02-08-2012 03:40:00 System Checkpoint
02-08-2012 11:46:21 Software Distribution Service 3.0
03-08-2012 11:46:17 Software Distribution Service 3.0
03-08-2012 19:42:49 Installed Wizard101 Test
04-08-2012 14:43:49 Software Distribution Service 3.0
05-08-2012 06:02:44 Software Distribution Service 3.0
05-08-2012 20:01:33 Software Distribution Service 3.0
06-08-2012 20:35:47 System Checkpoint
06-08-2012 21:56:57 Software Distribution Service 3.0
07-08-2012 21:56:16 Software Distribution Service 3.0
08-08-2012 22:16:11 System Checkpoint
09-08-2012 03:17:50 Software Distribution Service 3.0
10-08-2012 04:13:26 System Checkpoint
10-08-2012 10:21:26 Software Distribution Service 3.0
11-08-2012 10:27:45 System Checkpoint
11-08-2012 21:34:54 Software Distribution Service 3.0
12-08-2012 06:24:10 Software Distribution Service 3.0
12-08-2012 21:34:22 Software Distribution Service 3.0
13-08-2012 23:03:13 System Checkpoint
14-08-2012 20:25:26 Software Distribution Service 3.0
15-08-2012 07:00:35 Software Distribution Service 3.0
15-08-2012 21:03:34 Software Distribution Service 3.0
16-08-2012 21:06:39 Software Distribution Service 3.0
17-08-2012 21:07:02 Software Distribution Service 3.0
18-08-2012 21:25:20 System Checkpoint
19-08-2012 05:47:08 Software Distribution Service 3.0
19-08-2012 17:32:07 Software Distribution Service 3.0
20-08-2012 17:34:11 Software Distribution Service 3.0
21-08-2012 17:32:23 Software Distribution Service 3.0
22-08-2012 17:42:38 System Checkpoint
23-08-2012 13:48:24 Software Distribution Service 3.0
24-08-2012 13:48:53 Software Distribution Service 3.0
25-08-2012 13:49:14 Software Distribution Service 3.0
26-08-2012 05:53:33 Software Distribution Service 3.0
26-08-2012 19:30:38 Software Distribution Service 3.0
27-08-2012 19:31:02 Software Distribution Service 3.0
28-08-2012 19:30:30 Software Distribution Service 3.0
29-08-2012 19:30:38 Software Distribution Service 3.0
31-08-2012 00:47:59 Software Distribution Service 3.0
01-09-2012 01:27:23 System Checkpoint
01-09-2012 02:20:44 Software Distribution Service 3.0
02-09-2012 02:47:02 System Checkpoint
02-09-2012 06:29:44 Software Distribution Service 3.0
02-09-2012 11:53:37 Software Distribution Service 3.0
03-09-2012 11:53:16 Software Distribution Service 3.0
04-09-2012 12:05:07 System Checkpoint
05-09-2012 11:46:24 Software Distribution Service 3.0
06-09-2012 12:33:04 System Checkpoint
06-09-2012 20:40:30 Software Distribution Service 3.0
07-09-2012 21:47:57 System Checkpoint
08-09-2012 01:53:22 Software Distribution Service 3.0
09-09-2012 01:54:52 Software Distribution Service 3.0
09-09-2012 06:10:13 Software Distribution Service 3.0
10-09-2012 01:52:48 Software Distribution Service 3.0
11-09-2012 01:52:50 Software Distribution Service 3.0
12-09-2012 02:43:20 System Checkpoint
12-09-2012 15:54:33 Software Distribution Service 3.0
13-09-2012 07:00:16 Software Distribution Service 3.0
13-09-2012 15:54:49 Software Distribution Service 3.0
14-09-2012 15:54:42 Software Distribution Service 3.0
15-09-2012 15:54:43 Software Distribution Service 3.0
16-09-2012 06:07:58 Software Distribution Service 3.0
16-09-2012 15:54:42 Software Distribution Service 3.0
17-09-2012 17:40:44 System Checkpoint
18-09-2012 03:55:30 Software Distribution Service 3.0
19-09-2012 03:58:25 System Checkpoint
19-09-2012 21:50:46 Installed iTunes
19-09-2012 22:23:28 Printer Driver PDFCreator Installed
20-09-2012 00:10:30 Printer Driver PDFCreator Installed
20-09-2012 01:02:23 Software Distribution Service 3.0
20-09-2012 07:00:22 Software Distribution Service 3.0
20-09-2012 10:32:41 Restore Operation
20-09-2012 10:50:18 Restore Operation
20-09-2012 11:00:28 Restore Operation
20-09-2012 11:06:44 Restore Operation
20-09-2012 23:51:28 Software Distribution Service 3.0
20-09-2012 23:55:04 Removed Snap.Do
20-09-2012 23:59:36 Removed AVG 2012
21-09-2012 00:00:48 Removed AVG 2012
21-09-2012 00:08:48 Restore Operation
21-09-2012 02:55:24 Installed Windows XP KB2598845.
21-09-2012 02:56:15 Installed Windows XP KB2632503.
21-09-2012 10:55:32 Software Distribution Service 3.0
22-09-2012 11:49:36 System Checkpoint
22-09-2012 19:56:31 Software Distribution Service 3.0
23-09-2012 05:31:51 Software Distribution Service 3.0
23-09-2012 07:00:15 Software Distribution Service 3.0
24-09-2012 07:21:35 System Checkpoint
24-09-2012 07:31:35 Software Distribution Service 3.0
25-09-2012 08:21:35 System Checkpoint
26-09-2012 07:28:34 Software Distribution Service 3.0
27-09-2012 07:28:31 Software Distribution Service 3.0
28-09-2012 08:17:25 System Checkpoint
29-09-2012 01:24:29 Software Distribution Service 3.0
30-09-2012 01:24:11 Software Distribution Service 3.0
01-10-2012 01:24:13 Software Distribution Service 3.0
02-10-2012 00:43:46 Printer Driver PDFCreator Installed
02-10-2012 10:23:01 Installed Microsoft Fix it 50191
02-10-2012 10:36:33 Software Distribution Service 3.0
02-10-2012 10:57:05 Software Distribution Service 3.0
03-10-2012 00:03:27 Removed AVG 2012
03-10-2012 00:11:26 Removed AVG 2012
03-10-2012 00:13:23 Removed ASPCA Reminder by We-Care.com v4.1.18.1
03-10-2012 00:27:56 Removed AVG 2012
03-10-2012 16:04:07 Software Distribution Service 3.0
03-10-2012 23:20:59 Removed AVG 2012
04-10-2012 00:09:21 Installed AVG 2013
04-10-2012 00:10:44 Installed AVG 2013
04-10-2012 00:10:50 Removed AVG 2013
04-10-2012 10:57:46 First Restore Point
04-10-2012 23:22:10 Software Distribution Service 3.0
05-10-2012 10:29:06 Removed Kaspersky Internet Security 2013.
06-10-2012 10:54:15 System Checkpoint
07-10-2012 20:30:56 System Checkpoint
08-10-2012 10:35:23 Removed AVG 2012
09-10-2012 12:36:20 System Checkpoint
10-10-2012 13:22:32 System Checkpoint
11-10-2012 07:00:18 Software Distribution Service 3.0
12-10-2012 02:19:49 Software Distribution Service 3.0
12-10-2012 23:11:26 Software Distribution Service 3.0
13-10-2012 11:00:16 Installed Windows XP KB914882.
13-10-2012 11:04:04 Software Distribution Service 3.0
13-10-2012 11:30:10 Software Distribution Service 3.0
13-10-2012 22:22:22 Software Distribution Service 3.0
14-10-2012 10:36:13 Software Distribution Service 3.0
15-10-2012 00:55:17 Software Distribution Service 3.0
15-10-2012 01:13:20 Software Distribution Service 3.0

**** End of log ****

Farbar Service Scanner Version: 07-10-2012
Ran by HP_Administrator (administrator) on 15-10-2012 at 20:44:49
Running from "C:\Documents and Settings\HP_Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is set to Disabled. The default start type is Auto.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2011-05-27 19:37] - [2006-05-19 08:59] - 0111616 ____N (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2011-05-27 19:37] - [2008-08-14 05:51] - 0138368 ____N (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2011-05-27 19:37] - [2004-08-10 00:00] - 0162816 ____N (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2011-05-27 19:37] - [2008-06-20 06:45] - 0360320 ____N (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2011-05-27 19:37] - [2004-08-10 00:00] - 0074752 ____N (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-10 00:00] - [2008-02-20 01:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-10 00:00] - [2004-08-10 00:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-10 00:00] - [2005-08-22 14:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 00:00] - [2004-08-10 00:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2004-08-10 00:00] - [2004-08-10 00:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2011-05-27 19:37] - [2004-08-10 00:00] - 0073472 ____N (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-10 00:00] - [2004-08-10 00:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 00:00] - [2004-08-10 00:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2004-08-10 00:00] - [2004-08-10 00:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2011-05-27 19:37] - [2004-08-10 00:00] - 0382464 ____N (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-10 00:00] - [2008-07-07 16:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-10 00:00] - [2004-08-10 00:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-10 00:00] - [2004-08-10 00:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-10 00:00] - [2009-02-09 06:20] - 0399360 ____A (Microsoft Corporation) 01095FEBF33BEEA00C2A0730B9B3EC28

C:\WINDOWS\system32\services.exe
[2011-05-27 19:37] - [2009-02-06 13:14] - 0110592 ____N (Microsoft Corporation) 37561F8D4160D62DA86D24AE41FAE8DE


Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x1000000004000000010000000200000003000000080000000600000007000000090000000A0000000B0000000C0000000D0000000E0000000F0000001000000005000000
IpSec Tag value is correct.

**** End of log ****

# AdwCleaner v2.005 - Logfile created 10/15/2012 at 20:30:59
# Updated 14/10/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 2 (32 bits)
# User : HP_Administrator - FAMILY
# Boot Mode : Normal
# Running from : C:\Documents and Settings\HP_Administrator\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Browser Manager

***** [Files / Folders] *****

Deleted on reboot : C:\Documents and Settings\All Users\Application Data\Browser Manager
Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search
File Deleted : C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\eBay.lnk
File Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\extensions\addon@defaulttab.com.xpi
File Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\searchplugins\bProtect.xml
File Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\searchplugins\Conduit.xml
File Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\searchplugins\search-here.xml
File Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\searchplugins\Web Search.xml
File Deleted : C:\Program Files\Mozilla Firefox\extensions\wtxpcom@mybrowserbar.com
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\user.js
File Deleted : C:\WINDOWS\system32\searchplugins\bProtect.xml
Folder Deleted : C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\avg@toolbar
Folder Deleted : C:\DOCUME~1\HP_ADM~1\LOCALS~1\Temp\CT3244149
Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\IBUpdaterService
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer
Folder Deleted : C:\Documents and Settings\All Users\Application Data\WeCareReminder
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\iWin
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\CT3244149
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\extensions\{462be121-2b54-4218-bf00-b9bf8135b23f}
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\extensions\playbryte@playbryte.com
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\extensions\staged
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\Smartbar
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\pdfforge
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Qwiklinx
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Search Settings
Folder Deleted : C:\Documents and Settings\HP_Administrator\Application Data\Toolbar4
Folder Deleted : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\AVG Secure Search
Folder Deleted : C:\Documents and Settings\HP_Administrator\My Documents\ShopToWin
Folder Deleted : C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Browser Manager
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
Folder Deleted : C:\Program Files\Common Files\spigot
Folder Deleted : C:\Program Files\Free Offers from Freeze.com
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\Program Files\Playbryte
Folder Deleted : C:\Program Files\Qwiklinx
Folder Deleted : C:\Program Files\Savings Sidekick
Folder Deleted : C:\Program Files\Yontoo
Folder Deleted : C:\Program Files\YouTube Downloader Toolbar

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\applic~1\browse~1\22639~1.201\{16cdf~1\browse~1.dll
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\bProtector
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Qwiklinx
Key Deleted : HKCU\Software\Savings Sidekick
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\bProtector
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\AxSHDocVw.AxWebBrowser
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6823F25B-4D75-38A1-A163-7C696B45701F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO
Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{204C0025-C26A-43E2-853C-D8A8EB1BCE51}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2E497885-E60B-420A-832D-0148B392E058}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Updater Service
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2E497885-E60B-420A-832D-0148B392E058}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKU\S-1-5-21-3638874618-4158258702-3043178669-1007\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browsers] *****

-\\ Internet Explorer v6.0.2900.2180

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=a6c73e14-3c63-44dc-8108-585153390d10&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=a6c73e14-3c63-44dc-8108-585153390d10&searchtype=ds&q={searchTerms} --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=VertiTechnology&dpid=VertiTechnology&co=US&userid=a6c73e14-3c63-44dc-8108-585153390d10&searchtype=ds&q={searchTerms} --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\prefs.js

C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\j96tq51l.default\user.js ... Deleted !

Deleted : user_pref("CT3244149.1000082.isPlayDisplay", "true");
Deleted : user_pref("CT3244149.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Deleted : user_pref("CT3244149.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3244149.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3244149.FirstTime", "true");
Deleted : user_pref("CT3244149.FirstTimeFF3", "true");
Deleted : user_pref("CT3244149.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT324[...]
Deleted : user_pref("CT3244149.UserID", "UN09413243645310898");
Deleted : user_pref("CT3244149.UserId", "01292a78-1dc4-ae4e-20df-7fd9f394f631");
Deleted : user_pref("CT3244149.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3244149.browser.search.defaultthis.engineName", true);
Deleted : user_pref("CT3244149.defaultSearch", "true");
Deleted : user_pref("CT3244149.embeddedsData", "[{\"appId\":\"129895725399351616\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3244149.enableAlerts", "always");
Deleted : user_pref("CT3244149.enableSearchFromAddressBar", "true");
Deleted : user_pref("CT3244149.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3244149.first_time_search", "1");
Deleted : user_pref("CT3244149.fixPageNotFoundError", "true");
Deleted : user_pref("CT3244149.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3244149.fixUrls", true);
Deleted : user_pref("CT3244149.hxxp___api18_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___api22_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___api25_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___api26_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___api28_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___api29_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___api30_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___api32_starwebnet_com.pid2", "bfce3c05685a8b29");
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.APP_WIN_FEATURES", "resizable=yes, scrollb[...]
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_cache", "[\"c822c1b63853ed273b89[...]
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_defaultGui", "{\"gui\":[{\"type\[...]
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.Affiliate_settings", "{\"initUrl\":\"hxxp:[...]
Deleted : user_pref("CT3244149.hxxp___toolbar_jollywallet_com_tlb_2.lastAccess", "2012-9-15");
Deleted : user_pref("CT3244149.installId", "155");
Deleted : user_pref("CT3244149.installType", "ConduitNSISIntegration");
Deleted : user_pref("CT3244149.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3244149.isNewTabEnabled", true);
Deleted : user_pref("CT3244149.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3244149.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3244149.keyword", true);
Deleted : user_pref("CT3244149.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]
Deleted : user_pref("CT3244149.openThankYouPage", "false");
Deleted : user_pref("CT3244149.openUninstallPage", "true");
Deleted : user_pref("CT3244149.search.searchAppId", "129895725399351616");
Deleted : user_pref("CT3244149.search.searchCount", "0");
Deleted : user_pref("CT3244149.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3244149.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3244149.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3244149.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3244149.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3244149.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3244149.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350263327778");
Deleted : user_pref("CT3244149.serviceLayer_services_appsMetadata_lastUpdate", "1350263207991");
Deleted : user_pref("CT3244149.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1350263208070");
Deleted : user_pref("CT3244149.serviceLayer_services_login_10.10.27.6_lastUpdate", "1350340789522");
Deleted : user_pref("CT3244149.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1350263208119");
Deleted : user_pref("CT3244149.serviceLayer_services_searchAPI_lastUpdate", "1350263208298");
Deleted : user_pref("CT3244149.serviceLayer_services_serviceMap_lastUpdate", "1350263207666");
Deleted : user_pref("CT3244149.serviceLayer_services_toolbarContextMenu_lastUpdate", "1350263208014");
Deleted : user_pref("CT3244149.serviceLayer_services_toolbarSettings_lastUpdate", "1350340789347");
Deleted : user_pref("CT3244149.serviceLayer_services_translation_lastUpdate", "1350263207729");
Deleted : user_pref("CT3244149.settingsINI", true);
Deleted : user_pref("CT3244149.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3244149.smartbar.CTID", "CT3244149");
Deleted : user_pref("CT3244149.smartbar.Uninstall", "0");
Deleted : user_pref("CT3244149.smartbar.homepage", true);
Deleted : user_pref("CT3244149.smartbar.toolbarName", "WhiteSmoke US New ");
Deleted : user_pref("CT3244149.toolbarBornServerTime", "15-10-2012");
Deleted : user_pref("CT3244149.toolbarCurrentServerTime", "16-10-2012");
Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=1[...]
Deleted : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New Customized Web Search");
Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3244149[...]
Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://feed.snap.do/?publisher=VertiTechnology&d[...]
Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3244149");
Deleted : user_pref("avg.install.userHPSettings", "^hxxp://.*\\.babylon\\.com/\\?affID=.*");
Deleted : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Deleted : user_pref("browser.search.selectedEngine", "WhiteSmoke US New Customized Web Search");
Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3244149&SearchSource=13");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "dc41f5210000000000000018f394e5a8");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15615");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.720:47:49");
Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationThankYouPage", true);
Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1349138861);
Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.searchUserConifrmation", false[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setHomepage", false);
Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setNewTab", false);
Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setSearch", false);
Deleted : user_pref("extensions.crossriderapp5060.5060.active", true);
Deleted : user_pref("extensions.crossriderapp5060.5060.addressbar", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundver", 6);
Deleted : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true);
Deleted : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.changeprevious", false);
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1349138861");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1349138861");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Sun Oct 07 2012 18:[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Mon Oct 08 2012 [...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22US%22");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1349647166");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2214019%22");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1349139974254");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221224%22");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2288647%22");
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1349139952922");
Deleted : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick");
Deleted : user_pref("extensions.crossriderapp5060.5060.domain", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.enablesearch", false);
Deleted : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.group", 0);
Deleted : user_pref("extensions.crossriderapp5060.5060.homepage", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.iframe", false);
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.value", "%7B%22installe[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "36");
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0");
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Sun Oct 07[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true");
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D");
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22re[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.manifesturl", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick");
Deleted : user_pref("extensions.crossriderapp5060.5060.newtab", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.opensearch", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 7);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 3);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "(function(f,B){if(typeof(B)==[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 3);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1);
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,47,1000015");
Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]
Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 14);
Deleted : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps");
Deleted : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0);
Deleted : user_pref("extensions.crossriderapp5060.5060.setnewtab", false);
Deleted : user_pref("extensions.crossriderapp5060.5060.settingsurl", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.thankyou", "");
Deleted : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360);
Deleted : user_pref("extensions.crossriderapp5060.5060.ver", 36);
Deleted : user_pref("extensions.crossriderapp5060.adsOldValue", -1);
Deleted : user_pref("extensions.crossriderapp5060.apps", "5060");
Deleted : user_pref("extensions.crossriderapp5060.bic", "13a1ef1ce38857d0e7ba0017847dd41c");
Deleted : user_pref("extensions.crossriderapp5060.cid", 5060);
Deleted : user_pref("extensions.crossriderapp5060.firstrun", false);
Deleted : user_pref("extensions.crossriderapp5060.hadappinstalled", true);
Deleted : user_pref("extensions.crossriderapp5060.installationdate", 1349138894);
Deleted : user_pref("extensions.crossriderapp5060.lastcheck", 22494015);
Deleted : user_pref("extensions.crossriderapp5060.lastcheckitem", 22494120);
Deleted : user_pref("extensions.crossriderapp5060.modetype", "production");
Deleted : user_pref("extensions.crossriderapp5060.reportInstall", true);
Deleted : user_pref("extensions.defaulttab.config", "{\"status\": \"ok\", \"config\": {\"dns_error_handling\":[...]
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.AutoSearchEventData", "auto%20search");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.ClearCacheDate", 19);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.DNSCatch", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.DisplayEULA", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.DnsCatchEventData", "dns%20catch");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.EBOMode", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.EnableDCAData_xx", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.EnableDCA_xx", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.FirstLaunchShown", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.InstallDomain", "freecause.com");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.InstallType", "standard");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.LoadLayoutDate.100569", 19);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.NewTabSearchEventData", "tab%20search");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.ShowRecommendedOptions", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.StateReportDate", "1348093427045");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.TopRightSearchEventData", "top%20right%20search[...]
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.beforeInstallSaved", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.beforeinstall.homepage", "hxxp%3A//feed.snap.do[...]
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.beforeinstall.search", "Web%20Search");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.customNewTab", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.dcaDefaultMode", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.dcaShowInstallerPage", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.dcaShowSurvey", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.helpUsImprove", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.hideOthers", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.partnerauth", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.processAddrBar", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.restoreSearch", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.searchHistory", true);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.session", "04D23493B2631025D48D2292EF2991541236[...]
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.showFirstLaunchOptions", false);
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.tb_lang", "en");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.tool_id", "100569");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.user_id", "121511348");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.user_key", "9519c4464e21e925c3057fe00cd0c893e4f[...]
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.user_layouts", "100569");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.user_lnames", "Shop%20to%20Win%2029");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.vars.disablecuidinject", "1");
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.xml_service_url", "6bb94bbf55fe2f255901a560824a[...]
Deleted : user_pref("freecausef6eedaac826d50f43dedd0d2b7570509.yahooSearch", false);
Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3244149&SearchSource=2&q=[...]

Profile name : default
File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ct8mxzm0.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [44623 octets] - [15/10/2012 20:30:59]

########## EOF - C:\AdwCleaner[S1].txt - [44684 octets] ##########

#7 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 15 October 2012 - 07:48 PM

Hello,,,I ran all four except the last one the "junkware" because it says for Vista or Windows 7.......and I don't have either....If you want me to run it still just let me know...Thanks

#8 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 15 October 2012 - 07:53 PM

Oh,, I almost forgot...when I first dwnloded the malwarebytes i got a popup wnd that said.

"setup"

coCreate instance failed: code 0x80040154
class not registered

However, I was still able to run it..

Thanks

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 PM

Posted 15 October 2012 - 09:46 PM

Just double click on the tool and run it,post the log

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#10 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 16 October 2012 - 05:39 AM

Junkware Removal Tool (JRT) by Thisisu
Version: 1.6.7 (10.16.2012)
OS: Microsoft Windows XP x86
Ran by HP_Administrator on Tue 10/16/2012 at 6:10:22.82
Blog: http://thisisudax.blogspot.com
**************************************************************




*** Services: 0 Detections



*** Registry Values: 0 Detections



*** Registry Keys:

Successfully deleted: [KEY] hkey_classes_root\clsid\{3e7c8b5a-96ab-438f-bf9b-782400655440}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{3e7c8b5a-96ab-438f-bf9b-782400655440}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{3e7c8b5a-96ab-438f-bf9b-782400655440}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{3e7c8b5a-96ab-438f-bf9b-782400655440}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{5911488e-9d1e-40ec-8cbb-06b231cc153f}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{6e13d095-45c3-4271-9475-f3b48227dd9f}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\stats\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [KEY] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{7f6afbf1-e065-4627-a2fd-810366367d01}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{f3fee66e-e034-436a-86e4-9690573bee8a}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{fd72061e-9fde-484d-a58a-0bab4151cad8}



*** Files:

Successfully deleted: [FILE] C:\Documents and Settings\HP_Administrator\Application Data\dvdvideosoft\dvsYoutubeDownload.crx
Successfully deleted: [FILE] C:\Documents and Settings\HP_Administrator\Application Data\dvdvideosoftiehelpers\freeytvdownloader.htm



*** Folders:

Successfully deleted: [FOLDER] "C:\Documents and Settings\HP_Administrator\Application Data\dvdvideosoft"
Successfully deleted: [FOLDER] "C:\Documents and Settings\HP_Administrator\Application Data\dvdvideosoftiehelpers"
Successfully deleted: [FOLDER] "C:\Documents and Settings\HP_Administrator\Application Data\pc cleaners"
Successfully deleted: [FOLDER] "C:\Documents and Settings\HP_Administrator\Application Data\pcpro"
Successfully deleted: [FOLDER] "C:\Documents and Settings\HP_Administrator\Application Data\speedypc software"
Successfully deleted: [FOLDER] "C:\Program Files\Common Files\dvdvideosoft"
Successfully deleted: [FOLDER] "C:\Program Files\dvdvideosoft"



*** Ask Toolbar Cleanup:

Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{00000000-6e41-4fd3-8538-502f5495e5fc}
Successfully deleted: [KEY] hkey_current_user\software\microsoft\windows\currentversion\ext\settings\{d4027c7f-154a-4066-a1ad-4243d8127440}



*** FireFox detected and repaired

Failed to delete: [bing.xml.old] from "C:\Program Files\mozilla firefox\searchplugins"
Removed the following from [PREFS.JS] :

user_pref("extensions.crossrider.bic", "13a1ef1ce38857d0e7ba0017847dd41c");
user_pref("extentions.y2layers.defaultEnableAppsList", "ezLooker,buzzdock,YontooNewOffers");
user_pref("extentions.y2layers.installId", "6d350239-3789-4dee-a13d-75ef8d4afdd1");


*** Event Viewer Logs - NOT cleared





**************************************************************
Scan was completed on Tue 10/16/2012 at 6:18:23.89
End of Report

Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/16/2012 06:20:04 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* c:\windows\system\hpsysdrv.exe (PID: 628) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* DNS Client (Dnscache) is not Running.
Startup Type set to: Disabled

* MSDTC [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 10/16/2012 06:20:51 AM
Execution time: 0 hours(s), 0 minute(s), and 46 seconds(s)

#11 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 16 October 2012 - 05:52 AM

im trying to post this last autoruns log but when I do its a huge file and the bleeping comp wnd says Im posting a file with too many emotocons..to try to reduce it. I guess symbols.

#12 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 16 October 2012 - 06:03 AM

I dwnld the file,,,,extract it fine,,,there is no "Launch" but I can open it fine,,,,in the autoruns wnd there are four (4) icons:
1=autoruns.chm
2nd=Eula.txt
3rd=autoruns.exe
4th=autorunsc.exe

I opened and ran the 3rd one first which opened another window that ontop said autoruns [Family\HP_Administrator]-systernals

it ran something it has a bunch of small tabs ontop like:codecs, boot execute,network providers, everything. so on that I went to save...save as autorun.txt...thats the file that is very large..

when I ran the 4th icon..autorunsc.exe.. it opened a black wnd. very quickly but closed. unless Im doing something incorrectly that should be about right.
Thanks

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 PM

Posted 16 October 2012 - 09:28 AM

it ran something it has a bunch of small tabs ontop like:codecs, boot execute,network providers, everything. so on that I went to save...save as autorun.txt...thats the file that is very large..


Post the contents of this file here

#14 pirimid

pirimid
  • Topic Starter

  • Members
  • 46 posts
  • OFFLINE
  •  
  • Local time:02:53 PM

Posted 16 October 2012 - 07:21 PM

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "AVG_TRAY" "AVG Tray Monitor" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgtray.exe"
+ "DMAScheduler" "DMAScheduler" "Sonic Solutions" "c:\program files\hp digitalmedia archive\dmascheduler.exe"
+ "ftutil2" "ftutil2 DLL" "Promise Technology, Inc." "c:\windows\system32\ftutil2.dll"
+ "HP Software Update" "Hewlett-Packard Product Assistant" "Hewlett-Packard Co." "c:\program files\hp\hp software update\hpwuschd2.exe"
+ "HPBootOp" "HP Boot Optimizer" "Hewlett-Packard Company" "c:\program files\hewlett-packard\hp boot optimizer\hpbootop.exe"
+ "MSC" "Microsoft Security Client User Interface" "Microsoft Corporation" "c:\program files\microsoft security client\msseces.exe"
+ "NeroFilterCheck" "NeroCheck" "Nero AG" "c:\program files\common files\ahead\lib\nerocheck.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "nwiz" "NVIDIA nView Wizard, Version 110.34 " "NVIDIA Corporation" "c:\windows\system32\nwiz.exe"
+ "PMBVolumeWatcher" "Media Check Tool" "Sony Corporation" "c:\program files\sony\pmb\pmbvolumewatcher.exe"
+ "Recguard" "Recguard Application" "" "c:\windows\sminst\recguard.exe"
+ "ROC_roc_ssl_v12" "" "" "File not found: C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe"
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
+ "TkBellExe" "RealNetworks Scheduler" "RealNetworks, Inc." "c:\program files\real\realplayer\update\realsched.exe"
+ "UpdatePDRShortCut" "MUI StartMenu Application" "CyberLink Corp." "c:\program files\cyberlink\powerdirector10\muitransfer\muistartmenu.exe"
+ "vProt" "" "" "File not found: C:\Program Files\AVG Secure Search\vprot.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "HP Digital Imaging Monitor.lnk" "" "" "c:\documents and settings\all users\start menu\programs\startup\hp digital imaging monitor.lnk"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect" "" "" ""
+ "NeroMobileAd" "Nero Mobile Advertisment" "Nero AG" "c:\program files\nero\nero 7\nero mobile\neromobilead.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "EPP" "Microsoft Security Client Shell Extension" "Microsoft Corporation" "c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "00nView" "NVIDIA Desktop Explorer, Version 110.34 " "NVIDIA Corporation" "c:\windows\system32\nvshell.dll"
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "NeroDigitalColumnHandler Class" "Nero Digital Shell Extension" "Nero AG" "c:\program files\common files\ahead\lib\nerodigitalext.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" "" "Sun Microsystems, Inc." "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "AVG Shell Extension" "AVG Shell Extension" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgse.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "NBShellHook Class" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers" "" "" ""
+ "NBShellHook" "Nero BackItUp" "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Adobe PDF Reader Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"
+ "AVG Safe Search" "Safe Search for Internet Explorer" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgssie.dll"
+ "D-Link Toolbar Loader" "D-Link Toolbar IE Dynamic Link Library" "AOL LLC." "c:\program files\d-link toolbar\dlinktb.dll"
+ "hpWebHelper Class" "IE browser helper object" "Hewlett-Packard" "c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\webhelper.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "RealPlayer Download and Record Plugin for Internet Explorer" "RealPlayer Download and Record Plugin" "RealPlayer" "c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll"
+ "SSVHelper Class" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Internet Connection Help" "" "" "File not found: C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm"
+ "Sun Java Console" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2iexp.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "Adobe® Flash® Player Update Service 11.4 r402" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "ASC4_PerformanceMonitor.job" "" "" "File not found: C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "PC Optimizer Pro startups.job" "" "" "File not found: C:\Program Files\PC Optimizer Pro\StartApps.exe -sm"
+ "PC Optimizer Pro Updates.job" "" "" "File not found: C:\Program Files\PC Optimizer Pro\StartApps.exe -psdu"
+ "RealUpgradeLogonTaskS-1-5-21-3638874618-4158258702-3043178669-1007.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "RealUpgradeScheduledTaskS-1-5-21-3638874618-4158258702-3043178669-1007.job" "RealUpgrade Launcher" "RealNetworks, Inc." "c:\program files\real\realupgrade\realupgrade.exe"
+ "ReclaimerUpdateFiles_HP_Administrator.job" "RealNetworks Installer" "RealNetworks, Inc." "c:\documents and settings\hp_administrator\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
+ "ReclaimerUpdateXML_HP_Administrator.job" "RealNetworks Installer" "RealNetworks, Inc." "c:\documents and settings\hp_administrator\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
+ "RNUpgradeHelperLogonPrompt_HP_Administrator.job" "RealNetworks Installer" "RealNetworks, Inc." "c:\documents and settings\hp_administrator\application data\real\update\upgradehelper\realplayer\10.20\agent\rnupgagent.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AVGIDSAgent" "Provides Identity Protection Against Cyber Crime." "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgidsagent.exe"
+ "avgwd" "AVG Watchdog Service" "AVG Technologies CZ, s.r.o." "c:\program files\avg\avg2012\avgwdsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "GSService" "" "" "c:\windows\system32\gsservice.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "LightScribeService" "Used by the LightScribe software components to support 3rd party disc labeling applications using the LightScribe COM Application Programming Interface (LSCAPI). This service needs to run for LightScribe direct disc labeling to work." "Hewlett-Packard Company" "c:\program files\common files\lightscribe\lssrvc.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MsMpSvc" "Helps protect users from malware and other potentially unwanted software" "Microsoft Corporation" "c:\program files\microsoft security client\msmpeng.exe"
+ "NBService" "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, CD/DVD or FTP." "Nero AG" "c:\program files\nero\nero 7\nero backitup\nbservice.exe"
+ "NVSvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvsvc32.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Pml Driver HPZ12" "PML Driver" "HP" "c:\windows\system32\hpzipm12.exe"
+ "RichVideo" "RichVideo Module" "" "c:\program files\cyberlink\shared files\richvideo.exe"
+ "SMServer" "SMServer" "SMServer" "c:\windows\system32\snmvtsvc.exe"
+ "vToolbarUpdater13.1.0" "" "" "File not found: C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.1.0\ToolbarUpdater.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AgereSoftModem" "SoftModem Device Driver" "Agere Systems" "c:\windows\system32\drivers\agrsm.sys"
+ "AmdK8" "AMD Processor Driver" "Advanced Micro Devices" "c:\windows\system32\drivers\amdk8.sys"
+ "AnyDVD" "AnyDVD Filter Driver" "SlySoft, Inc." "c:\windows\system32\drivers\anydvd.sys"
+ "AVGIDSHX" "AVG Technologies IDS Application Activity Monitor Helper Driver" "" "File not found: system32\DRIVERS\avgidshx.sys"
+ "avgtp" "" "AVG Technologies" "c:\windows\system32\drivers\avgtpx86.sys"
+ "bb-run" "Promise Disk Accelerator" "Promise Technology, Inc." "c:\windows\system32\drivers\bb-run.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "ElbyCDIO" "ElbyCD Windows NT/2000/XP I/O driver" "Elaborate Bytes AG" "c:\windows\system32\drivers\elbycdio.sys"
+ "ftsata2" "Promise Driver for Windows Server 2003" "Promise Technology, Inc." "c:\windows\system32\drivers\ftsata2.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "hechttwb" "" "" "File not found: C:\WINDOWS\System32\Drivers\hechttwb.sys"
+ "HPZid412" "IEEE-1284.4-1999 Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzid412.sys"
+ "HPZipr12" "IEEE-1284.4-1999 Print Class Driver" "HP" "c:\windows\system32\drivers\hpzipr12.sys"
+ "HPZius12" "1284.4<->Usb Datalink Driver (Windows 2000)" "HP" "c:\windows\system32\drivers\hpzius12.sys"
+ "HSX_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dp.sys"
+ "HSXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwbs2.sys"
+ "i2omgmt" "" "" "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "mdmxsdk" "Diagnostic Interface DRIVER" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.08 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "NVENETFD" "NVIDIA Networking Function Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvenetfd.sys"
+ "nvnetbus" "NVIDIA Networking Bus Driver." "NVIDIA Corporation" "c:\windows\system32\drivers\nvnetbus.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ps2" "PS2 SYS" "Hewlett-Packard Company" "c:\windows\system32\drivers\ps2.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "RimUsb" "" "" "File not found: System32\Drivers\RimUsb.sys"
+ "RimVSerPort" "RIM Virtual Serial Driver" "Research in Motion Ltd" "c:\windows\system32\drivers\rimserial.sys"
+ "rtl8139" "Realtek RTL8139 NDIS 5.0 Driver" "Realtek Semiconductor Corporation" "c:\windows\system32\drivers\rtl8139.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SndTAudio" "Support Device" "Windows ® Codename Longhorn DDK provider" "c:\windows\system32\drivers\sndtaudio.sys"
+ "ssadbus" "SAMSUNG Android USB Composite Device Driver" "MCCI Corporation" "c:\windows\system32\drivers\ssadbus.sys"
+ "ssadmdfl" "SAMSUNG Android USB Modem (Filter)" "MCCI Corporation" "c:\windows\system32\drivers\ssadmdfl.sys"
+ "ssadmdm" "SAMSUNG Android USB Modem Drivers" "MCCI Corporation" "c:\windows\system32\drivers\ssadmdm.sys"
+ "ssadserd" "SAMSUNG Android USB Diagnostic Serial Port (WDM)" "MCCI Corporation" "c:\windows\system32\drivers\ssadserd.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "WDC_SAM" "Manages WD external storage products." "Western Digital Technologies" "c:\windows\system32\drivers\wdcsam.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsx" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.DIVX" "DivX® Codec for Windows" "DivXNetworks, Inc." "c:\windows\system32\divx.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "vidc.LEAD" "" "" "File not found: LCODCCMP.DLL"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Audio Destination" "WAVDest Filter (Sample)" "Microsoft Corporation" "c:\program files\google\google earth\client\wavdest.ax"
+ "AVI Writer" "" "" "c:\program files\common files\muvee technologies\divx\aviwriter.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CyberLink Audio Decoder (HP_DT)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\hp\shared files\claud.ax"
+ "CyberLink Audio Spectrum Analyzer (DVDP)" "CLAudSpa.ax" "CyberLink Corp." "c:\program files\hp\dvdplay\kernel\movie\claudspa.ax"
+ "CyberLink AudioCD Filter" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\hp\dvdplay\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer (HP_DD2005)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\hp\dvdplay\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\hp\dvdplay\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\hp\dvdplay\kernel\movie\clline21.ax"
+ "CyberLink Video Effect" "CLVidFx" "CyberLink" "c:\program files\hp\dvdplay\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\hp\dvdplay\kernel\movie\clvsd.ax"
+ "DivX Decoder Filter" "DivX® Decoder Filter" "DivXNetworks, Inc." "c:\windows\system32\divxdec.ax"
+ "DV Scenes" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "DV Source Filter" "DV-Timecode based Scenechange Detection" "Nero AG" "c:\program files\nero\nero 7\nero vision\nvdv.dll"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "HighMAT and MPV Navigator Filter" "MPV Playback Filter" "" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HighMAT/MPV Navigation Client Filter" "MPV Playback Filter" "" "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"
+ "HP Frame Grabber Filter" "Videotoolkit - Directshow Filters" "Hewlett-Packard Development Company, L.P." "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "HP MPEG-1 Encoder" "Videotoolkit - Directshow Filters" "Hewlett-Packard Development Company, L.P." "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "HP Resize Filter" "Videotoolkit - Directshow Filters" "Hewlett-Packard Development Company, L.P." "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "HP Rotate Filter" "Videotoolkit - Directshow Filters" "Hewlett-Packard Development Company, L.P." "c:\program files\hp\digital imaging\bin\hpqdsftr.ax"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "LEAD MCMP/MJPEG Codec" "LEAD MCMP/MJPEG Codec" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lcodccmp.dll"
+ "LEAD MCMP/MJPEG Decoder" "LEAD MCMP/MJPEG Codec" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lcodccmp.dll"
+ "LEAD Video AutoLvl Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvautolvl.dll"
+ "LEAD Video Callback Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvcalbk.dll"
+ "LEAD Video Color Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvclr.dll"
+ "LEAD Video Crop Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvcrop.dll"
+ "LEAD Video EFX Aging Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmiscfx.dll"
+ "LEAD Video EFX Brightness Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX BumpMap Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmiscfx.dll"
+ "LEAD Video EFX Dizzy Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmiscfx.dll"
+ "LEAD Video EFX Ghost Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Glass Tile Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmiscfx.dll"
+ "LEAD Video EFX Hologram Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Lens Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmiscfx.dll"
+ "LEAD Video EFX Lightning Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Maze Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmiscfx.dll"
+ "LEAD Video EFX Motion Blur Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Motion Emboss Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Motion Mosaic Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Motion Scan Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Particles Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Predator Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Rain Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmiscfx.dll"
+ "LEAD Video EFX Streak Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video EFX Wave Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmtnfx.dll"
+ "LEAD Video Emboss Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvembs.dll"
+ "LEAD Video Mosaic Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvmosc.dll"
+ "LEAD Video Resize Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvrsz.dll"
+ "LEAD Video RGB Converter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvrgbxf.dll"
+ "LEAD Video Rotation Filter" "LEAD Multimedia Processor Filter" "LEAD Technologies, Inc." "c:\program files\nero\nero photoshow 4\data\xtras\lmvrot.dll"
+ "MainConcept (Muvee) MPEG Audio Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept2\muveedsmpeg.ax"
+ "MainConcept (Muvee) MPEG Audio Encoder" "MPEG Audio Encoder" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept2\muveeeampeg.ax"
+ "MainConcept (Muvee) MPEG Splitter" "Mpeg I/II Splitter" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept2\muveespmpeg.ax"
+ "MainConcept (Muvee) MPEG Video Decoder" "MPEG Video and Audio Decoder" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept2\muveedsmpeg.ax"
+ "MainConcept MPEG Audio Encoder" "MPEG Audio Encoder" "MainConcept AG" "c:\program files\common files\muvee technologies\mainconcept\mceampeg.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "muvee HXImage Filter" "HXImage Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\hximagefilter.ax"
+ "muvee Music Analyser" "Music Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvmanalyse.ax"
+ "muvee Video Analyser" "Video Analyser Filter for muvee autoProducer" "muvee Technologies Pte Ltd" "c:\program files\common files\muvee technologies\030625\mvvanalyse.ax"
+ "NeAudio2" "Nero Audio Decoder 2" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudio2.ax"
+ "Nero Audio CD Filter" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio CD Navigator" "Nero Audio CD Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudcd.ax"
+ "Nero Audio Processor" "Nero Audio Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudioconv.ax"
+ "Nero Audio Processor" "Nero Audio Processor" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\neaudioconv.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nerender.ax"
+ "Nero Audio Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero Audio Stream Renderer" "Nero Library" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nerender.ax"
+ "Nero AV Synchronizer" "Audio/Video Synchronizer" "Nero AG" "c:\program files\common files\ahead\dsfilter\neavsync.ax"
+ "Nero Deinterlace" "Deinterlacing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"
+ "Nero Digital Audio Decoder" "Nero Audio Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\neaudio.ax"
+ "Nero Digital Audio Decoder" "Nero Audio Decoder" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\neaudio.ax"
+ "Nero Digital AVC Audio Encoder" "AAC LC/HE Audio Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendaud.ax"
+ "Nero Digital AVC File Writer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Muxer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Null Renderer" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Subpicture Enc" "NeroDigital File Format Muxer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendmux.ax"
+ "Nero Digital AVC Video Enc" "MPEG4 and H.264 (AVC) Video Encoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nendvid.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\ndparser.ax"
+ "Nero Digital Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero DV Splitter" "DV Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nevideo.ax"
+ "Nero DVD Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero DVD Navigator" "DVD Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nedvd.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\common files\ahead\dsfilter\ndparser.ax"
+ "Nero ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\ndparser.ax"
+ "Nero File Source" "Nero SVCD source filter" "Nero AG " "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"
+ "Nero File Source (Async.)" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nefsource.ax"
+ "Nero File Source / Splitter" "Push Mode VOB Source Filter" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nefsource.ax"
+ "Nero Format Converter" "Frame rate / Color space converter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"
+ "Nero Format Converter" "NeroFormatConv" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\neroformatconv.ax"
+ "Nero Frame Capture" "Direct Show frame grabber filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\necapture.ax"
+ "Nero FTC" "Frame Time Corrector Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neftc.ax"
+ "Nero InteractiveGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero MP4 Splitter" "MP4 Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"
+ "Nero Mpeg2 Encoder" "MPEG 1/2 encoder filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcr.ax"
+ "Nero Ogg Splitter" "Ogg Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"
+ "Nero Overlay Mixer" "Overlay Mixer Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"
+ "Nero Photo Source" "Nero Home" "Nero AG" "c:\program files\common files\ahead\dsfilter\nephotosource.ax"
+ "Nero PresentationGraphics Decoder" "Graphics Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"
+ "Nero PS Muxer" "" "" "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Audio Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\common files\ahead\dsfilter\neqtdec.ax"
+ "Nero QuickTime™ Video Decoder" "QuickTime™ Decoder Wrapper" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\neqtdec.ax"
+ "Nero Resize" "Resizing Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\neresize.ax"
+ "Nero Resize" "Nero Resizing Filter" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\neresize.ax"
+ "Nero Sample Queue" "Sample Queue Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesamplequeue.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nescenedetector.ax"
+ "Nero Scene Change Detector" "Scene Change Detector" "Nero AG" "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"
+ "Nero Sound Processor" "Nero Sound Processor" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesplitter.ax"
+ "Nero Splitter" "Splitter Filter" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nesplitter.ax"
+ "Nero Stream Buffer Sink" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Buffer Source" "Nero Stream Buffer Engine" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesbe.ax"
+ "Nero Stream Control" "Transport Stream Controller Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nestreamcontrol.ax"
+ "Nero Subpicture Decoder" "Nero Subpicture Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"
+ "Nero Subtitle" "Subtitle Mixer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"
+ "Nero Thumbnail Decoder" "Thumbnail Decoder Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"
+ "Nero Vcd Navigator" "Nero Vcd Navigator Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevcd.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"
+ "Nero Video Analyzer" "Nero Video Analyzer" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nevideoanalyzer.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nevideo.ax"
+ "Nero Video Decoder" "MPEG-1/2/4 & AVC video decoder w/ DxVA" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideo.ax"
+ "Nero Video Decoder HD" "Nero HD Video Decoder" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideohd.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nerovideoproc.ax"
+ "Nero Video Processor" "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"
+ "Nero Video Renderer" "Nero Video Renderer" "Nero AG" "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\nero\nero photoshow 4\data\xtras\nerender.ax"
+ "Nero Video Source" "Nero Library" "Nero AG" "c:\program files\common files\ahead\dsfilter\nerender.ax"
+ "Nero3D Text Effect" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero3D Transition" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "Nero3D Video Filter" "Nero 3D DirectShow Filter" "Nero AG" "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"
+ "NeSoundSwitch" "Nero Sound Switcher" "Nero AG" "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"
+ "QuickTime Encoder" "QuickTime Encoder" "muvee Technologies" "c:\program files\common files\muvee technologies\030625\quicktimesink.ax"
+ "QuickTime Source Filter" "QuickTimeSource Module" "" "c:\program files\common files\muvee technologies\030625\quicktimesource.dll"
+ "QuickTimeRenderer Filter" "QuickTimeRenderer Filter" "muvee Technologies Pte. Ltd." "c:\program files\common files\muvee technologies\030625\quicktimerenderer.ax"
+ "RealPlayer Audio Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Transcode Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "RealPlayer Video Filter" "Audio Filter Plugin" "RealNetworks, Inc." "c:\program files\real\realplayer\rdsf3260.dll"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Tivo DirectShow Source Filter" "TiVo DirectShow Filter" "TiVo Inc." "c:\program files\common files\tivo shared\directshow\tivodirectshowfilter.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMplug" "" "" "c:\windows\wt\webdriver\4.1.1\wtwmplug.ax"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKCU\Control Panel\Desktop\Scrnsave.exe" "" "" ""
+ "C:\PROGRA~1\SCREEN~1\RAINYD~1\RAINYD~1\RAINYD~1.SCR" "Nature Illusion Screensaver Engine" "nufsoft.com" "c:\program files\screensavergift\rainy day\rainy day\rainy day.scr"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "HP Standard TCP/IP Port" "Standard TCP/IP Port Monitor DLL" "Hewlett Packard" "c:\windows\system32\hptcpmon.dll"
+ "Language Monitor" "LanguageMonitor" "Hewlett-Packard Company" "c:\windows\system32\hpz3l3xu.dll"
+ "pdfcmon" "pdfcmon" "pdfforge GbR" "c:\windows\system32\pdfcmon.dll"

I figured it out...

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:02:53 PM

Posted 16 October 2012 - 08:41 PM

Any current issues?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users