Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

computer suddenly running very slow and google redirecting me to ads


  • This topic is locked This topic is locked
15 replies to this topic

#1 grnelf56

grnelf56

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:29 AM

Posted 10 November 2012 - 09:04 PM

babylon has shown up on search iuse google I m not a computer person
dds
DDS (Ver_2012-11-07.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1
Run by HP_Administrator at 17:46:41 on 2012-11-10
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.278 [GMT -8:00]
.
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\DISC\DISCover.exe
C:\Program Files\DISC\DiscUpdateMgr.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\program files\real\realplayer\update\realsched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\LSI SoftModem\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\iWin Games\iWinTrusted.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DISC\DiscStreamHub.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\WINDOWS\System32\mshta.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uLocal Page =
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mLocal Page =
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uWinlogon: Shell =
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Installer Class: {1A7793DE-2598-4FA8-9EC5-9442CDE5E1CC} - LocalServer32 - <no file>
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [HPHUPD08] c:\program files\hp\digital imaging\{33d6cc28-9f75-4d1b-a11d-98895b3a3729}\hphupd08.exe
mRun: [DISCover] c:\program files\disc\DISCover.exe
mRun: [DiscUpdateManager] c:\program files\disc\DiscUpdateMgr.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
mRun: [NWEReboot] <no file>
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\epsons~1.lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV03.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:149
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Search - ?p=ZJ
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} - hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab
DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - hxxps://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} - hxxp://www.crucial.com/controls/cpcScanner.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {DA758BB1-5F89-4465-975F-8D7179A4BCF3} - hxxp://messenger.zone.msn.com/binary/WoF.cab57176.cab
DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} - hxxp://messenger.zone.msn.com/binary/Chess.cab57176.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{043A1662-A1FC-494F-9CEE-F7FCD8F154B4} : DHCPNameServer = 192.168.2.1
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\5wkcpt3f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?affID=109935&tt=2912_7&babsrc=KW_ss&mntrId=44f39175000000000000001195c329c7&q=
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\yahoo!\browserplus\2.7.1\plugins\npybrowserplus_2.7.1.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\nprpplugin.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1165635.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - ExtSQL: !HIDDEN! 2009-09-02 00:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(yahoo.ytff.general.dontshowhpoffer, true);user_pref(extensions.BabylonToolbar_i.babTrack, affID=109935&tt=2912_7
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.id - 44f39175000000000000001195c329c7
FF - user.js: extensions.BabylonToolbar_i.hardId - 44f39175000000000000001195c329c7
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15543
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1722:12:40
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2010-5-8 64288]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-10-5 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-6-1 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-1 20696]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-7-11 44768]
R2 iWinTrusted;iWinTrusted;c:\program files\iwin games\iWinTrusted.exe [2010-4-14 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-2-4 1355968]
R2 PD91Agent;PD91Agent;c:\program files\raxco\perfectdisk2008\PD91Agent.exe [2008-9-9 693512]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-1-10 24652]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [2007-12-11 547744]
S2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
S3 ATIXPGAA;ATIXPGAA;\??\c:\program files\pc-doctor 5 for windows\atixpgaa.sys --> c:\program files\pc-doctor 5 for windows\ATIXPGAA.SYS [?]
S3 npkycryp;npkycryp;\??\c:\program files\gravity\ro\npkycryp.sys --> c:\program files\gravity\ro\npkycryp.sys [?]
S3 PCD5SRVC{085326CB-51A3560A-05010003};PCD5SRVC{085326CB-51A3560A-05010003} - PCDR Kernel Mode Service Helper Driver;\??\c:\progra~1\pc-doc~1\pcd5srvc.pkms --> c:\progra~1\pc-doc~1\PCD5SRVC.pkms [?]
S3 PD91Engine;PD91Engine;c:\program files\raxco\perfectdisk2008\PD91Engine.exe [2008-9-9 906504]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [2006-12-24 223128]
.
=============== File Associations ===============
.
ShellExec: EasyShare.exe: Preview="c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe"
.
=============== Created Last 30 ================
.
2012-10-27 07:17:06 14676448 ----a-w- c:\program files\mozilla firefox\xul.dll
2012-10-27 07:17:05 96224 ----a-w- c:\program files\mozilla firefox\webapprt-stub.exe
2012-10-27 07:17:05 19424 ----a-w- c:\program files\mozilla firefox\xpcom.dll
2012-10-27 07:17:04 270816 ----a-w- c:\program files\mozilla firefox\updater.exe
2012-10-27 07:17:04 157272 ----a-w- c:\program files\mozilla firefox\webapp-uninstaller.exe
2012-10-27 07:17:01 889848 ----a-w- c:\program files\mozilla firefox\uninstall\helper.exe
.
==================== Find3M ====================
.
2012-10-09 01:20:33 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-09 01:20:33 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-28 15:14:53 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14:52 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07:15 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53:22 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:33:26 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58:09 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
.
============= FINISH: 17:48:34.21 ===============




attach notepad
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/11/2006 2:22:24 PM
System Uptime: 11/10/2012 10:32:27 AM (7 hours ago)
.
Motherboard: Hewleet-Packard | | Asterope
Processor: Intel® Pentium® 4 CPU 3.20GHz | CPU 1 | 3199/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 150.07 GiB free.
D: is FIXED (FAT32) - 12 GiB total, 4.83 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\FF3D098F0AE6
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\FF3D098F0AE6
Service: NIC1394
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
Device ID: ROOT\NET\0000
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
PNP Device ID: ROOT\NET\0000
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP2015: 8/12/2012 11:38:12 PM - Software Distribution Service 3.0
RP2016: 8/14/2012 12:00:34 AM - Software Distribution Service 3.0
RP2017: 8/14/2012 10:34:11 PM - Software Distribution Service 3.0
RP2018: 8/15/2012 8:56:23 AM - Software Distribution Service 3.0
RP2019: 8/15/2012 11:25:17 PM - Software Distribution Service 3.0
RP2020: 8/17/2012 8:15:24 AM - Software Distribution Service 3.0
RP2021: 8/18/2012 12:01:08 AM - Software Distribution Service 3.0
RP2022: 8/18/2012 12:54:24 AM - Software Distribution Service 3.0
RP2023: 8/19/2012 12:00:58 AM - Software Distribution Service 3.0
RP2024: 8/19/2012 1:08:57 AM - Software Distribution Service 3.0
RP2025: 8/20/2012 12:05:11 AM - Software Distribution Service 3.0
RP2026: 8/21/2012 12:03:30 AM - Software Distribution Service 3.0
RP2027: 8/21/2012 11:07:09 PM - Software Distribution Service 3.0
RP2028: 8/22/2012 8:32:54 AM - Software Distribution Service 3.0
RP2029: 8/23/2012 12:05:24 AM - Software Distribution Service 3.0
RP2030: 8/23/2012 11:37:50 PM - Software Distribution Service 3.0
RP2031: 8/25/2012 12:04:32 AM - Software Distribution Service 3.0
RP2032: 8/26/2012 12:03:58 AM - Software Distribution Service 3.0
RP2033: 8/26/2012 11:21:42 PM - Software Distribution Service 3.0
RP2034: 8/27/2012 11:41:44 PM - Software Distribution Service 3.0
RP2035: 8/28/2012 11:48:45 PM - Software Distribution Service 3.0
RP2036: 8/29/2012 11:30:13 PM - Software Distribution Service 3.0
RP2037: 8/31/2012 12:02:52 AM - Software Distribution Service 3.0
RP2038: 8/31/2012 9:02:06 AM - Software Distribution Service 3.0
RP2039: 9/1/2012 12:03:58 AM - Software Distribution Service 3.0
RP2040: 9/2/2012 12:00:56 AM - Software Distribution Service 3.0
RP2041: 9/2/2012 1:19:02 AM - Software Distribution Service 3.0
RP2042: 9/2/2012 10:52:57 AM - Software Distribution Service 3.0
RP2043: 9/3/2012 12:01:35 AM - Software Distribution Service 3.0
RP2044: 9/3/2012 1:16:55 AM - Software Distribution Service 3.0
RP2045: 9/4/2012 12:01:44 AM - Software Distribution Service 3.0
RP2046: 9/4/2012 10:34:39 PM - Software Distribution Service 3.0
RP2047: 9/5/2012 11:49:47 PM - Software Distribution Service 3.0
RP2048: 9/7/2012 12:00:37 AM - Software Distribution Service 3.0
RP2049: 9/8/2012 12:02:45 AM - Software Distribution Service 3.0
RP2050: 9/8/2012 12:35:03 AM - Software Distribution Service 3.0
RP2051: 9/9/2012 12:04:10 AM - Software Distribution Service 3.0
RP2052: 9/10/2012 12:01:26 AM - Software Distribution Service 3.0
RP2053: 9/10/2012 12:15:14 AM - Software Distribution Service 3.0
RP2054: 9/11/2012 12:00:33 AM - Software Distribution Service 3.0
RP2055: 9/12/2012 12:00:38 AM - Software Distribution Service 3.0
RP2056: 9/13/2012 8:29:53 AM - Software Distribution Service 3.0
RP2057: 9/14/2012 12:00:57 AM - Software Distribution Service 3.0
RP2058: 9/14/2012 12:21:27 AM - Software Distribution Service 3.0
RP2059: 9/14/2012 8:12:23 AM - Software Distribution Service 3.0
RP2060: 9/15/2012 12:01:33 AM - Software Distribution Service 3.0
RP2061: 9/15/2012 1:04:27 AM - Software Distribution Service 3.0
RP2062: 9/16/2012 12:05:54 AM - Software Distribution Service 3.0
RP2063: 9/16/2012 12:51:16 AM - Software Distribution Service 3.0
RP2064: 9/17/2012 12:01:34 AM - Software Distribution Service 3.0
RP2065: 9/17/2012 12:30:48 AM - Software Distribution Service 3.0
RP2066: 9/17/2012 11:28:01 PM - Software Distribution Service 3.0
RP2067: 9/18/2012 11:34:51 PM - Software Distribution Service 3.0
RP2068: 9/20/2012 12:01:03 AM - Software Distribution Service 3.0
RP2069: 9/21/2012 12:05:35 AM - Software Distribution Service 3.0
RP2070: 9/21/2012 1:27:19 AM - Software Distribution Service 3.0
RP2071: 9/22/2012 12:02:08 AM - Software Distribution Service 3.0
RP2072: 9/23/2012 9:10:40 AM - Software Distribution Service 3.0
RP2073: 9/23/2012 11:53:47 PM - Software Distribution Service 3.0
RP2074: 9/24/2012 11:28:57 PM - Software Distribution Service 3.0
RP2075: 9/25/2012 11:54:32 PM - Software Distribution Service 3.0
RP2076: 9/27/2012 12:03:38 AM - Software Distribution Service 3.0
RP2077: 9/28/2012 12:01:33 AM - Software Distribution Service 3.0
RP2078: 9/28/2012 4:36:32 PM - Software Distribution Service 3.0
RP2079: 9/29/2012 12:00:38 AM - Software Distribution Service 3.0
RP2080: 9/30/2012 12:03:36 AM - Software Distribution Service 3.0
RP2081: 10/1/2012 12:03:13 AM - Software Distribution Service 3.0
RP2082: 10/2/2012 12:00:58 AM - Software Distribution Service 3.0
RP2083: 10/2/2012 12:55:02 AM - Software Distribution Service 3.0
RP2084: 10/3/2012 8:32:40 AM - Software Distribution Service 3.0
RP2085: 10/3/2012 10:43:01 PM - Software Distribution Service 3.0
RP2086: 10/5/2012 12:04:02 AM - Software Distribution Service 3.0
RP2087: 10/6/2012 12:00:52 AM - Software Distribution Service 3.0
RP2088: 10/7/2012 12:00:25 AM - Software Distribution Service 3.0
RP2089: 10/7/2012 11:55:48 PM - Software Distribution Service 3.0
RP2090: 10/9/2012 12:05:05 AM - Software Distribution Service 3.0
RP2091: 10/10/2012 12:03:14 AM - Software Distribution Service 3.0
RP2092: 10/10/2012 11:41:44 PM - Software Distribution Service 3.0
RP2093: 10/12/2012 12:01:59 AM - Software Distribution Service 3.0
RP2094: 10/12/2012 12:29:17 AM - Software Distribution Service 3.0
RP2095: 10/13/2012 12:03:43 AM - Software Distribution Service 3.0
RP2096: 10/14/2012 12:01:06 AM - Software Distribution Service 3.0
RP2097: 10/15/2012 12:01:05 AM - Software Distribution Service 3.0
RP2098: 10/16/2012 12:04:10 AM - Software Distribution Service 3.0
RP2099: 10/16/2012 8:19:29 AM - Software Distribution Service 3.0
RP2100: 10/16/2012 8:55:48 AM - Software Distribution Service 3.0
RP2101: 10/17/2012 8:27:52 AM - Software Distribution Service 3.0
RP2102: 10/17/2012 11:26:01 PM - Software Distribution Service 3.0
RP2103: 10/19/2012 12:03:48 AM - Software Distribution Service 3.0
RP2104: 10/19/2012 1:08:23 AM - Software Distribution Service 3.0
RP2105: 10/20/2012 12:02:06 AM - Software Distribution Service 3.0
RP2106: 10/21/2012 12:01:20 AM - Software Distribution Service 3.0
RP2107: 10/22/2012 12:01:08 AM - Software Distribution Service 3.0
RP2108: 10/22/2012 11:04:24 PM - Software Distribution Service 3.0
RP2109: 10/23/2012 11:44:16 PM - System Checkpoint
RP2110: 10/24/2012 12:00:40 AM - Software Distribution Service 3.0
RP2111: 10/25/2012 12:01:46 AM - Software Distribution Service 3.0
RP2112: 10/25/2012 12:19:31 AM - Software Distribution Service 3.0
RP2113: 10/26/2012 12:01:36 AM - Software Distribution Service 3.0
RP2114: 10/27/2012 12:02:11 AM - Software Distribution Service 3.0
RP2115: 10/27/2012 11:32:21 PM - Software Distribution Service 3.0
RP2116: 10/29/2012 12:02:49 AM - Software Distribution Service 3.0
RP2117: 10/30/2012 12:03:20 AM - Software Distribution Service 3.0
RP2118: 10/30/2012 8:56:57 AM - Software Distribution Service 3.0
RP2119: 10/31/2012 12:04:43 AM - Software Distribution Service 3.0
RP2120: 11/1/2012 12:06:19 AM - Software Distribution Service 3.0
RP2121: 11/2/2012 12:08:41 AM - Software Distribution Service 3.0
RP2122: 11/3/2012 12:07:37 AM - Software Distribution Service 3.0
RP2123: 11/3/2012 2:43:46 PM - Software Distribution Service 3.0
RP2124: 11/3/2012 11:02:53 PM - Software Distribution Service 3.0
RP2125: 11/3/2012 11:23:24 PM - Software Distribution Service 3.0
RP2126: 11/5/2012 12:00:27 AM - Software Distribution Service 3.0
RP2127: 11/5/2012 11:55:00 PM - Software Distribution Service 3.0
RP2128: 11/7/2012 8:28:47 AM - Software Distribution Service 3.0
RP2129: 11/7/2012 11:34:16 PM - Software Distribution Service 3.0
RP2130: 11/9/2012 12:00:24 AM - Software Distribution Service 3.0
RP2131: 11/10/2012 12:05:01 AM - Software Distribution Service 3.0
RP2132: 11/10/2012 1:10:32 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
µTorrent
7-Zip 4.42
Ad-Aware
Ad-Aware Email Scanner for Outlook
Ad-Aware SE Personal
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Download Manager
Adobe ExtendScript Toolkit 2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.1.4)
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Agere Systems PCI-SV92PP Soft Modem
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
AirPlus G
AnimusRO Full Client 0.3
ANIO Service
ANIWZCS2 Service
Anthem Client Beta
AnthemRO
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 3.0
aspi
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
ATI MCE Transcode
AutoUpdate
avast! Free Antivirus
AviSynth 2.5
AVS Video Converter 4.3.1.371
Bonjour
BufferChm
Build-A-Lot (remove only)
CameraDrivers
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCHelp
CCleaner
CCScore
Combined Community Codec Pack 2006-07-28 (Remove Only)
Concentration (remove only)
CopyPod (remove only)
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_LightScribePlugin
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
CR2
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
DeviceManagementQFolder
Diamond Drop (CD version)
Diamond Drop 2 (CD version)
Diner Dash Seasonal Snack Pack
Disciples II Rise of the Elves
DISCover
DivX Player
DivX Pro
DocProc
DocumentViewer
DocumentViewerQFolder
DS-MP3 Source 1.30
Easy Resume Creator Pro
Enhanced Multimedia Keyboard Solution
EPSON Printer Software
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSTUTOR
ESSvpaht
ESSvpot
Fax
Fax_CDA
GdiplusUpgrade
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.0.0
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 5.3
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Cameras 5.0
HP Product Assistant
HP Product Detection
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3
HP Update
HPProductAssistant
HpSdpAppCoreApp
InstantShareAlert
InstantShareDevices
InterVideo WinDVD Player
iPod for Windows 2005-10-12
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java™ 6 Update 2
Java™ 6 Update 26
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 7 Update 5
Java™ SE Runtime Environment 6 Update 1
JavaFX 2.1.1
Junk Mail filter update
Kodak EasyShare software
KSU
LightScribe 1.4.84.1
Logitech Legacy USB Camera Driver Package
Logitech QuickCam
Logitech QuickCam Driver Package
LSI PCI-SV92PP Soft Modem
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Away Mode
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
mIRC
MobileMe Control Panel
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Music Rescue
MySpaceIM
Nero 7 Ultra Edition
NewCopy
NewCopy_CDA
Notifier
Office 2003 Trial Assistant
OpenSource OGG Splitter (remove only)
OTtBP
Otto
PanoStandAlone
PCDLNCH
PDF Settings
PerfectDisk 2008 Professional
PhotoGallery
PhotoNow! 1.0
PodUtil 3.0.2
PowerDirector Express
PowerProducer
PS2
PSPrinters08
PSTAPlugin
QuickTime
RandMap
Readme
RealMedia (remove only)
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SFR
SFR2
SHOUTcast Source (remove only)
Skins
SkinsHP1
SolutionCenter
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Status
swMSM
TrayApp
TweakNow RegCleaner
TweakNow RegCleaner 2011
TweakNow RegCleaner Standard
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
Videora iPod Converter 3.05
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VIVA MEDIA GAME CENTER
VLC media player 1.1.4
WebFldrs XP
WebReg
WinAVI Video Capture 2.0
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Movie Maker 2.0
Windows Presentation Foundation
Windows Search 4.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
Yahoo! BrowserPlus 2.7.1
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/7/2012 8:25:24 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Live ID Sign-in Assistant service to connect.
11/7/2012 8:25:24 AM, error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/5/2012 11:31:53 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
11/3/2012 2:48:42 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).
11/3/2012 2:41:38 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
11/3/2012 2:40:29 PM, error: Service Control Manager [7001] - The Media Center Extender Service service depends on the SSDP Discovery Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/3/2012 2:39:46 PM, error: ati2mtag [45062] - CRT invalid display type
.
==== End Of File ===========================


GMER
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-07.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 7/11/2006 2:22:24 PM
System Uptime: 11/10/2012 10:32:27 AM (7 hours ago)
.
Motherboard: Hewleet-Packard | | Asterope
Processor: Intel® Pentium® 4 CPU 3.20GHz | CPU 1 | 3199/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 221 GiB total, 150.07 GiB free.
D: is FIXED (FAT32) - 12 GiB total, 4.83 GiB free.
E: is CDROM ()
F: is CDROM (CDFS)
G: is Removable
H: is Removable
I: is Removable
J: is Removable
K: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\FF3D098F0AE6
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\FF3D098F0AE6
Service: NIC1394
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
Device ID: ROOT\NET\0000
Manufacturer: Realtek Semiconductor Corp.
Name: Realtek RTL8169/8110 Family Gigabit Ethernet NIC
PNP Device ID: ROOT\NET\0000
Service: RTL8023xp
.
==== System Restore Points ===================
.
RP2015: 8/12/2012 11:38:12 PM - Software Distribution Service 3.0
RP2016: 8/14/2012 12:00:34 AM - Software Distribution Service 3.0
RP2017: 8/14/2012 10:34:11 PM - Software Distribution Service 3.0
RP2018: 8/15/2012 8:56:23 AM - Software Distribution Service 3.0
RP2019: 8/15/2012 11:25:17 PM - Software Distribution Service 3.0
RP2020: 8/17/2012 8:15:24 AM - Software Distribution Service 3.0
RP2021: 8/18/2012 12:01:08 AM - Software Distribution Service 3.0
RP2022: 8/18/2012 12:54:24 AM - Software Distribution Service 3.0
RP2023: 8/19/2012 12:00:58 AM - Software Distribution Service 3.0
RP2024: 8/19/2012 1:08:57 AM - Software Distribution Service 3.0
RP2025: 8/20/2012 12:05:11 AM - Software Distribution Service 3.0
RP2026: 8/21/2012 12:03:30 AM - Software Distribution Service 3.0
RP2027: 8/21/2012 11:07:09 PM - Software Distribution Service 3.0
RP2028: 8/22/2012 8:32:54 AM - Software Distribution Service 3.0
RP2029: 8/23/2012 12:05:24 AM - Software Distribution Service 3.0
RP2030: 8/23/2012 11:37:50 PM - Software Distribution Service 3.0
RP2031: 8/25/2012 12:04:32 AM - Software Distribution Service 3.0
RP2032: 8/26/2012 12:03:58 AM - Software Distribution Service 3.0
RP2033: 8/26/2012 11:21:42 PM - Software Distribution Service 3.0
RP2034: 8/27/2012 11:41:44 PM - Software Distribution Service 3.0
RP2035: 8/28/2012 11:48:45 PM - Software Distribution Service 3.0
RP2036: 8/29/2012 11:30:13 PM - Software Distribution Service 3.0
RP2037: 8/31/2012 12:02:52 AM - Software Distribution Service 3.0
RP2038: 8/31/2012 9:02:06 AM - Software Distribution Service 3.0
RP2039: 9/1/2012 12:03:58 AM - Software Distribution Service 3.0
RP2040: 9/2/2012 12:00:56 AM - Software Distribution Service 3.0
RP2041: 9/2/2012 1:19:02 AM - Software Distribution Service 3.0
RP2042: 9/2/2012 10:52:57 AM - Software Distribution Service 3.0
RP2043: 9/3/2012 12:01:35 AM - Software Distribution Service 3.0
RP2044: 9/3/2012 1:16:55 AM - Software Distribution Service 3.0
RP2045: 9/4/2012 12:01:44 AM - Software Distribution Service 3.0
RP2046: 9/4/2012 10:34:39 PM - Software Distribution Service 3.0
RP2047: 9/5/2012 11:49:47 PM - Software Distribution Service 3.0
RP2048: 9/7/2012 12:00:37 AM - Software Distribution Service 3.0
RP2049: 9/8/2012 12:02:45 AM - Software Distribution Service 3.0
RP2050: 9/8/2012 12:35:03 AM - Software Distribution Service 3.0
RP2051: 9/9/2012 12:04:10 AM - Software Distribution Service 3.0
RP2052: 9/10/2012 12:01:26 AM - Software Distribution Service 3.0
RP2053: 9/10/2012 12:15:14 AM - Software Distribution Service 3.0
RP2054: 9/11/2012 12:00:33 AM - Software Distribution Service 3.0
RP2055: 9/12/2012 12:00:38 AM - Software Distribution Service 3.0
RP2056: 9/13/2012 8:29:53 AM - Software Distribution Service 3.0
RP2057: 9/14/2012 12:00:57 AM - Software Distribution Service 3.0
RP2058: 9/14/2012 12:21:27 AM - Software Distribution Service 3.0
RP2059: 9/14/2012 8:12:23 AM - Software Distribution Service 3.0
RP2060: 9/15/2012 12:01:33 AM - Software Distribution Service 3.0
RP2061: 9/15/2012 1:04:27 AM - Software Distribution Service 3.0
RP2062: 9/16/2012 12:05:54 AM - Software Distribution Service 3.0
RP2063: 9/16/2012 12:51:16 AM - Software Distribution Service 3.0
RP2064: 9/17/2012 12:01:34 AM - Software Distribution Service 3.0
RP2065: 9/17/2012 12:30:48 AM - Software Distribution Service 3.0
RP2066: 9/17/2012 11:28:01 PM - Software Distribution Service 3.0
RP2067: 9/18/2012 11:34:51 PM - Software Distribution Service 3.0
RP2068: 9/20/2012 12:01:03 AM - Software Distribution Service 3.0
RP2069: 9/21/2012 12:05:35 AM - Software Distribution Service 3.0
RP2070: 9/21/2012 1:27:19 AM - Software Distribution Service 3.0
RP2071: 9/22/2012 12:02:08 AM - Software Distribution Service 3.0
RP2072: 9/23/2012 9:10:40 AM - Software Distribution Service 3.0
RP2073: 9/23/2012 11:53:47 PM - Software Distribution Service 3.0
RP2074: 9/24/2012 11:28:57 PM - Software Distribution Service 3.0
RP2075: 9/25/2012 11:54:32 PM - Software Distribution Service 3.0
RP2076: 9/27/2012 12:03:38 AM - Software Distribution Service 3.0
RP2077: 9/28/2012 12:01:33 AM - Software Distribution Service 3.0
RP2078: 9/28/2012 4:36:32 PM - Software Distribution Service 3.0
RP2079: 9/29/2012 12:00:38 AM - Software Distribution Service 3.0
RP2080: 9/30/2012 12:03:36 AM - Software Distribution Service 3.0
RP2081: 10/1/2012 12:03:13 AM - Software Distribution Service 3.0
RP2082: 10/2/2012 12:00:58 AM - Software Distribution Service 3.0
RP2083: 10/2/2012 12:55:02 AM - Software Distribution Service 3.0
RP2084: 10/3/2012 8:32:40 AM - Software Distribution Service 3.0
RP2085: 10/3/2012 10:43:01 PM - Software Distribution Service 3.0
RP2086: 10/5/2012 12:04:02 AM - Software Distribution Service 3.0
RP2087: 10/6/2012 12:00:52 AM - Software Distribution Service 3.0
RP2088: 10/7/2012 12:00:25 AM - Software Distribution Service 3.0
RP2089: 10/7/2012 11:55:48 PM - Software Distribution Service 3.0
RP2090: 10/9/2012 12:05:05 AM - Software Distribution Service 3.0
RP2091: 10/10/2012 12:03:14 AM - Software Distribution Service 3.0
RP2092: 10/10/2012 11:41:44 PM - Software Distribution Service 3.0
RP2093: 10/12/2012 12:01:59 AM - Software Distribution Service 3.0
RP2094: 10/12/2012 12:29:17 AM - Software Distribution Service 3.0
RP2095: 10/13/2012 12:03:43 AM - Software Distribution Service 3.0
RP2096: 10/14/2012 12:01:06 AM - Software Distribution Service 3.0
RP2097: 10/15/2012 12:01:05 AM - Software Distribution Service 3.0
RP2098: 10/16/2012 12:04:10 AM - Software Distribution Service 3.0
RP2099: 10/16/2012 8:19:29 AM - Software Distribution Service 3.0
RP2100: 10/16/2012 8:55:48 AM - Software Distribution Service 3.0
RP2101: 10/17/2012 8:27:52 AM - Software Distribution Service 3.0
RP2102: 10/17/2012 11:26:01 PM - Software Distribution Service 3.0
RP2103: 10/19/2012 12:03:48 AM - Software Distribution Service 3.0
RP2104: 10/19/2012 1:08:23 AM - Software Distribution Service 3.0
RP2105: 10/20/2012 12:02:06 AM - Software Distribution Service 3.0
RP2106: 10/21/2012 12:01:20 AM - Software Distribution Service 3.0
RP2107: 10/22/2012 12:01:08 AM - Software Distribution Service 3.0
RP2108: 10/22/2012 11:04:24 PM - Software Distribution Service 3.0
RP2109: 10/23/2012 11:44:16 PM - System Checkpoint
RP2110: 10/24/2012 12:00:40 AM - Software Distribution Service 3.0
RP2111: 10/25/2012 12:01:46 AM - Software Distribution Service 3.0
RP2112: 10/25/2012 12:19:31 AM - Software Distribution Service 3.0
RP2113: 10/26/2012 12:01:36 AM - Software Distribution Service 3.0
RP2114: 10/27/2012 12:02:11 AM - Software Distribution Service 3.0
RP2115: 10/27/2012 11:32:21 PM - Software Distribution Service 3.0
RP2116: 10/29/2012 12:02:49 AM - Software Distribution Service 3.0
RP2117: 10/30/2012 12:03:20 AM - Software Distribution Service 3.0
RP2118: 10/30/2012 8:56:57 AM - Software Distribution Service 3.0
RP2119: 10/31/2012 12:04:43 AM - Software Distribution Service 3.0
RP2120: 11/1/2012 12:06:19 AM - Software Distribution Service 3.0
RP2121: 11/2/2012 12:08:41 AM - Software Distribution Service 3.0
RP2122: 11/3/2012 12:07:37 AM - Software Distribution Service 3.0
RP2123: 11/3/2012 2:43:46 PM - Software Distribution Service 3.0
RP2124: 11/3/2012 11:02:53 PM - Software Distribution Service 3.0
RP2125: 11/3/2012 11:23:24 PM - Software Distribution Service 3.0
RP2126: 11/5/2012 12:00:27 AM - Software Distribution Service 3.0
RP2127: 11/5/2012 11:55:00 PM - Software Distribution Service 3.0
RP2128: 11/7/2012 8:28:47 AM - Software Distribution Service 3.0
RP2129: 11/7/2012 11:34:16 PM - Software Distribution Service 3.0
RP2130: 11/9/2012 12:00:24 AM - Software Distribution Service 3.0
RP2131: 11/10/2012 12:05:01 AM - Software Distribution Service 3.0
RP2132: 11/10/2012 1:10:32 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
µTorrent
7-Zip 4.42
Ad-Aware
Ad-Aware Email Scanner for Outlook
Ad-Aware SE Personal
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe Download Manager
Adobe ExtendScript Toolkit 2
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader X (10.1.4)
Adobe Setup
Adobe Shockwave Player 11.6
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Agere Systems PCI-SV92PP Soft Modem
AiO_Scan
AiO_Scan_CDA
AiOSoftware
AiOSoftwareNPI
AirPlus G
AnimusRO Full Client 0.3
ANIO Service
ANIWZCS2 Service
Anthem Client Beta
AnthemRO
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft PhotoImpression 3.0
aspi
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Control Panel
ATI Display Driver
ATI MCE Transcode
AutoUpdate
avast! Free Antivirus
AviSynth 2.5
AVS Video Converter 4.3.1.371
Bonjour
BufferChm
Build-A-Lot (remove only)
CameraDrivers
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help English
CCHelp
CCleaner
CCScore
Combined Community Codec Pack 2006-07-28 (Remove Only)
Concentration (remove only)
CopyPod (remove only)
Coupon Printer for Windows
CP_AtenaShokunin1Config
CP_CalendarTemplates1
cp_LightScribeConfig
cp_LightScribePlugin
CP_Package_Basic1
CP_Package_Variety1
CP_Package_Variety2
CP_Package_Variety3
CP_Panorama1Config
CR2
Critical Update for Windows Media Player 11 (KB959772)
CueTour
Destinations
DeviceManagementQFolder
Diamond Drop (CD version)
Diamond Drop 2 (CD version)
Diner Dash Seasonal Snack Pack
Disciples II Rise of the Elves
DISCover
DivX Player
DivX Pro
DocProc
DocumentViewer
DocumentViewerQFolder
DS-MP3 Source 1.30
Easy Resume Creator Pro
Enhanced Multimedia Keyboard Solution
EPSON Printer Software
ESSAdpt
ESSANUP
ESSBrwr
ESSCAM
ESSCDBK
ESScore
ESSgui
ESShelp
ESSini
ESSPCD
ESSTUTOR
ESSvpaht
ESSvpot
Fax
Fax_CDA
GdiplusUpgrade
Google Talk (remove only)
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.1.0.0
High Definition Audio Driver Package - KB888111
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB903157)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
HP Boot Optimizer
HP Deskjet 3050 J610 series Basic Device Software
HP Deskjet 3050 J610 series Help
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP Image Zone 5.3
HP Image Zone for Media Center PC
HP Imaging Device Functions 5.3
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart Cameras 5.0
HP Product Assistant
HP Product Detection
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Solution Center & Imaging Support Tools 5.3
HP Update
HPProductAssistant
HpSdpAppCoreApp
InstantShareAlert
InstantShareDevices
InterVideo WinDVD Player
iPod for Windows 2005-10-12
iTunes
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 5
J2SE Runtime Environment 5.0 Update 6
Java Auto Updater
Java™ 6 Update 2
Java™ 6 Update 26
Java™ 6 Update 3
Java™ 6 Update 5
Java™ 7 Update 5
Java™ SE Runtime Environment 6 Update 1
JavaFX 2.1.1
Junk Mail filter update
Kodak EasyShare software
KSU
LightScribe 1.4.84.1
Logitech Legacy USB Camera Driver Package
Logitech QuickCam
Logitech QuickCam Driver Package
LSI PCI-SV92PP Soft Modem
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB2604042)
Microsoft .NET Framework 1.0 Hotfix (KB2656378)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Away Mode
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Choice Guard
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money 2005
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Standard Edition 2003
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
mIRC
MobileMe Control Panel
Mozilla Firefox 16.0.2 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6.0 Parser (KB933579)
Music Rescue
MySpaceIM
Nero 7 Ultra Edition
NewCopy
NewCopy_CDA
Notifier
Office 2003 Trial Assistant
OpenSource OGG Splitter (remove only)
OTtBP
Otto
PanoStandAlone
PCDLNCH
PDF Settings
PerfectDisk 2008 Professional
PhotoGallery
PhotoNow! 1.0
PodUtil 3.0.2
PowerDirector Express
PowerProducer
PS2
PSPrinters08
PSTAPlugin
QuickTime
RandMap
Readme
RealMedia (remove only)
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Scan
ScannerCopy
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Encoder (KB2447961)
Security Update for Windows Media Encoder (KB954156)
Security Update for Windows Media Encoder (KB979332)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Segoe UI
SFR
SFR2
SHOUTcast Source (remove only)
Skins
SkinsHP1
SolutionCenter
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sonic_PrimoSDK
Spybot - Search & Destroy
Spybot - Search & Destroy 1.4
Status
swMSM
TrayApp
TweakNow RegCleaner
TweakNow RegCleaner 2011
TweakNow RegCleaner Standard
Unload
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB971930)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB943729)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB961503)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update Rollup 2 for Windows XP Media Center Edition 2005
Updates from HP (remove only)
Videora iPod Converter 3.05
Viewpoint Manager (Remove Only)
Viewpoint Media Player
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VIVA MEDIA GAME CENTER
VLC media player 1.1.4
WebFldrs XP
WebReg
WinAVI Video Capture 2.0
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Imaging Component
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live installer
Windows Live Mail
Windows Live Messenger
Windows Live Upload Tool
Windows Media Encoder 9 Series
Windows Media Format 11 runtime
Windows Media Player 11
Windows Movie Maker 2.0
Windows Presentation Foundation
Windows Search 4.0
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB2628259
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
Yahoo! BrowserPlus 2.7.1
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
11/7/2012 8:25:24 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Live ID Sign-in Assistant service to connect.
11/7/2012 8:25:24 AM, error: Service Control Manager [7000] - The Windows Live ID Sign-in Assistant service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/5/2012 11:31:53 AM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the Dnscache service.
11/3/2012 2:48:42 PM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 1.1 SP1 on Windows XP, Windows Vista, and Windows Server 2008 x86 (KB2656370).
11/3/2012 2:41:38 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: ftsata2
11/3/2012 2:40:29 PM, error: Service Control Manager [7001] - The Media Center Extender Service service depends on the SSDP Discovery Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11/3/2012 2:39:46 PM, error: ati2mtag [45062] - CRT invalid display type
.
==== End Of File ===========================

Attached Files



BC AdBot (Login to Remove)

 


#2 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 10 November 2012 - 11:37 PM

Please do the following:


Download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Delete
  • Once done it will ask to reboot, allow the reboot
  • On reboot a log will be produced, please attach the content of the log to your next reply


NEXT


Please download TDSSKiller.zip
  • Extract it to your desktop
  • Double click TDSSKiller.exe
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
    • If Malicious objects are found then ensure Cure is selected
    • If TDLFS File System is found then ensure Cure is selected (if Cure is not available, select Skip)
    • Then click Continue > Reboot now
  • Copy and paste the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)



NEXT



Download ComboFix from the following location:

Link 1

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Posted Image

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image

  • Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.
Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#3 grnelf56

grnelf56
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:29 AM

Posted 11 November 2012 - 12:40 PM

babylon is gone ty but still very slow


# AdwCleaner v2.007 - Logfile created 11/10/2012 at 22:30:20
# Updated 06/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : HP_Administrator - MM
# Boot Mode : Normal
# Running from : C:\Documents and Settings\HP_Administrator\My Documents\Downloads\AdwCleaner.exe
# Option [Search]


***** [Services] *****

Found : Viewpoint Manager Service

***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\HP_Administrator\Application Data\Viewpoint
Folder Found : C:\Program Files\Viewpoint

***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{21608B66-026F-4DCB-9244-0DACA328DCED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21608B66-026F-4DCB-9244-0DACA328DCED}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBD24BD3-E272-4FA3-A8BA-C5D709757CAB}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKCU\Software\Viewpoint
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Viewpoint Manager
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Viewpoint Manager
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\Software\TENCENT
Key Found : HKLM\Software\Viewpoint
Key Found : HKU\S-1-5-21-693251073-3382504289-3859644006-1008\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?affID=109935&tt=2912_7&babsrc=NT_ss&mntrId=44f39175000000000000001195c329c7

-\\ Mozilla Firefox v16.0.2 (en-US)

Profile name : default
File : C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5wkcpt3f.default\prefs.js

Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=109935&tt=2912_7&babsrc=NT_ss&mntr[...]
Found : user_pref("browser.search.defaultenginename", "Search the web (Babylon)");
Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109935&tt=2912_7");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "44f39175000000000000001195c329c7");
Found : user_pref("extensions.BabylonToolbar_i.id", "44f39175000000000000001195c329c7");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15543");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", true);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109935&tt=2912_[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:12:40");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.enabledAddons", "DivXWebPlayer@divx.com:2.0.2.039,{C3949AC2-4B17-43ee-B4F1-D26[...]
Found : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=109935&tt=2912_7&babsrc=KW_ss&mntrId=44f3[...]
Found : user_pref("playsushi.position.button", true);

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [6411 octets] - [10/11/2012 22:30:20]

########## EOF - C:\AdwCleaner[R1].txt - [6471 octets] ##########



23:03:20.0812 2204 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:03:22.0812 2204 ============================================================
23:03:22.0812 2204 Current date / time: 2012/11/10 23:03:22.0812
23:03:22.0812 2204 SystemInfo:
23:03:22.0812 2204
23:03:22.0812 2204 OS Version: 5.1.2600 ServicePack: 3.0
23:03:22.0812 2204 Product type: Workstation
23:03:22.0812 2204 ComputerName: MM
23:03:22.0812 2204 UserName: HP_Administrator
23:03:22.0812 2204 Windows directory: C:\WINDOWS
23:03:22.0812 2204 System windows directory: C:\WINDOWS
23:03:22.0812 2204 Processor architecture: Intel x86
23:03:22.0812 2204 Number of processors: 2
23:03:22.0812 2204 Page size: 0x1000
23:03:22.0812 2204 Boot type: Normal boot
23:03:22.0812 2204 ============================================================
23:03:26.0390 2204 BG loaded
23:03:28.0484 2204 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:03:28.0843 2204 ============================================================
23:03:28.0843 2204 \Device\Harddisk0\DR0:
23:03:28.0921 2204 MBR partitions:
23:03:28.0921 2204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x1784700
23:03:28.0921 2204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x178473F, BlocksNum 0x1BA3BF81
23:03:28.0921 2204 ============================================================
23:03:31.0843 2204 C: <-> \Device\Harddisk0\DR0\Partition2
23:03:33.0234 2204 D: <-> \Device\Harddisk0\DR0\Partition1
23:03:33.0234 2204 ============================================================
23:03:33.0234 2204 Initialize success
23:03:33.0234 2204 ============================================================
23:07:27.0546 2860 ============================================================
23:07:27.0546 2860 Scan started
23:07:27.0546 2860 Mode: Manual; TDLFS;
23:07:27.0546 2860 ============================================================
23:07:31.0031 2860 ================ Scan system memory ========================
23:07:31.0531 2860 System memory - ok
23:07:31.0609 2860 ================ Scan services =============================
23:07:32.0734 2860 [ 21AF8E9C727C6D7643AD497268F55BF1 ] A3AB C:\WINDOWS\system32\DRIVERS\A3AB.sys
23:07:32.0937 2860 A3AB - ok
23:07:32.0984 2860 [ 473F97EDC5A5312F3665AB2921196C0C ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
23:07:33.0078 2860 Aavmker4 - ok
23:07:33.0078 2860 Abiosdsk - ok
23:07:33.0093 2860 abp480n5 - ok
23:07:33.0171 2860 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:07:33.0203 2860 ACPI - ok
23:07:33.0250 2860 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
23:07:33.0250 2860 ACPIEC - ok
23:07:33.0406 2860 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:07:33.0500 2860 AdobeFlashPlayerUpdateSvc - ok
23:07:33.0515 2860 adpu160m - ok
23:07:33.0609 2860 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
23:07:33.0718 2860 aec - ok
23:07:33.0890 2860 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
23:07:33.0890 2860 AFD - ok
23:07:33.0968 2860 [ 6416F9B6B220F0A890525C38235AFAD7 ] AgereModemAudio C:\Program Files\LSI SoftModem\agrsmsvc.exe
23:07:33.0968 2860 AgereModemAudio - ok
23:07:34.0187 2860 [ 7560F465F1CE69C53BF17559EE195548 ] AgereSoftModem C:\WINDOWS\system32\DRIVERS\AGRSM.sys
23:07:34.0421 2860 AgereSoftModem - ok
23:07:34.0437 2860 Aha154x - ok
23:07:34.0453 2860 aic78u2 - ok
23:07:34.0453 2860 aic78xx - ok
23:07:34.0656 2860 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
23:07:34.0687 2860 Alerter - ok
23:07:34.0703 2860 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
23:07:34.0703 2860 ALG - ok
23:07:34.0718 2860 AliIde - ok
23:07:34.0734 2860 amsint - ok
23:07:34.0796 2860 [ 4A5C7EAEFA4C43D139C402C6DA5BFD2C ] ANIO C:\WINDOWS\system32\ANIO.SYS
23:07:34.0843 2860 ANIO - ok
23:07:35.0000 2860 [ 0477ABEF0547167B8E7A7E1747F02CD4 ] ANIWZCSdService C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
23:07:35.0078 2860 ANIWZCSdService - ok
23:07:35.0546 2860 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:07:35.0546 2860 Apple Mobile Device - ok
23:07:35.0875 2860 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
23:07:35.0921 2860 AppMgmt - ok
23:07:36.0000 2860 [ 00523019E3579C8F8A94457FE25F0F24 ] aracpi C:\WINDOWS\system32\DRIVERS\aracpi.sys
23:07:36.0000 2860 aracpi - ok
23:07:36.0031 2860 [ 9FEDAA46EB1A572AC4D9EE6B5F123CF2 ] arhidfltr C:\WINDOWS\system32\DRIVERS\arhidfltr.sys
23:07:36.0031 2860 arhidfltr - ok
23:07:36.0062 2860 [ 82969576093CD983DD559F5A86F382B4 ] arkbcfltr C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys
23:07:36.0078 2860 arkbcfltr - ok
23:07:36.0093 2860 [ 9B21791D8A78FAECE999FADBEBDA6C22 ] armoucfltr C:\WINDOWS\system32\DRIVERS\armoucfltr.sys
23:07:36.0093 2860 armoucfltr - ok
23:07:36.0203 2860 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
23:07:36.0218 2860 Arp1394 - ok
23:07:36.0281 2860 [ 7A2DA7C7B0C524EF26A79F17A5C69FDE ] ARPolicy C:\WINDOWS\system32\DRIVERS\arpolicy.sys
23:07:36.0281 2860 ARPolicy - ok
23:07:36.0359 2860 [ 9A0D9B2E263BEDE80FB79DDBAD240EC1 ] ARSVC C:\WINDOWS\arservice.exe
23:07:36.0671 2860 ARSVC - ok
23:07:36.0687 2860 asc - ok
23:07:36.0687 2860 asc3350p - ok
23:07:36.0703 2860 asc3550 - ok
23:07:36.0953 2860 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:07:37.0015 2860 aspnet_state - ok
23:07:37.0078 2860 [ 0AE43C6C411254049279C2EE55630F95 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
23:07:37.0078 2860 aswFsBlk - ok
23:07:37.0109 2860 [ 8C30B7DDD2F1D8D138EBE40345AF2B11 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
23:07:37.0140 2860 aswMon2 - ok
23:07:37.0156 2860 [ DA12626FD9A67F4E917E2F2FBE1E1764 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
23:07:37.0171 2860 aswRdr - ok
23:07:37.0234 2860 [ DCB199B967375753B5019EC15F008F53 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
23:07:37.0265 2860 aswSnx - ok
23:07:37.0296 2860 [ B32873E5A1443C0A1E322266E203BF10 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
23:07:37.0312 2860 aswSP - ok
23:07:37.0328 2860 [ 6FF544175A9180C5D88534D3D9C9A9F7 ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
23:07:37.0328 2860 aswTdi - ok
23:07:37.0375 2860 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:07:37.0375 2860 AsyncMac - ok
23:07:37.0375 2860 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
23:07:37.0390 2860 atapi - ok
23:07:37.0390 2860 Atdisk - ok
23:07:37.0578 2860 [ 465874CA7CE49A2154104509A5A42936 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
23:07:37.0578 2860 Ati HotKey Poller - ok
23:07:37.0718 2860 [ 3483E6D18B811229A337FF1D105270D9 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe
23:07:37.0937 2860 ATI Smart - ok
23:07:38.0609 2860 [ 7790F8D1000FCE5CFD33CCF4F861928F ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:07:38.0718 2860 ati2mtag - ok
23:07:38.0734 2860 ATIXPGAA - ok
23:07:38.0781 2860 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:07:38.0796 2860 Atmarpc - ok
23:07:38.0843 2860 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
23:07:38.0843 2860 AudioSrv - ok
23:07:38.0921 2860 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
23:07:38.0921 2860 audstub - ok
23:07:39.0078 2860 [ 4041D31508A2A084DFB42C595854090F ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
23:07:39.0078 2860 avast! Antivirus - ok
23:07:39.0156 2860 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
23:07:39.0156 2860 Beep - ok
23:07:39.0218 2860 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
23:07:39.0281 2860 BITS - ok
23:07:39.0390 2860 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:07:39.0390 2860 Bonjour Service - ok
23:07:39.0437 2860 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
23:07:39.0453 2860 Browser - ok
23:07:39.0468 2860 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
23:07:39.0468 2860 cbidf2k - ok
23:07:39.0500 2860 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
23:07:39.0500 2860 CCDECODE - ok
23:07:39.0500 2860 cd20xrnt - ok
23:07:39.0515 2860 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
23:07:39.0515 2860 Cdaudio - ok
23:07:39.0562 2860 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
23:07:39.0562 2860 Cdfs - ok
23:07:39.0578 2860 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:07:39.0578 2860 Cdrom - ok
23:07:39.0578 2860 Changer - ok
23:07:39.0625 2860 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
23:07:39.0625 2860 CiSvc - ok
23:07:39.0640 2860 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
23:07:39.0640 2860 ClipSrv - ok
23:07:39.0687 2860 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:07:39.0718 2860 clr_optimization_v2.0.50727_32 - ok
23:07:39.0734 2860 CmdIde - ok
23:07:39.0750 2860 COMSysApp - ok
23:07:39.0765 2860 Cpqarray - ok
23:07:39.0812 2860 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
23:07:39.0812 2860 CryptSvc - ok
23:07:39.0828 2860 dac2w2k - ok
23:07:39.0843 2860 dac960nt - ok
23:07:39.0937 2860 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
23:07:39.0968 2860 DcomLaunch - ok
23:07:40.0015 2860 [ E08557F41650B505571D50C9247A1E03 ] DefragFS C:\WINDOWS\system32\drivers\DefragFS.sys
23:07:40.0015 2860 DefragFS - ok
23:07:40.0093 2860 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
23:07:40.0093 2860 Dhcp - ok
23:07:40.0109 2860 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
23:07:40.0109 2860 Disk - ok
23:07:40.0109 2860 dmadmin - ok
23:07:40.0187 2860 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
23:07:40.0218 2860 dmboot - ok
23:07:40.0234 2860 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
23:07:40.0265 2860 dmio - ok
23:07:40.0312 2860 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
23:07:40.0312 2860 dmload - ok
23:07:40.0328 2860 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
23:07:40.0343 2860 dmserver - ok
23:07:40.0375 2860 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
23:07:40.0390 2860 DMusic - ok
23:07:40.0437 2860 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
23:07:40.0453 2860 Dnscache - ok
23:07:40.0515 2860 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
23:07:40.0531 2860 Dot3svc - ok
23:07:40.0531 2860 dpti2o - ok
23:07:40.0578 2860 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
23:07:40.0578 2860 drmkaud - ok
23:07:40.0656 2860 [ 1FC1EED3EA0C3A0ECF8A95B97E1B4831 ] dvd43llh C:\WINDOWS\system32\DRIVERS\dvd43llh.sys
23:07:40.0687 2860 dvd43llh - ok
23:07:40.0703 2860 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
23:07:40.0734 2860 EapHost - ok
23:07:40.0984 2860 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
23:07:41.0046 2860 ehRecvr - ok
23:07:41.0140 2860 [ A53243709439AC2A4C216B817F8D7411 ] ehSched C:\WINDOWS\eHome\ehSched.exe
23:07:41.0203 2860 ehSched - ok
23:07:41.0312 2860 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
23:07:41.0359 2860 ERSvc - ok
23:07:41.0531 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
23:07:41.0546 2860 Eventlog - ok
23:07:41.0796 2860 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
23:07:41.0984 2860 EventSystem - ok
23:07:42.0156 2860 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
23:07:42.0281 2860 Fastfat - ok
23:07:42.0484 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:07:42.0593 2860 FastUserSwitchingCompatibility - ok
23:07:42.0656 2860 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
23:07:42.0671 2860 Fax - ok
23:07:42.0703 2860 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
23:07:42.0718 2860 Fdc - ok
23:07:42.0734 2860 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
23:07:42.0734 2860 Fips - ok
23:07:42.0906 2860 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:07:42.0937 2860 FLEXnet Licensing Service - ok
23:07:42.0968 2860 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:07:42.0968 2860 Flpydisk - ok
23:07:43.0015 2860 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
23:07:43.0031 2860 FltMgr - ok
23:07:43.0171 2860 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:07:43.0171 2860 FontCache3.0.0.0 - ok
23:07:43.0218 2860 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:07:43.0218 2860 Fs_Rec - ok
23:07:43.0234 2860 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:07:43.0234 2860 Ftdisk - ok
23:07:43.0250 2860 ftsata2 - ok
23:07:43.0265 2860 [ 3A74C423CF6BCCA6982715878F450A3B ] gagp30kx C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
23:07:43.0265 2860 gagp30kx - ok
23:07:43.0328 2860 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
23:07:43.0328 2860 GEARAspiWDM - ok
23:07:43.0375 2860 [ 0879DC7444A201DF84E69C5DD5083D61 ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
23:07:43.0375 2860 getPlusHelper - ok
23:07:43.0406 2860 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:07:43.0406 2860 Gpc - ok
23:07:43.0531 2860 [ CC839E8D766CC31A7710C9F38CF3E375 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:07:43.0531 2860 gusvc - ok
23:07:43.0546 2860 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:07:43.0578 2860 HDAudBus - ok
23:07:43.0671 2860 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:07:43.0671 2860 helpsvc - ok
23:07:43.0703 2860 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
23:07:43.0703 2860 HidServ - ok
23:07:43.0750 2860 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:07:43.0750 2860 HidUsb - ok
23:07:43.0828 2860 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
23:07:43.0843 2860 hkmsvc - ok
23:07:43.0843 2860 hpn - ok
23:07:43.0921 2860 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
23:07:43.0937 2860 HTTP - ok
23:07:43.0968 2860 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
23:07:43.0984 2860 HTTPFilter - ok
23:07:43.0984 2860 i2omgmt - ok
23:07:44.0000 2860 i2omp - ok
23:07:44.0015 2860 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:07:44.0046 2860 i8042prt - ok
23:07:44.0140 2860 [ 9A65E42664D1534B68512CAAD0EFE963 ] iaStor C:\WINDOWS\system32\DRIVERS\iaStor.sys
23:07:44.0187 2860 iaStor - ok
23:07:44.0312 2860 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:07:44.0312 2860 IDriverT - ok
23:07:44.0390 2860 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:07:44.0437 2860 idsvc - ok
23:07:44.0500 2860 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
23:07:44.0500 2860 Imapi - ok
23:07:44.0593 2860 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
23:07:44.0640 2860 ImapiService - ok
23:07:44.0656 2860 InCDFs - ok
23:07:44.0671 2860 InCDPass - ok
23:07:44.0671 2860 InCDRm - ok
23:07:44.0703 2860 ini910u - ok
23:07:45.0437 2860 [ 64BE56B8858CA0153C725C720FFD194F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
23:07:45.0593 2860 IntcAzAudAddService - ok
23:07:45.0609 2860 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
23:07:45.0609 2860 IntelIde - ok
23:07:45.0671 2860 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:07:45.0671 2860 intelppm - ok
23:07:45.0703 2860 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
23:07:45.0703 2860 Ip6Fw - ok
23:07:45.0750 2860 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:07:45.0750 2860 IpFilterDriver - ok
23:07:45.0750 2860 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:07:45.0765 2860 IpInIp - ok
23:07:45.0765 2860 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:07:45.0781 2860 IpNat - ok
23:07:45.0921 2860 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:07:45.0953 2860 iPod Service - ok
23:07:46.0000 2860 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:07:46.0000 2860 IPSec - ok
23:07:46.0031 2860 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
23:07:46.0046 2860 IRENUM - ok
23:07:46.0046 2860 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:07:46.0062 2860 isapnp - ok
23:07:46.0171 2860 [ 081B150BE10A217C2696248CF1210EBD ] iWinTrusted C:\Program Files\iWin Games\iWinTrusted.exe
23:07:46.0171 2860 iWinTrusted - ok
23:07:46.0312 2860 [ 4F2143570D2250CA4C4A4C98553C82CD ] JavaQuickStarterService C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
23:07:46.0312 2860 JavaQuickStarterService - ok
23:07:46.0328 2860 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:07:46.0328 2860 Kbdclass - ok
23:07:46.0375 2860 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
23:07:46.0390 2860 kbdhid - ok
23:07:46.0437 2860 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
23:07:46.0546 2860 kmixer - ok
23:07:46.0609 2860 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
23:07:46.0625 2860 KSecDD - ok
23:07:46.0671 2860 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
23:07:46.0687 2860 lanmanserver - ok
23:07:46.0734 2860 [ A8888A5327621856C0CEC4E385F69309 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
23:07:46.0765 2860 LanmanWorkstation - ok
23:07:47.0000 2860 [ 6DF2BE94D712753FB8D87495469B5262 ] Lavasoft Ad-Aware Service C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
23:07:47.0046 2860 Lavasoft Ad-Aware Service - ok
23:07:47.0078 2860 [ B7C19EC8B0DD7EFA58AD41FFEB8B8CDA ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
23:07:47.0078 2860 Lbd - ok
23:07:47.0093 2860 lbrtfdc - ok
23:07:47.0156 2860 [ E4973B3229E0015345AFBE43A8A8EB3B ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:07:47.0156 2860 LightScribeService - ok
23:07:47.0187 2860 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
23:07:47.0187 2860 LmHosts - ok
23:07:47.0312 2860 [ 8113133EC42DD6C566908008CE913EDD ] LVcKap C:\WINDOWS\system32\DRIVERS\LVcKap.sys
23:07:47.0375 2860 LVcKap - ok
23:07:47.0515 2860 [ 9E41266C68C11D7101A2D18CD1F7553E ] LVCOMSer C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
23:07:47.0515 2860 LVCOMSer - ok
23:07:47.0890 2860 [ 0DD5B8AF4917A2821047450195C511B3 ] LVMVDrv C:\WINDOWS\system32\DRIVERS\LVMVDrv.sys
23:07:48.0312 2860 LVMVDrv - ok
23:07:48.0343 2860 [ 406B1D186F75B4B4832D6237859E1B00 ] LVPr2Mon C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys
23:07:48.0343 2860 LVPr2Mon - ok
23:07:48.0375 2860 [ 85C2E84BC1224C75A20B5560D5A15DB9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23:07:48.0375 2860 LVPrcSrv - ok
23:07:48.0421 2860 [ 656180E9C0C5199520972426C44BC2F0 ] LVSrvLauncher C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
23:07:48.0437 2860 LVSrvLauncher - ok
23:07:48.0453 2860 [ CAEF4C05BA2C1ACAD4EBCAA4261CD55D ] LVUSBSta C:\WINDOWS\system32\drivers\LVUSBSta.sys
23:07:48.0468 2860 LVUSBSta - ok
23:07:48.0500 2860 [ DF0A511F38F16016BF658FCA0090CB87 ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
23:07:48.0500 2860 McrdSvc - ok
23:07:48.0640 2860 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
23:07:48.0640 2860 MDM - ok
23:07:48.0703 2860 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
23:07:48.0703 2860 Messenger - ok
23:07:48.0734 2860 [ B7521F69C0A9B29D356157229376FB21 ] MHN C:\WINDOWS\System32\mhn.dll
23:07:48.0750 2860 MHN - ok
23:07:48.0781 2860 [ 7F2F1D2815A6449D346FCCCBC569FBD6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
23:07:48.0781 2860 MHNDRV - ok
23:07:48.0906 2860 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
23:07:48.0921 2860 mnmdd - ok
23:07:48.0968 2860 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
23:07:48.0984 2860 mnmsrvc - ok
23:07:49.0015 2860 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
23:07:49.0015 2860 Modem - ok
23:07:49.0031 2860 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:07:49.0031 2860 Mouclass - ok
23:07:49.0109 2860 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:07:49.0109 2860 mouhid - ok
23:07:49.0125 2860 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
23:07:49.0125 2860 MountMgr - ok
23:07:49.0187 2860 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:07:49.0187 2860 MozillaMaintenance - ok
23:07:49.0203 2860 mraid35x - ok
23:07:49.0218 2860 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:07:49.0218 2860 MRxDAV - ok
23:07:49.0296 2860 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:07:49.0312 2860 MRxSmb - ok
23:07:49.0343 2860 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
23:07:49.0359 2860 MSDTC - ok
23:07:49.0375 2860 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
23:07:49.0375 2860 Msfs - ok
23:07:49.0390 2860 MSIServer - ok
23:07:49.0406 2860 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:07:49.0406 2860 MSKSSRV - ok
23:07:49.0437 2860 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:07:49.0437 2860 MSPCLOCK - ok
23:07:49.0437 2860 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
23:07:49.0453 2860 MSPQM - ok
23:07:49.0484 2860 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:07:49.0484 2860 mssmbios - ok
23:07:49.0515 2860 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
23:07:49.0515 2860 MSTEE - ok
23:07:49.0546 2860 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
23:07:49.0546 2860 Mup - ok
23:07:49.0562 2860 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
23:07:49.0593 2860 NABTSFEC - ok
23:07:49.0656 2860 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
23:07:49.0687 2860 napagent - ok
23:07:49.0703 2860 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
23:07:49.0734 2860 NDIS - ok
23:07:49.0750 2860 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
23:07:49.0750 2860 NdisIP - ok
23:07:49.0812 2860 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:07:49.0812 2860 NdisTapi - ok
23:07:49.0859 2860 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:07:49.0875 2860 Ndisuio - ok
23:07:49.0875 2860 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:07:49.0890 2860 NdisWan - ok
23:07:49.0937 2860 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
23:07:49.0937 2860 NDProxy - ok
23:07:49.0953 2860 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
23:07:49.0953 2860 NetBIOS - ok
23:07:49.0984 2860 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
23:07:50.0000 2860 NetBT - ok
23:07:50.0046 2860 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
23:07:50.0062 2860 NetDDE - ok
23:07:50.0062 2860 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
23:07:50.0078 2860 NetDDEdsdm - ok
23:07:50.0125 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
23:07:50.0125 2860 Netlogon - ok
23:07:50.0187 2860 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
23:07:50.0218 2860 Netman - ok
23:07:50.0265 2860 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:07:50.0281 2860 NetTcpPortSharing - ok
23:07:50.0296 2860 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
23:07:50.0296 2860 NIC1394 - ok
23:07:50.0359 2860 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
23:07:50.0437 2860 Nla - ok
23:07:50.0453 2860 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
23:07:50.0453 2860 Npfs - ok
23:07:50.0546 2860 npkcrypt - ok
23:07:50.0546 2860 npkycryp - ok
23:07:50.0718 2860 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
23:07:51.0000 2860 Ntfs - ok
23:07:51.0031 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
23:07:51.0046 2860 NtLmSsp - ok
23:07:51.0140 2860 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
23:07:51.0250 2860 NtmsSvc - ok
23:07:51.0312 2860 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
23:07:51.0328 2860 Null - ok
23:07:51.0359 2860 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:07:51.0375 2860 NwlnkFlt - ok
23:07:51.0406 2860 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:07:51.0406 2860 NwlnkFwd - ok
23:07:51.0421 2860 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
23:07:51.0421 2860 ohci1394 - ok
23:07:51.0453 2860 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:07:51.0484 2860 ose - ok
23:07:51.0500 2860 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
23:07:51.0515 2860 Parport - ok
23:07:51.0515 2860 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
23:07:51.0531 2860 PartMgr - ok
23:07:51.0562 2860 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
23:07:51.0609 2860 ParVdm - ok
23:07:51.0609 2860 PCD5SRVC{085326CB-51A3560A-05010003} - ok
23:07:51.0625 2860 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
23:07:51.0640 2860 PCI - ok
23:07:51.0640 2860 PCIDump - ok
23:07:51.0687 2860 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
23:07:51.0687 2860 PCIIde - ok
23:07:51.0734 2860 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
23:07:51.0781 2860 Pcmcia - ok
23:07:52.0015 2860 [ 69F2B9BDB71F9AA86B1D4D99100D1C1E ] PD91Agent C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
23:07:52.0015 2860 PD91Agent - ok
23:07:52.0250 2860 [ 2E5F3F8C5D772AAC4695509F8F0D593B ] PD91Engine C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe
23:07:52.0500 2860 PD91Engine - ok
23:07:52.0515 2860 PDCOMP - ok
23:07:52.0515 2860 PDFRAME - ok
23:07:52.0531 2860 PDRELI - ok
23:07:52.0546 2860 PDRFRAME - ok
23:07:52.0578 2860 [ C5D5EA6A29523E0F6016741E9851C6DB ] pepifilter C:\WINDOWS\system32\DRIVERS\lv302af.sys
23:07:52.0578 2860 pepifilter - ok
23:07:52.0593 2860 perc2 - ok
23:07:52.0593 2860 perc2hib - ok
23:07:52.0734 2860 [ ED2E7F396B4098608C95BC3806BDF6FC ] pfc C:\WINDOWS\system32\drivers\pfc.sys
23:07:52.0765 2860 pfc - ok
23:07:52.0968 2860 [ 3F96DCD4AC98C8E0D3C03C24FD49A2FE ] PID_PEPI C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
23:07:53.0046 2860 PID_PEPI - ok
23:07:53.0218 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
23:07:53.0234 2860 PlugPlay - ok
23:07:53.0312 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
23:07:53.0328 2860 PolicyAgent - ok
23:07:53.0406 2860 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:07:53.0437 2860 PptpMiniport - ok
23:07:53.0484 2860 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
23:07:53.0515 2860 Processor - ok
23:07:53.0531 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:07:53.0531 2860 ProtectedStorage - ok
23:07:53.0593 2860 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
23:07:53.0609 2860 ProtexisLicensing - ok
23:07:53.0656 2860 [ 390C204CED3785609AB24E9C52054A84 ] Ps2 C:\WINDOWS\system32\DRIVERS\PS2.sys
23:07:53.0671 2860 Ps2 - ok
23:07:53.0703 2860 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:07:53.0718 2860 Ptilink - ok
23:07:53.0781 2860 [ 0C8DA0A8B0D227319C285E0EAE65DEFD ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:07:53.0921 2860 PxHelp20 - ok
23:07:53.0937 2860 ql1080 - ok
23:07:53.0953 2860 Ql10wnt - ok
23:07:53.0968 2860 ql12160 - ok
23:07:53.0984 2860 ql1240 - ok
23:07:54.0000 2860 ql1280 - ok
23:07:54.0031 2860 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:07:54.0046 2860 RasAcd - ok
23:07:54.0093 2860 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
23:07:54.0125 2860 RasAuto - ok
23:07:54.0156 2860 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:07:54.0156 2860 Rasl2tp - ok
23:07:54.0265 2860 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
23:07:54.0281 2860 RasMan - ok
23:07:54.0296 2860 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:07:54.0296 2860 RasPppoe - ok
23:07:54.0312 2860 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
23:07:54.0312 2860 Raspti - ok
23:07:54.0406 2860 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:07:54.0437 2860 Rdbss - ok
23:07:54.0484 2860 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:07:54.0484 2860 RDPCDD - ok
23:07:54.0609 2860 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:07:54.0640 2860 rdpdr - ok
23:07:54.0703 2860 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
23:07:54.0734 2860 RDPWD - ok
23:07:54.0875 2860 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
23:07:54.0953 2860 RDSessMgr - ok
23:07:55.0000 2860 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
23:07:55.0031 2860 redbook - ok
23:07:55.0078 2860 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
23:07:55.0109 2860 RemoteAccess - ok
23:07:55.0171 2860 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
23:07:55.0203 2860 RemoteRegistry - ok
23:07:55.0406 2860 [ B216B03852DF788C7E2AFDF6C6E8A9B0 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:07:55.0453 2860 RichVideo - ok
23:07:55.0468 2860 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
23:07:55.0515 2860 RpcLocator - ok
23:07:55.0640 2860 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
23:07:55.0656 2860 RpcSs - ok
23:07:55.0703 2860 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
23:07:55.0750 2860 RSVP - ok
23:07:55.0890 2860 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
23:07:55.0984 2860 RTL8023xp - ok
23:07:56.0203 2860 [ D507C1400284176573224903819FFDA3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
23:07:56.0234 2860 rtl8139 - ok
23:07:56.0296 2860 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
23:07:56.0312 2860 SamSs - ok
23:07:56.0375 2860 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
23:07:56.0468 2860 SCardSvr - ok
23:07:56.0562 2860 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
23:07:56.0671 2860 Schedule - ok
23:07:57.0421 2860 [ ED9C5CF6CC611EC8AC4A77C3F58F0601 ] ScsiAccess C:\WINDOWS\system32\ScsiAccess.EXE
23:07:57.0546 2860 ScsiAccess - ok
23:07:57.0703 2860 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:07:58.0250 2860 Secdrv - ok
23:07:58.0359 2860 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
23:07:58.0406 2860 seclogon - ok
23:07:58.0468 2860 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
23:07:58.0484 2860 SENS - ok
23:07:58.0671 2860 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] Serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
23:07:58.0671 2860 Serenum - ok
23:07:59.0000 2860 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
23:07:59.0031 2860 Serial - ok
23:07:59.0062 2860 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
23:07:59.0078 2860 Sfloppy - ok
23:07:59.0156 2860 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
23:07:59.0296 2860 SharedAccess - ok
23:07:59.0343 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:07:59.0359 2860 ShellHWDetection - ok
23:07:59.0375 2860 Simbad - ok
23:07:59.0656 2860 [ 3FBB6EF8B5A71A2FA11F5F461BB73219 ] SISNIC C:\WINDOWS\system32\DRIVERS\sisnic.sys
23:07:59.0687 2860 SISNIC - ok
23:07:59.0703 2860 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
23:07:59.0703 2860 SLIP - ok
23:07:59.0718 2860 Sparrow - ok
23:07:59.0828 2860 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
23:07:59.0843 2860 splitter - ok
23:07:59.0937 2860 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
23:07:59.0953 2860 Spooler - ok
23:08:00.0218 2860 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
23:08:00.0265 2860 sr - ok
23:08:00.0406 2860 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
23:08:00.0562 2860 srservice - ok
23:08:00.0781 2860 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
23:08:00.0843 2860 Srv - ok
23:08:00.0906 2860 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
23:08:01.0015 2860 SSDPSRV - ok
23:08:01.0062 2860 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
23:08:01.0109 2860 StillCam - ok
23:08:01.0218 2860 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
23:08:01.0375 2860 stisvc - ok
23:08:01.0437 2860 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
23:08:01.0437 2860 streamip - ok
23:08:01.0500 2860 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
23:08:01.0515 2860 swenum - ok
23:08:01.0578 2860 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
23:08:01.0578 2860 swmidi - ok
23:08:01.0593 2860 SwPrv - ok
23:08:01.0609 2860 symc810 - ok
23:08:01.0625 2860 symc8xx - ok
23:08:01.0640 2860 sym_hi - ok
23:08:01.0656 2860 sym_u3 - ok
23:08:01.0734 2860 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
23:08:01.0734 2860 sysaudio - ok
23:08:01.0750 2860 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
23:08:01.0781 2860 SysmonLog - ok
23:08:01.0843 2860 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
23:08:01.0937 2860 TapiSrv - ok
23:08:02.0078 2860 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:08:02.0296 2860 Tcpip - ok
23:08:02.0359 2860 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
23:08:02.0390 2860 TDPIPE - ok
23:08:02.0437 2860 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
23:08:02.0437 2860 TDTCP - ok
23:08:02.0453 2860 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
23:08:02.0484 2860 TermDD - ok
23:08:02.0531 2860 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
23:08:02.0609 2860 TermService - ok
23:08:02.0656 2860 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
23:08:02.0671 2860 Themes - ok
23:08:02.0703 2860 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
23:08:02.0734 2860 TlntSvr - ok
23:08:02.0734 2860 TosIde - ok
23:08:02.0781 2860 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
23:08:02.0796 2860 TrkWks - ok
23:08:02.0828 2860 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
23:08:02.0828 2860 Udfs - ok
23:08:02.0859 2860 ultra - ok
23:08:02.0953 2860 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
23:08:02.0968 2860 Update - ok
23:08:03.0000 2860 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
23:08:03.0031 2860 upnphost - ok
23:08:03.0046 2860 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
23:08:03.0062 2860 UPS - ok
23:08:03.0125 2860 [ 1DF89C499BF45D878B87EBD4421D462D ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
23:08:03.0140 2860 USBAAPL - ok
23:08:03.0187 2860 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
23:08:03.0187 2860 usbaudio - ok
23:08:03.0218 2860 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:08:03.0265 2860 usbccgp - ok
23:08:03.0312 2860 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:08:03.0328 2860 usbehci - ok
23:08:03.0343 2860 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:08:03.0359 2860 usbhub - ok
23:08:03.0390 2860 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:08:03.0406 2860 usbohci - ok
23:08:03.0421 2860 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:08:03.0437 2860 usbscan - ok
23:08:03.0468 2860 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:08:03.0468 2860 usbstor - ok
23:08:03.0546 2860 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:08:03.0578 2860 usbuhci - ok
23:08:03.0640 2860 [ 92CEBC2BC7BE2C8D49391B365569F306 ] vaxscsi C:\WINDOWS\System32\Drivers\vaxscsi.sys
23:08:03.0765 2860 vaxscsi - ok
23:08:03.0812 2860 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
23:08:03.0843 2860 VgaSave - ok
23:08:03.0890 2860 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
23:08:03.0921 2860 ViaIde - ok
23:08:03.0968 2860 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
23:08:03.0968 2860 VolSnap - ok
23:08:04.0031 2860 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
23:08:04.0046 2860 VSS - ok
23:08:04.0078 2860 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
23:08:04.0109 2860 W32Time - ok
23:08:04.0140 2860 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:08:04.0156 2860 Wanarp - ok
23:08:04.0156 2860 WDICA - ok
23:08:04.0187 2860 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
23:08:04.0187 2860 wdmaud - ok
23:08:04.0234 2860 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
23:08:04.0250 2860 WebClient - ok
23:08:04.0359 2860 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
23:08:04.0375 2860 winmgmt - ok
23:08:04.0515 2860 [ D9250B31B353EE3322C1CAD411997E38 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:08:04.0531 2860 wlidsvc - ok
23:08:04.0656 2860 [ 94A85E956A065E23E0010A6A7826243B ] WLSetupSvc C:\Program Files\Windows Live\installer\WLSetupSvc.exe
23:08:04.0687 2860 WLSetupSvc - ok
23:08:04.0734 2860 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
23:08:04.0734 2860 WmdmPmSN - ok
23:08:04.0812 2860 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
23:08:04.0843 2860 Wmi - ok
23:08:04.0890 2860 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:08:04.0890 2860 WmiApSrv - ok
23:08:04.0968 2860 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
23:08:04.0968 2860 WS2IFSL - ok
23:08:05.0031 2860 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
23:08:05.0046 2860 wscsvc - ok
23:08:05.0046 2860 WSearch - ok
23:08:05.0078 2860 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
23:08:05.0093 2860 WSTCODEC - ok
23:08:05.0109 2860 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
23:08:05.0140 2860 wuauserv - ok
23:08:05.0203 2860 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
23:08:05.0234 2860 WZCSVC - ok
23:08:05.0281 2860 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
23:08:05.0328 2860 xmlprov - ok
23:08:05.0375 2860 [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
23:08:05.0375 2860 YahooAUService - ok
23:08:05.0406 2860 ================ Scan global ===============================
23:08:05.0484 2860 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
23:08:05.0562 2860 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:08:05.0609 2860 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
23:08:05.0671 2860 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
23:08:05.0687 2860 [Global] - ok
23:08:05.0687 2860 ================ Scan MBR ==================================
23:08:05.0703 2860 [ 0AC6D996BCE152AED9600E6D6B797E2E ] \Device\Harddisk0\DR0
23:08:10.0593 2860 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
23:08:10.0593 2860 \Device\Harddisk0\DR0 - detected TDSS File System (1)
23:08:10.0593 2860 ================ Scan VBR ==================================
23:08:10.0640 2860 [ B6928E5D90E86015C46420310E1801CE ] \Device\Harddisk0\DR0\Partition1
23:08:10.0640 2860 \Device\Harddisk0\DR0\Partition1 - ok
23:08:10.0703 2860 [ 87C787F20E7678A83AAD4517CEAD68A8 ] \Device\Harddisk0\DR0\Partition2
23:08:10.0718 2860 \Device\Harddisk0\DR0\Partition2 - ok
23:08:10.0718 2860 ============================================================
23:08:10.0718 2860 Scan finished
23:08:10.0718 2860 ============================================================
23:08:10.0781 1948 Detected object count: 1
23:08:10.0781 1948 Actual detected object count: 1
23:08:24.0718 1948 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
23:08:24.0718 1948 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
23:08:24.0718 1948 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
23:08:26.0421 1948 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
23:08:27.0281 1948 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
23:08:27.0281 1948 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
23:08:40.0593 1948 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
23:08:40.0812 1948 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
23:08:41.0171 1948 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
23:08:41.0531 1948 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
23:08:41.0781 1948 \Device\Harddisk0\DR0\TDLFS - deleted
23:08:41.0781 1948 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
23:09:12.0484 2064 Deinitialize success



ComboFix 12-11-09.02 - HP_Administrator 11/10/2012 23:29:25.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.386 [GMT -8:00]
Running from: c:\documents and settings\HP_Administrator\My Documents\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Default User\WINDOWS
c:\documents and settings\HP_Administrator\WINDOWS
c:\windows\system32\_000111_.tmp.dll
c:\windows\system32\config\systemprofile\WINDOWS
c:\windows\system32\ps2.bat
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
c:\windows\Tasks\At1.job
c:\windows\Tasks\At10.job
c:\windows\Tasks\At11.job
c:\windows\Tasks\At12.job
c:\windows\Tasks\At13.job
c:\windows\Tasks\At14.job
c:\windows\Tasks\At15.job
c:\windows\Tasks\At16.job
c:\windows\Tasks\At17.job
c:\windows\Tasks\At18.job
c:\windows\Tasks\At19.job
c:\windows\Tasks\At2.job
c:\windows\Tasks\At20.job
c:\windows\Tasks\At21.job
c:\windows\Tasks\At22.job
c:\windows\Tasks\At23.job
c:\windows\Tasks\At24.job
c:\windows\Tasks\At3.job
c:\windows\Tasks\At4.job
c:\windows\Tasks\At5.job
c:\windows\Tasks\At6.job
c:\windows\Tasks\At7.job
c:\windows\Tasks\At8.job
c:\windows\Tasks\At9.job
D:\Autorun.inf
.
.
((((((((((((((((((((((((( Files Created from 2012-10-11 to 2012-11-11 )))))))))))))))))))))))))))))))
.
.
2012-11-11 07:00 . 2012-11-11 07:08 -------- d-----w- C:\TDSSKiller_Quarantine
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 01:20 . 2012-04-21 18:48 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-09 01:20 . 2011-05-18 05:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-08-28 15:14 . 2006-04-06 18:58 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2006-04-06 18:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2006-04-06 18:53 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2006-04-06 18:52 385024 ----a-w- c:\windows\system32\html.iec
2012-08-24 13:53 . 2006-04-06 18:58 177664 ----a-w- c:\windows\system32\wintrust.dll
2012-08-21 13:33 . 2004-08-10 19:00 2148864 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-08-21 12:58 . 2004-08-10 19:00 2027520 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-27 07:18 . 2012-10-27 07:16 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DISCover"="c:\program files\DISC\DISCover.exe" [2006-07-30 1073152]
"DiscUpdateManager"="c:\program files\DISC\DiscUpdateMgr.exe" [2005-09-27 61440]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-07-21 296096]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 16010240]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-21 59240]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
EPSON Status Monitor 3 Environment Check(3).lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV03.EXE [2001-6-25 128000]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *\0lsdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\DISC\\DISCover.exe"=
"c:\\Program Files\\DISC\\DiscStreamHub.exe"=
"c:\\Program Files\\DISC\\myFTP.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Gravity\\RO\\sakray.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5/8/2010 5:55 PM 64288]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [10/5/2011 9:38 AM 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/1/2008 8:53 AM 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/1/2008 8:53 AM 20696]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [4/14/2010 6:16 AM 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 7:52 AM 1355968]
R2 PD91Agent;PD91Agent;c:\program files\Raxco\PerfectDisk2008\PD91Agent.exe [9/9/2008 12:49 PM 693512]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [12/11/2007 4:46 PM 547744]
S3 ATIXPGAA;ATIXPGAA;\??\c:\program files\PC-Doctor 5 for Windows\ATIXPGAA.SYS --> c:\program files\PC-Doctor 5 for Windows\ATIXPGAA.SYS [?]
S3 npkycryp;npkycryp;\??\c:\program files\Gravity\RO\npkycryp.sys --> c:\program files\Gravity\RO\npkycryp.sys [?]
S3 PCD5SRVC{085326CB-51A3560A-05010003};PCD5SRVC{085326CB-51A3560A-05010003} - PCDR Kernel Mode Service Helper Driver;\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms --> c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [?]
S3 PD91Engine;PD91Engine;c:\program files\Raxco\PerfectDisk2008\PD91Engine.exe [9/9/2008 12:49 PM 906504]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [12/24/2006 7:58 PM 223128]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 67483918
*NewlyCreated* - 92476979
*Deregistered* - 67483918
*Deregistered* - 92476979
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-11 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 01:56]
.
2012-11-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 01:20]
.
2012-11-10 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57]
.
2012-11-11 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-693251073-3382504289-3859644006-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 19:00]
.
2012-11-11 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-693251073-3382504289-3859644006-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 19:00]
.
.
------- Supplementary Scan -------
.
uLocal Page =
uStart Page = about:blank
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mLocal Page =
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: trymedia.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5wkcpt3f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - ExtSQL: !HIDDEN! 2009-09-02 00:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-NWEReboot - (no file)
SafeBoot-67483918.sys
AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel
AddRemove-LSI Soft Modem - c:\windows\agrsmdel
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-10 23:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\PCD5SRVC{085326CB-51A3560A-05010003}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2012-11-10 23:51:25
ComboFix-quarantined-files.txt 2012-11-11 07:51
.
Pre-Run: 161,092,759,552 bytes free
Post-Run: 161,289,084,928 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
.
- - End Of File - - 5B8DDF9CEF31BC26FBB339181493BAFD

#4 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 11 November 2012 - 01:11 PM

Please do the following:

Please download Malwarebytes Anti-Malware
  • Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected. <-- very important
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.



NEXT


Go here to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activeX control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan completes, press the LIST OF THREATS FOUND button
  • Press EXPORT TO TEXT FILE , name the file ESETSCAN and save it to your desktop
  • Include the contents of this report in your next reply.
  • Press the BACK button.
  • Press Finish

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#5 grnelf56

grnelf56
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:29 AM

Posted 12 November 2012 - 03:45 AM

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.12.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
HP_Administrator :: MM [administrator]

11/11/2012 10:16:07 PM
mbam-log-2012-11-11 (22-16-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237735
Time elapsed: 22 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Documents and Settings\HP_Administrator\Application Data\dkfjasdfshd.bat (Malware.Trace) -> Quarantined and deleted successfully.

(end)




ESETSCAN
C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5wkcpt3f.default\extensions\wxcvmuobwb@wxcvmuobwb.org.xpi JS/Redirector.NCI trojan
C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\2f310681-54071c8e multiple threats
C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\69928a3d-185112cf a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadadddagegfdjgcgfgbgddgdegfdfdc\background.html Win32/BHO.OEI trojan
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\game setup\BandooV4.exe a variant of Win32/Adware.Bandoo.AA application
C:\System Volume Information\_restore{106CF321-99A3-4E3A-9103-1BD027606A99}\RP2107\A0475503.dll Win32/BHO.OEI trojan
C:\TDSSKiller_Quarantine\10.11.2012_23.03.22\tdlfs0000\tsk0003.dta a variant of Win32/Olmarik.ADZ trojan
C:\TDSSKiller_Quarantine\10.11.2012_23.03.22\tdlfs0000\tsk0004.dta probably a variant of Win32/Agent.FJFPNNI trojan
C:\WINDOWS\system32\123.js JS/TrojanDownloader.Agent.NWG trojan
C:\WINDOWS\system32\12543.js JS/TrojanDownloader.Agent.NWG trojan
C:\WINDOWS\system32\234.js JS/TrojanDownloader.Agent.NWG trojan

Edited by grnelf56, 12 November 2012 - 11:38 AM.


#6 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 12 November 2012 - 06:46 PM

Please do the following:

  • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below.
  • They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
Copy/paste the text inside the Codebox below into notepad:

Here's how to do that:
Press the WinKey + R to open a run box, type Notepad > click OK.
This will open an empty notepad file:

Copy all the text inside of the code box - Press Ctrl+C (or right click on the highlighted section and choose 'copy')

File::
C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5wkcpt3f.default\extensions\wxcvmuobwb@wxcvmuobwb.org.xpi 
C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\1\2f310681-54071c8e 
C:\Documents and Settings\HP_Administrator\Application Data\Sun\Java\Deployment\cache\6.0\61\69928a3d-185112cf 
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadadddagegfdjgcgfgbgddgdegfdfdc\background.html 
C:\Documents and Settings\HP_Administrator\My Documents\Downloads\game setup\BandooV4.exe 
C:\WINDOWS\system32\123.js 
C:\WINDOWS\system32\12543.js 
C:\WINDOWS\system32\234.js 

ClearJavaCache::

Now paste the copied text into the open notepad - press CTRL+V (or right click and choose 'paste')

Save this file to your desktop, Save this as "CFScript"


Here's how to do that:

1.Click File;
2.Click Save As... Change the directory to your desktop;
3.Change the Save as type to "All Files";
4.Type in the file name: CFScript
5.Click Save ...

Posted Image
  • Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
  • ComboFix may request an update; please allow it.
  • ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
  • When finished, it shall produce a log for you.
  • Copy and paste the contents of the log in your next reply.

CAUTION: Do not mouse-click ComboFix's window while it is running. That may cause it to stall.


NEXT

Posted Image
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click on "Do I have Java"
  • It will check your current version and then offer to update to the latest version
  • Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if there are - remove them.


NEXT


Please advise how the computer is running now and if there are any outstanding issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#7 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 21 November 2012 - 09:34 PM

Due to the lack of feedback, this topic is now closed.In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#8 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 25 November 2012 - 05:50 PM

This topic has been re-opened at the request of the person who originally posted.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#9 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 25 November 2012 - 05:51 PM

please advise how the computer is running

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#10 grnelf56

grnelf56
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:29 AM

Posted 26 November 2012 - 12:26 AM

every time i try to install java i get error code 1606 cannot access network location then i ran the combo fix

ComboFix 12-11-25.01 - HP_Administrator 11/25/2012 13:24:47.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.959.501 [GMT -8:00]
Running from: c:\documents and settings\HP_Administrator\My Documents\Downloads\ComboFix.exe
Command switches used :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\HP_Administrator\Application Data\completescan
c:\documents and settings\HP_Administrator\Application Data\HPSU_48BitScanUpdate.log
c:\documents and settings\HP_Administrator\Application Data\install
c:\program files\iWin Games\iWinGamesHookIE.dll
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\system32\Thumbs.db
.
.
((((((((((((((((((((((((( Files Created from 2012-10-25 to 2012-11-25 )))))))))))))))))))))))))))))))
.
.
2012-11-17 22:34 . 2012-11-17 22:34 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin7.dll
2012-11-17 22:34 . 2012-11-17 22:34 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin6.dll
2012-11-17 22:34 . 2012-11-17 22:34 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin5.dll
2012-11-17 22:34 . 2012-11-17 22:34 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin4.dll
2012-11-17 22:34 . 2012-11-17 22:34 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin3.dll
2012-11-17 22:34 . 2012-11-17 22:34 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin2.dll
2012-11-17 22:34 . 2012-11-17 22:34 159744 ----a-w- c:\program files\Internet Explorer\PLUGINS\npqtplugin.dll
2012-11-17 22:29 . 2012-11-17 22:34 -------- d-----w- c:\program files\QuickTime
2012-11-17 22:00 . 2012-11-17 22:03 -------- d-----w- c:\documents and settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-11-17 22:00 . 2012-11-17 22:03 -------- d-----w- c:\program files\iTunes
2012-11-12 06:45 . 2012-11-12 06:45 -------- d-----w- c:\program files\ESET
2012-11-12 06:14 . 2012-11-12 06:14 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
2012-11-12 06:14 . 2012-11-12 06:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2012-11-12 06:14 . 2012-11-12 06:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-11-12 06:14 . 2012-09-30 03:54 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-11-11 07:00 . 2012-11-11 07:08 -------- d-----w- C:\TDSSKiller_Quarantine
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-11-22 16:11 . 2012-04-21 18:48 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-11-22 16:11 . 2011-05-18 05:25 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-25 11:12 . 2012-10-25 11:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx
2012-10-25 11:12 . 2012-10-25 11:12 69632 ----a-w- c:\windows\system32\QuickTime.qts
2012-10-22 08:37 . 2006-04-06 18:58 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04 . 2006-04-06 18:56 58368 ----a-w- c:\windows\system32\synceng.dll
2012-08-28 15:14 . 2006-04-06 18:58 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:14 . 2006-04-06 18:53 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-08-28 15:14 . 2006-04-06 18:53 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2006-04-06 18:52 385024 ----a-w- c:\windows\system32\html.iec
2012-11-20 22:21 . 2012-11-20 22:21 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 123536 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-21 68856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DISCover"="c:\program files\DISC\DISCover.exe" [2006-07-30 1073152]
"DiscUpdateManager"="c:\program files\DISC\DiscUpdateMgr.exe" [2005-09-27 61440]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-09-21 1605740]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2010-03-12 49208]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2012-07-21 296096]
"RTHDCPL"="RTHDCPL.EXE" [2006-03-08 16010240]
"ISUSPM Startup"="c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2012-03-06 4241512]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-09-10 421776]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
EPSON Status Monitor 3 Environment Check(3).lnk - c:\windows\system32\spool\drivers\w32x86\3\E_SRCV03.EXE [2001-6-25 128000]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ PDBoot.exe\0autocheck autochk *\0lsdelete
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\DISC\\DISCover.exe"=
"c:\\Program Files\\DISC\\DiscStreamHub.exe"=
"c:\\Program Files\\DISC\\myFTP.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\utorrent.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Gravity\\RO\\sakray.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
"c:\\Program Files\\Java\\jre1.6.0_02\\bin\\javaw.exe"=
"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [5/8/2010 5:55 PM 64288]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [10/5/2011 9:38 AM 612184]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [6/1/2008 8:53 AM 337880]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [6/1/2008 8:53 AM 20696]
R2 iWinTrusted;iWinTrusted;c:\program files\iWin Games\iWinTrusted.exe [4/14/2010 6:16 AM 78104]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2/4/2010 7:52 AM 1355968]
R2 PD91Agent;PD91Agent;c:\program files\Raxco\PerfectDisk2008\PD91Agent.exe [9/9/2008 12:49 PM 693512]
R3 A3AB;D-Link AirPro 802.11a/b Wireless Adapter Service(A3AB);c:\windows\system32\drivers\A3AB.sys [12/11/2007 4:46 PM 547744]
S3 ATIXPGAA;ATIXPGAA;\??\c:\program files\PC-Doctor 5 for Windows\ATIXPGAA.SYS --> c:\program files\PC-Doctor 5 for Windows\ATIXPGAA.SYS [?]
S3 npkycryp;npkycryp;\??\c:\program files\Gravity\RO\npkycryp.sys --> c:\program files\Gravity\RO\npkycryp.sys [?]
S3 PCD5SRVC{085326CB-51A3560A-05010003};PCD5SRVC{085326CB-51A3560A-05010003} - PCDR Kernel Mode Service Helper Driver;\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms --> c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [?]
S3 PD91Engine;PD91Engine;c:\program files\Raxco\PerfectDisk2008\PD91Engine.exe [9/9/2008 12:49 PM 906504]
S3 vaxscsi;vaxscsi;c:\windows\system32\drivers\vaxscsi.sys [12/24/2006 7:58 PM 223128]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
getPlusHelper REG_MULTI_SZ getPlusHelper
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-25 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-02-04 01:56]
.
2012-11-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 16:11]
.
2012-11-24 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-02 00:57]
.
2012-11-25 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-693251073-3382504289-3859644006-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 19:00]
.
2012-11-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-693251073-3382504289-3859644006-1008.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2012-06-21 19:00]
.
.
------- Supplementary Scan -------
.
uLocal Page =
uStart Page = about:blank
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mLocal Page =
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q106&bd=pavilion&pf=desktop
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local;localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
Trusted Zone: trymedia.com
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\5wkcpt3f.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.yahoo.com/search?fr=ffsp1&p=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=firefox-a&rls=org.mozilla:en-US:official
FF - ExtSQL: !HIDDEN! 2009-09-02 00:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-25 13:39
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet004\Services\PCD5SRVC{085326CB-51A3560A-05010003}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(592)
c:\windows\system32\Ati2evxx.dll
.
Completion time: 2012-11-25 13:45:31
ComboFix-quarantined-files.txt 2012-11-25 21:45
ComboFix2.txt 2012-11-11 07:51
.
Pre-Run: 159,299,993,600 bytes free
Post-Run: 159,681,564,672 bytes free
.
- - End Of File - - AEE9CBD9EC1472716DE6493559003532



also i am still getting redirected when i do a search in google

and i am getting getting a short cut for IE every time i run a cleaner program you sudgest sry thisis a big fix it runs so slowwwwwww thank you

Edited by grnelf56, 26 November 2012 - 12:38 AM.


#11 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 26 November 2012 - 08:02 AM

Please run the following:

Please download Junkware Removal Tool to your desktop.
  • Shutdown your antivirus to avoid any conflicts.
  • Right-mouse click JRT.exe and select Run as administrator
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message

NEXT

Please advise how the computer is running now and if there are any outstanding issues

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#12 grnelf56

grnelf56
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:29 AM

Posted 26 November 2012 - 01:29 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.5.4 (11.26.2012)
OS: Microsoft Windows XP x86
Ran by HP_Administrator on Mon 11/26/2012 at 9:54:24.48
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\toolbar\webbrowser\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ef99bd32-c1fb-11d2-892f-0090271d4f88}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\coupons"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\HP_Administrator\Application Data\mozilla\firefox\profiles\5wkcpt3f.default\extensions\wxcvmuobwb@wxcvmuobwb.org.xpi [Tracur]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/26/2012 at 10:15:07.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
the comp running very slower takes 2 -3 min to open or close any prgram

#13 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 26 November 2012 - 07:32 PM

try running the following:


Please download Windows Repair (all in one) from here

Install the program then run it

Go to step 2 and allow it to run Disk check

Posted Image

Once that is done then go to step 3 and allow it to run SFC

Posted Image

On the the Start Repairs tab => Click the Start

Posted Image

Click on the select all check box and then click on Start

DON'T use the computer while each scan is in progress.

Restart may be needed to finish the repair procedure.


let me know if there is any improvement

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015


#14 grnelf56

grnelf56
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:29 AM

Posted 28 November 2012 - 02:01 PM

It is running great thank you very very much Dee

#15 CatByte

CatByte

    bleepin' tiger


  • Malware Response Team
  • 14,664 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Canada
  • Local time:08:29 AM

Posted 28 November 2012 - 07:21 PM

We just have some housekeeping to do now,

Please do the following:


You can delete the DDS, JRT and TDSSKiller logs and programs from your desktop.


NEXT


Follow these steps to uninstall Combofix

  • Make sure your security programs are totally disabled.
  • Press the WinKey +R to open a run box
  • Now copy/paste Combofix /uninstall into the runbox and click OK. Note the space between the ..X and the /U, it needs to be there.

Posted Image


NEXT

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.


If there are any logs/tools remaining on your desktop > right click and delete them.


NEXT


Below I have included a number of recommendations for how to protect your computer against malware infections.

  • It is good security practice to change your passwords to all your online accounts on a fairly regular basis, this is especially true after an infection. Refer to this Microsoft article
    Strong passwords: How to create and use them
    Then consider a password keeper, to keep all your passwords safe. KeePass is a small utility that allows you to manage all your passwords.

  • Keep Windows updated by regularly checking their website at :
    http://windowsupdate.microsoft.com/
    This will ensure your computer has always the latest security updates available installed on your computer.

  • Make Internet Explorer more secure
    • Click Start > Run
    • Type Inetcpl.cpl & click OK
    • Click on the Security tab
    • Click Reset all zones to default level
    • Make sure the Internet Zone is selected & Click Custom level
    • In the ActiveX section, set the first two options ("Download signed and unsigned ActiveX controls) to "Prompt", and ("Initialize and Script ActiveX controls not marked as safe") to "Disable".
    • Next Click OK, then Apply button and then OK to exit the Internet Properties page.

  • Download TFC to your desktop
    • Close any open windows.
    • Double click the TFC icon to run the program
    • TFC will close all open programs itself in order to run,
    • Click the Start button to begin the process.
    • Allow TFC to run uninterrupted.
    • The program should not take long to finish it's job
    • Once its finished it should automatically reboot your machine,
    • if it doesn't, manually reboot to ensure a complete clean
    It's normal after running TFC cleaner that the PC will be slower to boot the first time.

  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an addon available for both Firefox and IE

  • Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.

  • ERUNT (Emergency Recovery Utility NT) allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed.

  • In light of your recent issue, I'm sure you'd like to avoid any future infections. Please take a look at these well written articles:
    PC Safety and Security--What Do I Need?.
  • Simple and easy ways to keep your computer safe and secure on the Internet

Thank you for your patience, and performing all of the procedures requested.

Please respond one last time so we can consider the thread resolved and close it, thank-you.

Microsoft MVP - 2010, 2011, 2012, 2013, 2014, 2015





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users