Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Still have FBI money virus???


  • Please log in to reply
18 replies to this topic

#1 RichardCB

RichardCB

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 22 November 2012 - 08:15 AM

I am running a Dell Inspiron 530 with windows XP. Last month, I “caught” the FBI money virus and could not get into safe mode to fix it. I would get the “blue screen”.
After repeatedly hitting F8 and F12 (no good reason, just frustration) I was able to get to my home page and ran Norton Internet Security 2012. It found a virus and took care of it. I also loaded and ran Malware bytes and it also found a virus, which it took care of. I finally ran TSKiller , which found nothing.
Computer ran ok, until I decided to uninstall Malware bytes (said I had used my free trial offer). Had shut off computer, rebooted next day and my NIS 2012 said it was not on. Tried to turn it on, could not. Went to Norton blog and found out I had to uninstall NIS 2012, and then reinstall. Did that and Norton is back up and running. Computer works ok.
Had a nagging feeling I missed something, so I shut off my computer and tried to reboot in safe mode. I get the “blue screen”. I can start my computer, in its normal state and it all runs fine. Also have run NIS 2102, with updates and Norton power eraser. Found nothing. Reinstalled malware bytes and ran it. Said it found something and fixed it. Shut off computer, ran in safe mode, got “blue screen “again. Computer works ok in normal mode.
My concern is I still have a virus and NIS 2012 or malware bytes haven’t caught it yet.
The stop error message in the “blue screen’ is as follows:
***STOP: 0x0000007B (0Xf7918524, 0xc0000034, 0x00000000, 0x00000000)
Googled that and found how to fix STOP 0x0000007B errors.
First: Have not installed new hard drive controller.
Second: ran startup with last known good configuration
Third: used system restore --- would not work—tried various dates –still not working.
I am not very computer literate (I think my children are more than me!) But I think I have taken this as far as I can go. Any help would be appreciated.

Added recently : I ran and update on my window xp and it is up to date.

*Moderator Edit: Moved topic from XP to the more appropriate forum to find out if malware is an issue. ~ Queen-Evie*

Edited by Queen-Evie, 22 November 2012 - 09:30 AM.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 PM

Posted 22 November 2012 - 10:15 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 RichardCB

RichardCB
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 22 November 2012 - 07:08 PM

Have loaded and ran the following :

TDSSKiller :
12:20:53.0031 1816 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
12:20:53.0468 1816 ============================================================
12:20:53.0484 1816 Current date / time: 2012/11/22 12:20:53.0468
12:20:53.0484 1816 SystemInfo:
12:20:53.0484 1816
12:20:53.0484 1816 OS Version: 5.1.2600 ServicePack: 3.0
12:20:53.0484 1816 Product type: Workstation
12:20:53.0484 1816 ComputerName: SILVERBUZZ
12:20:53.0484 1816 UserName: Gary
12:20:53.0484 1816 Windows directory: C:\WINDOWS
12:20:53.0484 1816 System windows directory: C:\WINDOWS
12:20:53.0484 1816 Processor architecture: Intel x86
12:20:53.0484 1816 Number of processors: 2
12:20:53.0484 1816 Page size: 0x1000
12:20:53.0484 1816 Boot type: Normal boot
12:20:53.0484 1816 ============================================================
12:20:54.0687 1816 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:20:54.0734 1816 ============================================================
12:20:54.0734 1816 \Device\Harddisk0\DR0:
12:20:54.0734 1816 MBR partitions:
12:20:54.0734 1816 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x24D7788B
12:20:54.0734 1816 ============================================================
12:20:54.0765 1816 C: <-> \Device\Harddisk0\DR0\Partition1
12:20:54.0765 1816 ============================================================
12:20:54.0765 1816 Initialize success
12:20:54.0765 1816 ============================================================
12:21:34.0968 3928 ============================================================
12:21:34.0968 3928 Scan started
12:21:34.0968 3928 Mode: Manual; TDLFS;
12:21:34.0968 3928 ============================================================
12:21:35.0671 3928 ================ Scan services =============================
12:21:35.0750 3928 Abiosdsk - ok
12:21:35.0781 3928 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
12:21:35.0781 3928 abp480n5 - ok
12:21:35.0828 3928 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:21:35.0828 3928 ACPI - ok
12:21:35.0859 3928 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
12:21:35.0875 3928 ACPIEC - ok
12:21:35.0890 3928 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
12:21:35.0906 3928 adpu160m - ok
12:21:35.0937 3928 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:21:35.0937 3928 aec - ok
12:21:35.0968 3928 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:21:35.0984 3928 AFD - ok
12:21:36.0015 3928 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
12:21:36.0015 3928 agp440 - ok
12:21:36.0031 3928 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
12:21:36.0031 3928 agpCPQ - ok
12:21:36.0046 3928 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
12:21:36.0046 3928 Aha154x - ok
12:21:36.0078 3928 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
12:21:36.0078 3928 aic78u2 - ok
12:21:36.0093 3928 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
12:21:36.0093 3928 aic78xx - ok
12:21:36.0125 3928 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:21:36.0125 3928 Alerter - ok
12:21:36.0156 3928 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
12:21:36.0156 3928 ALG - ok
12:21:36.0187 3928 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
12:21:36.0187 3928 AliIde - ok
12:21:36.0203 3928 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
12:21:36.0203 3928 alim1541 - ok
12:21:36.0218 3928 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
12:21:36.0218 3928 amdagp - ok
12:21:36.0234 3928 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
12:21:36.0234 3928 amsint - ok
12:21:36.0296 3928 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:21:36.0312 3928 Apple Mobile Device - ok
12:21:36.0312 3928 AppMgmt - ok
12:21:36.0328 3928 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
12:21:36.0328 3928 asc - ok
12:21:36.0359 3928 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
12:21:36.0359 3928 asc3350p - ok
12:21:36.0375 3928 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
12:21:36.0375 3928 asc3550 - ok
12:21:36.0484 3928 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:21:36.0515 3928 aspnet_state - ok
12:21:36.0562 3928 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:21:36.0562 3928 AsyncMac - ok
12:21:36.0593 3928 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:21:36.0593 3928 atapi - ok
12:21:36.0609 3928 Atdisk - ok
12:21:36.0625 3928 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:21:36.0625 3928 Atmarpc - ok
12:21:36.0656 3928 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:21:36.0671 3928 AudioSrv - ok
12:21:36.0687 3928 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:21:36.0687 3928 audstub - ok
12:21:36.0734 3928 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:21:36.0734 3928 Beep - ok
12:21:36.0906 3928 [ 9DFFCB249663AA3C2ECB67202280054E ] BHDrvx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\BASHDefs\20121106.001\BHDrvx86.sys
12:21:36.0921 3928 BHDrvx86 - ok
12:21:36.0968 3928 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
12:21:37.0000 3928 BITS - ok
12:21:37.0062 3928 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:21:37.0078 3928 Bonjour Service - ok
12:21:37.0140 3928 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
12:21:37.0140 3928 Browser - ok
12:21:37.0171 3928 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
12:21:37.0171 3928 cbidf - ok
12:21:37.0171 3928 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:21:37.0171 3928 cbidf2k - ok
12:21:37.0203 3928 [ A9ACC4B9730B6D5B0BB2BFFDC53F0812 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe
12:21:37.0218 3928 CCALib8 - ok
12:21:37.0234 3928 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:21:37.0234 3928 CCDECODE - ok
12:21:37.0296 3928 [ 1277AD8F053CC60C17CAFAB411F3CF40 ] ccSet_NIS C:\WINDOWS\system32\drivers\NIS\1402000.013\ccSetx86.sys
12:21:37.0312 3928 ccSet_NIS - ok
12:21:37.0343 3928 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
12:21:37.0343 3928 cd20xrnt - ok
12:21:37.0375 3928 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:21:37.0375 3928 Cdaudio - ok
12:21:37.0421 3928 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:21:37.0421 3928 Cdfs - ok
12:21:37.0468 3928 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:21:37.0468 3928 Cdrom - ok
12:21:37.0468 3928 Changer - ok
12:21:37.0515 3928 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:21:37.0515 3928 CiSvc - ok
12:21:37.0546 3928 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:21:37.0546 3928 ClipSrv - ok
12:21:37.0593 3928 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:21:37.0718 3928 clr_optimization_v2.0.50727_32 - ok
12:21:37.0781 3928 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:21:37.0781 3928 clr_optimization_v4.0.30319_32 - ok
12:21:37.0796 3928 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
12:21:37.0796 3928 CmdIde - ok
12:21:37.0812 3928 COMSysApp - ok
12:21:37.0843 3928 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
12:21:37.0843 3928 Cpqarray - ok
12:21:37.0859 3928 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:21:37.0859 3928 CryptSvc - ok
12:21:37.0890 3928 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
12:21:37.0890 3928 dac2w2k - ok
12:21:37.0906 3928 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
12:21:37.0906 3928 dac960nt - ok
12:21:37.0953 3928 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:21:37.0953 3928 DcomLaunch - ok
12:21:37.0984 3928 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:21:37.0984 3928 Dhcp - ok
12:21:38.0015 3928 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:21:38.0015 3928 Disk - ok
12:21:38.0062 3928 [ 0659E6E0A95564F958D9DF7313F7701E ] DLABMFSM C:\WINDOWS\system32\DLA\DLABMFSM.SYS
12:21:38.0062 3928 DLABMFSM - ok
12:21:38.0078 3928 [ 8691C78908F0BD66170669DB268369F2 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
12:21:38.0078 3928 DLABOIOM - ok
12:21:38.0078 3928 [ 76167B5EB2DFFC729EDC36386876B40B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
12:21:38.0078 3928 DLACDBHM - ok
12:21:38.0093 3928 [ 5615744A1056933B90E6AC54FEB86F35 ] DLADResM C:\WINDOWS\system32\DLA\DLADResM.SYS
12:21:38.0093 3928 DLADResM - ok
12:21:38.0093 3928 [ 1AECA2AFA5005CE4A550CF8EB55A8C88 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
12:21:38.0093 3928 DLAIFS_M - ok
12:21:38.0093 3928 [ 840E7F6ABB885C72B9FFDDB022EF5B6D ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
12:21:38.0109 3928 DLAOPIOM - ok
12:21:38.0109 3928 [ 0294D18731AC05DA80132CE88F8A876B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
12:21:38.0109 3928 DLAPoolM - ok
12:21:38.0109 3928 [ 91886FED52A3F9966207BCE46CFD794F ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
12:21:38.0109 3928 DLARTL_M - ok
12:21:38.0125 3928 [ CCA4E121D599D7D1706A30F603731E59 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
12:21:38.0125 3928 DLAUDFAM - ok
12:21:38.0125 3928 [ 7DAB85C33135DF24419951DA4E7D38E5 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
12:21:38.0140 3928 DLAUDF_M - ok
12:21:38.0156 3928 [ 37B339FBAC80633CEA47D58A643A7C67 ] dldfCATSCustConnectService C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dldfserv.exe
12:21:38.0156 3928 dldfCATSCustConnectService - ok
12:21:38.0156 3928 dldf_device - ok
12:21:38.0171 3928 dmadmin - ok
12:21:38.0203 3928 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:21:38.0218 3928 dmboot - ok
12:21:38.0234 3928 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:21:38.0234 3928 dmio - ok
12:21:38.0281 3928 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:21:38.0281 3928 dmload - ok
12:21:38.0312 3928 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:21:38.0312 3928 dmserver - ok
12:21:38.0343 3928 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:21:38.0343 3928 DMusic - ok
12:21:38.0375 3928 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:21:38.0375 3928 Dnscache - ok
12:21:38.0406 3928 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:21:38.0406 3928 Dot3svc - ok
12:21:38.0437 3928 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
12:21:38.0437 3928 dpti2o - ok
12:21:38.0437 3928 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:21:38.0437 3928 drmkaud - ok
12:21:38.0453 3928 [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
12:21:38.0453 3928 DRVMCDB - ok
12:21:38.0484 3928 [ 6E6AB29D3C06E64CE81FEACDA85394B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
12:21:38.0484 3928 DRVNDDM - ok
12:21:38.0500 3928 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
12:21:38.0515 3928 E100B - ok
12:21:38.0531 3928 [ 34AAA3B298A852B3663E6E0D94D12945 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys
12:21:38.0546 3928 e1express - ok
12:21:38.0562 3928 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:21:38.0562 3928 EapHost - ok
12:21:38.0640 3928 [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
12:21:38.0640 3928 eeCtrl - ok
12:21:38.0671 3928 [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
12:21:38.0687 3928 EraserUtilRebootDrv - ok
12:21:38.0703 3928 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:21:38.0703 3928 ERSvc - ok
12:21:38.0734 3928 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
12:21:38.0734 3928 Eventlog - ok
12:21:38.0765 3928 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
12:21:38.0765 3928 EventSystem - ok
12:21:38.0796 3928 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:21:38.0796 3928 Fastfat - ok
12:21:38.0843 3928 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:21:38.0843 3928 FastUserSwitchingCompatibility - ok
12:21:38.0875 3928 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:21:38.0890 3928 Fax - ok
12:21:38.0906 3928 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
12:21:38.0906 3928 Fdc - ok
12:21:38.0921 3928 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:21:38.0921 3928 Fips - ok
12:21:38.0937 3928 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:21:38.0937 3928 Flpydisk - ok
12:21:38.0968 3928 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:21:38.0968 3928 FltMgr - ok
12:21:39.0031 3928 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:21:39.0031 3928 FontCache3.0.0.0 - ok
12:21:39.0062 3928 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:21:39.0062 3928 Fs_Rec - ok
12:21:39.0062 3928 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:21:39.0078 3928 Ftdisk - ok
12:21:39.0093 3928 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:21:39.0093 3928 GEARAspiWDM - ok
12:21:39.0125 3928 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:21:39.0125 3928 Gpc - ok
12:21:39.0218 3928 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
12:21:39.0218 3928 gupdate - ok
12:21:39.0218 3928 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
12:21:39.0218 3928 gupdatem - ok
12:21:39.0234 3928 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:21:39.0234 3928 HDAudBus - ok
12:21:39.0312 3928 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:21:39.0312 3928 helpsvc - ok
12:21:39.0312 3928 HidServ - ok
12:21:39.0328 3928 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:21:39.0328 3928 HidUsb - ok
12:21:39.0375 3928 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:21:39.0375 3928 hkmsvc - ok
12:21:39.0406 3928 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
12:21:39.0406 3928 hpn - ok
12:21:39.0421 3928 [ 77E4FF0B73BC0AEAAF39BF0C8104231F ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
12:21:39.0421 3928 HSFHWBS2 - ok
12:21:39.0484 3928 [ 60E1604729A15EF4A3B05F298427B3B1 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
12:21:39.0500 3928 HSF_DP - ok
12:21:39.0531 3928 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:21:39.0546 3928 HTTP - ok
12:21:39.0562 3928 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:21:39.0562 3928 HTTPFilter - ok
12:21:39.0593 3928 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
12:21:39.0593 3928 i2omgmt - ok
12:21:39.0609 3928 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
12:21:39.0609 3928 i2omp - ok
12:21:39.0625 3928 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:21:39.0625 3928 i8042prt - ok
12:21:39.0796 3928 [ 28423512370705AEDA6A652FEDB25468 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:21:39.0890 3928 ialm - ok
12:21:39.0937 3928 [ 997E8F5939F2D12CD9F2E6B395724C16 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
12:21:39.0937 3928 iaStor - ok
12:21:40.0000 3928 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
12:21:40.0000 3928 IDriverT - ok
12:21:40.0109 3928 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:21:40.0125 3928 idsvc - ok
12:21:40.0234 3928 [ C19BF2A07BE972A110220DF6B1E89D14 ] IDSxpx86 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\IPSDefs\20121121.001\IDSxpx86.sys
12:21:40.0234 3928 IDSxpx86 - ok
12:21:40.0265 3928 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:21:40.0265 3928 Imapi - ok
12:21:40.0296 3928 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:21:40.0296 3928 ImapiService - ok
12:21:40.0312 3928 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
12:21:40.0312 3928 ini910u - ok
12:21:40.0437 3928 [ 17BBBABB21F86B650B2626045A9D016C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:21:40.0500 3928 IntcAzAudAddService - ok
12:21:40.0515 3928 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
12:21:40.0515 3928 IntelIde - ok
12:21:40.0562 3928 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:21:40.0562 3928 intelppm - ok
12:21:40.0578 3928 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
12:21:40.0578 3928 Ip6Fw - ok
12:21:40.0625 3928 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:21:40.0625 3928 IpFilterDriver - ok
12:21:40.0640 3928 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:21:40.0640 3928 IpInIp - ok
12:21:40.0656 3928 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:21:40.0656 3928 IpNat - ok
12:21:40.0703 3928 [ BC0EA61246F8D940FBC5F652D337D6BD ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:21:40.0703 3928 iPod Service - ok
12:21:40.0734 3928 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:21:40.0734 3928 IPSec - ok
12:21:40.0750 3928 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:21:40.0750 3928 IRENUM - ok
12:21:40.0765 3928 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:21:40.0781 3928 isapnp - ok
12:21:40.0843 3928 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
12:21:40.0843 3928 JavaQuickStarterService - ok
12:21:40.0875 3928 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:21:40.0875 3928 Kbdclass - ok
12:21:40.0906 3928 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:21:40.0906 3928 kbdhid - ok
12:21:40.0921 3928 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:21:40.0921 3928 kmixer - ok
12:21:40.0953 3928 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:21:40.0953 3928 KSecDD - ok
12:21:40.0968 3928 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
12:21:40.0984 3928 lanmanserver - ok
12:21:41.0031 3928 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:21:41.0031 3928 lanmanworkstation - ok
12:21:41.0046 3928 lbrtfdc - ok
12:21:41.0062 3928 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:21:41.0062 3928 LmHosts - ok
12:21:41.0062 3928 mbamchameleon - ok
12:21:41.0093 3928 [ EEAEA6514BA7C9D273B5E87C4E1AAB30 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
12:21:41.0093 3928 mdmxsdk - ok
12:21:41.0109 3928 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:21:41.0109 3928 Messenger - ok
12:21:41.0125 3928 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:21:41.0125 3928 mnmdd - ok
12:21:41.0156 3928 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:21:41.0156 3928 mnmsrvc - ok
12:21:41.0187 3928 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:21:41.0187 3928 Modem - ok
12:21:41.0203 3928 [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
12:21:41.0203 3928 MODEMCSA - ok
12:21:41.0203 3928 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:21:41.0203 3928 Mouclass - ok
12:21:41.0250 3928 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:21:41.0250 3928 mouhid - ok
12:21:41.0250 3928 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:21:41.0265 3928 MountMgr - ok
12:21:41.0296 3928 [ 1AAE79A4176A957BF2BB679812F04655 ] MR97310_USB_DUAL_CAMERA C:\WINDOWS\system32\DRIVERS\mr97310c.sys
12:21:41.0296 3928 MR97310_USB_DUAL_CAMERA - ok
12:21:41.0328 3928 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
12:21:41.0328 3928 mraid35x - ok
12:21:41.0343 3928 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:21:41.0343 3928 MRxDAV - ok
12:21:41.0375 3928 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:21:41.0390 3928 MRxSmb - ok
12:21:41.0421 3928 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:21:41.0421 3928 MSDTC - ok
12:21:41.0437 3928 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:21:41.0437 3928 Msfs - ok
12:21:41.0437 3928 MSIServer - ok
12:21:41.0468 3928 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:21:41.0468 3928 MSKSSRV - ok
12:21:41.0484 3928 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:21:41.0484 3928 MSPCLOCK - ok
12:21:41.0515 3928 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:21:41.0515 3928 MSPQM - ok
12:21:41.0546 3928 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:21:41.0562 3928 mssmbios - ok
12:21:41.0593 3928 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:21:41.0593 3928 MSTEE - ok
12:21:41.0625 3928 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:21:41.0625 3928 Mup - ok
12:21:41.0656 3928 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:21:41.0656 3928 NABTSFEC - ok
12:21:41.0687 3928 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:21:41.0703 3928 napagent - ok
12:21:41.0796 3928 [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121121.023\NAVENG.SYS
12:21:41.0796 3928 NAVENG - ok
12:21:41.0859 3928 [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15 C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.2.0.19\Definitions\VirusDefs\20121121.023\NAVEX15.SYS
12:21:41.0875 3928 NAVEX15 - ok
12:21:41.0921 3928 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:21:41.0921 3928 NDIS - ok
12:21:41.0953 3928 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:21:41.0953 3928 NdisIP - ok
12:21:41.0984 3928 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:21:41.0984 3928 NdisTapi - ok
12:21:42.0000 3928 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:21:42.0000 3928 Ndisuio - ok
12:21:42.0000 3928 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:21:42.0000 3928 NdisWan - ok
12:21:42.0031 3928 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:21:42.0031 3928 NDProxy - ok
12:21:42.0046 3928 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:21:42.0046 3928 NetBIOS - ok
12:21:42.0062 3928 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:21:42.0062 3928 NetBT - ok
12:21:42.0078 3928 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
12:21:42.0078 3928 NetDDE - ok
12:21:42.0078 3928 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:21:42.0093 3928 NetDDEdsdm - ok
12:21:42.0109 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:21:42.0109 3928 Netlogon - ok
12:21:42.0140 3928 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
12:21:42.0156 3928 Netman - ok
12:21:42.0156 3928 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:21:42.0156 3928 NetTcpPortSharing - ok
12:21:42.0218 3928 [ 4A9258B9597A31DB68EC9740F3A8A70B ] NIS C:\Program Files\Norton Internet Security\Engine\20.2.0.19\ccSvcHst.exe
12:21:42.0218 3928 NIS - ok
12:21:42.0234 3928 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
12:21:42.0250 3928 Nla - ok
12:21:42.0390 3928 Norton PC Checkup Application Launcher - ok
12:21:42.0406 3928 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:21:42.0406 3928 Npfs - ok
12:21:42.0453 3928 [ 18654D5E0DC33B7F0F895264A5DE80DA ] NSL C:\Program Files\Norton Safe Web Lite\Engine\1.2.0.6\ccSvcHst.exe
12:21:42.0453 3928 NSL - ok
12:21:42.0468 3928 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:21:42.0484 3928 Ntfs - ok
12:21:42.0484 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:21:42.0484 3928 NtLmSsp - ok
12:21:42.0515 3928 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:21:42.0515 3928 NtmsSvc - ok
12:21:42.0531 3928 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:21:42.0531 3928 Null - ok
12:21:42.0609 3928 [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
12:21:42.0640 3928 nv - ok
12:21:42.0640 3928 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:21:42.0640 3928 NwlnkFlt - ok
12:21:42.0687 3928 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:21:42.0687 3928 NwlnkFwd - ok
12:21:42.0781 3928 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:21:42.0828 3928 odserv - ok
12:21:42.0859 3928 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:21:42.0859 3928 ose - ok
12:21:42.0890 3928 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
12:21:42.0890 3928 Parport - ok
12:21:42.0890 3928 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:21:42.0890 3928 PartMgr - ok
12:21:42.0921 3928 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:21:42.0937 3928 ParVdm - ok
12:21:42.0953 3928 [ 2F86BE1818C2D7AC90478E3323EE7FCB ] PCCUJobMgr C:\Program Files\Norton PC Checkup\Engine\2.0.8.13\ccSvcHst.exe
12:21:42.0968 3928 PCCUJobMgr - ok
12:21:42.0968 3928 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:21:42.0968 3928 PCI - ok
12:21:42.0968 3928 PCIDump - ok
12:21:42.0984 3928 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:21:42.0984 3928 PCIIde - ok
12:21:43.0000 3928 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:21:43.0000 3928 Pcmcia - ok
12:21:43.0015 3928 PDCOMP - ok
12:21:43.0015 3928 PDFRAME - ok
12:21:43.0015 3928 PDRELI - ok
12:21:43.0031 3928 PDRFRAME - ok
12:21:43.0046 3928 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
12:21:43.0046 3928 perc2 - ok
12:21:43.0062 3928 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
12:21:43.0062 3928 perc2hib - ok
12:21:43.0093 3928 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
12:21:43.0093 3928 PlugPlay - ok
12:21:43.0109 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:21:43.0109 3928 PolicyAgent - ok
12:21:43.0125 3928 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:21:43.0125 3928 PptpMiniport - ok
12:21:43.0125 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:21:43.0125 3928 ProtectedStorage - ok
12:21:43.0171 3928 [ 64E413BA0C529AA40C3924BBCC4153DB ] ProtexisLicensing C:\WINDOWS\system32\PSIService.exe
12:21:43.0187 3928 ProtexisLicensing - ok
12:21:43.0187 3928 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:21:43.0187 3928 PSched - ok
12:21:43.0187 3928 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:21:43.0203 3928 Ptilink - ok
12:21:43.0234 3928 [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
12:21:43.0234 3928 PxHelp20 - ok
12:21:43.0234 3928 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
12:21:43.0234 3928 ql1080 - ok
12:21:43.0250 3928 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
12:21:43.0250 3928 Ql10wnt - ok
12:21:43.0281 3928 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
12:21:43.0281 3928 ql12160 - ok
12:21:43.0296 3928 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
12:21:43.0312 3928 ql1240 - ok
12:21:43.0343 3928 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
12:21:43.0343 3928 ql1280 - ok
12:21:43.0375 3928 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:21:43.0375 3928 RasAcd - ok
12:21:43.0406 3928 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:21:43.0406 3928 RasAuto - ok
12:21:43.0437 3928 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:21:43.0437 3928 Rasl2tp - ok
12:21:43.0468 3928 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:21:43.0484 3928 RasMan - ok
12:21:43.0484 3928 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:21:43.0484 3928 RasPppoe - ok
12:21:43.0500 3928 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:21:43.0500 3928 Raspti - ok
12:21:43.0515 3928 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:21:43.0515 3928 Rdbss - ok
12:21:43.0546 3928 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:21:43.0546 3928 RDPCDD - ok
12:21:43.0593 3928 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:21:43.0593 3928 rdpdr - ok
12:21:43.0640 3928 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:21:43.0640 3928 RDPWD - ok
12:21:43.0656 3928 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:21:43.0671 3928 RDSessMgr - ok
12:21:43.0687 3928 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:21:43.0687 3928 redbook - ok
12:21:43.0734 3928 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:21:43.0734 3928 RemoteAccess - ok
12:21:43.0812 3928 [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
12:21:43.0828 3928 RoxMediaDB9 - ok
12:21:43.0859 3928 [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
12:21:43.0875 3928 RoxWatch9 - ok
12:21:43.0906 3928 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
12:21:43.0921 3928 RpcLocator - ok
12:21:43.0937 3928 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:21:43.0953 3928 RpcSs - ok
12:21:43.0984 3928 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:21:44.0000 3928 RSVP - ok
12:21:44.0031 3928 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
12:21:44.0046 3928 SamSs - ok
12:21:44.0062 3928 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:21:44.0078 3928 SCardSvr - ok
12:21:44.0093 3928 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:21:44.0109 3928 Schedule - ok
12:21:44.0140 3928 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:21:44.0140 3928 Secdrv - ok
12:21:44.0171 3928 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:21:44.0171 3928 seclogon - ok
12:21:44.0203 3928 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
12:21:44.0203 3928 SENS - ok
12:21:44.0250 3928 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
12:21:44.0250 3928 serenum - ok
12:21:44.0265 3928 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
12:21:44.0281 3928 Serial - ok
12:21:44.0296 3928 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:21:44.0296 3928 Sfloppy - ok
12:21:44.0328 3928 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:21:44.0343 3928 SharedAccess - ok
12:21:44.0359 3928 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:21:44.0359 3928 ShellHWDetection - ok
12:21:44.0359 3928 Simbad - ok
12:21:44.0390 3928 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
12:21:44.0390 3928 sisagp - ok
12:21:44.0421 3928 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:21:44.0421 3928 SLIP - ok
12:21:44.0453 3928 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
12:21:44.0453 3928 Sparrow - ok
12:21:44.0484 3928 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:21:44.0484 3928 splitter - ok
12:21:44.0500 3928 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:21:44.0500 3928 Spooler - ok
12:21:44.0515 3928 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:21:44.0515 3928 sr - ok
12:21:44.0531 3928 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
12:21:44.0531 3928 srservice - ok
12:21:44.0640 3928 [ 26C1B59C80FEF94B025DF5C3C1B791A7 ] SRTSP C:\WINDOWS\system32\drivers\NIS\1402000.013\SRTSP.SYS
12:21:44.0640 3928 SRTSP - ok
12:21:44.0656 3928 [ 21AC3AE81E8263061624C4ED3B11509A ] SRTSPX C:\WINDOWS\system32\drivers\NIS\1402000.013\SRTSPX.SYS
12:21:44.0656 3928 SRTSPX - ok
12:21:44.0671 3928 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:21:44.0687 3928 Srv - ok
12:21:44.0687 3928 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:21:44.0687 3928 SSDPSRV - ok
12:21:44.0718 3928 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:21:44.0734 3928 stisvc - ok
12:21:44.0765 3928 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
12:21:44.0765 3928 stllssvr - ok
12:21:44.0796 3928 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:21:44.0796 3928 streamip - ok
12:21:44.0843 3928 [ 78B58486A5CB4F418D06EA2D6E961DB0 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
12:21:44.0843 3928 SupportSoft RemoteAssist - ok
12:21:44.0859 3928 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:21:44.0875 3928 swenum - ok
12:21:44.0906 3928 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:21:44.0906 3928 swmidi - ok
12:21:44.0906 3928 SwPrv - ok
12:21:44.0984 3928 [ 267C914667C94E5F47D342311C1C577F ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
12:21:44.0984 3928 Symantec RemoteAssist - ok
12:21:45.0031 3928 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
12:21:45.0031 3928 symc810 - ok
12:21:45.0062 3928 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
12:21:45.0062 3928 symc8xx - ok
12:21:45.0125 3928 [ FB69A67FEEE3026C7F99774A1C405326 ] SymDS C:\WINDOWS\system32\drivers\NIS\1402000.013\SYMDS.SYS
12:21:45.0140 3928 SymDS - ok
12:21:45.0234 3928 [ 28C5FAFA7FD1C522B8DCD59694D39412 ] SymEFA C:\WINDOWS\system32\drivers\NIS\1402000.013\SYMEFA.SYS
12:21:45.0250 3928 SymEFA - ok
12:21:45.0296 3928 [ C940F10C31E2C60CC967FFD6A370720C ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
12:21:45.0296 3928 SymEvent - ok
12:21:45.0343 3928 [ 8C9B9036E301A9965CF15BEC91C58A12 ] SymIRON C:\WINDOWS\system32\drivers\NIS\1402000.013\Ironx86.SYS
12:21:45.0343 3928 SymIRON - ok
12:21:45.0359 3928 [ EC979002EBA25C9D109B2FE0E03457DA ] SYMTDI C:\WINDOWS\system32\drivers\NIS\1402000.013\SYMTDI.SYS
12:21:45.0375 3928 SYMTDI - ok
12:21:45.0406 3928 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
12:21:45.0406 3928 sym_hi - ok
12:21:45.0406 3928 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
12:21:45.0421 3928 sym_u3 - ok
12:21:45.0437 3928 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:21:45.0437 3928 sysaudio - ok
12:21:45.0484 3928 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:21:45.0484 3928 SysmonLog - ok
12:21:45.0500 3928 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:21:45.0515 3928 TapiSrv - ok
12:21:45.0531 3928 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:21:45.0531 3928 Tcpip - ok
12:21:45.0609 3928 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:21:45.0640 3928 TDPIPE - ok
12:21:45.0656 3928 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:21:45.0671 3928 TDTCP - ok
12:21:45.0687 3928 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:21:45.0703 3928 TermDD - ok
12:21:45.0781 3928 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
12:21:45.0812 3928 TermService - ok
12:21:45.0843 3928 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
12:21:45.0859 3928 Themes - ok
12:21:45.0875 3928 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
12:21:45.0890 3928 TosIde - ok
12:21:45.0921 3928 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:21:45.0937 3928 TrkWks - ok
12:21:45.0953 3928 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:21:45.0968 3928 Udfs - ok
12:21:45.0984 3928 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
12:21:46.0000 3928 ultra - ok
12:21:46.0078 3928 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:21:46.0109 3928 Update - ok
12:21:46.0234 3928 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:21:46.0234 3928 upnphost - ok
12:21:46.0265 3928 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
12:21:46.0281 3928 UPS - ok
12:21:46.0328 3928 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
12:21:46.0328 3928 USBAAPL - ok
12:21:46.0375 3928 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:21:46.0406 3928 usbccgp - ok
12:21:46.0437 3928 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:21:46.0484 3928 usbehci - ok
12:21:46.0515 3928 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:21:46.0531 3928 usbhub - ok
12:21:46.0546 3928 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:21:46.0562 3928 usbprint - ok
12:21:46.0562 3928 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:21:46.0578 3928 usbscan - ok
12:21:46.0593 3928 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:21:46.0609 3928 USBSTOR - ok
12:21:46.0609 3928 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:21:46.0625 3928 usbuhci - ok
12:21:46.0640 3928 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:21:46.0656 3928 VgaSave - ok
12:21:46.0671 3928 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
12:21:46.0687 3928 viaagp - ok
12:21:46.0703 3928 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
12:21:46.0718 3928 ViaIde - ok
12:21:46.0750 3928 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:21:46.0765 3928 VolSnap - ok
12:21:46.0843 3928 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
12:21:46.0859 3928 VSS - ok
12:21:46.0890 3928 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
12:21:46.0890 3928 w32time - ok
12:21:46.0937 3928 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:21:46.0937 3928 Wanarp - ok
12:21:46.0937 3928 WDICA - ok
12:21:46.0968 3928 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:21:46.0968 3928 wdmaud - ok
12:21:47.0000 3928 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:21:47.0000 3928 WebClient - ok
12:21:47.0046 3928 [ F59ED5A43B988A18EF582BB07B2327A7 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
12:21:47.0078 3928 winachsf - ok
12:21:47.0156 3928 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:21:47.0171 3928 winmgmt - ok
12:21:47.0203 3928 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:21:47.0203 3928 WmdmPmSN - ok
12:21:47.0218 3928 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:21:47.0218 3928 WmiApSrv - ok
12:21:47.0312 3928 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:21:47.0328 3928 WMPNetworkSvc - ok
12:21:47.0421 3928 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:21:47.0437 3928 WPFFontCache_v0400 - ok
12:21:47.0468 3928 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:21:47.0484 3928 wscsvc - ok
12:21:47.0515 3928 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:21:47.0515 3928 WSTCODEC - ok
12:21:47.0546 3928 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:21:47.0562 3928 wuauserv - ok
12:21:47.0593 3928 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:21:47.0593 3928 WudfPf - ok
12:21:47.0625 3928 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:21:47.0640 3928 WudfSvc - ok
12:21:47.0687 3928 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:21:47.0703 3928 WZCSVC - ok
12:21:47.0750 3928 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:21:47.0750 3928 xmlprov - ok
12:21:47.0750 3928 ================ Scan global ===============================
12:21:47.0796 3928 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:21:47.0828 3928 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:21:47.0828 3928 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:21:47.0859 3928 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:21:47.0859 3928 [Global] - ok
12:21:47.0859 3928 ================ Scan MBR ==================================
12:21:47.0906 3928 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
12:21:48.0343 3928 \Device\Harddisk0\DR0 - ok
12:21:48.0343 3928 ================ Scan VBR ==================================
12:21:48.0343 3928 [ 04B2AD9EFA4AF1FDD3C686CB6FBC6B02 ] \Device\Harddisk0\DR0\Partition1
12:21:48.0359 3928 \Device\Harddisk0\DR0\Partition1 - ok
12:21:48.0359 3928 ============================================================
12:21:48.0359 3928 Scan finished
12:21:48.0359 3928 ============================================================
12:21:48.0359 2792 Detected object count: 0
12:21:48.0359 2792 Actual detected object count: 0

Ran aswMBR :
aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2012-11-22 18:24:28
-----------------------------
18:24:28.953 OS Version: Windows 5.1.2600 Service Pack 3
18:24:28.953 Number of processors: 2 586 0xF0D
18:24:28.953 ComputerName: SILVERBUZZ UserName: Gary
18:24:30.796 Initialize success
18:27:11.015 AVAST engine defs: 12112201
18:27:22.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
18:27:22.046 Disk 0 Vendor: SAMSUNG_HD321KJ CP100-12 Size: 305245MB BusType: 3
18:27:22.078 Disk 0 MBR read successfully
18:27:22.078 Disk 0 MBR scan
18:27:22.140 Disk 0 unknown MBR code
18:27:22.140 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 47 MB offset 63
18:27:22.156 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 301807 MB offset 96390
18:27:22.187 Disk 0 Partition 3 00 DB CP/M / CTOS Dell 8.0 3380 MB offset 618213330
18:27:22.187 Disk 0 scanning sectors +625137345
18:27:22.296 Disk 0 scanning C:\WINDOWS\system32\drivers
18:27:35.765 Service scanning
18:27:51.625 Modules scanning
18:27:59.359 Disk 0 trace - called modules:
18:27:59.375 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
18:27:59.375 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x873d3ab8]
18:27:59.375 3 CLASSPNP.SYS[f75b3fd7] -> nt!IofCallDriver -> \Device\00000069[0x873cb258]
18:27:59.390 5 ACPI.sys[f744a620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x87377d98]
18:27:59.984 AVAST engine scan C:\WINDOWS
18:28:08.546 AVAST engine scan C:\WINDOWS\system32
18:30:56.343 AVAST engine scan C:\WINDOWS\system32\drivers
18:31:18.015 AVAST engine scan C:\Documents and Settings\Gary
18:52:04.937 AVAST engine scan C:\Documents and Settings\All Users
18:54:53.921 Scan finished successfully
19:02:02.343 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Gary\Desktop\MBR.dat"
19:02:02.343 The log file has been saved successfully to "C:\Documents and Settings\Gary\Desktop\aswMBR.txt"


Ran ESET :
C:\WINDOWS\Imgtask.exe Win32/AutoRun.AEU worm cleaned by deleting - quarantined

Hope this is what you are looking for.

Thanks for your help !!

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 PM

Posted 22 November 2012 - 11:20 PM

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 RichardCB

RichardCB
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 23 November 2012 - 04:55 PM

Rkill:

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/23/2012 04:47:29 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\PSIService.exe (PID: 1136) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost


Autoruns.txt:

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Alcmtr" "Realtek Azalia Audio - Event Monitor" "Realtek Semiconductor Corp." "c:\windows\alcmtr.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "Dell AIO Printer 948 Fax Server" "Fax Man Server" "" "c:\program files\dell aio printer 948\fm3032.exe"
+ "dldfmon.exe" "Printer Device Monitor" "" "c:\program files\dell aio printer 948\dldfmon.exe"
+ "dscactivate" " " " " "c:\program files\dell support center\gs_agent\custom\dsca.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "ISUSPM Startup" "Macrovision FLEXnet Connect Software Manager" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "ISUSScheduler" "Macrovision FLEXnet Connect Scheduler" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "MemoryCardManager" "Memory Card Manager Executable" "" "c:\program files\dell aio printer 948\memcard.exe"
+ "PDVDDXSrv" "CyberLink PowerCinema Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RoxioDragToDisc" "Drag To Disc Application" "Roxio" "c:\program files\roxio\drag-to-disc\drgtodsc.exe"
+ "RoxWatchTray" "RoxMMTrayApp Module" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe"
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "Digital Line Detect.lnk" "Digital Line Detection" "BVRP Software" "c:\program files\digital line detect\dlg.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MSMSGS" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
+ "Road Runner PhotoShow Media Manager" "" "" "File not found: C:\PROGRA~1\ROADRU~1\PHOTOS~1\data\Xtras\mssysmgr.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\navshext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CBrowserHelperObject Object" "BAE.dll" "Dell Inc." "c:\program files\dell\bae\bae.dll"
+ "Java™ Plug-In SSV Helper" "Java™ 2 Platform Standard Edition binary" "Sun Microsystems, Inc." "c:\program files\java\jre1.5.0_06\bin\ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\ips\ipsbho.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Sun Java Console" "Java™ 2 Platform Standard Edition binary" "Sun Microsystems, Inc." "c:\program files\java\jre1.5.0_06\bin\ssv.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CCALib8" "Canon Camera Access Library 8" "Canon Inc." "c:\program files\canon\cal\calmain.exe"
+ "dldf_device" "Printer Communication System" " " "c:\windows\system32\dldfcoms.exe"
+ "dldfCATSCustConnectService" "Service Executable" "" "c:\windows\system32\spool\drivers\w32x86\3\dldfserv.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NIS" "Norton Internet Security" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\ccsvchst.exe"
+ "Norton PC Checkup Application Launcher" "Provides consolidated application launching facility" "Symantec Corporation" "c:\program files\norton pc checkup\engine\2.0.8.13\symcpcculaunchsvc.exe"
+ "NSL" "Norton Safe Web Lite" "Symantec Corporation" "c:\program files\norton safe web lite\engine\1.2.0.6\ccsvchst.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "PCCUJobMgr" "Job Manager service for common client services" "Symantec Corporation" "c:\program files\norton pc checkup\engine\2.0.8.13\ccsvchst.exe"
+ "ProtexisLicensing" "Protexis Licensing Service" "" "c:\windows\system32\psiservice.exe"
+ "RoxMediaDB9" "Roxio RoxMediaDB9 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"
+ "RoxWatch9" "RoxSniffer9 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "SupportSoft RemoteAssist" "ssrc Module" "SupportSoft, Inc." "c:\program files\common files\supportsoft\bin\ssrc.exe"
+ "Symantec RemoteAssist" "ssrc Module" "Symantec, Inc." "c:\program files\common files\symantec shared\support controls\ssrc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\bashdefs\20121106.001\bhdrvx86.sys"
+ "ccSet_NIS" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\ccsetx86.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DLABMFSM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlabmfsm.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlacdbhm.sys"
+ "DLADResM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dladresm.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlapoolm.sys"
+ "DLARTL_M" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlartl_m.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudfam.sys"
+ "DRVMCDB" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM" "Device Driver Manager" "Roxio" "c:\windows\system32\drivers\drvnddm.sys"
+ "E100B" "NDIS 5 driver" "Intel Corporation" "c:\windows\system32\drivers\e100b325.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 5.2 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e5132.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_dp.sys"
+ "HSFHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsfhwbs2.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IDSxpx86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\ipsdefs\20121122.001\idsxpx86.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "mbamchameleon" "" "" "File not found: C:\WINDOWS\system32\drivers\mbamchameleon.sys"
+ "mdmxsdk" "Diagnostic Interface DRIVER" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MR97310_USB_DUAL_CAMERA" "WDM Driver for USB Dual-Mode Camera" "Mars Semiconductor Corp." "c:\windows\system32\drivers\mr97310c.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\virusdefs\20121123.004\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\virusdefs\20121123.004\navex15.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\srtsp.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\srtspx.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\symds.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\symefa.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\ironx86.sys"
+ "SYMTDI" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\symtdi.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_cnxt.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Canon G.726 Decoder" "Canon G.726 Decoder" "Canon Inc." "c:\program files\canon\g726decoder\canong726decoder.ax"
+ "CyberLink Audio Decoder (PDVD7DX)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect (PDVD7DX)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Wizard (PDVD7DX)" "" "" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD7DX)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer (PDVD7DX)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator (PDVD7DX)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter (PDVD7DX)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor (PDVD7DX)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD7DX)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect (PDVD7DX)" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder (PDVD7DX)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Photo Story 2 Trial Source Filter" "Plus! Photo Story 2 LE" "Microsoft Corporation" "c:\program files\microsoft plus! photo story 2 le\pssf2try.dll"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "c:\program files\canon\camerawindow\camerawindowmc\pswavdes.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Sonic MPEG-4 Video Decoder" "Sonic Mpeg-4 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicm4vd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "WAV Dest Trial" "Plus! Photo Story 2 LE" "Microsoft Corporation" "c:\program files\microsoft plus! photo story 2 le\wavd2try.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Dell 948 Port" "Printer Communication System" " " "c:\windows\system32\dldflmpm.dll"
+ "Fax Dell AIO Printer 948 Port" "Print Monitor (Win2k/WinXP)" "" "c:\windows\system32\dldfpmon.dll"
+ "PDF995 Monitor" "" "" "c:\windows\system32\pdf995mon.dll"

That's it !!

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 PM

Posted 23 November 2012 - 05:06 PM

Do you still have BSOD in normal mode?

#7 RichardCB

RichardCB
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 23 November 2012 - 06:51 PM

When I start up the computer, hit F8 ,I do not get the BSOD when I go to normal mode.
I only get the BSOD when I go into safe mode.

#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 PM

Posted 23 November 2012 - 07:08 PM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.

#9 RichardCB

RichardCB
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 24 November 2012 - 06:58 AM

Malwarebytes:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.24.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Gary :: SILVERBUZZ [administrator]

11/23/2012 8:42:22 PM
mbam-log-2012-11-23 (20-42-22).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 363921
Time elapsed: 2 hour(s), 2 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

minitoolbox:

MiniToolBox by Farbar Version: 10-11-2012 02
Ran by Gary (administrator) on 24-11-2012 at 06:22:53
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"
"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Farbar service scanner :

Farbar Service Scanner Version: 09-11-2012
Ran by Gary (administrator) on 24-11-2012 at 06:26:14
Running from "C:\Documents and Settings\Gary\Local Settings\Temporary Internet Files\Content.IE5\EXCVA1PF"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) SYMTDI(10) Tcpip(3)
0x0A000000040000000100000002000000030000000A0000000900000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

adware cleaner :

# AdwCleaner v2.008 - Logfile created 11/24/2012 at 06:32:32
# Updated 17/11/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Gary - SILVERBUZZ
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Gary\Local Settings\Temporary Internet Files\Content.IE5\HFR5RN6D\adwcleaner[1].exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4260E0CC-0F75-462E-88A3-1E05C248BF4C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\Freeze.com

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0 (en-US)

Profile name : default
File : C:\Documents and Settings\Gary\Application Data\Mozilla\Firefox\Profiles\iuvj3tcp.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [1294 octets] - [24/11/2012 06:32:32]

########## EOF - C:\AdwCleaner[S2].txt - [1354 octets] ##########


My NIS 2012 will not allow me to run junkware removal tool.
All the other software you have listed has run ok with NIS 2012.

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 PM

Posted 24 November 2012 - 01:35 PM

Disable NIS and run JRT

Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#11 RichardCB

RichardCB
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 25 November 2012 - 07:25 PM

Do I have to disable both the anti-virus autoprotect and the smart firewall on NIS 2012 ??

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 PM

Posted 25 November 2012 - 08:01 PM

yes

#13 RichardCB

RichardCB
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 27 November 2012 - 04:04 PM

I disabled NIS Anti-virus auto protect and Smart wall, then ran the following programs :

Junkware Removal Tool :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 3.5.6 (11.27.2012:3)
OS: Microsoft Windows XP x86
Ran by Gary on Tue 11/27/2012 at 15:45:04.40
Blog: http://thisisudax.blogspot.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\coupons"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 11/27/2012 at 15:49:53.25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Then Rkill:
Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/27/2012 03:53:43 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* C:\WINDOWS\system32\PSIService.exe (PID: 1888) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

[HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost

Program finished at: 11/27/2012 03:54:35 PM
Execution time: 0 hours(s), 0 minute(s), and 52 seconds(s)

The Autorun:
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Alcmtr" "Realtek Azalia Audio - Event Monitor" "Realtek Semiconductor Corp." "c:\windows\alcmtr.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "Dell AIO Printer 948 Fax Server" "Fax Man Server" "" "c:\program files\dell aio printer 948\fm3032.exe"
+ "dldfmon.exe" "Printer Device Monitor" "" "c:\program files\dell aio printer 948\dldfmon.exe"
+ "dscactivate" " " " " "c:\program files\dell support center\gs_agent\custom\dsca.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\windows\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\windows\system32\igfxtray.exe"
+ "ISUSPM Startup" "Macrovision FLEXnet Connect Software Manager" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "ISUSScheduler" "Macrovision FLEXnet Connect Scheduler" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "MemoryCardManager" "Memory Card Manager Executable" "" "c:\program files\dell aio printer 948\memcard.exe"
+ "PDVDDXSrv" "CyberLink PowerCinema Resident Program" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe"
+ "Persistence" "persistence Module" "Intel Corporation" "c:\windows\system32\igfxpers.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RoxioDragToDisc" "Drag To Disc Application" "Roxio" "c:\program files\roxio\drag-to-disc\drgtodsc.exe"
+ "RoxWatchTray" "RoxMMTrayApp Module" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe"
+ "RTHDCPL" "Realtek HD Audio Control Panel" "Realtek Semiconductor Corp." "c:\windows\rthdcpl.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "Digital Line Detect.lnk" "Digital Line Detection" "BVRP Software" "c:\program files\digital line detect\dlg.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "MSMSGS" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
+ "Road Runner PhotoShow Media Manager" "" "" "File not found: C:\PROGRA~1\ROADRU~1\PHOTOS~1\data\Xtras\mssysmgr.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\navshext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\windows\system32\igfxpph.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "Symantec.Norton.Antivirus.IEContextMenu" "Symantec Shared Component Shell Extension Module" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\navshext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "CBrowserHelperObject Object" "BAE.dll" "Dell Inc." "c:\program files\dell\bae\bae.dll"
+ "Java™ Plug-In SSV Helper" "Java™ 2 Platform Standard Edition binary" "Sun Microsystems, Inc." "c:\program files\java\jre1.5.0_06\bin\ssv.dll"
+ "Norton Identity Protection" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\coieplg.dll"
+ "Norton Vulnerability Protection" "IPS Browser Helper DLL" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\ips\ipsbho.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "Norton Toolbar" "coIEPlugIn" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\coieplg.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Sun Java Console" "Java™ 2 Platform Standard Edition binary" "Sun Microsystems, Inc." "c:\program files\java\jre1.5.0_06\bin\ssv.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "AppMgmt" "Provides software installation services such as Assign, Publish, and Remove." "" "File not found: C:\WINDOWS\System32\appmgmts.dll"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "CCALib8" "Canon Camera Access Library 8" "Canon Inc." "c:\program files\canon\cal\calmain.exe"
+ "dldf_device" "Printer Communication System" " " "c:\windows\system32\dldfcoms.exe"
+ "dldfCATSCustConnectService" "Service Executable" "" "c:\windows\system32\spool\drivers\w32x86\3\dldfserv.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NIS" "Norton Internet Security" "Symantec Corporation" "c:\program files\norton internet security\engine\20.2.0.19\ccsvchst.exe"
+ "Norton PC Checkup Application Launcher" "Provides consolidated application launching facility" "Symantec Corporation" "c:\program files\norton pc checkup\engine\2.0.8.13\symcpcculaunchsvc.exe"
+ "NSL" "Norton Safe Web Lite" "Symantec Corporation" "c:\program files\norton safe web lite\engine\1.2.0.6\ccsvchst.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "PCCUJobMgr" "Job Manager service for common client services" "Symantec Corporation" "c:\program files\norton pc checkup\engine\2.0.8.13\ccsvchst.exe"
+ "ProtexisLicensing" "Protexis Licensing Service" "" "c:\windows\system32\psiservice.exe"
+ "RoxMediaDB9" "Roxio RoxMediaDB9 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"
+ "RoxWatch9" "RoxSniffer9 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "SupportSoft RemoteAssist" "ssrc Module" "SupportSoft, Inc." "c:\program files\common files\supportsoft\bin\ssrc.exe"
+ "Symantec RemoteAssist" "ssrc Module" "Symantec, Inc." "c:\program files\common files\symantec shared\support controls\ssrc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "BHDrvx86" "SONAR Engine Driver" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\bashdefs\20121106.001\bhdrvx86.sys"
+ "ccSet_NIS" "Common Client Settings Driver" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\ccsetx86.sys"
+ "Changer" "" "" "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "DLABMFSM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlabmfsm.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlacdbhm.sys"
+ "DLADResM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dladresm.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlapoolm.sys"
+ "DLARTL_M" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlartl_m.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudfam.sys"
+ "DRVMCDB" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM" "Device Driver Manager" "Roxio" "c:\windows\system32\drivers\drvnddm.sys"
+ "E100B" "NDIS 5 driver" "Intel Corporation" "c:\windows\system32\drivers\e100b325.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 5.2 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e5132.sys"
+ "eeCtrl" "Symantec Eraser Control Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eectrl.sys"
+ "EraserUtilRebootDrv" "Symantec Eraser Utility Driver" "Symantec Corporation" "c:\program files\common files\symantec shared\eengine\eraserutilrebootdrv.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HDAudBus" "High Definition Audio Bus Driver v1.0a" "Windows ® Server 2003 DDK provider" "c:\windows\system32\drivers\hdaudbus.sys"
+ "HSF_DP" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_dp.sys"
+ "HSFHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsfhwbs2.sys"
+ "ialm" "Intel Graphics Miniport Driver" "Intel Corporation" "c:\windows\system32\drivers\igxpmp32.sys"
+ "iaStor" "Intel Matrix Storage Manager driver - ia32" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IDSxpx86" "Symantec Intrusion Prevention Driver" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\ipsdefs\20121123.001\idsxpx86.sys"
+ "IntcAzAudAddService" "Realtek® High Definition Audio Function Driver" "Realtek Semiconductor Corp." "c:\windows\system32\drivers\rtkhdaud.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "mbamchameleon" "" "" "File not found: C:\WINDOWS\system32\drivers\mbamchameleon.sys"
+ "mdmxsdk" "Diagnostic Interface DRIVER" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "MR97310_USB_DUAL_CAMERA" "WDM Driver for USB Dual-Mode Camera" "Mars Semiconductor Corp." "c:\windows\system32\drivers\mr97310c.sys"
+ "NAVENG" "AV Engine" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\virusdefs\20121126.020\naveng.sys"
+ "NAVEX15" "AV Engine" "Symantec Corporation" "c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_20.2.0.19\definitions\virusdefs\20121126.020\navex15.sys"
+ "nv" "NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 " "NVIDIA Corporation" "c:\windows\system32\drivers\nv4_mini.sys"
+ "PCIDump" "" "" "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\windows\system32\drivers\ptilink.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "SRTSP" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\srtsp.sys"
+ "SRTSPX" "Symantec AutoProtect" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\srtspx.sys"
+ "SymDS" "Symantec Data Store" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\symds.sys"
+ "SymEFA" "Symantec Extended File Attributes" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\symefa.sys"
+ "SymEvent" "Symantec Event Library" "Symantec Corporation" "c:\windows\system32\drivers\symevent.sys"
+ "SymIRON" "Iron Driver" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\ironx86.sys"
+ "SYMTDI" "Network Dispatch Driver" "Symantec Corporation" "c:\windows\system32\drivers\nis\1402000.013\symtdi.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "WDICA" "" "" "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsf_cnxt.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter" "Intel Indeo® Video 4.5" "Intel Corporation" "c:\windows\system32\ir41_32.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\windows\system32\acelpdec.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Canon G.726 Decoder" "Canon G.726 Decoder" "Canon Inc." "c:\program files\canon\g726decoder\canong726decoder.ax"
+ "CyberLink Audio Decoder (PDVD7DX)" "CyberLink Audio Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claud.ax"
+ "CyberLink Audio Effect (PDVD7DX)" "CyberLink Audio Effect Filter" "CyberLink Corporation" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudfx.ax"
+ "CyberLink Audio Wizard (PDVD7DX)" "" "" "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudwizard.ax"
+ "CyberLink AudioCD Filter (PDVD7DX)" "CyberLink AudioCD Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\claudiocd.ax"
+ "CyberLink Demultiplexer (PDVD7DX)" "MPEG-2 Dempltiplexer" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\cldemuxer.ax"
+ "CyberLink DVD Navigator (PDVD7DX)" "CyberLink DVD Navigation Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clnavx.ax"
+ "CyberLink Line21 Decoder Filter (PDVD7DX)" "CyberLink Line21 Decoder Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clline21.ax"
+ "Cyberlink SubTitle Importor (PDVD7DX)" "CLSubTitle.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PDVD7DX)" "CLAuTS.ax" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clauts.ax"
+ "CyberLink Video Effect (PDVD7DX)" "CLVidFx" "CyberLink" "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvidfx.ax"
+ "CyberLink Video/SP Decoder (PDVD7DX)" "CyberLink Video/SP Filter" "CyberLink Corp." "c:\program files\cyberlink\powerdvd dx\kernel\movie\clvsd.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Indeo® audio software" "Indeo® audio software" "Intel Corporation" "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter" "Intel Indeo® video 5.10" "Intel Corporation" "c:\windows\system32\ir50_32.dll"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codecx.ax"
+ "Photo Story 2 Trial Source Filter" "Plus! Photo Story 2 LE" "Microsoft Corporation" "c:\program files\microsoft plus! photo story 2 le\pssf2try.dll"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "psWav Dest" "Canon Utilities Support Library" "Canon Inc." "c:\program files\canon\camerawindow\camerawindowmc\pswavdes.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Sonic MPEG-4 Video Decoder" "Sonic Mpeg-4 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicm4vd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "WAV Dest Trial" "Plus! Photo Story 2 LE" "Microsoft Corporation" "c:\program files\microsoft plus! photo story 2 le\wavd2try.dll"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\windows\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxdev Module" "Intel Corporation" "c:\windows\system32\igfxdev.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Dell 948 Port" "Printer Communication System" " " "c:\windows\system32\dldflmpm.dll"
+ "Fax Dell AIO Printer 948 Port" "Print Monitor (Win2k/WinXP)" "" "c:\windows\system32\dldfpmon.dll"
+ "PDF995 Monitor" "" "" "c:\windows\system32\pdf995mon.dll"


Have enabled NIS anti virus again and smart wall.

#14 RichardCB

RichardCB
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Upstate NY, USA
  • Local time:06:16 PM

Posted 27 November 2012 - 06:05 PM

I also found this link : http://pcsupport.about.com/od/findbyerrormessage/a/stop0x0000007b.htm

In it , it said to use system restore. I tried to do that, and I can not get the system to restore.

Don't know if that's any help, just thought I would add it in.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:06:16 PM

Posted 27 November 2012 - 09:25 PM

Do not try any other fixes when i'm helping you.Just inform me when you dont need my help

Download Safeboot repair

http://download.bleepingcomputer.com/sUBs/SafeBootKeyRepair.exe

Run this tool,after scan finishes,try to boot into safemode

Let me know how it goes




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users