Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

laptop keyboard dysfunctional - Alphabet repetition or unresponse!


  • This topic is locked This topic is locked
108 replies to this topic

#1 divyank

divyank

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 02 January 2013 - 11:27 AM

I have a Lenovo 3000 N100 laptop working since 2006. The keyboard has stopped responding altogether since 3 days ago. Sometimes when I press an alphabet key, it gets stuck on that and repeats endlessly. Touchpad and right/left buttons working fine. On a browser page, the find option opens automatically and the stuck letter goes on typing itself in any blank space i click on. Reboot helps at times and I have found that if I do not touch the k/b at all, and stick to the USB k/b then the problem doesn't appear. Ran spybot and HijackThis. NO FIXES CARRIED OUT BY MYSELF. Have saved the logs though.
The Motherboard was replaced in warranty due to dysfunctional LAN port. LCD replaced a year back. No other repairs ever required. Following is the DDS log. Thanks for this space!

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 6.0.2900.5512
Run by navykid at 21:33:39 on 2013-01-02
#Option MBR scan is disabled.
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.111 [GMT 5.5:30]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
C:\Documents and Settings\All Users\Application Data\DatacardService\HWDeviceService.exe
C:\Documents and Settings\All Users\Application Data\Idea Net Setter\OnlineUpdate\ouc.exe
C:\WINDOWS\system32\NLSSRV32.EXE
C:\WINDOWS\system32\PMSveH.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe
C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe
C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe
C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
C:\Program Files\IBM ThinkVantage\Common\Logger\logmon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\vsnp2std.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\Ask.com\Updater\Updater.exe
C:\Program Files\MBlaze UI\bin\App.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.lenovo.com/us/en/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.lenovo.com/us/en/
uInternet Connection Wizard,ShellNext = hxxp://www.lenovo.com/us/en/
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
uURLSearchHooks: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - <orphaned>
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Songbird Toolbar, Powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Songbird Toolbar, Powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Songbird Toolbar, Powered by Ask.com: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Google Update] "c:\documents and settings\navykid\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxhkcmd] c:\windows\system32\hkcmd.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [snp2std] c:\windows\vsnp2std.exe
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [MSConfig] c:\windows\pchealth\helpctr\binaries\MSConfig.exe /auto
uPolicies-Explorer: NoDriveTypeAutoRun = dword:32
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - LocalServer32 - <no file>
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy 2\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: Interfaces\{21B2D14D-2F2D-4B06-B4A7-B418E6D95DBE} : NameServer = 203.122.63.152,203.122.63.154
TCP: Interfaces\{2D28A4CE-69CE-41D5-A016-2CE650C0CECB} : NameServer = 10.228.1.113 8.8.8.8
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Notify: ACNotify - ACNotify.dll
Notify: igfxcui - igfxdev.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\navykid\application data\mozilla\firefox\profiles\4rfa366q.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=SGD2&o=2430&locale=en_US&apn_uid=b09f941b-48cb-4123-b2d2-c2548d3da0fb&apn_ptnrs=%5EAEK&apn_sauid=BF36FAC9-72BF-4D12-AEEC-D494BEBA6979&apn_dtid=%5EYYYYYY%5EYY%5EIN&&q=
FF - plugin: c:\documents and settings\navykid\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\navykid\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\navykid\local settings\application data\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-4-29 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-4-29 361032]
R1 PMHler;PMHler;c:\windows\system32\drivers\PMHler.sys [2005-12-22 10240]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-4-29 21256]
R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-4-29 44808]
R2 HWDeviceService.exe;HWDeviceService.exe;c:\documents and settings\all users\application data\datacardservice\hwdeviceservice.exe -/service --> c:\documents and settings\all users\application data\datacardservice\HWDeviceService.exe -/service [?]
R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-3-21 68928]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files\spybot - search & destroy 2\SDFSSvc.exe [2013-1-2 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files\spybot - search & destroy 2\SDUpdSvc.exe [2013-1-2 1369624]
R2 smi2;smi2;c:\program files\smi2\smi2.sys [2005-12-22 3968]
R2 UDisk Monitor;UDisk Monitor;c:\program files\mblaze ui\bin\MonServiceUDisk.exe [2012-5-16 512000]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\drivers\ew_jubusenum.sys [2012-11-11 73216]
R3 ztemtusbser;ZTEMT Legacy Serial Communication;c:\windows\system32\drivers\CT_ZTEMT_U_USBSER.sys [2012-5-16 105472]
S0 ANCSQ;ANCSQ;c:\windows\system32\drivers\ancsq.sys --> c:\windows\system32\drivers\ANCSQ.sys [?]
S2 Application Updater;Application Updater;"c:\program files\application updater\applicationupdater.exe" --> c:\program files\application updater\ApplicationUpdater.exe [?]
S2 ICM_UpdaterService;ICM_UpdaterService Disp;c:\program files\samsung\samsung networking wizard\icm_service.exe --> c:\program files\samsung\samsung networking wizard\ICM_Service.exe [?]
S2 Idea Net Setter. RunOuc;Idea Net Setter. OUC;c:\program files\idea net setter\updatedog\ouc.exe [2012-11-11 218624]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files\spybot - search & destroy 2\SDWSCSvc.exe [2013-1-2 168384]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\drivers\ssudbus.sys [2012-10-25 83168]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\drivers\ew_hwusbdev.sys [2012-11-11 102784]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-11-11 235392]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys --> c:\windows\system32\drivers\ewusbdev.sys [?]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\drivers\ssudmdm.sys [2012-10-25 181344]
.
=============== Created Last 30 ================
.
2013-01-02 01:39:02 -------- d-----w- c:\documents and settings\all users\application data\Spybot - Search & Destroy
2013-01-02 01:38:03 15224 ----a-w- c:\windows\system32\sdnclean.exe
2013-01-02 01:37:36 -------- d-----w- c:\program files\Spybot - Search & Destroy 2
2012-12-06 20:55:29 -------- d-----w- c:\program files\Ask.com
2012-12-06 20:55:19 -------- d-----w- c:\documents and settings\navykid\local settings\application data\AskToolbar
2012-12-06 20:53:47 -------- d-----w- c:\documents and settings\navykid\local settings\application data\APN
2012-12-06 20:37:55 -------- d-----w- c:\program files\Songbird
.
==================== Find3M ====================
.
2012-12-21 16:59:21 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-12-21 16:59:18 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll
2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-11-11 15:30:02 28672 ----a-w- c:\windows\system32\drivers\usbccid.sys
2012-11-11 15:30:01 90112 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2012-11-11 15:30:01 861696 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-11-11 15:30:01 73216 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2012-11-11 15:30:01 64384 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2012-11-11 15:30:01 26624 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2012-11-11 15:30:01 11136 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-11-11 15:30:01 102784 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2012-11-11 15:30:00 235392 ----a-w- c:\windows\system32\drivers\ewusbnet.sys
2012-11-11 15:30:00 193792 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-11-11 15:30:00 19200 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2012-11-11 15:29:59 25856 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-11-11 15:29:58 1112288 ----a-w- c:\windows\system32\wdfcoinstaller01007.dll
2012-11-11 15:29:58 1112288 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll
2012-10-31 11:33:26 81920 ----a-w- c:\windows\system32\ieencode.dll
2012-10-31 11:33:26 667136 ----a-w- c:\windows\system32\wininet.dll
2012-10-31 11:33:26 61952 ----a-w- c:\windows\system32\tdc.ocx
2012-10-31 09:52:14 369664 ----a-w- c:\windows\system32\html.iec
2012-10-30 22:51:58 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-10-30 22:51:07 41224 ----a-w- c:\windows\avastSS.scr
.
============= FINISH: 21:35:09.34 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,385 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 PM

Posted 06 January 2013 - 04:10 PM

Greetings divyank and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:


===================================================


Ground Rules:

  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me about it.
  • When you post your reply, do not use the Posted Image button but use the Posted Image button instead.
  • In the upper right hand corner of the topic you will see the Posted Image button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:

===================================================


Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. Please allow me some time to review the information you have provided. I will post back as soon as possible.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,385 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 PM

Posted 06 January 2013 - 04:34 PM

Greetings divyank,

Thank you for patiently waiting for someone to help you. I have a step for you to take but I also would like to provide some information to consider related to computer security and performance.


===================================================


Spybot S&D No Longer Recommended

--------------------

MVPS.org is no longer recommending Spybot S&D due to poor testing results. (scroll down on the web site and read under Freeware Antispyware Products)

Further, most people don't understand Spybot's TeaTimer or how to use it and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and even prevent disinfection of malware by those tools.

I strongly recommend uninstalling Spybot Search & Destroy. The presence of this program can make cleaning your computer more difficult.

Please go to Start > Control Panel > Add/Remove Programs (or Programs and Features) and delete the program.

Reboot your computer prior to the next step.


===================================================


P2P Warning

--------------------

Going over your logs I noticed that you have Bit Torrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall Bit Torrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.


===================================================


Uninstalling Ask Toolbar and/or Ask Program

--------------------

I recommend removing Ask from your computer. You may read more about why I recommend this by visiting this site.

  • Press windows key Posted Image + r on your keyboard at the same time
  • Type appwiz.cpl and press Enter
  • A list of programs installed will be displayed
  • Uninstall the following by clicking on the program(s) below and selecting Remove or Uninstall

    Ask Toolbar (or any variation of Ask)

===================================================


Looking over your log I notice you have very little available free disk space. This limitation will cause performance issues but at this point I don't believe it is related to your keyboard issue.

C: is FIXED (NTFS) - 51 GiB total, 1.927 GiB free.


===================================================


Troubleshooting Through Device Manager

----------

  • Press windows key Posted Image + r on your keyboard at the same time
  • Type devmgmt.msc and press Enter
  • Expand the Keyboards section by clicking + sign
  • Right click on the native computer Keyboard entry (not the USB keyboard), then select Delete
  • Reboot your computer and check the keyboard performance

===================================================


Things I would like to see in your next reply. :thumbsup2:

  • Any difference?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 divyank

divyank
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 06 January 2013 - 11:54 PM

Hi Gary! Thank you so much for your help. I will need some time before I go home from office and apply the instructions since i stopped using my system after posting for help here. Nonetheless things I took due note of or have tried already are:
- Will uninstall S&D Spybot ASAP
- Will uninstall Bittorrent ASAP
- Did not know how to uninstall Ask toolbar but it had hijacked my Firefox's address bar link to Google search, and NOW i know how to :clapping:
- Will buy an external HDD and remove all the personal data from my C drive and make space as I do not have other partitions
----------
- I think I already tried troubleshooting by Device Manager once. I deleted the native keyboard and rebooted so that if drivers were old or corrupted, the system would update them. However, I will try that step again. If what you suggested is different, kindly mention so in your next reply.
Thanks again!

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,385 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 PM

Posted 07 January 2013 - 09:36 AM

Greetings,

It is my pleasure to help, welcome aboard.

----------

What you previously did with the keyboard driver is exactly what I am asking you to do now. Let's try it again just for giggles so we know as of today whether or not that is an issue.

----------

Will buy an external HDD and remove all the personal data from my C drive and make space as I do not have other partitions

Before you spend the money on an external drive (unless you want to buy it anyway) you might check how much space you will really free up if you move the data. I would say you should target at least 15% free space on your hard drive (7+ GB). That is still not much room. Depending on what you are planning on doing with your laptop an alternative to an external drive would be a new laptop hard drive. Just suggestions so you don't waste your money inadvertently.

----------

Thanks for letting me know you are here and when you are able to post back we will chat again.

P.S., just in case you missed it in my first post, if it is OK with you I would prefer to call you by your real name. I am aussuming your parents didn't name you navykid! :)
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 divyank

divyank
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 08 January 2013 - 08:48 AM

Hey Gary, sorry for the delay in response. Of course you may call me divyank. Navykid is just an anagram as you probably guessed :)
So, i did go through troubleshooting by device manager again. Nothing changed after reboot. And i have had to return the usb keyboard which i had borrowed. So using the onscreen keyboard. Will check soon for your response.
Thanks,
Divyank

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,385 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 PM

Posted 08 January 2013 - 12:52 PM

Hi divyank,

I didn't realize that was your first name, sorry. :blush:

Please do this.

===================================================


DirectX Diagnostic Tool Results

--------------

  • Press the windows key Posted Image + r on your keyboard at the same time
  • Type dxdiag and press Enter
  • If you are asked if you want to check digital signatures answer Yes
  • Once the scan has been completed click Save All Information... and save it to your desktop as DxDiag.txt (should be the default name)
  • Please copy and paste that information in your reply

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • DxDiag.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 divyank

divyank
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 08 January 2013 - 02:26 PM

Hi, following is the list of things i have done so far in this order:-
1. Uninstalled spybot and rebooted
2. Uninst. BitTorrent
3. Only Songbird toolbar was powered by Ask, so removed Songbird
4. Ran troubleshooting by device manager and rebooted.
5. Ran DxDiag test and rebooted.
No change in the problem. I hear a prompt ring in the background everytime the system starts or shuts. Tested the keyboard after the last test and it first didnt respond then went completely bonkers. I typed A and L started coming up endlessly till i shut the system down.

Following is the information from the DxDiag.txt


------------------
System Information
------------------
Time of this report: 1/9/2013, 00:07:12
Machine name: DIVYANK
Operating System: Windows XP Home Edition (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.120821-1629)
Language: English (Regional Setting: English)
System Manufacturer: LENOVO
System Model: TP-61___
BIOS: Ver 1.00PARTTBL
Processor: Genuine Intel® CPU T2300 @ 1.66GHz (2 CPUs)
Memory: 502MB RAM
Page File: 245MB used, 2271MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.5512 32bit Unicode

------------
DxDiag Notes
------------
DirectX Files Tab: No problems found.
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Music Tab: No problems found.
Input Tab: No problems found.
Network Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (n/a)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (n/a)
DirectMusic: 0/5 (n/a)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)

---------------
Display Devices
---------------
Card name: Mobile Intel® 945GM Express Chipset Family
Manufacturer: Intel Corporation
Chip type: Intel® Calistoga Graphics Controller
DAC type: Internal
Device Key: Enum\PCI\VEN_8086&DEV_27A2&SUBSYS_206217AA&REV_03
Display Memory: 128.0 MB
Current Mode: 1280 x 800 (32 bit) (60Hz)
Monitor: Plug and Play Monitor
Monitor Max Res: 1600,1200
Driver Name: ialmrnt5.dll
Driver Version: 6.14.0010.4421 (English)
DDI Version: 9 (or higher)
Driver Attributes: Final Retail
Driver Date/Size: 11/4/2005 05:12:40, 36990 bytes
WHQL Logo'd: Yes
WHQL Date Stamp: n/a
VDD: n/a
Mini VDD: ialmnt5.sys
Mini VDD Date: 11/4/2005 05:20:58, 1353820 bytes
Device Identifier: {D7B78E66-64E2-11CF-5F65-6800A2C2CB35}
Vendor ID: 0x8086
Device ID: 0x27A2
SubSys ID: 0x206217AA
Revision ID: 0x0003
Revision ID: 0x0003
Video Accel:
Deinterlace Caps: n/a
Registry: OK
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Not Available
DDraw Test Result: Not run
D3D7 Test Result: Not run
D3D8 Test Result: Not run
D3D9 Test Result: Not run

-------------
Sound Devices
-------------
Description: SoundMAX HD Audio O
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: HDAUDIO\FUNC_01&VEN_11D4&DEV_1986&SUBSYS_17AA2066&REV_1005
Manufacturer ID: 65535
Product ID: 65535
Type: WDM
Driver Name: ADIHdAud.sys
Driver Version: 5.10.0001.4130 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 8/19/2005 04:56:14, 138752 bytes
Other Files:
Driver Provider: AnalogDevices
HW Accel Level: Full
Cap Flags: 0xB5B
Min/Max Sample Rate: 8000, 48000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX™ 2.0 Listen/Src: No, No
I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No
Registry: OK
Sound Test Result: Not run

---------------------
Sound Capture Devices
---------------------
Description: SoundMAX HD Audio I
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: ADIHdAud.sys
Driver Version: 5.10.0001.4130 (English)
Driver Attributes: Final Retail
Date and Size: 8/19/2005 04:56:14, 138752 bytes
Cap Flags: 0x41
Format Flags: 0xCCC

-----------
DirectMusic
-----------
DLS Path: C:\WINDOWS\SYSTEM32\drivers\GM.DLS
DLS Version: 1.00.0016.0002
Acceleration: n/a
Ports: Microsoft Synthesizer, Software (Not Kernel Mode), Output, DLS, Internal, Default Port
Microsoft MIDI Mapper [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
Microsoft GS Wavetable SW Synth [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
Registry: OK
Test Result: Not run

-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Poll w/ Interrupt: No
Registry: OK

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x27CB
| Matching Device ID: usb\root_hub
| Service: usbhub
| Driver: usbhub.sys, 4/14/2008 12:45:38, 59520 bytes
| Driver: usbd.sys, 8/4/2004 18:30:00, 4736 bytes

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ Standard 101/102-Key or Microsoft Natural PS/2 Keyboard
| Matching Device ID: *pnp0303
| Service: i8042prt
| Driver: i8042prt.sys, 4/14/2008 13:18:02, 52480 bytes
| Driver: kbdclass.sys, 4/14/2008 12:39:48, 24576 bytes
|
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| Driver: termdd.sys, 4/14/2008 18:13:22, 40840 bytes
| Driver: kbdclass.sys, 4/14/2008 12:39:48, 24576 bytes
|
+ Synaptics PS/2 Port Pointing Device
| Matching Device ID: *pnp0f13
| Upper Filters: SynTP
| Service: i8042prt
| Driver: i8042prt.sys, 4/14/2008 13:18:02, 52480 bytes
| Driver: mouclass.sys, 4/14/2008 12:39:48, 23040 bytes
| Driver: SynTP.sys, 10/29/2005 07:15:38, 191936 bytes
| Driver: SynTPAPI.dll, 10/29/2005 07:19:00, 94297 bytes
| Driver: SynTPFcs.dll, 10/29/2005 07:30:04, 69721 bytes
| Driver: SynCOM.dll, 10/29/2005 07:18:20, 82012 bytes
| Driver: SynCtrl.dll, 10/29/2005 07:18:36, 114688 bytes
| Driver: SynTPLpr.exe, 10/29/2005 07:30:14, 82009 bytes
| Driver: SynTPCpl.dll, 10/29/2005 07:21:16, 6135897 bytes
| Driver: SynCntxt.rtf, 10/29/2005 07:19:48, 3479058 bytes
| Driver: SynZMetr.exe, 10/29/2005 07:14:18, 163840 bytes
| Driver: SynMood.exe, 10/29/2005 07:14:10, 147456 bytes
| Driver: SynTPEnh.exe, 10/29/2005 07:28:52, 761945 bytes
| Driver: SynTPCOM.dll, 10/29/2005 07:19:20, 41062 bytes
| Driver: Tutorial.exe, 10/29/2005 07:30:34, 221184 bytes
| Driver: InstNT.exe, 10/29/2005 07:32:30, 81920 bytes
| Driver: SynISDLL.dll, 10/29/2005 07:30:54, 557056 bytes
| Driver: SynUnst.ini, 11/2/2005 23:37:40, 38355 bytes
| Driver: SynTPCo2.dll, 10/29/2005 07:32:18, 81920 bytes
|
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
| Driver: termdd.sys, 4/14/2008 18:13:22, 40840 bytes
| Driver: mouclass.sys, 4/14/2008 12:39:48, 23040 bytes

----------------------------
DirectPlay Service Providers
----------------------------
DirectPlay8 Modem Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 Serial Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 IPX Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
DirectPlay8 TCP/IP Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.6311)
Internet TCP/IP Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
IPX Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
Modem Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
Serial Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)

DirectPlay Voice Wizard Tests: Full Duplex: Not run, Half Duplex: Not run, Mic: Not run
DirectPlay Test Result: Not run
Registry: OK

-------------------
DirectPlay Adapters
-------------------
DirectPlay8 Modem Service Provider: ZTE USB Modem FFF1 #4
DirectPlay8 Modem Service Provider: Agere Systems HDA Modem
DirectPlay8 Serial Service Provider: COM3
DirectPlay8 TCP/IP Service Provider: MS TCP Loopback interface - IPv4 -

-----------------------
DirectPlay Voice Codecs
-----------------------
Voxware VR12 1.4kbit/s
Voxware SC06 6.4kbit/s
Voxware SC03 3.2kbit/s
MS-PCM 64 kbit/s
MS-ADPCM 32.8 kbit/s
Microsoft GSM 6.10 13 kbit/s
TrueSpeech™ 8.6 kbit/s

-------------------------
DirectPlay Lobbyable Apps
-------------------------

------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 1.6 GB
Total Space: 51.8 GB
File System: NTFS
Model: HTS541060G9SA00

Drive: D:
Model: HL-DT-ST DVDRAM GMA-4082N
Driver: c:\windows\system32\drivers\cdrom.sys, 5.01.2600.5512 (English), 4/14/2008 12:40:48, 62976 bytes

--------------
System Devices
--------------
Name: Intel® PRO/Wireless 3945ABG Network Connection
Device ID: PCI\VEN_8086&DEV_4227&SUBSYS_10108086&REV_02\4&20975680&0&00E1
Driver: n/a

Name: Intel® 82801G (ICH7 Family) SMBus Controller - 27DA
Device ID: PCI\VEN_8086&DEV_27DA&SUBSYS_207317AA&REV_02\3&B1BFB68&0&FB
Driver: n/a

Name: Microsoft UAA Bus Driver for High Definition Audio
Device ID: PCI\VEN_8086&DEV_27D8&SUBSYS_206617AA&REV_02\3&B1BFB68&0&D8
Driver: C:\WINDOWS\system32\DRIVERS\hdaudbus.sys, 5.10.0001.5013 (English), 4/14/2008 10:36:06, 144384 bytes

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D2
Device ID: PCI\VEN_8086&DEV_27D2&SUBSYS_00000000&REV_02\3&B1BFB68&0&E1
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/14/2008 12:36:46, 68224 bytes

Name: Intel® 82801G (ICH7 Family) PCI Express Root Port - 27D0
Device ID: PCI\VEN_8086&DEV_27D0&SUBSYS_00000000&REV_02\3&B1BFB68&0&E0
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/14/2008 12:36:46, 68224 bytes

Name: Intel® 82801G (ICH7 Family) USB2 Enhanced Host Controller - 27CC
Device ID: PCI\VEN_8086&DEV_27CC&SUBSYS_206F17AA&REV_02\3&B1BFB68&0&EF
Driver: C:\WINDOWS\system32\drivers\usbehci.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:36, 30208 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/14/2008 18:12:10, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 59520 bytes
Driver: C:\WINDOWS\system32\hccoin.dll, 5.01.2600.5512 (English), 4/14/2008 18:11:56, 7168 bytes

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CB
Device ID: PCI\VEN_8086&DEV_27CB&SUBSYS_206E17AA&REV_02\3&B1BFB68&0&EB
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:36, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/14/2008 18:12:10, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 59520 bytes

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27CA
Device ID: PCI\VEN_8086&DEV_27CA&SUBSYS_206D17AA&REV_02\3&B1BFB68&0&EA
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:36, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/14/2008 18:12:10, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 59520 bytes

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C9
Device ID: PCI\VEN_8086&DEV_27C9&SUBSYS_206C17AA&REV_02\3&B1BFB68&0&E9
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:36, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/14/2008 18:12:10, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 59520 bytes

Name: Intel® 82801G (ICH7 Family) USB Universal Host Controller - 27C8
Device ID: PCI\VEN_8086&DEV_27C8&SUBSYS_206B17AA&REV_02\3&B1BFB68&0&E8
Driver: C:\WINDOWS\system32\drivers\usbuhci.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:36, 20608 bytes
Driver: C:\WINDOWS\system32\drivers\usbport.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 143872 bytes
Driver: C:\WINDOWS\system32\usbui.dll, 5.01.2600.5512 (English), 4/14/2008 18:12:10, 74240 bytes
Driver: C:\WINDOWS\system32\drivers\usbhub.sys, 5.01.2600.5512 (English), 4/14/2008 12:45:38, 59520 bytes

Name: Intel® 82801GBM/GHM (ICH7-M Family) Serial ATA Storage Controller - 27C4
Device ID: PCI\VEN_8086&DEV_27C4&SUBSYS_207217AA&REV_02\3&B1BFB68&0&FA
Driver: C:\WINDOWS\system32\DRIVERS\pciide.sys, 5.01.2600.0000 (English), 8/18/2001 03:21:52, 3328 bytes
Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/14/2008 12:40:30, 24960 bytes
Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/14/2008 12:40:32, 96512 bytes

Name: Intel® 82801GBM (ICH7-M) LPC Interface Controller - 27B9
Device ID: PCI\VEN_8086&DEV_27B9&SUBSYS_00000000&REV_02\3&B1BFB68&0&F8
Driver: C:\WINDOWS\system32\DRIVERS\isapnp.sys, 5.01.2600.5512 (English), 4/14/2008 12:36:42, 37248 bytes

Name: Mobile Intel® 945GM Express Chipset Family
Device ID: PCI\VEN_8086&DEV_27A6&SUBSYS_206217AA&REV_03\3&B1BFB68&0&11
Driver: n/a

Name: Mobile Intel® 945GM Express Chipset Family
Device ID: PCI\VEN_8086&DEV_27A2&SUBSYS_206217AA&REV_03\3&B1BFB68&0&10
Driver: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys, 6.14.0010.4421 (English), 11/4/2005 05:20:58, 1353820 bytes
Driver: C:\WINDOWS\system32\ialmrnt5.dll, 6.14.0010.4421 (English), 11/4/2005 05:12:40, 36990 bytes
Driver: C:\WINDOWS\system32\ialmdnt5.dll, 6.14.0010.4421 (English), 11/4/2005 05:12:34, 119419 bytes
Driver: C:\WINDOWS\system32\ialmdev5.dll, 6.14.0010.4421 (English), 11/4/2005 05:12:24, 214618 bytes
Driver: C:\WINDOWS\system32\ialmdd5.dll, 6.14.0010.4421 (English), 11/4/2005 05:19:56, 899194 bytes
Driver: C:\WINDOWS\system32\igxpxa32.cpa, 11/4/2005 04:47:24, 524850 bytes
Driver: C:\WINDOWS\system32\igxpxa32.vp, 11/4/2005 04:47:24, 929 bytes
Driver: C:\WINDOWS\system32\igxpxk32.vp, 11/4/2005 04:47:24, 58704 bytes
Driver: C:\WINDOWS\system32\igxpxs32.vp, 11/4/2005 05:32:56, 25920 bytes
Driver: C:\WINDOWS\system32\oemdspif.dll, 3.00.0000.4421 (English), 11/4/2005 04:56:32, 57344 bytes
Driver: C:\WINDOWS\system32\hccutils.dll, 3.00.0000.4421 (English), 11/4/2005 04:51:26, 73728 bytes
Driver: C:\WINDOWS\system32\igfxsrvc.dll, 3.00.0000.4421 (English), 11/4/2005 04:52:30, 57344 bytes
Driver: C:\WINDOWS\system32\igfxsrvc.exe, 3.00.0000.4421 (English), 11/4/2005 04:52:28, 159744 bytes
Driver: C:\WINDOWS\system32\igfxpph.dll, 3.00.0000.4421 (English), 11/4/2005 04:55:32, 147456 bytes
Driver: C:\WINDOWS\system32\igfxcpl.cpl, 3.00.0000.4421 (English), 11/4/2005 04:55:20, 77824 bytes
Driver: C:\WINDOWS\system32\igfxcfg.exe, 3.00.0000.4421 (English), 11/4/2005 04:55:12, 450560 bytes
Driver: C:\WINDOWS\system32\igfxdev.dll, 3.00.0000.4421 (English), 11/4/2005 04:51:42, 135168 bytes
Driver: C:\WINDOWS\system32\igfxdo.dll, 3.00.0000.4421 (English), 11/4/2005 04:52:42, 86016 bytes
Driver: C:\WINDOWS\system32\igfxtray.exe, 3.00.0000.4421 (English), 11/4/2005 04:55:48, 98304 bytes
Driver: C:\WINDOWS\system32\igfxzoom.exe, 3.00.0000.4421 (English), 11/4/2005 04:56:16, 114688 bytes
Driver: C:\WINDOWS\system32\hkcmd.exe, 3.00.0000.4421 (English), 11/4/2005 04:52:36, 77824 bytes
Driver: C:\WINDOWS\system32\igfxress.dll, 3.00.0000.4421 (English), 11/4/2005 04:55:38, 1503232 bytes
Driver: C:\WINDOWS\system32\igfxpers.exe, 3.00.0000.4421 (English), 11/4/2005 04:56:30, 118784 bytes
Driver: C:\WINDOWS\system32\igfxrara.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:36, 122880 bytes
Driver: C:\WINDOWS\system32\igfxrchs.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:38, 81920 bytes
Driver: C:\WINDOWS\system32\igfxrcht.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:38, 81920 bytes
Driver: C:\WINDOWS\system32\igfxrdan.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:38, 139264 bytes
Driver: C:\WINDOWS\system32\igfxrdeu.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:40, 155648 bytes
Driver: C:\WINDOWS\system32\igfxrenu.lrc, 3.00.0000.4421 (English), 11/4/2005 04:51:46, 135168 bytes
Driver: C:\WINDOWS\system32\igfxresp.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:40, 151552 bytes
Driver: C:\WINDOWS\system32\igfxrfin.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:40, 139264 bytes
Driver: C:\WINDOWS\system32\igfxrfra.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:40, 147456 bytes
Driver: C:\WINDOWS\system32\igfxrheb.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:42, 122880 bytes
Driver: C:\WINDOWS\system32\igfxrita.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:42, 151552 bytes
Driver: C:\WINDOWS\system32\igfxrjpn.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:42, 98304 bytes
Driver: C:\WINDOWS\system32\igfxrkor.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:44, 98304 bytes
Driver: C:\WINDOWS\system32\igfxrnld.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:44, 151552 bytes
Driver: C:\WINDOWS\system32\igfxrnor.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:44, 139264 bytes
Driver: C:\WINDOWS\system32\igfxrplk.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:44, 143360 bytes
Driver: C:\WINDOWS\system32\igfxrptb.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:46, 143360 bytes
Driver: C:\WINDOWS\system32\igfxrptg.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:46, 143360 bytes
Driver: C:\WINDOWS\system32\igfxrrus.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:46, 143360 bytes
Driver: C:\WINDOWS\system32\igfxrsve.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:46, 139264 bytes
Driver: C:\WINDOWS\system32\igfxrtha.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:48, 126976 bytes
Driver: C:\WINDOWS\system32\igfxrcsy.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:38, 139264 bytes
Driver: C:\WINDOWS\system32\igfxrell.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:40, 155648 bytes
Driver: C:\WINDOWS\system32\igfxrhun.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:42, 147456 bytes
Driver: C:\WINDOWS\system32\igfxrtrk.lrc, 3.00.0000.4421 (English), 11/4/2005 04:56:48, 139264 bytes
Driver: C:\WINDOWS\system32\igfxext.exe, 3.00.0000.4421 (English), 11/4/2005 04:56:22, 94208 bytes
Driver: C:\WINDOWS\system32\igfxexps.dll, 3.00.0000.4421 (English), 11/4/2005 04:56:22, 40960 bytes
Driver: C:\WINDOWS\system32\ialmrem.dll, 6.14.0010.4421 (English), 11/4/2005 05:12:38, 49152 bytes
Driver: C:\WINDOWS\system32\iglicd32.dll, 6.14.0010.4421 (English), 11/4/2005 05:03:00, 2310144 bytes
Driver: C:\WINDOWS\system32\igldev32.dll, 6.14.0010.4421 (English), 11/4/2005 05:04:52, 524288 bytes
Driver: C:\WINDOWS\system32\iAlmCoIn_v4421.dll, 1.00.1000.0001 (English), 11/4/2005 05:12:36, 61440 bytes

Name: Mobile Intel® 955XM/945GM/PM/GMS/940GML Express Processor to DRAM Controller Device ID: PCI\VEN_8086&DEV_27A0&SUBSYS_00000000&REV_03\3&B1BFB68&0&00
Driver: n/a

Name: Intel® 82801 PCI Bridge - 2448
Device ID: PCI\VEN_8086&DEV_2448&SUBSYS_00000000&REV_E2\3&B1BFB68&0&F0
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/14/2008 12:36:46, 68224 bytes

Name: Generic CardBus Controller
Device ID: PCI\VEN_1524&DEV_1410&SUBSYS_207517AA&REV_01\4&6B16D5B&0&20F0
Driver: C:\WINDOWS\system32\DRIVERS\pcmcia.sys, 5.01.2600.5512 (English), 4/14/2008 12:36:44, 120192 bytes

Name: Ricoh xD-Picture Card Host Controller
Device ID: PCI\VEN_1180&DEV_0852&SUBSYS_207A17AA&REV_05\4&6B16D5B&0&34F0
Driver: C:\WINDOWS\system32\DRIVERS\rixdptsk.sys, 1.00.0002.0008 (Japanese), 11/2/2005 07:38:00, 308992 bytes
Driver: C:\WINDOWS\system32\rixdicon.dll, 5/7/2005 07:36:32, 16480 bytes

Name: Ricoh MMC Host Controller
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_207817AA&REV_01\4&6B16D5B&0&32F0
Driver: C:\WINDOWS\system32\DRIVERS\rimmptsk.sys, 1.00.0000.0009 (Japanese), 11/17/2005 09:58:32, 28928 bytes

Name: OHCI Compliant IEEE 1394 Host Controller
Device ID: PCI\VEN_1180&DEV_0832&SUBSYS_207617AA&REV_00\4&6B16D5B&0&30F0
Driver: C:\WINDOWS\system32\DRIVERS\ohci1394.sys, 5.01.2600.5512 (English), 4/14/2008 12:46:20, 61696 bytes
Driver: C:\WINDOWS\system32\DRIVERS\1394bus.sys, 5.01.2600.5512 (English), 4/14/2008 12:46:20, 53376 bytes
Driver: C:\WINDOWS\system32\DRIVERS\nic1394.sys, 5.01.2600.5512 (English), 4/14/2008 12:51:26, 61824 bytes
Driver: C:\WINDOWS\system32\DRIVERS\arp1394.sys, 5.01.2600.5512 (English), 4/14/2008 12:51:26, 60800 bytes
Driver: C:\WINDOWS\system32\DRIVERS\enum1394.sys, 5.01.2600.0000 (English), 8/18/2001 03:16:40, 6400 bytes

Name: SDA Standard Compliant SD Host Controller
Device ID: PCI\VEN_1180&DEV_0822&SUBSYS_207717AA&REV_19\4&6B16D5B&0&31F0
Driver: C:\WINDOWS\system32\DRIVERS\sdbus.sys, 6.00.4069.5512 (English), 4/14/2008 12:36:46, 79232 bytes

Name: Ricoh Memory Stick Host Controller
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_207917AA&REV_0A\4&6B16D5B&0&33F0
Driver: C:\WINDOWS\system32\snymsico.dll, 1.00.0000.9120 (English), 9/4/2004 01:30:00, 90112 bytes
Driver: C:\WINDOWS\system32\DRIVERS\rimsptsk.sys, 1.00.0002.0004 (Japanese), 11/2/2005 07:24:50, 51584 bytes

Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_207417AA&REV_10\4&6B16D5B&0&08F0
Driver: C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys, 5.641.0209.2006 (English), 2/27/2006 19:16:20, 81408 bytes

------------------
DirectX Components
------------------
ddraw.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:52 279552 bytes
ddrawex.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:52 27136 bytes
dxapi.sys: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 10496 bytes
d3d8.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:52 1179648 bytes
d3d8thk.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:52 8192 bytes
d3d9.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:52 1689088 bytes
d3dim.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 436224 bytes
d3dim700.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:52 824320 bytes
d3dramp.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 590336 bytes
d3drm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 350208 bytes
d3dxof.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 47616 bytes
d3dpmesh.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 34816 bytes
dplay.dll: 5.00.2134.0001 English Final Retail 8/4/2004 18:30:00 33040 bytes
dplayx.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 229888 bytes
dpmodemx.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 23552 bytes
dpwsock.dll: 5.00.2134.0001 English Final Retail 8/4/2004 18:30:00 42768 bytes
dpwsockx.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 57344 bytes
dplaysvr.exe: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:18 29696 bytes
dpnsvr.exe: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:18 17920 bytes
dpnet.dll: 5.03.2600.6311 English Final Retail 11/2/2012 07:32:42 375296 bytes
dpnlobby.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:09:22 3072 bytes
dpnaddr.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:09:20 3072 bytes
dpvoice.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 212480 bytes
dpvsetup.exe: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:20 83456 bytes
dpvvox.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 116736 bytes
dpvacm.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 21504 bytes
dpnhpast.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 35328 bytes
dpnhupnp.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 60928 bytes
dpserial.dll: 5.00.2134.0001 English Final Retail 8/4/2004 18:30:00 53520 bytes
dinput.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 158720 bytes
dinput8.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 181760 bytes
dimap.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 44032 bytes
diactfrm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 394240 bytes
joy.cpl: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:42 68608 bytes
gcdef.dll: 5.01.2600.0000 English Final Retail 8/4/2004 18:30:00 76800 bytes
pid.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:04 35328 bytes
dsound.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 367616 bytes
dsound3d.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 1293824 bytes
dswave.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 19456 bytes
dsdmo.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 181248 bytes
dsdmoprp.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 71680 bytes
dmusic.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 104448 bytes
dmband.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 28672 bytes
dmcompos.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 61440 bytes
dmime.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 181248 bytes
dmloader.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 35840 bytes
dmstyle.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 105984 bytes
dmsynth.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 103424 bytes
dmscript.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 82432 bytes
system.dll: 1.01.4322.2500 English Final Retail 11/15/2012 03:57:13 1232896 bytes
Microsoft.DirectX.Direct3D.dll: 9.05.0132.0000 English Final Retail 7/11/2011 20:53:59 473600 bytes
Microsoft.DirectX.Direct3DX.dll: 5.04.0000.3900 English Final Retail 7/11/2011 20:53:47 2676224 bytes
Microsoft.DirectX.Direct3DX.dll: 9.04.0091.0000 English Final Retail 7/11/2011 20:53:49 2846720 bytes
Microsoft.DirectX.Direct3DX.dll: 9.05.0132.0000 English Final Retail 7/11/2011 20:53:50 563712 bytes
Microsoft.DirectX.Direct3DX.dll: 9.06.0168.0000 English Final Retail 7/11/2011 20:53:51 567296 bytes
Microsoft.DirectX.Direct3DX.dll: 9.07.0239.0000 English Final Retail 7/11/2011 20:53:52 576000 bytes
Microsoft.DirectX.Direct3DX.dll: 9.08.0299.0000 English Final Retail 7/11/2011 20:53:53 577024 bytes
Microsoft.DirectX.Direct3DX.dll: 9.09.0376.0000 English Final Retail 7/11/2011 20:53:37 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.10.0455.0000 English Final Retail 7/11/2011 20:53:42 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.12.0589.0000 English Final Retail 7/11/2011 20:54:00 578560 bytes
Microsoft.DirectX.DirectDraw.dll: 5.04.0000.2904 English Final Retail 7/11/2011 20:54:00 145920 bytes
Microsoft.DirectX.DirectInput.dll: 5.04.0000.2904 English Final Retail 7/11/2011 20:54:01 159232 bytes
Microsoft.DirectX.DirectPlay.dll: 5.04.0000.2904 English Final Retail 7/11/2011 20:54:01 364544 bytes
Microsoft.DirectX.DirectSound.dll: 5.04.0000.2904 English Final Retail 7/11/2011 20:54:02 178176 bytes
Microsoft.DirectX.AudioVideoPlayback.dll: 5.04.0000.2904 English Final Retail 7/11/2011 20:53:57 53248 bytes
Microsoft.DirectX.Diagnostics.dll: 5.04.0000.2904 English Final Retail 7/11/2011 20:53:58 12800 bytes
Microsoft.DirectX.dll: 5.04.0000.2904 English Final Retail 7/11/2011 20:53:56 223232 bytes
dx7vb.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 619008 bytes
dx8vb.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 1227264 bytes
dxdiagn.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 2113536 bytes
mfc40.dll: 4.01.0000.6151 English Beta Retail 9/18/2010 12:23:25 954368 bytes
mfc42.dll: 6.02.8081.0000 English Final Retail 2/8/2011 19:03:55 978944 bytes
wsock32.dll: 5.01.2600.5512 English Final Retail 4/14/2008 18:12:12 22528 bytes
amstream.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:11:50 70656 bytes
devenum.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:11:52 59904 bytes
dxmasf.dll: 6.04.0009.1133 English Final Retail 4/14/2008 18:11:54 498742 bytes
mciqtz32.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:11:58 35328 bytes
mpg2splt.ax: 6.05.2600.5512 English Final Retail 4/14/2008 18:12:44 148992 bytes
msdmo.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:12:00 14336 bytes
encapi.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:54 20480 bytes
qasf.dll: 11.00.5721.5145 English Final Retail 10/18/2006 21:47:18 211456 bytes
qcap.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:12:04 192512 bytes
qdv.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:12:04 279040 bytes
qdvd.dll: 6.05.2600.6169 English Final Retail 11/3/2011 20:58:36 386048 bytes
qedit.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:12:04 562176 bytes
qedwipes.dll: 6.05.2600.5512 English Final Retail 4/14/2008 11:21:34 733696 bytes
quartz.dll: 6.05.2600.6169 English Final Retail 11/3/2011 20:58:36 1292288 bytes
strmdll.dll: 4.01.0000.3938 English Final Retail 8/26/2009 13:30:21 247326 bytes
iac25_32.ax: 2.00.0005.0053 English Final Retail 4/14/2008 18:12:44 199680 bytes
ir41_32.ax: 4.51.0016.0003 English Final Retail 4/14/2008 18:12:44 848384 bytes
ir41_qc.dll: 4.30.0062.0002 English Final Retail 4/14/2008 18:11:56 120320 bytes
ir41_qcx.dll: 4.30.0064.0001 English Final Retail 4/14/2008 18:11:56 338432 bytes
ir50_32.dll: 5.2562.0015.0055 English Final Retail 4/14/2008 18:11:56 755200 bytes
ir50_qc.dll: 5.00.0063.0048 English Final Retail 4/14/2008 18:11:56 200192 bytes
ir50_qcx.dll: 5.00.0064.0048 English Final Retail 4/14/2008 18:11:56 183808 bytes
ivfsrc.ax: 5.10.0002.0051 English Final Retail 4/14/2008 18:12:44 154624 bytes
mswebdvd.dll: 6.05.2600.5857 English Final Retail 8/5/2009 14:31:48 204800 bytes
ks.sys: 5.03.2600.5512 English Final Retail 4/14/2008 13:16:38 141056 bytes
ksproxy.ax: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:44 129536 bytes
ksuser.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:11:58 4096 bytes
stream.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:45:16 49408 bytes
mspclock.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:39:52 5376 bytes
mspqm.sys: 5.01.2600.5512 English Final Retail 4/14/2008 12:39:52 4992 bytes
mskssrv.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:39:54 7552 bytes
swenum.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:39:54 4352 bytes
mstee.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:39:52 5504 bytes
ipsink.ax: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:44 16384 bytes
mpeg2data.ax: 6.05.2600.5512 English Final Retail 4/14/2008 18:12:44 118272 bytes
ndisip.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:46:24 10880 bytes
streamip.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:46:22 15232 bytes
msvidctl.dll: 6.05.2600.5512 English Final Retail 4/14/2008 18:12:02 1428992 bytes
slip.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:46:24 11136 bytes
nabtsfec.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:46:26 85248 bytes
ccdecode.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:46:24 17024 bytes
vbisurf.ax: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:44 30208 bytes
msyuv.dll: 5.03.2600.5908 English Final Retail 11/27/2009 22:41:44 17920 bytes
kstvtune.ax: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:44 61952 bytes
ksxbar.ax: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:44 43008 bytes
kswdmcap.ax: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:44 91136 bytes
vfwwdm32.dll: 5.01.2600.5512 English Final Retail 4/14/2008 18:12:10 53760 bytes
wstcodec.sys: 5.03.2600.5512 English Final Retail 4/14/2008 12:46:26 19200 bytes
wstdecod.dll: 5.03.2600.5512 English Final Retail 4/14/2008 18:12:12 50688 bytes

------------------
DirectShow Filters
------------------

WDM Streaming VBI Codecs:
NABTS/FEC VBI Codec,0x00200000,2,1,,5.03.2600.5512
CC Decoder,0x00200000,2,1,,5.03.2600.5512
WST Codec,0x00200000,1,1,,5.03.2600.5512

DirectShow Filters:
WMAudio Decoder DMO,0x00800800,1,1,,
WMAPro over S/PDIF DMO,0x00600800,1,1,,
WMA Voice Decoder DMO,0x00600800,1,1,,
WMVideo Advanced Decoder DMO,0x00800001,1,1,,
Mpeg4s Decoder DMO,0x00800001,1,1,,
WMV Screen decoder DMO,0x00800001,1,1,,
WMVideo Decoder DMO,0x00800001,1,1,,
Mpeg43 Decoder DMO,0x00800001,1,1,,
Mpeg4 Decoder DMO,0x00800001,1,1,,
WMT MuxDeMux Filter,0x00200000,0,0,wmm2filt.dll,2.01.4026.0000
Full Screen Renderer,0x00200000,1,0,quartz.dll,6.05.2600.6169
DV Muxer,0x00400000,0,0,qdv.dll,6.05.2600.5512
Color Space Converter,0x00400001,1,1,quartz.dll,6.05.2600.6169
WM ASF Reader,0x00400000,0,0,qasf.dll,11.00.5721.5145
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,10.00.0000.3646
AVI Splitter,0x00600000,1,1,quartz.dll,6.05.2600.6169
WMT AudioAnalyzer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.05.2600.6169
Indeo� video 5.10 Compression Filter,0x00200000,1,1,ir50_32.dll,5.2562.0015.0055
Windows Media Audio Decoder,0x00800001,1,1,msadds32.ax,8.00.0000.4487
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.05.2600.5512
MACSReaderMP3 Filter,0x00200000,0,1,MACSReaderAVI.ax,1.00.2006.0804
WMT Format Conversion,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
StreamBufferSink,0x00200000,0,0,sbe.dll,6.05.2600.6076
WMT Black Frame Generator,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
Indeo� video 5.10 Decompression Filter,0x00640000,1,1,ir50_32.dll,5.2562.0015.0055
WMT Screen Capture filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
Microsoft Screen Video Decompressor,0x00800000,1,1,msscds32.ax,8.00.0000.4487
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.05.2600.6169
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
MPEG Layer-3 Decoder,0x00810000,1,1,l3codecx.ax,1.06.0000.0052
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.05.2600.5512
ACELP.net Sipro Lab Audio Decoder,0x00800001,1,1,acelpdec.ax,1.04.0000.0000
SelfMusicVideo Dump Filter,0x00200000,1,0,TG_Dump0708.DLL,8.01.2008.5200
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.05.2600.6169
File Source (Netshow URL),0x00400000,0,1,wmpasf.dll,10.00.0000.3646
WMT Import Filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
DV Splitter,0x00600000,1,2,qdv.dll,6.05.2600.5512
Bitmap Generate,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Windows Media Video Decoder,0x00800000,1,1,wmvds32.ax,8.00.0000.4487
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,
Windows Media Video Decoder,0x00800000,1,1,wmv8ds32.ax,8.00.0000.4000
WMT VIH2 Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Record Queue,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
AC3 Decoder Filter,0x00200000,1,1,ac3dx.ax,1.00.0000.0001
Windows Media Multiplexer,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASX file Parser,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASX v.2 file Parser,0x00600000,1,0,wmpasf.dll,10.00.0000.3646
NSC file Parser,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
Xvid MPEG-4 Video Decoder,0x00800000,1,1,xvid.ax,
ACM Wrapper,0x00600000,1,1,quartz.dll,6.05.2600.6169
Windows Media source filter,0x00600000,0,2,wmpasf.dll,10.00.0000.3646
Video Renderer,0x00800001,1,0,quartz.dll,6.05.2600.6169
Frame Eater,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.05.2600.6076
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.05.2600.6169
Video Port Manager,0x00600000,2,1,quartz.dll,6.05.2600.6169
WST Decoder,0x00600000,1,1,wstdecod.dll,5.03.2600.5512
Video Renderer,0x00400000,1,0,quartz.dll,6.05.2600.6169
WM ASF Writer,0x00400000,0,0,qasf.dll,11.00.5721.5145
WMT Sample Information Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,5.03.2600.5512
Microsoft MPEG-4 Video Decompressor,0x00800000,1,1,mpg4ds32.ax,8.00.0000.4504
File writer,0x00200000,1,0,qcap.dll,6.05.2600.5512
SpatialStereo Filter,0x00200000,1,1,3DAudio.ax,
WMT Log Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Virtual Renderer,0x00200000,1,0,wmm2filt.dll,2.01.4026.0000
DVD Navigator,0x00200000,0,2,qdvd.dll,6.05.2600.6169
Overlay Mixer2,0x00400000,1,1,qdvd.dll,6.05.2600.6169
NEDFilter4Samsung Filter,0x00200000,0,1,NEDFilter4Samsung.ax,8.01.0000.0000
AVI Draw,0x00600064,9,1,quartz.dll,6.05.2600.6169
.RAM file Parser,0x00600000,1,0,wmpasf.dll,10.00.0000.3646
WMT DirectX Transform Wrapper,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
G.711 Codec,0x00200000,1,1,g711codc.ax,5.01.2600.0000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.05.2600.5512
DV Video Decoder,0x00800000,1,1,qdv.dll,6.05.2600.5512
Indeo� audio software,0x00500000,1,1,iac25_32.ax,2.00.0005.0053
Windows Media Update Filter,0x00400000,1,0,wmpasf.dll,10.00.0000.3646
P3Sourcer,0x00600000,0,1,muzaf1.dll,1.00.0000.60410
ASF DIB Handler,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASF ACM Handler,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASF ICM Handler,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASF URL Handler,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASF JPEG Handler,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASF DJPEG Handler,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
ASF embedded stuff Handler,0x00600000,1,1,wmpasf.dll,10.00.0000.3646
9x8Resize,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WIA Stream Snapshot Filter,0x00200000,1,1,wiasf.ax,1.00.0000.0000
Allocator Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.05.2600.5512
Null Renderer,0x00200000,1,0,qedit.dll,6.05.2600.5512
WMT Virtual Source,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Sections and Tables,0x005fffff,1,0,mpeg2data.ax,
WMT Interlacer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
StreamBufferSource,0x00200000,0,0,sbe.dll,6.05.2600.6076
Smart Tee,0x00200000,1,2,qcap.dll,6.05.2600.5512
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.05.2600.6169
AVI Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
Uncompressed Domain Shot Detection Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.05.2600.6169
QuickTime Movie Parser,0x00600000,1,1,quartz.dll,6.05.2600.6169
Wave Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
MIDI Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
Multi-file Parser,0x00400000,1,1,quartz.dll,6.05.2600.6169
File stream renderer,0x00400000,1,1,quartz.dll,6.05.2600.6169
XML Playlist,0x00400000,1,0,wmpasf.dll,10.00.0000.3646
AVI Mux,0x00200000,1,0,qcap.dll,6.05.2600.5512
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.05.2600.6169
File Source (Async.),0x00400000,0,1,quartz.dll,6.05.2600.6169
File Source (URL),0x00400000,0,1,quartz.dll,6.05.2600.6169
WMT DV Extract,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Switch Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Volume,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MusicCity Audio Decoder,0x00200000,1,1,muzdecode.ax,1.00.0000.60207
Stretch Video,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MusicCity MPEG4 Splitter Filter,0x00200000,1,1,muzmp4sp.ax,1.00.0000.60210
MusicCity Windows Media Splitter,0x00200000,1,1,muzwmts.dll,1.00.0000.60208
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.05.2600.5512
BlueCode Audio Effect,0x00200000,1,1,muzeffect.ax,1.00.0000.60210
MusicCity MPEG Splitter,0x00200000,0,1,muzmpgsp.ax,1.01.0007.0911
MyFree Codec Filter,0x00200000,0,0,MyFree.ax,
QT Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.6169
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.05.2600.6169
MusicCity OGG Splitter,0x00200000,1,1,muzoggsp.ax,1.00.0000.60207
Indeo� video 4.4 Decompression Filter,0x00640000,1,1,ir41_32.ax,4.51.0016.0003
Indeo� video 4.4 Compression Filter,0x00200000,1,1,ir41_32.ax,4.51.0016.0003

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512

WDM Streaming Data Transforms:
Microsoft Kernel Acoustic Echo Canceller,0x00000000,0,0,,
Microsoft Kernel GS Wavetable Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DLS Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DRM Audio Descrambler,0x00200000,1,1,,5.03.2600.5512

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,,
MSScreen encoder DMO,0x00600800,1,1,,
WMVideo9 Encoder DMO,0x00600800,1,1,,
MSScreen 9 encoder DMO,0x00600800,1,1,,
DV Video Encoder,0x00200000,0,0,qdv.dll,6.05.2600.5512
Indeo� video 5.10 Compression Filter,0x00100000,1,1,ir50_32.dll,5.2562.0015.0055
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.05.2600.6169
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel 4:2:0 Video V2.50,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo® Video R3.2,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo� Video 4.5,0x00200000,1,1,qcap.dll,6.05.2600.5512
Indeo� video 5.10,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.261 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.263 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft RLE,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.05.2600.5512

Audio Compressors:
WMA Voice Encoder DMO,0x00600800,1,1,,
WM Speech Encoder DMO,0x00600800,1,1,,
WMAudio Encoder DMO,0x00600800,1,1,,
IAC2,0x00200000,1,1,quartz.dll,6.05.2600.6169
IMA ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
PCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.6169
ACELP.net,0x00200000,1,1,quartz.dll,6.05.2600.6169
DSP Group TrueSpeech™,0x00200000,1,1,quartz.dll,6.05.2600.6169
Windows Media Audio V1,0x00200000,1,1,quartz.dll,6.05.2600.6169
Windows Media Audio V2,0x00200000,1,1,quartz.dll,6.05.2600.6169
GSM 6.10,0x00200000,1,1,quartz.dll,6.05.2600.6169
Microsoft G.723.1,0x00200000,1,1,quartz.dll,6.05.26x00.6169
CCITT A-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
CCITT u-Law,0x00200000,1,1,quartz.dll,6.05.2600.6169
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.05.2600.6169

Audio Capture Sources:
SoundMAX HD Audio I,0x00200000,0,0,qcap.dll,6.05.2600.5512

Midi Renderers:
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
Microsoft GS Wavetable SW Synth,0x00200000,1,0,quartz.dll,6.05.2600.6169

WDM Streaming Capture Devices:
SoundMAX HD Audio I,0x00200000,1,1,,5.03.2600.5512
,0x00000000,0,0,,
Integrated Camera,0x00200000,0,2,,5.03.2600.5512

WDM Streaming Rendering Devices:
,0x00000000,0,0,,
SoundMAX HD Audio O,0x00200000,2,1,,5.03.2600.5512

BDA Rendering Filters:
BDA IP Sink,0x00200000,1,1,,5.03.2600.5512

Video Capture Sources:
Integrated Camera,0x00200000,0,2,,5.03.2600.5512

BDA Transport Information Renderers:
MPEG-2 Sections and Tables,0x00600000,1,0,mpeg2data.ax,

WDM Streaming Mixer Devices:
Microsoft Kernel Wave Audio Mixer,0x00000000,0,0,,

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,0,encdec.dll,6.05.2600.6161
Encrypt/Tag,0x00200000,0,0,encdec.dll,6.05.2600.6161
XDS Codec,0x00200000,0,0,encdec.dll,6.05.2600.6161

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512

Audio Renderers:
SoundMAX HD Audio O,0x00200000,1,0,quartz.dll,6.05.2600.6169
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.05.2600.6169
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.05.2600.6169
DirectSound: SoundMAX HD Audio O,0x00200000,1,0,quartz.dll,6.05.2600.6169

WDM Streaming System Devices:
SoundMAX HD Audio I,0x00200000,5,1,,5.03.2600.5512
SoundMAX HD Audio O,0x00200000,7,1,,5.03.2600.5512

BDA Receiver Component:
BDA Slip De-Framer,0x00600000,1,1,,5.03.2600.5512

-------------------

Thanks!
Divyank

#9 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,385 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 PM

Posted 08 January 2013 - 02:56 PM

Hi Divyank,

The program I asked you to run was only to gather information for us and was not designed to fix anything so I didn't expect anything to change.

Please run this.


===================================================


ComboFix

--------------------

For a more detailed explanation on running Combofix and the prompts you will be following please see here.

Please download ComboFix from one of these locations and save it to your desktop:

Bleepingcomputer
ForoSpyware

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

  • Note: If the Microsoft Windows Recovery Console is already installed, or if you are running Vista/Windows 7, ComboFix will skip the below Recovery Console pop ups and continue its malware removal procedure.

Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Posted Image



Click on Yes, to continue scanning for malware.

Note #1: Often times it may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below. If, based on the below, you have concluded ComboFix has stopped running please stop and advise me.

  • Check your computer clock. If it is still running then so is ComboFix
  • Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
  • Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem Usage then ComboFix is running
Note #2: If you receive the following error "Illegal operation attempted on a registery key that has been marked for deletion" please just restart your computer to resolve this issue[/list]

If Combofix fails to run properly using the above instructions please attempt the following:

  • Right click on the Combofix icon on your desktop and select Delete
  • Download a new copy but rename it to freshcopy.exe first, then save it to your desktop
  • Now download RKill.exe (or RKill renamed as iExplore.exe if the first one doesn't work properly) and save it to your desktop
  • Restart your computer in Safe Mode
  • Right click on RKill (or iExplore) and select Run as Administrator. If you are using Windows XP simply double click the icon
  • A black DOS screen should flash and disappear. If not, try to launch the program with the second file. If neither works please stop and let me know
  • When RKill is finished running you will be presented with a text file and a copy will be saved on your desktop. Copy and paste the contents of this report in your reply
  • Do not reboot your computer
  • Double click the freshcopy.exe icon (renamed Combofix file)
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply
  • If you disabled your antivirus please enable it again. If you uninstalled it please wait for instructions to reinstall it

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Combofix.txt

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#10 divyank

divyank
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 09 January 2013 - 12:14 PM

Hey Gary, I guess the timing of your next response would be crucial - I installed ComboFix and ran it. It installed the MS recovery console and then started scanning. I saw the computer's clock did not change for 35 minutes and when i tried clicking on the system tray clock corner, everything just FROZE. Cursor not moving so i cannot use the onscreen keyboard. No way to access task manager i suppose? Cannot run RKill either. Have left the system running AS IT IS, since you asked not to reboot. Awaiting further advice.
Thank you,
Divyank

#11 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,385 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 PM

Posted 09 January 2013 - 01:13 PM

Hi Divyank,

This is very common with Combofix so at this point it is of little concern. Hold down the power button to do a hard shut down. Try running it again with the second set of instructions which includes RKill.

Thanks for holding off to see what to do. Let me know how it goes.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#12 divyank

divyank
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 10 January 2013 - 11:54 AM

Hi Gary, this is to kindly let you know that I will not be able to paste Rkill log at this moment since I didn't return home tonight but I will do so asap. More importantly, after last I heard from you, I used system configuration utility to modify selective startup and activate safe mode, since F8 would not work otherwise. On safe mode, I ran Rkill.exe first and saved the log. Then I ran freshcopy.exe which ran for a while but then froze again. I slept while it was running (clock too running) but didn't work out. So I shut it down. Will follow the same instructions next I start my system, unless you say otherwise.
Thanks a lot,
Divyank

#13 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,385 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:02:01 PM

Posted 10 January 2013 - 01:09 PM

Hi Divyank,

Thank you for the update. No problem with the delay.

Post the RKill log and rather than trying to run Combofix again please run this tool. This will not try to fix anything, only provide us with some additional information.


===================================================


OTL

--------------------

  • Please download OTL and save it to your desktop
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Copy and paste the two reports in your next reply.

  • OTL.txt <-- Will be opened
  • Extra.txt <-- Will be minimized

===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • RKill log
  • OTL log
  • Extra log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#14 divyank

divyank
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 12 January 2013 - 01:24 AM

Hello Gary, thank you for your patience. I OTL and am pasting the log following Rkill log.

----------------------------

Rkill 2.4.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 01/12/2013 01:47:53 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* AFD (AFD) is not Running.
Startup Type set to: System

* DHCP Client (Dhcp) is not Running.
Startup Type set to: Automatic

* DNS Client (Dnscache) is not Running.
Startup Type set to: Automatic

* COM+ Event System (EventSystem) is not Running.
Startup Type set to: Manual

* Network Connections (Netman) is not Running.
Startup Type set to: Manual

* Security Center (wscsvc) is not Running.
Startup Type set to: Automatic

* Automatic Updates (wuauserv) is not Running.
Startup Type set to: Automatic

* AFD (AFD) is not Running.
Startup Type set to: System

* IPSEC driver (IPSec) is not Running.
Startup Type set to: System

* NetBios over Tcpip (NetBT) is not Running.
Startup Type set to: System

* TCP/IP Protocol Driver (Tcpip) is not Running.
Startup Type set to: System

* RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* Cannot edit the HOSTS file.
* Permissions Fixed. Administrators can now edit the HOSTS file.

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com

20 out of 15300 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 01/12/2013 01:49:05 AM
Execution time: 0 hours(s), 1 minute(s), and 12 seconds(s)

--------------------------------------------------------

#15 divyank

divyank
  • Topic Starter

  • Members
  • 58 posts
  • OFFLINE
  •  
  • Local time:02:31 AM

Posted 12 January 2013 - 01:36 AM

OTL logfile created on: 1/12/2013 1:30:36 AM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\navykid\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

502.11 Mb Total Physical Memory | 348.55 Mb Available Physical Memory | 69.42% Memory free
2.46 Gb Paging File | 2.39 Gb Available in Paging File | 97.28% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 50.58 Gb Total Space | 1.77 Gb Free Space | 3.50% Space Free | Partition Type: NTFS

Computer Name: DIVYANK | User Name: navykid | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/01/12 00:37:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\navykid\Desktop\OTL.exe
PRC - [2008/04/14 18:12:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe


========== Modules (No Company Name) ==========

MOD - [2006/04/18 02:17:18 | 000,090,112 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll
MOD - [2006/04/18 02:14:22 | 000,151,552 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll
MOD - [2006/04/18 02:13:38 | 000,077,824 | ---- | M] () -- C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll


========== Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\system32\PsaSrv.exe -- (PsaSrv)
SRV - File not found [Auto | Stopped] -- C:\Program Files\SAMSUNG\Samsung Networking Wizard\ICM_Service.exe -- (ICM_UpdaterService)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - File not found [Auto | Stopped] -- C:\Program Files\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/01/12 00:36:42 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/11/11 20:59:41 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Idea Net Setter\UpdateDog\ouc.exe -- (Idea Net Setter. RunOuc)
SRV - [2011/06/26 12:15:56 | 000,256,000 | R--- | M] () [Auto | Stopped] -- C:\freshcopy25935f\pev.3XE -- (PEVSystemStart)
SRV - [2011/03/21 11:17:56 | 000,068,928 | ---- | M] (Nalpeiron Ltd.) [Auto | Stopped] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
SRV - [2010/11/16 19:07:38 | 000,264,704 | ---- | M] () [Auto | Stopped] -- C:\Documents and Settings\All Users\Application Data\DataCardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010/11/08 15:47:14 | 000,512,000 | ---- | M] () [Auto | Stopped] -- C:\Program Files\MBlaze UI\bin\MonServiceUDisk.exe -- (UDisk Monitor)
SRV - [2006/05/20 00:09:16 | 000,057,344 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\WINDOWS\system32\PMSveH.exe -- (PMSveH)
SRV - [2006/04/18 02:42:28 | 000,151,552 | ---- | M] (Lenovo) [Auto | Stopped] -- C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe -- (AcSvc)
SRV - [2006/04/18 02:42:26 | 000,040,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe -- (AcPrfMgrSvc)
SRV - [2005/12/22 08:04:58 | 000,077,824 | ---- | M] () [Auto | Stopped] -- C:\Program Files\IBM ThinkVantage\Common\Scheduler\tvtsched.exe -- (TVT Scheduler)
SRV - [2005/12/22 07:50:56 | 001,384,448 | ---- | M] () [Auto | Stopped] -- C:\Program Files\IBM ThinkVantage\Rescue and Recovery\rrservice.exe -- (TVT Backup Service)
SRV - [2005/08/02 07:02:40 | 000,040,960 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ThinkVantage\SystemUpdate\UCLauncherService.exe -- (UCLauncherService)
SRV - [2004/08/11 14:16:56 | 000,483,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Windows Media Connect\mswmccds.exe -- (WmcCds)
SRV - [2004/08/11 11:20:42 | 000,028,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Media Connect\mswmcls.exe -- (WmcCdsLs)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ewusbdev.sys -- (hwusbdev)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [File_System | Boot | Stopped] -- System32\drivers\ANCSQ.sys -- (ANCSQ)
DRV - [2012/11/11 21:00:01 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2012/11/11 21:00:01 | 000,073,216 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2012/11/11 21:00:00 | 000,235,392 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2012/11/11 21:00:00 | 000,193,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012/09/20 10:05:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/09/20 10:05:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/01/14 02:58:44 | 000,016,256 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\psadd.sys -- (psadd)
DRV - [2010/11/04 09:40:50 | 000,105,472 | ---- | M] (ZTEMT Incorporated) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CT_ZTEMT_U_USBSER.sys -- (ztemtusbser)
DRV - [2008/04/14 12:56:50 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usb8023.sys -- (USB_RNDIS)
DRV - [2008/03/14 11:34:29 | 000,046,652 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
DRV - [2007/08/15 07:27:18 | 000,009,600 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\n558.sys -- (n558)
DRV - [2006/06/20 23:30:34 | 010,324,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snp2sxp.sys -- (SNP2STD)
DRV - [2006/02/27 19:16:20 | 000,081,408 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/01/13 14:03:22 | 000,006,016 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\IBMBLDID.sys -- (IBMTPCHK)
DRV - [2006/01/11 16:12:00 | 000,007,168 | ---- | M] () [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2005/12/29 02:52:08 | 000,013,568 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2005/12/22 06:44:58 | 000,012,544 | ---- | M] (IBM) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\ibmfilter.sys -- (ibmfilter)
DRV - [2005/12/22 03:39:50 | 000,010,240 | ---- | M] (Lenovo ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\PMHler.sys -- (PMHler)
DRV - [2005/12/13 05:38:44 | 001,124,097 | ---- | M] (Agere Systems) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/12/05 14:25:30 | 001,428,096 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w39n51.sys -- (w39n51)
DRV - [2005/11/17 09:58:32 | 000,028,928 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2005/11/08 22:57:20 | 000,011,520 | ---- | M] (IBM Corp.) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\ANC.sys -- (ANC)
DRV - [2005/11/02 07:38:00 | 000,308,992 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2005/11/02 07:24:50 | 000,051,584 | ---- | M] (REDC) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/03/30 07:32:22 | 000,116,594 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ATSwpDrv.sys -- (ATSWPDRV)
DRV - [2005/01/08 06:37:16 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.lenovo.com/us/en/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lenovo.com/us/en/
IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - No CLSID value found
IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\SearchScopes,DefaultScope = Google
IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=SGD2&o=2430&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AEK&apn_dtid=^YYYYYY^YY^IN&apn_uid=b09f941b-48cb-4123-b2d2-c2548d3da0fb&apn_sauid=BF36FAC9-72BF-4D12-AEEC-D494BEBA6979
IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\SearchScopes\Google: "URL" = http://www.google.com/search?sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8&q=%s
IE - HKU\S-1-5-21-478819399-133188022-795708605-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\navykid\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\navykid\Application Data\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\navykid\Application Data\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\navykid\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\navykid\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Documents and Settings\navykid\Local Settings\Application Data\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/01/12 00:36:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2012/09/14 23:21:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\navykid\Application Data\Mozilla\Extensions
[2012/09/14 23:21:03 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\navykid\Application Data\Mozilla\Extensions\songbird@songbirdnest.com
[2012/12/15 11:56:49 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\navykid\Application Data\Mozilla\Firefox\Profiles\4rfa366q.default\extensions
[2011/10/21 20:54:10 | 000,011,510 | ---- | M] () (No name found) -- C:\Documents and Settings\navykid\Application Data\Mozilla\Firefox\Profiles\4rfa366q.default\extensions\youtube2mp3@mondayx.de.xpi
[2013/01/12 00:34:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/01/12 00:36:57 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012/08/30 17:41:54 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/10/12 13:22:32 | 000,002,058 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://www.google.com
CHR - default_search_provider: Ask (Enabled)
CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?client=cr&src=kw&tb=SGD2&o=2430&locale=en_US&apn_uid=b09f941b-48cb-4123-b2d2-c2548d3da0fb&apn_ptnrs=%5EAEK&apn_sauid=BF36FAC9-72BF-4D12-AEEC-D494BEBA6979&apn_dtid=%5EYYYYYY%5EYY%5EIN&q={searchTerms}
CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms}
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Chrome NaCl (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gears.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2013/01/02 07:48:02 | 000,444,734 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15277 more lines...
O3 - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-478819399-133188022-795708605-1006\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe (Lenovo)
O4 - HKLM..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe (Lenovo)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe" File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [cssauthe] C:\Program Files\IBM ThinkVantage\Client Security Solution\cssauthe.exe (Lenovo Group Limited)
O4 - HKLM..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LPManager] C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE (Lenovo Group Limited)
O4 - HKLM..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe File not found
O4 - HKLM..\Run: [PMHandler] C:\WINDOWS\system32\PMHandler.exe (Lenovo)
O4 - HKLM..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" File not found
O4 - HKLM..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe (Sonix)
O4 - HKLM..\Run: [suScheduler] C:\Program Files\ThinkVantage\SystemUpdate\UCLauncher.exe ()
O4 - HKU\S-1-5-21-478819399-133188022-795708605-1006..\Run: [Facebook Update] "C:\Documents and Settings\navykid\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver File not found
O4 - HKU\S-1-5-21-478819399-133188022-795708605-1006..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKU\S-1-5-21-478819399-133188022-795708605-1006..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-478819399-133188022-795708605-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-478819399-133188022-795708605-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O9 - Extra 'Tools' menuitem : IBM Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{21B2D14D-2F2D-4B06-B4A7-B418E6D95DBE}: NameServer = 203.122.63.152,203.122.63.154
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ACNotify: DllName - (ACNotify.dll) - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll (Lenovo)
O24 - Desktop WallPaper: C:\Documents and Settings\navykid\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\navykid\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/05 00:48:46 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{28de9d93-19ee-11e2-bdb8-9d8301286e8a}\Shell - "" = AutoRun
O33 - MountPoints2\{28de9d93-19ee-11e2-bdb8-9d8301286e8a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{28de9d93-19ee-11e2-bdb8-9d8301286e8a}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{3987f559-2b3b-11e2-bdd0-0016cee56fea}\Shell - "" = AutoRun
O33 - MountPoints2\{3987f559-2b3b-11e2-bdd0-0016cee56fea}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3987f559-2b3b-11e2-bdd0-0016cee56fea}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{3987f55b-2b3b-11e2-bdd0-8d0375f7cc4d}\Shell - "" = AutoRun
O33 - MountPoints2\{3987f55b-2b3b-11e2-bdd0-8d0375f7cc4d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3987f55b-2b3b-11e2-bdd0-8d0375f7cc4d}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{3987f560-2b3b-11e2-bdd0-8d0375f7cc4d}\Shell - "" = AutoRun
O33 - MountPoints2\{3987f560-2b3b-11e2-bdd0-8d0375f7cc4d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3987f560-2b3b-11e2-bdd0-8d0375f7cc4d}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{3987f562-2b3b-11e2-bdd0-e1347ab6b46b}\Shell - "" = AutoRun
O33 - MountPoints2\{3987f562-2b3b-11e2-bdd0-e1347ab6b46b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3987f562-2b3b-11e2-bdd0-e1347ab6b46b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{93833713-cb39-11e1-bd72-af996ced8b5a}\Shell - "" = AutoRun
O33 - MountPoints2\{93833713-cb39-11e1-bd72-af996ced8b5a}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{93833713-cb39-11e1-bd72-af996ced8b5a}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\Z\Shell - "" = AutoRun
O33 - MountPoints2\Z\Shell\Auto\command - "" = Z:\setup.exe
O33 - MountPoints2\Z\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\Z\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/01/12 00:37:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\navykid\Desktop\OTL.exe
[2013/01/12 00:34:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/01/10 02:13:56 | 000,000,000 | --SD | C] -- C:\freshcopy25935f
[2013/01/10 01:46:33 | 000,000,000 | --SD | C] -- C:\freshcopy
[2013/01/10 00:54:26 | 001,754,528 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\navykid\Desktop\iExplore.exe
[2013/01/10 00:51:17 | 005,019,950 | R--- | C] (Swearware) -- C:\Documents and Settings\navykid\Desktop\freshcopy.exe
[2013/01/09 21:56:00 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/01/09 21:49:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/01/09 21:49:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/01/09 21:49:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/01/09 21:49:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/01/09 21:49:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/01/09 21:48:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/01/09 21:42:33 | 001,754,528 | ---- | C] (Bleeping Computer, LLC) -- C:\Documents and Settings\navykid\Desktop\rkill.exe
[2013/01/09 21:38:22 | 005,019,950 | R--- | C] (Swearware) -- C:\Documents and Settings\navykid\Desktop\ComboFix.exe
[2013/01/03 23:39:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\navykid\My Documents\TheRecipe
[2013/01/03 23:39:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\navykid\My Documents\GoodKidMAADCityCd1
[2013/01/03 23:39:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\navykid\My Documents\WakingSeason
[2013/01/03 23:39:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\navykid\My Documents\TheBestOfBhimsenJoshi
[2013/01/03 23:39:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\navykid\My Documents\TheLastWordInHindustaniVocalKumarGandharva
[2013/01/03 23:32:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FlyteDownloadManager
[2013/01/03 23:32:19 | 000,000,000 | ---D | C] -- C:\Program Files\FlyteDownloadManager
[2013/01/02 21:33:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\navykid\My Documents\My Videos
[2013/01/02 21:33:39 | 000,000,000 | R--D | C] -- C:\Documents and Settings\navykid\Start Menu\Programs\Administrative Tools
[2013/01/02 21:31:35 | 000,688,992 | R--- | C] (Swearware) -- C:\Documents and Settings\navykid\Desktop\dds.com
[2013/01/02 07:09:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2013/01/02 07:07:36 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/01/12 01:26:09 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/12 01:23:36 | 000,000,319 | RHS- | M] () -- C:\BOOT.INI
[2013/01/12 00:59:29 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/12 00:43:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/12 00:42:01 | 000,000,986 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-478819399-133188022-795708605-1006UA.job
[2013/01/12 00:37:29 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\navykid\Desktop\OTL.exe
[2013/01/12 00:29:48 | 000,445,044 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/12 00:29:48 | 000,072,754 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/12 00:13:00 | 000,001,006 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-478819399-133188022-795708605-1006UA.job
[2013/01/12 00:13:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-478819399-133188022-795708605-1006Core.job
[2013/01/11 23:19:24 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/01/10 02:09:08 | 000,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/01/10 00:55:09 | 001,754,528 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\navykid\Desktop\iExplore.exe
[2013/01/10 00:53:45 | 005,019,950 | R--- | M] (Swearware) -- C:\Documents and Settings\navykid\Desktop\freshcopy.exe
[2013/01/09 21:44:07 | 001,754,528 | ---- | M] (Bleeping Computer, LLC) -- C:\Documents and Settings\navykid\Desktop\rkill.exe
[2013/01/09 21:42:12 | 005,019,950 | R--- | M] (Swearware) -- C:\Documents and Settings\navykid\Desktop\ComboFix.exe
[2013/01/07 22:42:03 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-478819399-133188022-795708605-1006Core.job
[2013/01/05 07:35:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013/01/04 01:38:36 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\FkDownloadPart.part
[2013/01/03 23:41:47 | 000,000,114 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\FkPreferences.inf
[2013/01/02 21:32:05 | 000,688,992 | R--- | M] (Swearware) -- C:\Documents and Settings\navykid\Desktop\dds.com
[2013/01/02 21:09:15 | 000,000,184 | ---- | M] () -- C:\Boot.bak
[2013/01/02 20:43:20 | 000,001,394 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2013/01/02 07:48:02 | 000,444,734 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/12/30 02:42:03 | 003,122,909 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\19581200-AW-DelicateBalanceOfTerror-Unabridged.pdf
[2012/12/23 17:55:13 | 000,228,352 | ---- | M] () -- C:\Documents and Settings\navykid\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/22 15:33:18 | 000,380,040 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/12/21 22:52:23 | 001,004,812 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\OMR PAPER III.pdf
[2012/12/21 22:52:13 | 001,105,621 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\OMR PAPER- I & II.pdf
[2012/12/21 22:51:14 | 000,022,047 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\Directions for candidates for the exam.pdf
[2012/12/21 22:29:21 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/12/21 22:29:18 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/12/18 13:11:34 | 000,011,003 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\121212_EAS_guest_Lecturer.pdf
[2012/12/16 17:53:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 17:53:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/15 12:00:40 | 000,374,399 | ---- | M] () -- C:\Documents and Settings\navykid\My Documents\11.pdf
[2012/12/13 03:17:47 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/01/10 01:12:23 | 000,000,958 | ---- | C] () -- C:\Documents and Settings\navykid\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
[2013/01/09 21:56:08 | 000,000,184 | ---- | C] () -- C:\Boot.bak
[2013/01/09 21:56:04 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2013/01/09 21:49:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/01/09 21:49:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/01/09 21:49:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/01/09 21:49:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/01/09 21:49:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/01/03 23:37:09 | 000,018,432 | ---- | C] () -- C:\Documents and Settings\navykid\My Documents\FkDownloadPart.part
[2012/12/30 02:42:00 | 003,122,909 | ---- | C] () -- C:\Documents and Settings\navykid\My Documents\19581200-AW-DelicateBalanceOfTerror-Unabridged.pdf
[2012/12/21 22:52:18 | 001,004,812 | ---- | C] () -- C:\Documents and Settings\navykid\My Documents\OMR PAPER III.pdf
[2012/12/21 22:52:04 | 001,105,621 | ---- | C] () -- C:\Documents and Settings\navykid\My Documents\OMR PAPER- I & II.pdf
[2012/12/21 22:51:14 | 000,022,047 | ---- | C] () -- C:\Documents and Settings\navykid\My Documents\Directions for candidates for the exam.pdf
[2012/12/18 13:11:34 | 000,011,003 | ---- | C] () -- C:\Documents and Settings\navykid\My Documents\121212_EAS_guest_Lecturer.pdf
[2012/12/15 12:00:40 | 000,374,399 | ---- | C] () -- C:\Documents and Settings\navykid\My Documents\11.pdf
[2012/09/28 13:32:30 | 000,301,131 | ---- | C] () -- C:\Documents and Settings\navykid\DELUDAI
[2012/09/26 20:57:16 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/09/15 18:48:42 | 000,068,664 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/08/25 05:23:52 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/06/20 18:36:29 | 000,120,902 | ---- | C] () -- C:\Documents and Settings\navykid\1
[2012/01/28 10:56:48 | 000,000,088 | RHS- | C] () -- C:\WINDOWS\System32\14818684E0.sys
[2012/01/28 10:56:47 | 000,003,350 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2011/11/13 22:41:57 | 000,000,137 | ---- | C] () -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\fusioncache.dat
[2011/08/19 17:03:43 | 000,000,034 | -H-- | C] () -- C:\WINDOWS\System32\Converter_sysquict.dat
[2011/07/04 18:31:35 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\navykid\Local Settings\Application Data\{3297F402-F145-4668-B7D7-868F9356D469}
[2011/05/15 20:08:27 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\navykid\Local Settings\Application Data\{15F7018A-D10B-4545-8412-E5DF698E4171}
[2011/04/29 11:31:33 | 000,228,352 | ---- | C] () -- C:\Documents and Settings\navykid\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/04/29 09:28:43 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/05 00:48:41 | 000,000,130 | ---- | C] () -- C:\Documents and Settings\navykid\Local Settings\Application Data\fusioncache.dat
[2011/01/14 03:18:18 | 000,002,481 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2011/01/14 03:03:25 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2011/01/14 03:02:39 | 000,006,016 | ---- | C] () -- C:\WINDOWS\System32\drivers\IBMBLDID.sys
[2011/01/14 02:58:44 | 000,032,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\psasrv.exe
[2011/01/14 02:47:29 | 000,114,688 | ---- | C] () -- C:\WINDOWS\desktopset.exe
[2011/01/14 02:47:15 | 000,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2011/01/14 02:45:26 | 000,001,394 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2011/01/14 02:34:59 | 010,324,864 | ---- | C] () -- C:\WINDOWS\System32\drivers\snp2sxp.sys
[2011/01/14 02:34:59 | 000,126,976 | ---- | C] () -- C:\WINDOWS\tsnp2std.exe
[2011/01/14 02:34:59 | 000,122,880 | ---- | C] ( ) -- C:\WINDOWS\rsnp2std.dll
[2011/01/14 02:34:59 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp2std.dll
[2011/01/14 02:34:59 | 000,024,832 | ---- | C] () -- C:\WINDOWS\System32\drivers\sncamd.sys
[2011/01/14 02:34:59 | 000,015,497 | ---- | C] () -- C:\WINDOWS\snp2std.ini

========== ZeroAccess Check ==========

[2011/01/14 02:27:34 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012/10/31 17:03:26 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 17:40:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/14 18:12:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== Alternate Data Streams ==========

@Alternate Data Stream - 192 bytes -> C:\WINDOWS:nlsPreferences
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:CC02DF48

< End of report >




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users