Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Search Engine Redirect problem


  • Please log in to reply
14 replies to this topic

#1 MToby

MToby

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 01:52 AM

Hi,

I'm looking for help removing a search engine redirect virus. I've done the following:

- Verified the hosts file is clean.
- Verified that there was no unusual DNS servers
- Ran MalwareBytes
- Ran TDSSKiller (Nothing found)
- Used MSConfig to disable all startup
- Emptied out the temp folders and temporary internet folders
- Uninstalled and reinstalled IE 8.

I continue to get redirected when using a search engine to locate a site. I've tried several different search engines.

Nothing seems to stop this virus and I can't find anything to identify the virus further.

Any help that can be provided would be greatly appreciated.

Thanks,

Mark

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:16 PM

Posted 31 January 2013 - 01:57 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here.If you get crashes in normal mode,run it in safemode with networking

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 MToby

MToby
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 10:01 AM

TDSSKiller Log:

07:03:13.0171 0564 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
07:03:13.0593 0564 ============================================================
07:03:13.0593 0564 Current date / time: 2013/01/31 07:03:13.0593
07:03:13.0593 0564 SystemInfo:
07:03:13.0593 0564
07:03:13.0593 0564 OS Version: 5.1.2600 ServicePack: 3.0
07:03:13.0593 0564 Product type: Workstation
07:03:13.0593 0564 ComputerName: CRASH
07:03:13.0593 0564 UserName: john
07:03:13.0593 0564 Windows directory: C:\WINNT
07:03:13.0593 0564 System windows directory: C:\WINNT
07:03:13.0593 0564 Processor architecture: Intel x86
07:03:13.0593 0564 Number of processors: 2
07:03:13.0593 0564 Page size: 0x1000
07:03:13.0593 0564 Boot type: Normal boot
07:03:13.0593 0564 ============================================================
07:03:18.0578 0564 Drive \Device\Harddisk0\DR0 - Size: 0x262AE80000 (152.67 Gb), SectorSize: 0x200, Cylinders: 0x4DD9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:03:18.0687 0564 ============================================================
07:03:18.0687 0564 \Device\Harddisk0\DR0:
07:03:18.0687 0564 MBR partitions:
07:03:18.0687 0564 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE664CFF
07:03:18.0687 0564 ============================================================
07:03:20.0203 0564 C: <-> \Device\Harddisk0\DR0\Partition1
07:03:20.0203 0564 ============================================================
07:03:20.0203 0564 Initialize success
07:03:20.0203 0564 ============================================================
07:03:38.0343 1864 ============================================================
07:03:38.0343 1864 Scan started
07:03:38.0343 1864 Mode: Manual; TDLFS;
07:03:38.0343 1864 ============================================================
07:03:41.0296 1864 ================ Scan system memory ========================
07:03:41.0296 1864 System memory - ok
07:03:41.0296 1864 ================ Scan services =============================
07:03:41.0421 1864 [ 914A9709FC3BF419AD2F85547F2A4832 ] 61883 C:\WINNT\system32\DRIVERS\61883.sys
07:03:41.0421 1864 61883 - ok
07:03:41.0437 1864 Abiosdsk - ok
07:03:41.0453 1864 abp480n5 - ok
07:03:41.0562 1864 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
07:03:41.0562 1864 ACDaemon - ok
07:03:41.0593 1864 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINNT\system32\DRIVERS\ACPI.sys
07:03:41.0593 1864 ACPI - ok
07:03:41.0625 1864 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINNT\system32\drivers\ACPIEC.sys
07:03:41.0640 1864 ACPIEC - ok
07:03:41.0718 1864 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\WINNT\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:03:41.0718 1864 AdobeFlashPlayerUpdateSvc - ok
07:03:41.0734 1864 adpu160m - ok
07:03:41.0765 1864 [ E696E749BEDCDA8B23757B8B5EA93780 ] aeaudio C:\WINNT\system32\drivers\aeaudio.sys
07:03:41.0781 1864 aeaudio - ok
07:03:41.0828 1864 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINNT\system32\drivers\aec.sys
07:03:41.0828 1864 aec - ok
07:03:41.0875 1864 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINNT\System32\drivers\afd.sys
07:03:41.0875 1864 AFD - ok
07:03:41.0890 1864 Aha154x - ok
07:03:41.0906 1864 aic116x - ok
07:03:41.0906 1864 aic78u2 - ok
07:03:41.0921 1864 aic78xx - ok
07:03:41.0953 1864 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINNT\system32\alrsvc.dll
07:03:41.0953 1864 Alerter - ok
07:03:41.0984 1864 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINNT\System32\alg.exe
07:03:41.0984 1864 ALG - ok
07:03:42.0000 1864 AliIde - ok
07:03:42.0000 1864 ami0nt - ok
07:03:42.0015 1864 amsint - ok
07:03:42.0078 1864 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:03:42.0078 1864 Apple Mobile Device - ok
07:03:42.0125 1864 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINNT\System32\appmgmts.dll
07:03:42.0125 1864 AppMgmt - ok
07:03:42.0140 1864 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINNT\system32\DRIVERS\arp1394.sys
07:03:42.0140 1864 Arp1394 - ok
07:03:42.0171 1864 [ 875F9079CABEE679D34B49E466B61701 ] ASAPIW2k C:\WINNT\system32\Drivers\ASAPIW2K.sys
07:03:42.0171 1864 ASAPIW2k - ok
07:03:42.0187 1864 asc - ok
07:03:42.0187 1864 asc3350p - ok
07:03:42.0203 1864 asc3550 - ok
07:03:42.0296 1864 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINNT\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:03:42.0359 1864 aspnet_state - ok
07:03:42.0390 1864 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINNT\system32\DRIVERS\asyncmac.sys
07:03:42.0390 1864 AsyncMac - ok
07:03:42.0421 1864 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINNT\system32\DRIVERS\atapi.sys
07:03:42.0421 1864 atapi - ok
07:03:42.0437 1864 Atdisk - ok
07:03:42.0453 1864 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINNT\system32\DRIVERS\atmarpc.sys
07:03:42.0468 1864 Atmarpc - ok
07:03:42.0515 1864 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINNT\System32\audiosrv.dll
07:03:42.0531 1864 AudioSrv - ok
07:03:42.0546 1864 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINNT\system32\DRIVERS\audstub.sys
07:03:42.0578 1864 audstub - ok
07:03:42.0625 1864 [ 0723C449B15CDA9A1C1FE91E0A969E48 ] Ausbflt C:\WINNT\system32\Drivers\Ausbflt.sys
07:03:42.0625 1864 Ausbflt - ok
07:03:42.0656 1864 [ F8E6956A614F15A0860474C5E2A7DE6B ] Avc C:\WINNT\system32\DRIVERS\avc.sys
07:03:42.0671 1864 Avc - ok
07:03:42.0718 1864 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINNT\system32\drivers\Beep.sys
07:03:42.0734 1864 Beep - ok
07:03:42.0843 1864 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINNT\system32\qmgr.dll
07:03:43.0828 1864 BITS - ok
07:03:44.0031 1864 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:03:44.0031 1864 Bonjour Service - ok
07:03:44.0078 1864 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINNT\System32\browser.dll
07:03:44.0078 1864 Browser - ok
07:03:44.0093 1864 BusLogic - ok
07:03:44.0125 1864 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINNT\system32\drivers\cbidf2k.sys
07:03:44.0125 1864 cbidf2k - ok
07:03:44.0171 1864 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINNT\system32\DRIVERS\CCDECODE.sys
07:03:44.0171 1864 CCDECODE - ok
07:03:44.0187 1864 cd20xrnt - ok
07:03:44.0218 1864 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINNT\system32\drivers\Cdaudio.sys
07:03:44.0250 1864 Cdaudio - ok
07:03:44.0296 1864 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINNT\system32\drivers\Cdfs.sys
07:03:44.0296 1864 Cdfs - ok
07:03:44.0328 1864 [ 9880F86F4261699273F818AE50216B8C ] Cdr4_2K C:\WINNT\system32\drivers\Cdr4_2K.sys
07:03:44.0343 1864 Cdr4_2K - ok
07:03:44.0390 1864 [ 579DA2F9F5401F55DAE2CF8779D61DFC ] Cdralw2k C:\WINNT\system32\drivers\Cdralw2k.sys
07:03:44.0390 1864 Cdralw2k - ok
07:03:44.0578 1864 [ 4B0A100EAF5C49EF3CCA8C641431EACC ] Cdrom C:\WINNT\system32\DRIVERS\cdrom.sys
07:03:44.0578 1864 Cdrom - ok
07:03:44.0640 1864 [ 57479E5BF0B7B97112354E5ECA8EEFB1 ] cfwids C:\WINNT\system32\drivers\cfwids.sys
07:03:44.0656 1864 cfwids - ok
07:03:44.0656 1864 Changer - ok
07:03:44.0703 1864 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINNT\system32\cisvc.exe
07:03:44.0703 1864 cisvc - ok
07:03:44.0765 1864 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINNT\system32\clipsrv.exe
07:03:44.0781 1864 ClipSrv - ok
07:03:44.0828 1864 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINNT\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:03:44.0968 1864 clr_optimization_v2.0.50727_32 - ok
07:03:45.0125 1864 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINNT\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:03:45.0140 1864 clr_optimization_v4.0.30319_32 - ok
07:03:45.0156 1864 CmdIde - ok
07:03:45.0187 1864 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINNT\system32\DRIVERS\compbatt.sys
07:03:45.0187 1864 Compbatt - ok
07:03:45.0203 1864 COMSysApp - ok
07:03:45.0218 1864 Cpqarray - ok
07:03:45.0234 1864 cpqarry2 - ok
07:03:45.0250 1864 cpqfcalm - ok
07:03:45.0250 1864 cpqfws2e - ok
07:03:45.0453 1864 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
07:03:45.0468 1864 cpudrv - ok
07:03:45.0515 1864 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINNT\System32\cryptsvc.dll
07:03:45.0531 1864 CryptSvc - ok
07:03:45.0546 1864 dac2w2k - ok
07:03:45.0546 1864 dac960nt - ok
07:03:45.0609 1864 [ 5118EA8A2F55FA4D4295516500B78229 ] DCamUSBEMPIA C:\WINNT\system32\DRIVERS\emDevice.sys
07:03:45.0765 1864 DCamUSBEMPIA - ok
07:03:46.0000 1864 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINNT\system32\rpcss.dll
07:03:46.0031 1864 DcomLaunch - ok
07:03:46.0046 1864 deckzpsx - ok
07:03:46.0093 1864 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINNT\System32\dhcpcsvc.dll
07:03:46.0125 1864 Dhcp - ok
07:03:46.0140 1864 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINNT\system32\DRIVERS\disk.sys
07:03:46.0156 1864 Disk - ok
07:03:46.0234 1864 [ E2D0DE31442390C35E3163C87CB6A9EB ] DLABOIOM C:\WINNT\system32\DLA\DLABOIOM.SYS
07:03:46.0265 1864 DLABOIOM - ok
07:03:46.0296 1864 [ D979BEBCF7EDCC9C9EE1857D1A68C67B ] DLACDBHM C:\WINNT\system32\Drivers\DLACDBHM.SYS
07:03:46.0296 1864 DLACDBHM - ok
07:03:46.0375 1864 [ 83545593E297F50A8E2524B4C071A153 ] DLADResN C:\WINNT\system32\DLA\DLADResN.SYS
07:03:46.0406 1864 DLADResN - ok
07:03:46.0453 1864 [ 96E01D901CDC98C7817155CC057001BF ] DLAIFS_M C:\WINNT\system32\DLA\DLAIFS_M.SYS
07:03:46.0453 1864 DLAIFS_M - ok
07:03:46.0484 1864 [ 0A60A39CC5E767980A31CA5D7238DFA9 ] DLAOPIOM C:\WINNT\system32\DLA\DLAOPIOM.SYS
07:03:46.0500 1864 DLAOPIOM - ok
07:03:46.0515 1864 [ 9FE2B72558FC808357F427FD83314375 ] DLAPoolM C:\WINNT\system32\DLA\DLAPoolM.SYS
07:03:46.0531 1864 DLAPoolM - ok
07:03:46.0546 1864 [ 7EE0852AE8907689DF25049DCD2342E8 ] DLARTL_N C:\WINNT\system32\Drivers\DLARTL_N.SYS
07:03:46.0562 1864 DLARTL_N - ok
07:03:46.0578 1864 [ F08E1DAFAC457893399E03430A6A1397 ] DLAUDFAM C:\WINNT\system32\DLA\DLAUDFAM.SYS
07:03:46.0578 1864 DLAUDFAM - ok
07:03:46.0609 1864 [ E7D105ED1E694449D444A9933DF8E060 ] DLAUDF_M C:\WINNT\system32\DLA\DLAUDF_M.SYS
07:03:46.0625 1864 DLAUDF_M - ok
07:03:46.0625 1864 dmadmin - ok
07:03:46.0781 1864 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINNT\system32\drivers\dmboot.sys
07:03:46.0812 1864 dmboot - ok
07:03:47.0234 1864 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINNT\system32\DRIVERS\dmio.sys
07:03:47.0281 1864 dmio - ok
07:03:47.0312 1864 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINNT\system32\drivers\dmload.sys
07:03:47.0312 1864 dmload - ok
07:03:47.0343 1864 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINNT\System32\dmserver.dll
07:03:47.0343 1864 dmserver - ok
07:03:47.0390 1864 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINNT\system32\drivers\DMusic.sys
07:03:47.0406 1864 DMusic - ok
07:03:47.0437 1864 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINNT\System32\dnsrslvr.dll
07:03:47.0453 1864 Dnscache - ok
07:03:47.0515 1864 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINNT\System32\dot3svc.dll
07:03:47.0515 1864 Dot3svc - ok
07:03:47.0531 1864 dpti2o - ok
07:03:47.0562 1864 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINNT\system32\drivers\drmkaud.sys
07:03:47.0562 1864 drmkaud - ok
07:03:47.0593 1864 [ FD0F95981FEF9073659D8EC58E40AA3C ] drvmcdb C:\WINNT\system32\Drivers\DRVMCDB.SYS
07:03:47.0625 1864 drvmcdb - ok
07:03:47.0671 1864 [ B4869D320428CDC5EC4D7F5E808E99B5 ] drvnddm C:\WINNT\system32\Drivers\DRVNDDM.SYS
07:03:47.0671 1864 drvnddm - ok
07:03:47.0734 1864 [ 98B46B331404A951CABAD8B4877E1276 ] E100B C:\WINNT\system32\DRIVERS\e100b325.sys
07:03:47.0750 1864 E100B - ok
07:03:47.0781 1864 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINNT\System32\eapsvc.dll
07:03:47.0781 1864 EapHost - ok
07:03:47.0796 1864 EFS - ok
07:03:47.0843 1864 [ FFA45148A2D5D05DBB3C0997E579FC9C ] emAudio C:\WINNT\system32\drivers\emAudio.sys
07:03:47.0843 1864 emAudio - ok
07:03:47.0921 1864 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINNT\System32\ersvc.dll
07:03:47.0921 1864 ERSvc - ok
07:03:47.0984 1864 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINNT\system32\services.exe
07:03:48.0000 1864 Eventlog - ok
07:03:48.0187 1864 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINNT\system32\es.dll
07:03:48.0203 1864 EventSystem - ok
07:03:48.0375 1864 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINNT\system32\drivers\Fastfat.sys
07:03:48.0375 1864 Fastfat - ok
07:03:48.0437 1864 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINNT\System32\shsvcs.dll
07:03:48.0468 1864 FastUserSwitchingCompatibility - ok
07:03:48.0578 1864 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINNT\system32\fxssvc.exe
07:03:48.0640 1864 Fax - ok
07:03:48.0640 1864 Fd16_700 - ok
07:03:48.0687 1864 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINNT\system32\DRIVERS\fdc.sys
07:03:48.0703 1864 Fdc - ok
07:03:48.0765 1864 [ 6F87E4706F59463B74BC4FAD0F67338F ] FiltUSBEMPIA C:\WINNT\system32\DRIVERS\emFilter.sys
07:03:48.0781 1864 FiltUSBEMPIA - ok
07:03:48.0812 1864 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINNT\system32\drivers\Fips.sys
07:03:48.0828 1864 Fips - ok
07:03:48.0843 1864 fireport - ok
07:03:48.0859 1864 flashpnt - ok
07:03:48.0984 1864 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINNT\system32\DRIVERS\flpydisk.sys
07:03:49.0015 1864 Flpydisk - ok
07:03:49.0250 1864 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINNT\system32\drivers\fltmgr.sys
07:03:49.0265 1864 FltMgr - ok
07:03:49.0609 1864 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINNT\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:03:49.0656 1864 FontCache3.0.0.0 - ok
07:03:49.0859 1864 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINNT\system32\drivers\Fs_Rec.sys
07:03:49.0890 1864 Fs_Rec - ok
07:03:49.0953 1864 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINNT\system32\DRIVERS\ftdisk.sys
07:03:50.0015 1864 Ftdisk - ok
07:03:50.0125 1864 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\WINNT\system32\DRIVERS\GEARAspiWDM.sys
07:03:50.0156 1864 GEARAspiWDM - ok
07:03:50.0218 1864 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINNT\system32\DRIVERS\msgpc.sys
07:03:50.0234 1864 Gpc - ok
07:03:50.0390 1864 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
07:03:50.0437 1864 gupdate - ok
07:03:50.0437 1864 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
07:03:50.0437 1864 gupdatem - ok
07:03:50.0484 1864 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:03:50.0500 1864 gusvc - ok
07:03:50.0578 1864 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINNT\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:03:50.0593 1864 helpsvc - ok
07:03:50.0625 1864 [ 748031FF4FE45CCC47546294905FEAB8 ] HidBatt C:\WINNT\system32\DRIVERS\HidBatt.sys
07:03:50.0625 1864 HidBatt - ok
07:03:50.0671 1864 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINNT\System32\hidserv.dll
07:03:50.0671 1864 HidServ - ok
07:03:50.0687 1864 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINNT\system32\DRIVERS\hidusb.sys
07:03:50.0718 1864 HidUsb - ok
07:03:50.0781 1864 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINNT\System32\kmsvc.dll
07:03:50.0781 1864 hkmsvc - ok
07:03:50.0796 1864 hpn - ok
07:03:51.0093 1864 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINNT\system32\DRIVERS\HPZid412.sys
07:03:51.0093 1864 HPZid412 - ok
07:03:51.0125 1864 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINNT\system32\DRIVERS\HPZipr12.sys
07:03:51.0140 1864 HPZipr12 - ok
07:03:51.0156 1864 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINNT\system32\DRIVERS\HPZius12.sys
07:03:51.0156 1864 HPZius12 - ok
07:03:51.0203 1864 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINNT\system32\Drivers\HTTP.sys
07:03:51.0203 1864 HTTP - ok
07:03:51.0250 1864 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINNT\System32\w3ssl.dll
07:03:51.0265 1864 HTTPFilter - ok
07:03:51.0265 1864 i2omgmt - ok
07:03:51.0281 1864 i2omp - ok
07:03:51.0312 1864 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINNT\system32\DRIVERS\i8042prt.sys
07:03:51.0312 1864 i8042prt - ok
07:03:51.0359 1864 [ 1406D6EF4436AEE970EFE13193123965 ] ialm C:\WINNT\system32\DRIVERS\ialmnt5.sys
07:03:51.0390 1864 ialm - ok
07:03:51.0468 1864 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
07:03:51.0484 1864 IDriverT - ok
07:03:51.0562 1864 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:03:51.0609 1864 idsvc - ok
07:03:51.0656 1864 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINNT\system32\DRIVERS\imapi.sys
07:03:51.0656 1864 Imapi - ok
07:03:51.0703 1864 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINNT\system32\imapi.exe
07:03:51.0718 1864 ImapiService - ok
07:03:51.0796 1864 [ 23F4A731DECEEC48C2A5BF94EA0CA186 ] imonNT C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe
07:03:51.0812 1864 imonNT - ok
07:03:51.0828 1864 ini910u - ok
07:03:51.0921 1864 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINNT\system32\DRIVERS\intelide.sys
07:03:51.0921 1864 IntelIde - ok
07:03:51.0937 1864 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINNT\system32\DRIVERS\intelppm.sys
07:03:51.0937 1864 intelppm - ok
07:03:51.0968 1864 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINNT\system32\drivers\ip6fw.sys
07:03:52.0000 1864 Ip6Fw - ok
07:03:52.0125 1864 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINNT\system32\DRIVERS\ipfltdrv.sys
07:03:52.0125 1864 IpFilterDriver - ok
07:03:52.0156 1864 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINNT\system32\DRIVERS\ipinip.sys
07:03:52.0156 1864 IpInIp - ok
07:03:52.0187 1864 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINNT\system32\DRIVERS\ipnat.sys
07:03:52.0203 1864 IpNat - ok
07:03:52.0281 1864 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
07:03:52.0312 1864 iPod Service - ok
07:03:52.0343 1864 [ 23C74D75E36E7158768DD63D92789A91 ] IPSEC C:\WINNT\system32\DRIVERS\ipsec.sys
07:03:52.0343 1864 IPSEC - ok
07:03:52.0343 1864 ipsraidn - ok
07:03:52.0390 1864 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINNT\system32\DRIVERS\irenum.sys
07:03:52.0390 1864 IRENUM - ok
07:03:52.0406 1864 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINNT\system32\DRIVERS\isapnp.sys
07:03:52.0406 1864 isapnp - ok
07:03:52.0453 1864 [ 13735D3452B619463F46B38B84D7D6AA ] iSMBIOS C:\WINNT\system32\drivers\iSMBIOS.SYS
07:03:52.0453 1864 iSMBIOS - ok
07:03:52.0562 1864 [ 691B9B7C0CC1653732717D292D6B305D ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
07:03:52.0562 1864 JavaQuickStarterService - ok
07:03:52.0593 1864 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINNT\system32\DRIVERS\kbdclass.sys
07:03:52.0593 1864 Kbdclass - ok
07:03:52.0609 1864 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINNT\system32\DRIVERS\kbdhid.sys
07:03:52.0609 1864 kbdhid - ok
07:03:52.0640 1864 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINNT\system32\drivers\kmixer.sys
07:03:52.0640 1864 kmixer - ok
07:03:52.0671 1864 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINNT\system32\drivers\KSecDD.sys
07:03:52.0671 1864 KSecDD - ok
07:03:52.0703 1864 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINNT\System32\srvsvc.dll
07:03:52.0718 1864 lanmanserver - ok
07:03:52.0765 1864 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINNT\System32\wkssvc.dll
07:03:52.0765 1864 lanmanworkstation - ok
07:03:52.0781 1864 lbrtfdc - ok
07:03:52.0843 1864 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINNT\System32\lmhsvc.dll
07:03:52.0843 1864 LmHosts - ok
07:03:52.0859 1864 lp6nds35 - ok
07:03:52.0937 1864 [ 269C14D512B74CC28D2812FF7D1EB066 ] MarvinBus C:\WINNT\system32\DRIVERS\MarvinBus.sys
07:03:52.0937 1864 MarvinBus - ok
07:03:53.0015 1864 [ ECAB006AC6136F1307E140B633CDB8C2 ] mcmscsvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
07:03:53.0015 1864 mcmscsvc - ok
07:03:53.0031 1864 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNaiAnn C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
07:03:53.0031 1864 McNaiAnn - ok
07:03:53.0109 1864 [ ECAB006AC6136F1307E140B633CDB8C2 ] McNASvc C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
07:03:53.0109 1864 McNASvc - ok
07:03:53.0359 1864 [ C7DA06C9A9AEEFBE37AAC281EA6385D5 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
07:03:53.0390 1864 McODS - ok
07:03:53.0406 1864 [ ECAB006AC6136F1307E140B633CDB8C2 ] McProxy C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
07:03:53.0406 1864 McProxy - ok
07:03:53.0453 1864 [ FDDE814145D01A986A10FE1EA5959B9F ] McShield C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
07:03:53.0468 1864 McShield - ok
07:03:53.0515 1864 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINNT\System32\msgsvc.dll
07:03:53.0515 1864 Messenger - ok
07:03:53.0562 1864 [ 449C611308F52932C85468BA0E91B4A7 ] mfeapfk C:\WINNT\system32\drivers\mfeapfk.sys
07:03:53.0562 1864 mfeapfk - ok
07:03:53.0625 1864 [ 080C59E365B358551B819836658FDE42 ] mfeavfk C:\WINNT\system32\drivers\mfeavfk.sys
07:03:53.0625 1864 mfeavfk - ok
07:03:53.0640 1864 mfeavfk01 - ok
07:03:53.0687 1864 [ 0DBCB0C95196B3D12D550426DB683867 ] mfebopk C:\WINNT\system32\drivers\mfebopk.sys
07:03:53.0687 1864 mfebopk - ok
07:03:53.0718 1864 [ D3AA7664DE86FDB2125F48D393A486B3 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
07:03:53.0734 1864 mfefire - ok
07:03:53.0765 1864 [ 8776B9E3DC1F2B0F6BA7CDC66F51B201 ] mfefirek C:\WINNT\system32\drivers\mfefirek.sys
07:03:53.0781 1864 mfefirek - ok
07:03:53.0828 1864 [ 5702E118D70A9EE95B6A5D9230076EFC ] mfehidk C:\WINNT\system32\drivers\mfehidk.sys
07:03:53.0843 1864 mfehidk - ok
07:03:53.0859 1864 [ D2F6535E5977DECF0EAED651CFAEC3F0 ] mfendisk C:\WINNT\system32\DRIVERS\mfendisk.sys
07:03:53.0875 1864 mfendisk - ok
07:03:53.0875 1864 [ D2F6535E5977DECF0EAED651CFAEC3F0 ] mfendiskmp C:\WINNT\system32\DRIVERS\mfendisk.sys
07:03:53.0875 1864 mfendiskmp - ok
07:03:53.0921 1864 [ FAD22AA17DA864C3B56E24603E0F067F ] mferkdet C:\WINNT\system32\drivers\mferkdet.sys
07:03:53.0937 1864 mferkdet - ok
07:03:53.0937 1864 mferkdk - ok
07:03:53.0984 1864 [ A3062192D95688A1AA8FBEE2AA9986AC ] mfetdi2k C:\WINNT\system32\drivers\mfetdi2k.sys
07:03:54.0015 1864 mfetdi2k - ok
07:03:54.0140 1864 [ AB2D7F16A9745C41297752AB07C98F46 ] mfevtp C:\WINNT\system32\mfevtps.exe
07:03:54.0156 1864 mfevtp - ok
07:03:54.0187 1864 [ 63C34814492AA65FC517B002DE77B191 ] MidiSyn C:\WINNT\system32\drivers\MidiSyn.sys
07:03:54.0187 1864 MidiSyn - ok
07:03:54.0265 1864 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINNT\system32\drivers\mnmdd.sys
07:03:54.0281 1864 mnmdd - ok
07:03:54.0484 1864 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINNT\System32\mnmsrvc.exe
07:03:54.0484 1864 mnmsrvc - ok
07:03:54.0531 1864 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINNT\system32\drivers\Modem.sys
07:03:54.0531 1864 Modem - ok
07:03:54.0562 1864 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINNT\system32\DRIVERS\mouclass.sys
07:03:54.0593 1864 Mouclass - ok
07:03:54.0609 1864 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINNT\system32\DRIVERS\mouhid.sys
07:03:54.0609 1864 mouhid - ok
07:03:54.0656 1864 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINNT\system32\drivers\MountMgr.sys
07:03:54.0687 1864 MountMgr - ok
07:03:54.0750 1864 [ C0F8E0C2C3C0437CF37C6781896DC3EC ] MPE C:\WINNT\system32\DRIVERS\MPE.sys
07:03:54.0750 1864 MPE - ok
07:03:54.0812 1864 [ 9D831A35657155BD3B79CBB1EBE5462E ] MR97310_VGA_DUAL_CAMERA C:\WINNT\system32\DRIVERS\mr97310v.sys
07:03:54.0890 1864 MR97310_VGA_DUAL_CAMERA - ok
07:03:54.0906 1864 mraid35x - ok
07:03:54.0968 1864 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINNT\system32\DRIVERS\mrxdav.sys
07:03:54.0968 1864 MRxDAV - ok
07:03:55.0046 1864 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINNT\system32\DRIVERS\mrxsmb.sys
07:03:55.0140 1864 MRxSmb - ok
07:03:55.0250 1864 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINNT\System32\msdtc.exe
07:03:55.0250 1864 MSDTC - ok
07:03:55.0296 1864 [ 1477849772712BAC69C144DCF2C9CE81 ] MSDV C:\WINNT\system32\DRIVERS\msdv.sys
07:03:55.0312 1864 MSDV - ok
07:03:55.0343 1864 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINNT\system32\drivers\Msfs.sys
07:03:55.0343 1864 Msfs - ok
07:03:55.0359 1864 MSIServer - ok
07:03:55.0421 1864 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINNT\system32\drivers\MSKSSRV.sys
07:03:55.0671 1864 MSKSSRV - ok
07:03:55.0781 1864 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINNT\system32\drivers\MSPCLOCK.sys
07:03:55.0796 1864 MSPCLOCK - ok
07:03:55.0859 1864 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINNT\system32\drivers\MSPQM.sys
07:03:55.0859 1864 MSPQM - ok
07:03:55.0906 1864 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINNT\system32\DRIVERS\mssmbios.sys
07:03:55.0921 1864 mssmbios - ok
07:03:55.0953 1864 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINNT\system32\drivers\MSTEE.sys
07:03:55.0953 1864 MSTEE - ok
07:03:56.0046 1864 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINNT\system32\drivers\Mup.sys
07:03:56.0109 1864 Mup - ok
07:03:56.0156 1864 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINNT\system32\DRIVERS\NABTSFEC.sys
07:03:56.0171 1864 NABTSFEC - ok
07:03:56.0265 1864 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINNT\System32\qagentrt.dll
07:03:56.0281 1864 napagent - ok
07:03:56.0281 1864 Ncrc710 - ok
07:03:56.0359 1864 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINNT\system32\drivers\NDIS.sys
07:03:56.0375 1864 NDIS - ok
07:03:56.0406 1864 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINNT\system32\DRIVERS\NdisIP.sys
07:03:56.0406 1864 NdisIP - ok
07:03:56.0453 1864 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINNT\system32\DRIVERS\ndistapi.sys
07:03:56.0453 1864 NdisTapi - ok
07:03:56.0500 1864 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINNT\system32\DRIVERS\ndisuio.sys
07:03:56.0500 1864 Ndisuio - ok
07:03:56.0515 1864 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINNT\system32\DRIVERS\ndiswan.sys
07:03:56.0546 1864 NdisWan - ok
07:03:56.0593 1864 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINNT\system32\drivers\NDProxy.sys
07:03:56.0609 1864 NDProxy - ok
07:03:56.0640 1864 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINNT\system32\DRIVERS\netbios.sys
07:03:56.0656 1864 NetBIOS - ok
07:03:56.0687 1864 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINNT\system32\DRIVERS\netbt.sys
07:03:56.0703 1864 NetBT - ok
07:03:56.0750 1864 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINNT\system32\netdde.exe
07:03:56.0750 1864 NetDDE - ok
07:03:56.0765 1864 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINNT\system32\netdde.exe
07:03:56.0765 1864 NetDDEdsdm - ok
07:03:56.0812 1864 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINNT\system32\lsass.exe
07:03:56.0812 1864 Netlogon - ok
07:03:56.0921 1864 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINNT\System32\netman.dll
07:03:56.0937 1864 Netman - ok
07:03:56.0984 1864 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINNT\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:03:56.0984 1864 NetTcpPortSharing - ok
07:03:57.0031 1864 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINNT\system32\DRIVERS\nic1394.sys
07:03:57.0031 1864 NIC1394 - ok
07:03:57.0078 1864 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINNT\System32\mswsock.dll
07:03:57.0093 1864 Nla - ok
07:03:57.0187 1864 [ CD569FA91EC6F59D045C19D0D3850F44 ] nmservice C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
07:03:57.0203 1864 nmservice - ok
07:03:57.0218 1864 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINNT\system32\drivers\Npfs.sys
07:03:57.0218 1864 Npfs - ok
07:03:57.0250 1864 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINNT\system32\drivers\Ntfs.sys
07:03:57.0265 1864 Ntfs - ok
07:03:57.0312 1864 [ 15A72D5B8F0B6A718207F14BD5EBB8FF ] NTIDrvr C:\WINNT\system32\DRIVERS\NTIDrvr.sys
07:03:57.0312 1864 NTIDrvr - ok
07:03:57.0328 1864 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINNT\system32\lsass.exe
07:03:57.0328 1864 NtLmSsp - ok
07:03:57.0375 1864 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINNT\system32\ntmssvc.dll
07:03:57.0406 1864 NtmsSvc - ok
07:03:57.0437 1864 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINNT\system32\drivers\Null.sys
07:03:57.0437 1864 Null - ok
07:03:57.0484 1864 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINNT\system32\DRIVERS\nwlnkflt.sys
07:03:57.0484 1864 NwlnkFlt - ok
07:03:57.0515 1864 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINNT\system32\DRIVERS\nwlnkfwd.sys
07:03:57.0531 1864 NwlnkFwd - ok
07:03:57.0531 1864 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINNT\system32\DRIVERS\ohci1394.sys
07:03:57.0546 1864 ohci1394 - ok
07:03:57.0546 1864 Parallel - ok
07:03:57.0593 1864 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINNT\system32\DRIVERS\parport.sys
07:03:57.0593 1864 Parport - ok
07:03:57.0609 1864 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINNT\system32\drivers\PartMgr.sys
07:03:57.0609 1864 PartMgr - ok
07:03:57.0656 1864 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINNT\system32\drivers\ParVdm.sys
07:03:57.0656 1864 ParVdm - ok
07:03:57.0671 1864 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINNT\system32\DRIVERS\pci.sys
07:03:57.0671 1864 PCI - ok
07:03:57.0687 1864 PCIDump - ok
07:03:57.0718 1864 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINNT\system32\DRIVERS\pciide.sys
07:03:57.0718 1864 PCIIde - ok
07:03:57.0750 1864 [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI C:\WINNT\system32\drivers\pclepci.sys
07:03:57.0750 1864 PCLEPCI - ok
07:03:57.0796 1864 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINNT\system32\drivers\Pcmcia.sys
07:03:57.0796 1864 Pcmcia - ok
07:03:57.0812 1864 PDCOMP - ok
07:03:57.0828 1864 PDFRAME - ok
07:03:57.0828 1864 PDRELI - ok
07:03:57.0859 1864 PDRFRAME - ok
07:03:57.0859 1864 perc2 - ok
07:03:57.0875 1864 perc2hib - ok
07:03:57.0937 1864 [ DA86016F0672ADA925F589EDE715F185 ] pfc C:\WINNT\system32\drivers\pfc.sys
07:03:57.0984 1864 pfc - ok
07:03:58.0062 1864 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINNT\system32\services.exe
07:03:58.0078 1864 PlugPlay - ok
07:03:58.0125 1864 [ 36FCAC4FA28B462CA867742DEA59B0D0 ] pnarp C:\WINNT\system32\DRIVERS\pnarp.sys
07:03:58.0125 1864 pnarp - ok
07:03:58.0140 1864 [ E5582E43E167CF367757D81E9727DA2A ] Point32 C:\WINNT\system32\DRIVERS\point32.sys
07:03:58.0156 1864 Point32 - ok
07:03:58.0171 1864 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINNT\system32\lsass.exe
07:03:58.0171 1864 PolicyAgent - ok
07:03:58.0296 1864 [ 3ADFECB5CE0B7196282F0C0DA695B508 ] ppped C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe
07:03:58.0312 1864 ppped - ok
07:03:58.0343 1864 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINNT\system32\DRIVERS\raspptp.sys
07:03:58.0343 1864 PptpMiniport - ok
07:03:58.0343 1864 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINNT\system32\lsass.exe
07:03:58.0359 1864 ProtectedStorage - ok
07:03:58.0359 1864 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINNT\system32\DRIVERS\ptilink.sys
07:03:58.0375 1864 Ptilink - ok
07:03:58.0406 1864 [ D8AC00388262B1A4878A7EE12F31D376 ] purendis C:\WINNT\system32\DRIVERS\purendis.sys
07:03:58.0406 1864 purendis - ok
07:03:58.0421 1864 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINNT\system32\Drivers\PxHelp20.sys
07:03:58.0421 1864 PxHelp20 - ok
07:03:58.0437 1864 ql1080 - ok
07:03:58.0437 1864 Ql10wnt - ok
07:03:58.0453 1864 ql12160 - ok
07:03:58.0468 1864 ql1240 - ok
07:03:58.0484 1864 ql1280 - ok
07:03:58.0484 1864 ql2100 - ok
07:03:58.0531 1864 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINNT\system32\DRIVERS\rasacd.sys
07:03:58.0531 1864 RasAcd - ok
07:03:58.0578 1864 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINNT\System32\rasauto.dll
07:03:58.0609 1864 RasAuto - ok
07:03:58.0640 1864 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINNT\system32\DRIVERS\rasl2tp.sys
07:03:58.0640 1864 Rasl2tp - ok
07:03:58.0718 1864 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINNT\System32\rasmans.dll
07:03:58.0718 1864 RasMan - ok
07:03:58.0734 1864 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINNT\system32\DRIVERS\raspppoe.sys
07:03:58.0734 1864 RasPppoe - ok
07:03:58.0765 1864 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINNT\system32\DRIVERS\raspti.sys
07:03:58.0765 1864 Raspti - ok
07:03:58.0796 1864 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINNT\system32\DRIVERS\rdbss.sys
07:03:58.0812 1864 Rdbss - ok
07:03:58.0843 1864 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINNT\system32\DRIVERS\RDPCDD.sys
07:03:58.0843 1864 RDPCDD - ok
07:03:58.0859 1864 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINNT\system32\DRIVERS\rdpdr.sys
07:03:58.0875 1864 rdpdr - ok
07:03:58.0937 1864 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINNT\system32\drivers\RDPWD.sys
07:03:58.0937 1864 RDPWD - ok
07:03:58.0984 1864 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINNT\system32\sessmgr.exe
07:03:59.0000 1864 RDSessMgr - ok
07:03:59.0031 1864 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINNT\system32\DRIVERS\redbook.sys
07:03:59.0343 1864 redbook - ok
07:03:59.0375 1864 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINNT\System32\mprdim.dll
07:03:59.0390 1864 RemoteAccess - ok
07:03:59.0421 1864 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINNT\system32\regsvc.dll
07:03:59.0437 1864 RemoteRegistry - ok
07:03:59.0468 1864 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINNT\system32\locator.exe
07:03:59.0484 1864 RpcLocator - ok
07:03:59.0531 1864 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINNT\system32\rpcss.dll
07:03:59.0531 1864 RpcSs - ok
07:03:59.0578 1864 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINNT\system32\rsvp.exe
07:03:59.0593 1864 RSVP - ok
07:03:59.0625 1864 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINNT\system32\lsass.exe
07:03:59.0625 1864 SamSs - ok
07:03:59.0656 1864 [ F5A633609777C212EC5FF19927FC5955 ] ScanUSBEMPIA C:\WINNT\system32\DRIVERS\emScan.sys
07:03:59.0656 1864 ScanUSBEMPIA - ok
07:03:59.0703 1864 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINNT\System32\SCardSvr.exe
07:03:59.0703 1864 SCardSvr - ok
07:03:59.0750 1864 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINNT\system32\schedsvc.dll
07:03:59.0765 1864 Schedule - ok
07:03:59.0796 1864 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINNT\system32\DRIVERS\secdrv.sys
07:03:59.0796 1864 Secdrv - ok
07:03:59.0875 1864 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINNT\System32\seclogon.dll
07:03:59.0890 1864 seclogon - ok
07:03:59.0937 1864 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINNT\system32\sens.dll
07:03:59.0953 1864 SENS - ok
07:04:00.0000 1864 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINNT\system32\DRIVERS\serenum.sys
07:04:00.0015 1864 serenum - ok
07:04:00.0437 1864 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINNT\system32\DRIVERS\serial.sys
07:04:00.0593 1864 Serial - ok
07:04:01.0015 1864 [ E8CC4BA7B2E962BD932C7BF678E762E0 ] sf C:\WINNT\system32\drivers\sf.sys
07:04:01.0015 1864 sf - ok
07:04:01.0234 1864 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINNT\system32\DRIVERS\sfloppy.sys
07:04:01.0250 1864 Sfloppy - ok
07:04:01.0796 1864 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINNT\System32\ipnathlp.dll
07:04:01.0828 1864 SharedAccess - ok
07:04:02.0171 1864 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINNT\System32\shsvcs.dll
07:04:02.0187 1864 ShellHWDetection - ok
07:04:02.0203 1864 Simbad - ok
07:04:02.0343 1864 [ 3D3007C39D5EDBA99C4E8C029963AB85 ] SIODRV C:\WINNT\system32\drivers\SIODRV.SYS
07:04:02.0343 1864 SIODRV - ok
07:04:02.0468 1864 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINNT\system32\DRIVERS\SLIP.sys
07:04:02.0484 1864 SLIP - ok
07:04:02.0656 1864 [ 13D149D7114A72DACE8464B8464B7767 ] SMBios C:\WINNT\system32\DRIVERS\SMBios.sys
07:04:02.0781 1864 SMBios - ok
07:04:02.0875 1864 [ 067114712715D88E1FCCABA33E418E24 ] smbusp C:\WINNT\system32\DRIVERS\smb.sys
07:04:02.0875 1864 smbusp - ok
07:04:03.0203 1864 [ 7D9B50329AF9FD94B0529282530D2CB7 ] smwdm C:\WINNT\system32\drivers\smwdm.sys
07:04:03.0578 1864 smwdm - ok
07:04:04.0078 1864 [ 3978F082274F723AD5A0A8058C2417DD ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
07:04:04.0093 1864 SoundMAX Agent Service (default) - ok
07:04:04.0109 1864 Sparrow - ok
07:04:04.0140 1864 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINNT\system32\drivers\splitter.sys
07:04:04.0140 1864 splitter - ok
07:04:04.0203 1864 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINNT\system32\spoolsv.exe
07:04:04.0203 1864 Spooler - ok
07:04:04.0234 1864 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINNT\system32\DRIVERS\sr.sys
07:04:04.0250 1864 sr - ok
07:04:04.0281 1864 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINNT\system32\srsvc.dll
07:04:04.0296 1864 srservice - ok
07:04:04.0328 1864 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINNT\system32\DRIVERS\srv.sys
07:04:04.0328 1864 Srv - ok
07:04:04.0390 1864 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINNT\System32\ssdpsrv.dll
07:04:04.0406 1864 SSDPSRV - ok
07:04:04.0437 1864 [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam C:\WINNT\system32\DRIVERS\serscan.sys
07:04:04.0593 1864 StillCam - ok
07:04:04.0656 1864 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] StiSvc C:\WINNT\system32\wiaservc.dll
07:04:04.0671 1864 StiSvc - ok
07:04:04.0734 1864 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINNT\system32\DRIVERS\StreamIP.sys
07:04:04.0750 1864 streamip - ok
07:04:05.0093 1864 [ 78B58486A5CB4F418D06EA2D6E961DB0 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
07:04:05.0234 1864 SupportSoft RemoteAssist - ok
07:04:05.0281 1864 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINNT\system32\DRIVERS\swenum.sys
07:04:05.0296 1864 swenum - ok
07:04:05.0328 1864 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINNT\system32\drivers\swmidi.sys
07:04:05.0328 1864 swmidi - ok
07:04:05.0343 1864 SwPrv - ok
07:04:05.0359 1864 symc810 - ok
07:04:05.0375 1864 symc8xx - ok
07:04:05.0390 1864 sym_hi - ok
07:04:05.0390 1864 sym_u3 - ok
07:04:05.0484 1864 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINNT\system32\drivers\sysaudio.sys
07:04:05.0484 1864 sysaudio - ok
07:04:06.0046 1864 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINNT\system32\smlogsvc.exe
07:04:06.0078 1864 SysmonLog - ok
07:04:06.0640 1864 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINNT\System32\tapisrv.dll
07:04:06.0703 1864 TapiSrv - ok
07:04:07.0390 1864 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINNT\system32\DRIVERS\tcpip.sys
07:04:07.0890 1864 Tcpip - ok
07:04:08.0062 1864 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINNT\system32\drivers\TDPIPE.sys
07:04:08.0078 1864 TDPIPE - ok
07:04:08.0125 1864 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINNT\system32\drivers\TDTCP.sys
07:04:08.0156 1864 TDTCP - ok
07:04:08.0218 1864 [ 88155247177638048422893737429D9E ] TermDD C:\WINNT\system32\DRIVERS\termdd.sys
07:04:08.0234 1864 TermDD - ok
07:04:08.0312 1864 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINNT\System32\termsrv.dll
07:04:08.0343 1864 TermService - ok
07:04:08.0359 1864 tga - ok
07:04:08.0421 1864 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINNT\System32\shsvcs.dll
07:04:08.0421 1864 Themes - ok
07:04:08.0484 1864 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINNT\system32\tlntsvr.exe
07:04:08.0515 1864 TlntSvr - ok
07:04:08.0531 1864 TosIde - ok
07:04:08.0562 1864 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINNT\system32\trkwks.dll
07:04:08.0578 1864 TrkWks - ok
07:04:08.0609 1864 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINNT\system32\drivers\Udfs.sys
07:04:08.0640 1864 Udfs - ok
07:04:08.0640 1864 ultra - ok
07:04:08.0671 1864 ultra66 - ok
07:04:08.0734 1864 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINNT\system32\DRIVERS\update.sys
07:04:08.0812 1864 Update - ok
07:04:08.0875 1864 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINNT\System32\upnphost.dll
07:04:08.0906 1864 upnphost - ok
07:04:08.0968 1864 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINNT\System32\ups.exe
07:04:08.0968 1864 UPS - ok
07:04:09.0031 1864 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\WINNT\system32\Drivers\usbaapl.sys
07:04:09.0406 1864 USBAAPL - ok
07:04:09.0484 1864 [ E919708DB44ED8543A7C017953148330 ] usbaudio C:\WINNT\system32\drivers\usbaudio.sys
07:04:09.0515 1864 usbaudio - ok
07:04:09.0562 1864 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINNT\system32\DRIVERS\usbccgp.sys
07:04:09.0562 1864 usbccgp - ok
07:04:09.0593 1864 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINNT\system32\DRIVERS\usbehci.sys
07:04:09.0609 1864 usbehci - ok
07:04:09.0656 1864 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINNT\system32\DRIVERS\usbhub.sys
07:04:09.0656 1864 usbhub - ok
07:04:09.0703 1864 [ B0205D19BA25CA654810D0AED04496A8 ] usbhub20 C:\WINNT\system32\DRIVERS\usbhub20.sys
07:04:09.0703 1864 usbhub20 - ok
07:04:09.0750 1864 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINNT\system32\DRIVERS\usbohci.sys
07:04:09.0765 1864 usbohci - ok
07:04:09.0796 1864 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINNT\system32\DRIVERS\usbprint.sys
07:04:09.0796 1864 usbprint - ok
07:04:09.0906 1864 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINNT\system32\DRIVERS\usbscan.sys
07:04:09.0906 1864 usbscan - ok
07:04:09.0968 1864 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINNT\system32\DRIVERS\USBSTOR.SYS
07:04:10.0000 1864 USBSTOR - ok
07:04:10.0062 1864 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINNT\system32\DRIVERS\usbuhci.sys
07:04:10.0531 1864 usbuhci - ok
07:04:10.0687 1864 [ 0845E936C85AD45B452CBC86A316CF2A ] UtilMan C:\WINNT\System32\UtilMan.exe
07:04:10.0703 1864 UtilMan - ok
07:04:10.0718 1864 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINNT\System32\drivers\vga.sys
07:04:10.0734 1864 VgaSave - ok
07:04:10.0750 1864 ViaIde - ok
07:04:11.0265 1864 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINNT\system32\drivers\VolSnap.sys
07:04:11.0281 1864 VolSnap - ok
07:04:11.0375 1864 [ 96099F1C2637E7A4F50A2FAD014324EC ] vsdatant C:\WINNT\system32\vsdatant.sys
07:04:11.0453 1864 vsdatant - ok
07:04:11.0546 1864 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINNT\System32\vssvc.exe
07:04:11.0578 1864 VSS - ok
07:04:11.0671 1864 [ 5A7E6F6AF689FA269DE763A77BA0EA9D ] VVBackd5 C:\WINNT\system32\drivers\VVBackd5.sys
07:04:11.0687 1864 VVBackd5 - ok
07:04:11.0718 1864 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINNT\system32\w32time.dll
07:04:11.0734 1864 W32Time - ok
07:04:11.0796 1864 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINNT\system32\DRIVERS\wanarp.sys
07:04:11.0828 1864 Wanarp - ok
07:04:11.0843 1864 WDICA - ok
07:04:11.0875 1864 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINNT\system32\drivers\wdmaud.sys
07:04:11.0875 1864 wdmaud - ok
07:04:11.0921 1864 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINNT\System32\webclnt.dll
07:04:11.0937 1864 WebClient - ok
07:04:12.0687 1864 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINNT\system32\wbem\WMIsvc.dll
07:04:12.0703 1864 winmgmt - ok
07:04:12.0734 1864 [ AF619B3908BB1C9336FB6981609018FE ] WMDM PMSP Service C:\WINNT\system32\mspmspsv.exe
07:04:12.0750 1864 WMDM PMSP Service - ok
07:04:12.0781 1864 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINNT\system32\MsPMSNSv.dll
07:04:12.0796 1864 WmdmPmSN - ok
07:04:12.0906 1864 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINNT\System32\advapi32.dll
07:04:12.0968 1864 Wmi - ok
07:04:13.0000 1864 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINNT\system32\wbem\wmiapsrv.exe
07:04:13.0015 1864 WmiApSrv - ok
07:04:15.0656 1864 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
07:04:15.0703 1864 WMPNetworkSvc - ok
07:04:15.0750 1864 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINNT\system32\DRIVERS\wpdusb.sys
07:04:15.0750 1864 WpdUsb - ok
07:04:15.0906 1864 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINNT\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:04:15.0968 1864 WPFFontCache_v0400 - ok
07:04:16.0046 1864 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINNT\system32\wscsvc.dll
07:04:16.0078 1864 wscsvc - ok
07:04:16.0109 1864 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINNT\system32\DRIVERS\WSTCODEC.SYS
07:04:16.0125 1864 WSTCODEC - ok
07:04:16.0250 1864 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINNT\system32\wuauserv.dll
07:04:16.0250 1864 wuauserv - ok
07:04:16.0312 1864 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINNT\system32\DRIVERS\WudfPf.sys
07:04:16.0921 1864 WudfPf - ok
07:04:17.0062 1864 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINNT\system32\DRIVERS\wudfrd.sys
07:04:17.0093 1864 WudfRd - ok
07:04:17.0343 1864 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINNT\System32\WUDFSvc.dll
07:04:17.0359 1864 WudfSvc - ok
07:04:18.0453 1864 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINNT\System32\wzcsvc.dll
07:04:18.0484 1864 WZCSVC - ok
07:04:18.0531 1864 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINNT\System32\xmlprov.dll
07:04:18.0546 1864 xmlprov - ok
07:04:18.0609 1864 [ FD1F4E9CF06C71C8D73A24ACF18D8296 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINNT\system32\drivers\ialmsbw.sys
07:04:18.0640 1864 {6080A529-897E-4629-A488-ABA0C29B635E} - ok
07:04:18.0671 1864 [ D4D7331D33D1FA73E588E5CE0D90A4C1 ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINNT\system32\drivers\ialmkchw.sys
07:04:18.0671 1864 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok
07:04:18.0671 1864 ================ Scan global ===============================
07:04:18.0734 1864 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINNT\system32\basesrv.dll
07:04:18.0953 1864 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINNT\system32\winsrv.dll
07:04:19.0078 1864 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINNT\system32\winsrv.dll
07:04:19.0125 1864 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINNT\system32\services.exe
07:04:19.0125 1864 [Global] - ok
07:04:19.0125 1864 ================ Scan MBR ==================================
07:04:19.0203 1864 [ 53F17D2C4C4E455520172DF20C71AB52 ] \Device\Harddisk0\DR0
07:04:19.0234 1864 Suspicious mbr (Forged): \Device\Harddisk0\DR0
07:04:22.0625 1864 \Device\Harddisk0\DR0 - ok
07:04:22.0625 1864 ================ Scan VBR ==================================
07:04:22.0656 1864 [ 6908E64E5300E8B28D9291BE4555091E ] \Device\Harddisk0\DR0\Partition1
07:04:22.0703 1864 \Device\Harddisk0\DR0\Partition1 - ok
07:04:22.0703 1864 ============================================================
07:04:22.0703 1864 Scan finished
07:04:22.0703 1864 ============================================================
07:04:22.0718 2520 Detected object count: 0
07:04:22.0718 2520 Actual detected object count: 0
07:04:39.0296 2400 Deinitialize success

-----------------------------------------------------------------------------------------------------

aswMBR Log:

Run date: 2013-01-31 07:04:46
-----------------------------
07:04:46.375 OS Version: Windows 5.1.2600 Service Pack 3
07:04:46.375 Number of processors: 2 586 0x209
07:04:46.375 ComputerName: CRASH UserName: john
07:04:54.468 Initialize success
07:11:08.171 AVAST engine defs: 13013003
07:11:30.593 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
07:11:30.609 Disk 0 Vendor: Maxtor_6Y160P0 YAR41BW0 Size: 156334MB BusType: 3
07:11:30.625 Disk 0 MBR read successfully
07:11:30.625 Disk 0 MBR scan
07:11:30.671 Disk 0 Windows XP default MBR code found via API
07:11:30.671 Disk 0 unknown MBR code
07:11:30.671 Disk 0 MBR hidden
07:11:30.687 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 117961 MB offset 63
07:11:30.718 Disk 0 Partition 2 00 77 SA/DPS 13099 MB offset 241585470
07:11:30.734 Disk 0 scanning sectors +268414020
07:11:30.765 Disk 0 MBR [possible unknown bootkit@MBR] **ROOTKIT**
07:11:30.765 Disk 0 trace - called modules:
07:11:30.765 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys intelide.sys PCIIDEX.SYS
07:11:30.765 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8aa3eab8]
07:11:30.765 3 CLASSPNP.SYS[f7657fd7] -> nt!IofCallDriver -> \Device\00000070[0x8aa97f18]
07:11:30.765 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-4[0x8aa96d98]
07:11:31.187 AVAST engine scan C:\WINNT
07:12:01.906 AVAST engine scan C:\WINNT\system32
07:16:54.312 File: C:\WINNT\system32\odbcp32ry.dll **INFECTED** Win32:Malware-gen
07:23:00.906 AVAST engine scan C:\WINNT\system32\drivers
07:23:53.765 AVAST engine scan C:\Documents and Settings\john
07:29:23.062 AVAST engine scan C:\Documents and Settings\All Users
07:32:55.953 Scan finished successfully
07:33:27.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\john\Desktop\MBR.dat"
07:33:27.843 The log file has been saved successfully to "C:\Documents and Settings\john\Desktop\aswMBR.txt"

------------------------------------------------------------------------------------------------------------------

ESET Log:

C:\Documents and Settings\john\My Documents\My Videos\football\CouponPrinter.exe probably a variant of Win32/Adware.Softomate.AD application cleaned by deleting - quarantined
Operating memory probably a variant of Win32/Ponmocup.AA trojan

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:16 PM

Posted 31 January 2013 - 11:10 AM

Download

Malwarebytes

Install,update and run a full scan

Click on Show results.Right click on the list ,select all and remove them.

Post the generated log here

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List restore points

Click Go and post the result.

Download

Farbar service scanner

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

A log should be generated after scan ,post it here

Download

Junkware removal tool

For vista and windows 7 right click on the tool and select run as administrator

After scan gets completed,post the generated log here.


Download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the contents of text here

#5 MToby

MToby
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 01:03 PM

Was I supposed to do a "Fix MBR" on the aswMBR? I just ran the scan like was requested.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:16 PM

Posted 31 January 2013 - 01:09 PM

Not needed.

#7 MToby

MToby
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 08:50 PM

Malware Bytes

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.26.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
john :: CRASH [administrator]

1/31/2013 6:12:16 PM
mbam-log-2013-01-31 (18-12-16).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 348824
Time elapsed: 1 hour(s), 25 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Minitoolbox

MiniToolBox by Farbar Version:10-01-2013
Ran by john (administrator) on 31-01-2013 at 19:44:04
Running from "C:\Documents and Settings\john\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : crash

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : wi.rr.com



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : wi.rr.com

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-0C-F1-8A-5A-30

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.145

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Thursday, January 31, 2013 5:58:47 PM

Lease Expires . . . . . . . . . . : Friday, February 01, 2013 5:58:47 PM

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.225.136, 74.125.225.137, 74.125.225.142, 74.125.225.128
74.125.225.129, 74.125.225.130, 74.125.225.131, 74.125.225.132, 74.125.225.133
74.125.225.134, 74.125.225.135



Pinging google.com [74.125.225.73] with 32 bytes of data:



Reply from 74.125.225.73: bytes=32 time=33ms TTL=49

Reply from 74.125.225.73: bytes=32 time=11ms TTL=49



Ping statistics for 74.125.225.73:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 33ms, Average = 22ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=103ms TTL=46

Reply from 206.190.36.45: bytes=32 time=126ms TTL=46



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 103ms, Maximum = 126ms, Average = 114ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c f1 8a 5a 30 ...... Intel® PRO/100 VE Network Connection - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.145 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.145 192.168.0.145 20
192.168.0.0 255.255.255.0 192.168.0.145 192.168.0.145 20
192.168.0.145 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.145 192.168.0.145 20
224.0.0.0 240.0.0.0 192.168.0.145 192.168.0.145 20
255.255.255.255 255.255.255.255 192.168.0.145 192.168.0.145 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 03 C:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 02 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 03 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 04 C:\Windows\system32\rsvpsp.dll [File not found] ()
Catalog9 05 C:\Windows\system32\rsvpsp.dll [File not found] ()
Catalog9 06 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 07 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 08 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 09 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 10 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 11 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 12 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 13 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 14 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 15 C:\Windows\system32\mswsock.dll [File not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/26/2013 09:52:20 PM) (Source: Application Hang) (User: )
Description: Fault bucket 57472428.

Error: (01/26/2013 09:52:16 PM) (Source: Application Hang) (User: )
Description: Hanging application ExpressInstaller.exe, version 4.1.0.21, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/25/2013 04:32:00 PM) (Source: Application Hang) (User: )
Description: Fault bucket 734037209.

Error: (01/25/2013 04:31:48 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/25/2013 04:17:15 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/22/2013 07:09:37 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/31/2013 07:11:07 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:11:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:11:04 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:01:30 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:00:42 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:31 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:30 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:29 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:27 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:26 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D


Microsoft Office Sessions:
=========================
Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (01/26/2013 09:52:20 PM) (Source: Application Hang)(User: )
Description: 57472428

Error: (01/26/2013 09:52:16 PM) (Source: Application Hang)(User: )
Description: ExpressInstaller.exe4.1.0.21hungapp0.0.0.000000000

Error: (01/25/2013 04:32:00 PM) (Source: Application Hang)(User: )
Description: 734037209

Error: (01/25/2013 04:31:48 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (01/25/2013 04:17:15 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/22/2013 07:09:37 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader 9.5.3 (Version: 9.5.3)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 3
ArcSoft PhotoImpression
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.6.255.207)
Bonjour (Version: 3.0.0.10)
CCScore (Version: 8.02.0000.0001)
Cisco Network Magic (Version: 5.5.09195.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 4.0)
Critical Update for Windows Media Player 11 (KB959772)
CyberPower PowerPanel Personal Edition (Version: 0.9.5)
DiscAPI (Studio 10) (Version: 2.10.0057)
DivX Web Player (Version: 1.5.0)
ESET Online Scanner v3
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin Communicator Plugin with myGarmin Agent (Version: 2.9.2)
Garmin Lifetime Updater (Version: 2.1.11)
Garmin USB Drivers (Version: 2.3.0.0)
getPlus®_ocx
Google Update Helper (Version: 1.3.21.123)
hp instant support (Version: 5.0.2.4.asst_classic.asst_install)
HP Photo and Imaging 2.0 - All-in-One (Version: 1.10.0000)
HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.10.0000)
hp psc 1200 series
Intel® Active Monitor
Intel® Extreme Graphics Driver
Intel® PRO Network Adapters and Drivers
InterActual Player
InterVideo WinDVD Recorder (Version: 4.5.28.109)
iTunes (Version: 11.0.1.12)
J2SE Runtime Environment 5.0 Update 10 (Version: 1.5.0.100)
J2SE Runtime Environment 5.0 Update 11 (Version: 1.5.0.110)
J2SE Runtime Environment 5.0 Update 5 (Version: 1.5.0.50)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
J2SE Runtime Environment 5.0 Update 9 (Version: 1.5.0.90)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 37 (Version: 6.0.370)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ 6 Update 7 (Version: 1.6.0.70)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
kgcbaby (Version: 5.03.0000.0002)
kgchday (Version: 5.03.0000.0002)
kgchlwn (Version: 5.03.0000.0002)
kgcinvt (Version: 5.03.0000.0003)
kgckids (Version: 5.03.0000.0002)
kgcmove (Version: 5.03.0000.0003)
kgcvday (Version: 5.03.0000.0002)
Kodak EasyShare software
Macromedia Shockwave Player (Version: 10.1.0.011)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee AntiVirus Plus (Version: 11.6.443)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Download Manager (Version: 1.2.1)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft IntelliType Pro 5.5 (Version: 5.50.661.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft XML Parser (Version: 8.20.8730.4)
Microsoft XML Parser and SDK (Version: 4.10.9406.0)
MobileMe Control Panel (Version: 3.1.8.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
netbrdg (Version: 7.01.0000.0001)
Network Magic (Version: 5.5.9195.0)
NTI CD-Maker (Version: 6)
NTI CD-Maker 6 Standard (Version: 6)
OfotoXMI (Version: 8.02.1000.0001)
Photo Story 3 for Windows (Version: 3.0.1115.11)
PhotoParade Player
Picasa 3 (Version: 3.8)
Pinnacle Instant DVD Recorder (Version: 1.60.110)
Pure Networks Platform (Version: 11.2.09195.1)
QuickTime (Version: 7.73.80.64)
RAPID (Version: 1.00.0002)
RestoreIT!
Rhapsody Player Engine (Version: 1.1.0)
Road Runner Medic 5.4
Roxio DLA (Version: 5.2.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
Safari (Version: 5.34.57.2)
SFR (Version: 8.01.0000.0001)
Shared C Run-time for x86 (Version: 10.0.0)
SHASTA (Version: 7.01.0000.0001)
ShowBiz
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
SmartSound Quicktracks Plugin (Version: 3.0.2.7)
Sonic Update Manager (Version: 3.0.0)
SoundMAX (Version: 5.12.01.5240)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
staticcr (Version: 8.02.0000.0001)
Storm Team 4 Desktop Weather
Studio 10 (Version: 10.5)
Studio 10 Bonus DVD (Version: 10.0.000)
SurferNETWORK Player
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.3.13.0)
TWC Client ActiveX Controls (Version: 11)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USBControl
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
VGA Dual-Mode Camera (Version: 2.02.0000)
VoiceOver Kit (Version: 1.42.128.0)
VPRINTOL (Version: 8.02.0000.0001)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Camera Maker (MR97310_VGA_DUAL_CAMERA) Image 07/18/2006 2.0.1.0 (Version: 2.0.1.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows XP Service Pack 3 (Version: 20080414.031525)
WIRELESS (Version: 8.02.0000.0001)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 2030.73 MB
Available physical RAM: 1183.36 MB
Total Pagefile: 2624.97 MB
Available Pagefile: 1671.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.78 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:115.2 GB) (Free:69.16 GB) NTFS

========================= Users: ========================================

User accounts for \\CRASH

Administrator ASPNET Guest
HelpAssistant john max
SUPPORT_388945a0

========================= Restore Points ==================================

27-01-2013 03:21:50 System Checkpoint
27-01-2013 04:08:45 System Checkpoint
28-01-2013 04:59:36 System Checkpoint
29-01-2013 05:35:31 System Checkpoint
30-01-2013 06:26:39 System Checkpoint
31-01-2013 04:04:52 Installed Windows Internet Explorer 8.
31-01-2013 04:06:15 Software Distribution Service 3.0
31-01-2013 12:56:04 Software Distribution Service 3.0

**** End of log ****

FARBAR

MiniToolBox by Farbar Version:10-01-2013
Ran by john (administrator) on 31-01-2013 at 19:44:04
Running from "C:\Documents and Settings\john\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Connected)
Intel® PRO/100 VE Network Connection = Local Area Connection 2 (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : crash

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : wi.rr.com



Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : wi.rr.com

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-0C-F1-8A-5A-30

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.0.145

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.0.1

DHCP Server . . . . . . . . . . . : 192.168.0.1

DNS Servers . . . . . . . . . . . : 209.18.47.61

209.18.47.62

Lease Obtained. . . . . . . . . . : Thursday, January 31, 2013 5:58:47 PM

Lease Expires . . . . . . . . . . : Friday, February 01, 2013 5:58:47 PM

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: google.com
Addresses: 74.125.225.136, 74.125.225.137, 74.125.225.142, 74.125.225.128
74.125.225.129, 74.125.225.130, 74.125.225.131, 74.125.225.132, 74.125.225.133
74.125.225.134, 74.125.225.135



Pinging google.com [74.125.225.73] with 32 bytes of data:



Reply from 74.125.225.73: bytes=32 time=33ms TTL=49

Reply from 74.125.225.73: bytes=32 time=11ms TTL=49



Ping statistics for 74.125.225.73:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 11ms, Maximum = 33ms, Average = 22ms

Server: dns-cac-lb-01.rr.com
Address: 209.18.47.61

Name: yahoo.com
Addresses: 98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=103ms TTL=46

Reply from 206.190.36.45: bytes=32 time=126ms TTL=46



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 103ms, Maximum = 126ms, Average = 114ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0c f1 8a 5a 30 ...... Intel® PRO/100 VE Network Connection - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.145 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
169.254.0.0 255.255.0.0 192.168.0.145 192.168.0.145 20
192.168.0.0 255.255.255.0 192.168.0.145 192.168.0.145 20
192.168.0.145 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.0.255 255.255.255.255 192.168.0.145 192.168.0.145 20
224.0.0.0 240.0.0.0 192.168.0.145 192.168.0.145 20
255.255.255.255 255.255.255.255 192.168.0.145 192.168.0.145 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 02 C:\Windows\System32\winrnr.dll [File Not found] ()
Catalog5 03 C:\Windows\System32\mswsock.dll [File Not found] ()
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 02 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 03 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 04 C:\Windows\system32\rsvpsp.dll [File not found] ()
Catalog9 05 C:\Windows\system32\rsvpsp.dll [File not found] ()
Catalog9 06 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 07 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 08 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 09 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 10 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 11 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 12 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 13 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 14 C:\Windows\system32\mswsock.dll [File not found] ()
Catalog9 15 C:\Windows\system32\mswsock.dll [File not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/30/2013 09:52:17 PM) (Source: Userenv) (User: NT AUTHORITY)
Description: Windows cannot query DllName registry entry for {7B849a69-220F-451E-B3FE-2CB811AF94AE} and it will not be loaded. This is most likely caused by a faulty registration.

Error: (01/26/2013 09:52:20 PM) (Source: Application Hang) (User: )
Description: Fault bucket 57472428.

Error: (01/26/2013 09:52:16 PM) (Source: Application Hang) (User: )
Description: Hanging application ExpressInstaller.exe, version 4.1.0.21, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/25/2013 04:32:00 PM) (Source: Application Hang) (User: )
Description: Fault bucket 734037209.

Error: (01/25/2013 04:31:48 PM) (Source: Application Hang) (User: )
Description: Hanging application explorer.exe, version 6.0.2900.5512, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/25/2013 04:17:15 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/22/2013 07:09:37 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/31/2013 07:11:07 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:11:06 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:11:04 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:01:30 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 07:00:42 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:31 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:30 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:29 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:27 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D

Error: (01/31/2013 06:52:26 PM) (Source: 0) (User: )
Description: \Device\Harddisk0\D


Microsoft Office Sessions:
=========================
Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}

Error: (01/30/2013 09:52:17 PM) (Source: Userenv)(User: NT AUTHORITY)
Description: {7B849a69-220F-451E-B3FE-2CB811AF94AE}

Error: (01/26/2013 09:52:20 PM) (Source: Application Hang)(User: )
Description: 57472428

Error: (01/26/2013 09:52:16 PM) (Source: Application Hang)(User: )
Description: ExpressInstaller.exe4.1.0.21hungapp0.0.0.000000000

Error: (01/25/2013 04:32:00 PM) (Source: Application Hang)(User: )
Description: 734037209

Error: (01/25/2013 04:31:48 PM) (Source: Application Hang)(User: )
Description: explorer.exe6.0.2900.5512hungapp0.0.0.000000000

Error: (01/25/2013 04:17:15 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/22/2013 07:09:37 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000


=========================== Installed Programs ============================

Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.146)
Adobe Reader 9.5.3 (Version: 9.5.3)
Adobe Shockwave Player 11.6 (Version: 11.6.3.633)
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Panorama Maker 3
ArcSoft PhotoImpression
ArcSoft Print Creations - Album Page
ArcSoft Print Creations - Funhouse
ArcSoft Print Creations - Greeting Card
ArcSoft Print Creations - Photo Book
ArcSoft Print Creations - Photo Calendar
ArcSoft Print Creations - Scrapbook
ArcSoft Print Creations - Slimline Card
ArcSoft Print Creations (Version: 2.6.255.207)
Bonjour (Version: 3.0.0.10)
CCScore (Version: 8.02.0000.0001)
Cisco Network Magic (Version: 5.5.09195.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Coupon Printer for Windows (Version: 4.0)
Critical Update for Windows Media Player 11 (KB959772)
CyberPower PowerPanel Personal Edition (Version: 0.9.5)
DiscAPI (Studio 10) (Version: 2.10.0057)
DivX Web Player (Version: 1.5.0)
ESET Online Scanner v3
ESSBrwr (Version: 8.02.0000.0001)
ESSCDBK (Version: 8.02.0000.0001)
ESScore (Version: 8.02.0000.0001)
ESSgui (Version: 8.02.0000.0001)
ESSini (Version: 8.02.0000.0001)
ESSPCD (Version: 8.02.0000.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 8.00.0000.0001)
Garmin Communicator Plugin (Version: 4.0.3)
Garmin Communicator Plugin with myGarmin Agent (Version: 2.9.2)
Garmin Lifetime Updater (Version: 2.1.11)
Garmin USB Drivers (Version: 2.3.0.0)
getPlus®_ocx
Google Update Helper (Version: 1.3.21.123)
hp instant support (Version: 5.0.2.4.asst_classic.asst_install)
HP Photo and Imaging 2.0 - All-in-One (Version: 1.10.0000)
HP Photo and Imaging 2.0 - All-in-One Drivers (Version: 1.10.0000)
hp psc 1200 series
Intel® Active Monitor
Intel® Extreme Graphics Driver
Intel® PRO Network Adapters and Drivers
InterActual Player
InterVideo WinDVD Recorder (Version: 4.5.28.109)
iTunes (Version: 11.0.1.12)
J2SE Runtime Environment 5.0 Update 10 (Version: 1.5.0.100)
J2SE Runtime Environment 5.0 Update 11 (Version: 1.5.0.110)
J2SE Runtime Environment 5.0 Update 5 (Version: 1.5.0.50)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
J2SE Runtime Environment 5.0 Update 9 (Version: 1.5.0.90)
Java Auto Updater (Version: 2.0.7.2)
Java™ 6 Update 2 (Version: 1.6.0.20)
Java™ 6 Update 3 (Version: 1.6.0.30)
Java™ 6 Update 37 (Version: 6.0.370)
Java™ 6 Update 5 (Version: 1.6.0.50)
Java™ 6 Update 7 (Version: 1.6.0.70)
Java™ SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
kgcbaby (Version: 5.03.0000.0002)
kgchday (Version: 5.03.0000.0002)
kgchlwn (Version: 5.03.0000.0002)
kgcinvt (Version: 5.03.0000.0003)
kgckids (Version: 5.03.0000.0002)
kgcmove (Version: 5.03.0000.0003)
kgcvday (Version: 5.03.0000.0002)
Kodak EasyShare software
Macromedia Shockwave Player (Version: 10.1.0.011)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee AntiVirus Plus (Version: 11.6.443)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Download Manager (Version: 1.2.1)
Microsoft IntelliPoint 7.0 (Version: 7.0.260.0)
Microsoft IntelliType Pro 5.5 (Version: 5.50.661.0)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft XML Parser (Version: 8.20.8730.4)
Microsoft XML Parser and SDK (Version: 4.10.9406.0)
MobileMe Control Panel (Version: 3.1.8.0)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
netbrdg (Version: 7.01.0000.0001)
Network Magic (Version: 5.5.9195.0)
NTI CD-Maker (Version: 6)
NTI CD-Maker 6 Standard (Version: 6)
OfotoXMI (Version: 8.02.1000.0001)
Photo Story 3 for Windows (Version: 3.0.1115.11)
PhotoParade Player
Picasa 3 (Version: 3.8)
Pinnacle Instant DVD Recorder (Version: 1.60.110)
Pure Networks Platform (Version: 11.2.09195.1)
QuickTime (Version: 7.73.80.64)
RAPID (Version: 1.00.0002)
RestoreIT!
Rhapsody Player Engine (Version: 1.1.0)
Road Runner Medic 5.4
Roxio DLA (Version: 5.2.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
Safari (Version: 5.34.57.2)
SFR (Version: 8.01.0000.0001)
Shared C Run-time for x86 (Version: 10.0.0)
SHASTA (Version: 7.01.0000.0001)
ShowBiz
skin0001 (Version: 8.02.0000.0001)
SKINXSDK (Version: 8.02.0000.0001)
SmartSound Quicktracks Plugin (Version: 3.0.2.7)
Sonic Update Manager (Version: 3.0.0)
SoundMAX (Version: 5.12.01.5240)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
staticcr (Version: 8.02.0000.0001)
Storm Team 4 Desktop Weather
Studio 10 (Version: 10.5)
Studio 10 Bonus DVD (Version: 10.0.000)
SurferNETWORK Player
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.3.13.0)
TWC Client ActiveX Controls (Version: 11)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
USBControl
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
VGA Dual-Mode Camera (Version: 2.02.0000)
VoiceOver Kit (Version: 1.42.128.0)
VPRINTOL (Version: 8.02.0000.0001)
WebEx Support Manager for Internet Explorer (Version: 6.5.4917)
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Camera Maker (MR97310_VGA_DUAL_CAMERA) Image 07/18/2006 2.0.1.0 (Version: 2.0.1.0)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage v1.3.0254.0 (Version: 1.3.0254.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Format SDK Hotfix - KB891122
Windows XP Service Pack 3 (Version: 20080414.031525)
WIRELESS (Version: 8.02.0000.0001)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 2030.73 MB
Available physical RAM: 1183.36 MB
Total Pagefile: 2624.97 MB
Available Pagefile: 1671.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.78 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:115.2 GB) (Free:69.16 GB) NTFS

========================= Users: ========================================

User accounts for \\CRASH

Administrator ASPNET Guest
HelpAssistant john max
SUPPORT_388945a0

========================= Restore Points ==================================

27-01-2013 03:21:50 System Checkpoint
27-01-2013 04:08:45 System Checkpoint
28-01-2013 04:59:36 System Checkpoint
29-01-2013 05:35:31 System Checkpoint
30-01-2013 06:26:39 System Checkpoint
31-01-2013 04:04:52 Installed Windows Internet Explorer 8.
31-01-2013 04:06:15 Software Distribution Service 3.0
31-01-2013 12:56:04 Software Distribution Service 3.0

**** End of log ****

#8 MToby

MToby
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 09:37 PM

# AdwCleaner v2.109 - Logfile created 01/31/2013 at 19:49:58
# Updated 26/01/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : john - CRASH
# Boot Mode : Normal
# Running from : C:\Documents and Settings\john\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\WINNT\Uninstall.exe

***** [Registry] *****

Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [1289 octets] - [31/01/2013 19:49:58]

########## EOF - C:\AdwCleaner[S1].txt - [1349 octets] ##########


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.5.8 (01.31.2013:1)
OS: Microsoft Windows XP x86
Ran by john on Thu 01/31/2013 at 20:00:34.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-602162358-2025429265-682003330-1000\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files\coupons"





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/31/2013 at 20:11:38.21
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


RKILL Keeps blue screening the PC with a stop 04


"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Photo Downloader" "" "" "File not found: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ArcSoft Connection Service" "ArcSoft Connect Daemon" "ArcSoft Inc." "c:\program files\common files\arcsoft\connection service\bin\acdaemon.exe"
+ "DLA" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlactrlw.exe"
+ "farstone" "" "" "File not found: NULL"
+ "FastTVSync" "FastTVSync Module" "" "c:\program files\common files\intervideo\fasttvsync\fasttvsync.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files\garmin\lifetime updater\garminlifetime.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\winnt\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\winnt\system32\igfxtray.exe"
+ "IMONTRAY" "imontray MFC Application" "" "c:\program files\intel\intel® active monitor\imontray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "ISUSPM Startup" "InstallShield Update Service Update Manager" "InstallShield Software Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "ISUSScheduler" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "MyGarminAgent" "" "" "c:\program files\garmin\mygarminagent\mygarminagent.exe"
+ "nmapp" "Network Magic Application" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmapp.exe"
+ "nmctxth" "Pure Networks Platform Assistant" "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
+ "PCLEUSBTip" "Pinnacle USB Tip - for Multi Media eXtensions" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\programs\usbtip\usbtip.exe"
+ "PinnacleDriverCheck" "" "" "c:\winnt\system32\psdrvcheck.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RestoreIT!" "VBPTask MFC Application" "FarStone Tech. Inc." "c:\program files\farstone\restoreit!\vbptask.exe"
+ "SoundMAX" "SoundMAX Control Center" "Analog Devices, Inc." "c:\program files\analog devices\soundmax\smax4.exe"
+ "SoundMAXPnP" "SMax4PNP MFC Application" "Analog Devices, Inc." "c:\program files\analog devices\soundmax\smax4pnp.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "tgcmd" "" "" "File not found: C:\Program Files\Support.com\bin\tgcmd.exe"
+ "USB2Check" "Pinnacle Systems CoInstaller" "Pinnacle Systems" "c:\winnt\system32\pclecoinst.dll"
+ "USBToolTip" "Pinnacle USB Tip - for Multi Media eXtensions" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\programs\usbtip\usbtip.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "Kodak EasyShare software.lnk" "Kodak EasyShare Software" "Eastman Kodak Company" "c:\program files\kodak\kodak easyshare software\bin\easyshare.exe"
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files\microsoft office\office\osa9.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "CRLUpdate" "" "" "c:\winnt\system32\updcrl.exe"
+ "EnableRevocation" "" "" "File not found: 2"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DriverUpdaterPro" "" "" "File not found: C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t"
+ "PowerPanel Personal Edition User Interaction" "" "" "c:\program files\cyberpower powerpanel personal edition\pppeuser.exe"
+ "updateMgr" "" "" "File not found: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "pure-go" "Pure Service Provider DLL" "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\puresp4.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\winnt\system32\igfxpph.dll"
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "Fax Tiff Data Column Provider" "" "" "File not found: C:\WINNT\system32\faxshell.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DriveLetterAccess" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlashx_w.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "Spybot-S&D IE Protection" "" "" "File not found: C:\PROGRA~1\SPYBOT~1\SDHelper.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Spybot - Search & Destroy Configuration" "" "" "File not found: C:\PROGRA~1\SPYBOT~1\SDHelper.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "AdobeŽ FlashŽ Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\winnt\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "EasyShare Registration Task.job" "EasyShare software update page" "Eastman Kodak Company" "c:\documents and settings\all users\application data\kodak\easysharesetup\$registration\registration_8.2.30.1.sxt"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "Tilzpcxd.job" "" "" "c:\winnt\system32\odbcp32ry.dll"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\winnt\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "imonNT" "Intel® Active Monitor Win9x Background Service" "Intel Corp." "c:\program files\intel\intel® active monitor\imonnt.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "Allows McAfee applications to communicate securely on the local network." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\winnt\system32\mfevtps.exe"
+ "nmservice" "Enables Pure Networks Platform services such as file sharing, printer sharing, and network monitoring." "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\nmsrvc.exe"
+ "ppped" "PowerPanel Personal Edition Service minitor the battery backup activity and take protect while power problem exist." "" "c:\program files\cyberpower powerpanel personal edition\ppped.exe"
+ "SoundMAX Agent Service (default)" "SoundMAX service agent component" "Analog Devices, Inc." "c:\program files\analog devices\soundmax\smagent.exe"
+ "SupportSoft RemoteAssist" "ssrc Module" "SupportSoft, Inc." "c:\program files\common files\supportsoft\bin\ssrc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "aeaudio" "Andrea Audio Noise Cancellation Driver" "Andrea Electronics Corporation" "c:\winnt\system32\drivers\aeaudio.sys"
+ "ASAPIW2k" "ASAPIW2K Service" "VOB Computersysteme GmbH" "c:\winnt\system32\drivers\asapiw2k.sys"
+ "Ausbflt" "WDM filter driver for USB devices" "Adaptec Inc." "c:\winnt\system32\drivers\ausbflt.sys"
+ "Cdr4_2K" "CDR4_2k CDR Helper" "Roxio" "c:\winnt\system32\drivers\cdr4_2k.sys"
+ "Cdralw2k" "CDRAL Place Holder Driver (see PxHelp)" "Sonic Solutions" "c:\winnt\system32\drivers\cdralw2k.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\winnt\system32\drivers\cfwids.sys"
+ "Changer" "" "" "File not found: C:\WINNT\System32\Drivers\Changer.sys"
+ "cpudrv" "" "" "c:\program files\systemrequirementslab\cpudrv.sys"
+ "DCamUSBEMPIA" "USB 28xx WDM Driver" "eMPIA Technology, Inc." "c:\winnt\system32\drivers\emdevice.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Sonic Solutions" "c:\winnt\system32\drivers\dlacdbhm.sys"
+ "DLADResN" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dladresn.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlapoolm.sys"
+ "DLARTL_N" "Shared Driver Component" "Sonic Solutions" "c:\winnt\system32\drivers\dlartl_n.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaudfam.sys"
+ "drvmcdb" "Device Driver" "Sonic Solutions" "c:\winnt\system32\drivers\drvmcdb.sys"
+ "drvnddm" "Device Driver Manager" "Sonic Solutions" "c:\winnt\system32\drivers\drvnddm.sys"
+ "E100B" "Intel® PRO/100 Adapter NDIS 5.1 driver" "Intel Corporation" "c:\winnt\system32\drivers\e100b325.sys"
+ "emAudio" "USB Audio Driver" "Pinnacle Systems, Inc." "c:\winnt\system32\drivers\emaudio.sys"
+ "FiltUSBEMPIA" "USB 28xx WDM Lower filter" "eMPIA Technology, Inc." "c:\winnt\system32\drivers\emfilter.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\winnt\system32\drivers\gearaspiwdm.sys"
+ "HPZid412" "IEEE-1284.4-1999 Driver (Windows 2000)" "HP" "c:\winnt\system32\drivers\hpzid412.sys"
+ "HPZipr12" "IEEE-1284.4-1999 Print Class Driver" "HP" "c:\winnt\system32\drivers\hpzipr12.sys"
+ "HPZius12" "1284.4<->Usb Datalink Driver (Windows 2000)" "HP" "c:\winnt\system32\drivers\hpzius12.sys"
+ "i2omgmt" "" "" "File not found: C:\WINNT\System32\Drivers\i2omgmt.sys"
+ "ialm" "Controller Hub for Intel Graphics Driver" "Intel Corporation" "c:\winnt\system32\drivers\ialmnt5.sys"
+ "iSMBIOS" "iSMBios Driver for Windows NT®" "Intel Corporation" "c:\winnt\system32\drivers\ismbios.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINNT\System32\Drivers\lbrtfdc.sys"
+ "MarvinBus" "Pinnacle Marvin Discrete Bus Enumerator" "Pinnacle Systems GmbH" "c:\winnt\system32\drivers\marvinbus.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\WINNT\System32\Drivers\mfeavfk01.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfebopk.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfehidk.sys"
+ "mfendisk" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfendisk.sys"
+ "mfendiskmp" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfendisk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mferkdet.sys"
+ "mferkdk" "" "" "File not found: C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys"
+ "mfetdi2k" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfetdi2k.sys"
+ "MidiSyn" "Analog Devices Kernel DLS Synthesizer" "Analog Devices Inc" "c:\winnt\system32\drivers\midisyn.sys"
+ "MR97310_VGA_DUAL_CAMERA" "WDM Driver for USB Dual-Mode Camera" "Mars Semiconductor Corp." "c:\winnt\system32\drivers\mr97310v.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\winnt\system32\drivers\ntidrvr.sys"
+ "PCIDump" "" "" "File not found: C:\WINNT\System32\Drivers\PCIDump.sys"
+ "PCLEPCI" "PCLEPCI" "Pinnacle Systems GmbH" "c:\winnt\system32\drivers\pclepci.sys"
+ "PDCOMP" "" "" "File not found: C:\WINNT\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINNT\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINNT\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINNT\System32\Drivers\PDRFRAME.sys"
+ "pfc" "Padus® ASPI Shell" "Padus, Inc." "c:\winnt\system32\drivers\pfc.sys"
+ "pnarp" "Provides support for Pure Networks Platform device discovery." "Cisco Systems, Inc." "c:\winnt\system32\drivers\pnarp.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\winnt\system32\drivers\ptilink.sys"
+ "purendis" "Provides support for Pure Networks Platform wireless adapter configuration." "Cisco Systems, Inc." "c:\winnt\system32\drivers\purendis.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\winnt\system32\drivers\pxhelp20.sys"
+ "ScanUSBEMPIA" "USB 28xx WDM Upper Filter" "eMPIA Technology, Inc." "c:\winnt\system32\drivers\emscan.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\winnt\system32\drivers\secdrv.sys"
+ "sf" "DSP service driver" "Sonic Focus, Inc" "c:\winnt\system32\drivers\sf.sys"
+ "SIODRV" "SuperIO Driver for Windows NT®" "Intel Corporation" "c:\winnt\system32\drivers\siodrv.sys"
+ "SMBios" "Intel® System Managment BIOS Driver" "Intel Corporation" "c:\winnt\system32\drivers\smbios.sys"
+ "smbusp" "System Management Bus 2.0 (SMBus) Driver" "Intel Corporation" "c:\winnt\system32\drivers\smb.sys"
+ "smwdm" "SoundMAX Integrated Digital Audio " "Analog Devices, Inc." "c:\winnt\system32\drivers\smwdm.sys"
+ "tga" "" "" "File not found: C:\WINNT\System32\Drivers\tga.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\winnt\system32\drivers\usbaapl.sys"
+ "vsdatant" "TrueVector Device Driver" "Zone Labs Inc." "c:\winnt\system32\vsdatant.sys"
+ "VVBackd5" "" "" "c:\winnt\system32\drivers\vvbackd5.sys"
+ "WDICA" "" "" "File not found: C:\WINNT\System32\Drivers\WDICA.sys"
+ "{6080A529-897E-4629-A488-ABA0C29B635E}" "Intel Graphics Platform (SoftBIOS) Driver for Windows 2000® & Windows XP™" "Intel Corporation" "c:\winnt\system32\drivers\ialmsbw.sys"
+ "{D31A0762-0CEB-444e-ACFF-B049A1F6FE91}" "Intel Graphics Chipset (KCH) Driver for Windows 2000® & Windows XP™" "Intel Corporation" "c:\winnt\system32\drivers\ialmkchw.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "IndeoŽ audio software" "Intel Corporation" "c:\winnt\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\winnt\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\winnt\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\winnt\system32\tssoft32.acm"
+ "vidc.cvid" "CinepakŽ Codec" "Radius Inc." "c:\winnt\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\winnt\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\winnt\system32\ir32_32.dll"
+ "vidc.iv41" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "vidc.iv50" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\winnt\system32\ir50_32.dll"
+ "VIDC.MJPG" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\winnt\system32\pvmjpg30.dll"
+ "VIDC.PIM1" "" "" "File not found: pclepim1.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IndeoŽ video 4.4 Compression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Compression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Decompression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Decompression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\winnt\system32\acelpdec.ax"
+ "Acorn Source" "USB-DVR2 Source (DVC120)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc120\usbdvr2src.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Arcsoft LPCM Decoder" "Special Effects Sample" "MyCompanyName" "c:\program files\arcsoft\showbiz\lpcmdec.ax"
+ "ArcSoft Mpeg Writer" "MPEG Writer Filter" "Arcsoft Inc." "c:\program files\arcsoft\showbiz\mpegwriter.ax"
+ "AudioGrab" "Audio Level Monitor Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\audiograb.ax"
+ "AudioResampler" "Audio Resampler - DS Graph Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\audioresampler.ax"
+ "AVI_PASS" "AVI-MPEG Decapsulation Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\avi_pass.ax"
+ "AVSynChronizer Filter" "AVSynChronizer - AVSynChronizer" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\avsynchronizer.ax"
+ "AXWavRender" "Wave File Renderer - DS Graph Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\axwavrender.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Cirrus Logic USB-DVR2 Sink" "USB-DVR2 Sink (DVC150)" "Magnum Semiconductor" "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2snk.ax"
+ "DVC 150 XFormDEADCAFE" "DVC150 Audio Video Transformation Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\dvc150xformdeadcafe.ax"
+ "DVC150 Muxer" "DVC 150 Muxer Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\dvc150muxer.ax"
+ "DVC150 Source" "USB-DVR2 Source (DVC150)" "Magnum Semiconductor" "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2src.ax"
+ "DVDPremaster" "DVDPremaster Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dvdpremasterfilter.ax"
+ "Emuzed Flow Control" "Pinnacle Flow Control filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\flowctrl.ax"
+ "ESink" "ESink Filter " "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\esink.ax"
+ "ESinkAudio" "File Dump Filter (Sample)" "MyCompanyName" "c:\program files\pinnacle\shared files\filter\esinkaudio.ax"
+ "File Dump" "FileDump DLL" "ArcSoft Inc." "c:\program files\arcsoft\showbiz\filedump.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "H261 Decode Filter" "" "" "File not found: C:\WINNT\System32\h261_32.ax"
+ "H261 Encode Transform Filter" "" "" "File not found: C:\WINNT\System32\h261_32.ax"
+ "H263 Decode Filter" "" "" "File not found: C:\WINNT\System32\h263_32.ax"
+ "H263 Encode Transform Filter" "" "" "File not found: C:\WINNT\System32\h263_32.ax"
+ "HD DVD RT Muxer Filter" "RTDVDMuxFilter Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclertdvdmux.ax"
+ "Honestech VCD/SVCD Encoder" "honest technology, VCD/SVCD encoder" "honest technology" "c:\winnt\system32\htvcdsvcd.ax"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel IndeoŽ video IVF Source Filter 5.10" "Intel Corporation" "c:\winnt\system32\ivfsrc.ax"
+ "IndeoŽ audio software" "IndeoŽ audio software" "Intel Corporation" "c:\winnt\system32\iac25_32.ax"
+ "IndeoŽ video 5.10 Compression Filter" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\winnt\system32\ir50_32.dll"
+ "IndeoŽ video 5.10 Decompression Filter" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\winnt\system32\ir50_32.dll"
+ "Intel RTP Demux Filter" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP RPH for G.711/G.723.1" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP RPH for Generic Audio" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP RPH for H.263/H.261" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP SPH for G.711/G.723.1" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP SPH for Generic Audio" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP SPH for H.263/H.261" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Encoder" "InterVideo?Audio Encoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaenc.ax"
+ "InterVideo Audio Processor Fx" "" "" "c:\program files\intervideo\common\bin\auprocfx.ax"
+ "InterVideo Demux" "InterVideoŽ MPEG System Demultiplexer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ividemxx.ax"
+ "Intervideo Disc Read2 Filter" "" "" "c:\program files\intervideo\common\bin\discread.ax"
+ "InterVideo Disc Write2 Filter" "DiscRite" "InterVideo Inc." "c:\program files\intervideo\common\bin\discrite.ax"
+ "InterVideo Down Scale Filter" "InterVideoŽ Down Scale Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ividowns.ax"
+ "InterVideo File Writer" "InterVideoŽ File Writer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviwrite.ax"
+ "InterVideo Multiplexer" "InterVideoŽ MPEG System Multiplexer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivimux.ax"
+ "InterVideo Navigator" "IVINAV" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Pre-scaling Filter" "InterVideoŽ PreScale Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviscale.ax"
+ "InterVideo Still Capture" "InterVideoŽ Still Capture Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviscapt.ax"
+ "InterVideo Time Shift" "InterVideo Time Shifting Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivits.ax"
+ "InterVideo Video Decoder" "IVIVIDEO" " InterVideo Inc." "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "InterVideo Video Encoder" "InterVideoŽ MPEG Video Encoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivivenc.ax"
+ "InterVideo Wave Wrapper" "InterVideo Wave Wrapper Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviwavex.ax"
+ "MediaSampleGrab" "FrameGrab" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\framegrab.ax"
+ "Microsoft PCM Audio Mixer" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\winnt\system32\l3codecx.ax"
+ "MultiFile Streaming Filter" "MFStreamer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\mfstreamerfilter.ax"
+ "PCM Silence Suppressor" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Photo Story 3 Source Filter" "Photo Story 3 for Windows" "Microsoft Corp." "c:\program files\photo story 3 for windows\pssourcefilter3.dll"
+ "PICVideo M-JPEG 3 Compressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\winnt\system32\pvmjpg30.dll"
+ "PICVideo M-JPEG 3 Decompressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\winnt\system32\pvmjpg30.dll"
+ "Pinnacle AC3 Audio Source" "Pinnacle AC3 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleac3mediasource.ax"
+ "Pinnacle AC3 Decoder" "Pinnacle AC3 Decoder - AC3 Decoder Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3decoder.ax"
+ "Pinnacle AC3 Encoder (2 Channels)" "AC3 Consumer Encoder - 2 Channels only" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3enc2ch.ax"
+ "Pinnacle AC3 Encoder (5.1 Channels)" "AC3 Consumer Encoder - 5.1 Channels" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3enc5_1ch.ax"
+ "Pinnacle ASF Audio Source" "Pinnacle ASF Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleasfmediasource.ax"
+ "Pinnacle ASF Video Source" "Pinnacle ASF Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleasfmediasource.ax"
+ "Pinnacle Audio / Video synchronisation filter" "Pinnacle Audio / Video synchronisation filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesync.ax"
+ "Pinnacle Audio Codec" "PcleAudioCodec - AudioCodec" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleaudiocodec.ax"
+ "Pinnacle Audio Scene Analyzer" "ASA DirectShow Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwaudiosceneanalyzer.ax"
+ "Pinnacle AVI Audio Source" "Pinnacle AVI Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleavimediasource.ax"
+ "Pinnacle AVI Video Source" "Pinnacle AVI Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleavimediasource.ax"
+ "Pinnacle Bender AudioPrefilter2" "Audio preprocessing filter for AV/DV2 outpt" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclebenderaudioprefilter2.ax"
+ "Pinnacle CSC" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Cutlist Audio Source 3" "Pinnacle Cutlist Reader Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclecutlistsource3.ax"
+ "Pinnacle Cutlist Video Source 3" "Pinnacle Cutlist Reader Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclecutlistsource3.ax"
+ "Pinnacle DCxx MJPEG Decompressor" "Pinnacle MJPEG decompress filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\mjpgdecompress.ax"
+ "Pinnacle DV Decoder" "Pinnacle DV Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcledvbox.ax"
+ "Pinnacle DV Encoder" "Pinnacle DV Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcledvbox.ax"
+ "Pinnacle DVD Data Streamer Filter" "DVDDataStreamer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dvddatastreamerfilter.ax"
+ "Pinnacle Error Handler" "Pinnacle Error Handler" "Avid, Inc." "c:\program files\pinnacle\shared files\filter\pcleerrorhandler.ax"
+ "Pinnacle Field Reverser Filter" "FieldReverserTransform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwfieldreverser.ax"
+ "Pinnacle file sink 2" "DirectShow file writer filter based on RAL" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwsink2.ax"
+ "Pinnacle file source 4" "Pinnacle file reader filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwsource4.ax"
+ "Pinnacle File Writer" "Media File Renderer" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\mpegrender.ax"
+ "Pinnacle Float2PCM" "Float2PCM Dynamic Link Library" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\float2pcm.ax"
+ "Pinnacle Image Converter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Image Scaler" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Infinite Pin Tee" "Infinite Tee - DS Graph Stream Splitter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pinftee.ax"
+ "Pinnacle LPCM PCM Transform Filter" "Pinnacle LPCM PCM Transformation Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclelpcmtransform.ax"
+ "Pinnacle MCE Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MP3 Audio Source" "Pinnacle MP3 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclemp3mediasource.ax"
+ "Pinnacle MP3 Encoder" "Pinnacle MP3 compressor" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclemp3encoder.ax"
+ "Pinnacle MPADecoder" "MPEG Audio Decoder" "Private" "c:\program files\pinnacle\shared files\filter\mpadecoder.ax"
+ "Pinnacle MPEG 2 Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Splicer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Adjust" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Audio Source" "Pinnacle MPEG Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempegmediasource.ax"
+ "Pinnacle MPEG Demuxer" "MPEG Demuxer Filter - Program stream demuxer" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempgdemux.ax"
+ "Pinnacle MPEG Encoder" "Pinnacle MPEG Encoder - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegenc.ax"
+ "Pinnacle MPEG Layer 1-3 Audio Decoder" "MPEG Audio Decoder - Layer 1,2,3" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempadecoder.ax"
+ "Pinnacle MPEG Layer-1/2 Audio Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Layer-2 Audio Encoder" "MPA Audio Encoder - MPEG Layer-2" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempaencoder.ax"
+ "Pinnacle MPEG Layer-2 Audio Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Source 2" "MPEGSource Filter" "" "c:\program files\pinnacle\shared files\filter\pclempegsource2.ax"
+ "Pinnacle MPEG Video Decoder (P)" "DirectShow MPEG 1/2 Video Decoder Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegdec.ax"
+ "Pinnacle MPEG Video Source" "Pinnacle MPEG Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempegmediasource.ax"
+ "Pinnacle MPEG2 Demux II" "pcledemux2" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcledemux2.ax"
+ "Pinnacle MPEG2 Demux II (MovieBox USB version)" "PcleDemux2MBox" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcledemux2mbox.ax"
+ "Pinnacle MPEG4 Audio Source" "Pinnacle MPEG4 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempeg4mediasource.ax"
+ "Pinnacle MPEG4 Video Source" "Pinnacle MPEG4 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempeg4mediasource.ax"
+ "Pinnacle NEOVideoRepair" "MPEG GOPRenumber" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcleneovideorepair.ax"
+ "Pinnacle pipe" "Studio IQualityControl dispatcher" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwqualitycontrol.ax"
+ "Pinnacle RT DVD Muxer Filter" "RTDVDMuxFilter Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclertdvdmux.ax"
+ "Pinnacle Sample Sink" "Pinnacle Sample Sink Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesamplesink.ax"
+ "Pinnacle Scene Detect Filter" "Scene Detect Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwscenedetect2.ax"
+ "Pinnacle Silencer" "Silencer Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesilencer.ax"
+ "Pinnacle Single Audio Source" "Pinnacle Single Source Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesinglesource.ax"
+ "Pinnacle Single Video Source" "Pinnacle Single Source Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesinglesource.ax"
+ "Pinnacle Stream Source Filter" "Pinnacle VideoInfo Changer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\streamsource.ax"
+ "Pinnacle Time Fixer Filter" "Pinnacle Time Fixer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\timefixer2.ax"
+ "Pinnacle VariSpeed Filter" "Variable Speed Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwvarispeed.ax"
+ "Pinnacle Video AntiJitter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Block Filter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Deinterlacer" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Renderer" "Pinnacle DirectShow Video Renderer -" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcle_ovr.ax"
+ "Pinnacle VideoInfo Changer Filter" "Pinnacle VideoInfo Changer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\videoinfochanger2.ax"
+ "Pinnacle WAV Audio Source" "Pinnacle WAV Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclewavmediasource.ax"
+ "Pinnacle wave source" "Pinnacle Wave Capture Filter" "" "c:\program files\pinnacle\shared files\filter\dwwavecapture.ax"
+ "Pinnacle Windows Media Renderer2" "Windows Media Format file renderer" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\wmrenderer2.ax"
+ "Pinnacle(dicas) AMR Audio Decoder" "dsamrauddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pcleamrauddec.ax"
+ "Pinnacle(dicas) H263 Video Encoder" "dsh263videnc" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pcleh263videnc.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Decoder" "dsmpeg4auddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4auddec.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Encoder" "dsmpeg4audenc" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4audenc.ax"
+ "Pinnacle(dicas) MPEG-4 File Reader" "dsmp4filereader" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclemp4filereader.ax"
+ "Pinnacle(dicas) MPEG-4 File Writer" "dsmp4filewriter" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclemp4filewriter.ax"
+ "Pinnacle(dicas) MPEG-4 Multiplexer" "dsmpeg4mux" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4mux.ax"
+ "Pinnacle(dicas) MPEG-4 Video Decoder" "dsmpeg4viddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4viddec.ax"
+ "Plus! Photo Story 3 WAV Dest" "Photo Story 3 for Windows" "Microsoft Corp." "c:\program files\photo story 3 for windows\wavdest3.dll"
+ "Program Stream Desplit" "USB-DVR2 Splitter (DVC150)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2splt.ax"
+ "Program Stream Desplit" "USB-DVR2 Splitter (DVC120)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc120\usbdvr2splt.ax"
+ "PushSink" "File Dump Filter (Sample)" "Microsoft Corporation" "c:\program files\pinnacle\shared files\filter\pushsink.ax"
+ "RealMediaRenderer2" "Real Media Renderer 2" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\realvideo\pclermrenderer2.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Render Dib" "Special Effects Sample" "ArcSoft" "c:\program files\arcsoft\photoimpression 4\ezrgb24.ax"
+ "RTP Render Filter" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "RTP Source Filter" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SmartSound SDS Reader" "SDS Media File Reader Filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\sdsreader.dll"
+ "SmartSound Soundtrack" "Quicktracks Soundtrack source filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\directqx.dll"
+ "Snapshot" "Arcsoft Snapshot Filter 1.0" "Arcsoft Corporation" "c:\program files\common files\arcsoft\mpeg engine\arcsnap.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Video Resize" "Special Effects Sample" "MyCompanyName" "c:\winnt\system32\ezrgb24.ax"
+ "WaveFormatEx Detective" "WaveFormatEx Detective" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\wfxdetective.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\winnt\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance" "" "" ""
+ "{584FDB1D-51C4-4A1D-B674-D548D915EE01}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{6DDC8FCE-C470-444A-9425-8EAC662A99F7}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{821C65A9-C22B-4387-9503-265472E25544}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{90F5AF52-6D6C-4C83-8A7D-1C12923A1022}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{C73B6814-9FF3-4D10-A5C0-678904F869E9}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxsrvc Module" "Intel Corporation" "c:\winnt\system32\igfxsrvc.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpzsnt07" "" "HP" "c:\winnt\system32\hpzsnt07.dll"

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:16 PM

Posted 31 January 2013 - 09:46 PM

Farbar service scanner log?

Launch Autoruns and click on TASK SCHEDULER tab and uncheck this entry

+ "Tilzpcxd.job" "" "" "c:\winnt\system32\odbcp32ry.dll"

Restart the PC.

Go to C drive,on top click on TOOLS-FOLDER OPTIONS

Click on VIEW tab and

checkmark SHOW HIDDEN FILES
Uncheck HIDE OPERATING SYSTEM FILES

and click ok

Go to

C:\windows\system32\tasks and delete Tilzpcxd.job

Similarly go to

C:\windows\system32 and delete odbcp32ry.dll

There will files with similar name.Delete the exact file.

#10 MToby

MToby
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 10:52 PM

FARBAR Log

Farbar Service Scanner Version: 30-01-2013
Ran by john (administrator) on 31-01-2013 at 19:47:15
Running from "C:\Documents and Settings\john\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINNT\system32\dhcpcsvc.dll => MD5 is legit
C:\WINNT\system32\Drivers\afd.sys => MD5 is legit
C:\WINNT\system32\Drivers\netbt.sys => MD5 is legit
C:\WINNT\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINNT\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINNT\system32\dnsrslvr.dll => MD5 is legit
C:\WINNT\system32\ipnathlp.dll => MD5 is legit
C:\WINNT\system32\netman.dll => MD5 is legit
C:\WINNT\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINNT\system32\srsvc.dll => MD5 is legit
C:\WINNT\system32\Drivers\sr.sys => MD5 is legit
C:\WINNT\system32\wscsvc.dll => MD5 is legit
C:\WINNT\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINNT\system32\wuauserv.dll
[2005-10-15 20:41] - [2008-04-13 18:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINNT\system32\qmgr.dll => MD5 is legit
C:\WINNT\system32\es.dll => MD5 is legit
C:\WINNT\system32\cryptsvc.dll => MD5 is legit
C:\WINNT\system32\svchost.exe => MD5 is legit
C:\WINNT\system32\rpcss.dll => MD5 is legit
C:\WINNT\system32\services.exe
[2006-02-28 06:00] - [2009-02-06 05:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Gpc(3) IPSEC(6) mfetdi2k(7) NetBT(5) Tcpip(4)
0x0700000006000000010000000200000003000000040000000700000005000000
IpSec Tag value is correct.

**** End of log ****

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:16 PM

Posted 31 January 2013 - 11:08 PM

Press Windows+R key and type

services.msc and click ok

Right click on security center-properties

Change the startup type to automatic and start it

Now run Autoruns again and post the log

Did you delete the file? Do you still have redirects

#12 MToby

MToby
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 11:11 PM

That has been completed.

Should it be all completed now?

#13 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:16 PM

Posted 31 January 2013 - 11:13 PM

Press Windows+R key and type

services.msc and click ok

Right click on security center-properties

Change the startup type to automatic and start it

Now run Autoruns again and post the log


Please do this

#14 MToby

MToby
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 31 January 2013 - 11:33 PM

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "Adobe ARM" "Adobe Reader and Acrobat Manager" "Adobe Systems Incorporated" "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Photo Downloader" "" "" "File not found: C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
+ "Adobe Reader Speed Launcher" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\reader 9.0\reader\reader_sl.exe"
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "ArcSoft Connection Service" "ArcSoft Connect Daemon" "ArcSoft Inc." "c:\program files\common files\arcsoft\connection service\bin\acdaemon.exe"
+ "DLA" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlactrlw.exe"
+ "farstone" "" "" "File not found: NULL"
+ "FastTVSync" "FastTVSync Module" "" "c:\program files\common files\intervideo\fasttvsync\fasttvsync.exe"
+ "Garmin Lifetime Updater" "Garmin Lifetime Updater" "Garmin" "c:\program files\garmin\lifetime updater\garminlifetime.exe"
+ "HotKeysCmds" "hkcmd Module" "Intel Corporation" "c:\winnt\system32\hkcmd.exe"
+ "IgfxTray" "igfxTray Module" "Intel Corporation" "c:\winnt\system32\igfxtray.exe"
+ "IMONTRAY" "imontray MFC Application" "" "c:\program files\intel\intel® active monitor\imontray.exe"
+ "IntelliPoint" "IPoint.exe" "Microsoft Corporation" "c:\program files\microsoft intellipoint\ipoint.exe"
+ "ISUSPM Startup" "InstallShield Update Service Update Manager" "InstallShield Software Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "ISUSScheduler" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "itype" "IType.exe" "Microsoft Corporation" "c:\program files\microsoft intellitype pro\itype.exe"
+ "mcui_exe" "McAfee Security Center" "McAfee, Inc." "c:\program files\mcafee.com\agent\mcagent.exe"
+ "MyGarminAgent" "" "" "c:\program files\garmin\mygarminagent\mygarminagent.exe"
+ "nmapp" "Network Magic Application" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmapp.exe"
+ "nmctxth" "Pure Networks Platform Assistant" "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\nmctxth.exe"
+ "PCLEUSBTip" "Pinnacle USB Tip - for Multi Media eXtensions" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\programs\usbtip\usbtip.exe"
+ "PinnacleDriverCheck" "" "" "c:\winnt\system32\psdrvcheck.exe"
+ "QuickTime Task" "QuickTime Task" "Apple Inc." "c:\program files\quicktime\qttask.exe"
+ "RestoreIT!" "VBPTask MFC Application" "FarStone Tech. Inc." "c:\program files\farstone\restoreit!\vbptask.exe"
+ "SoundMAX" "SoundMAX Control Center" "Analog Devices, Inc." "c:\program files\analog devices\soundmax\smax4.exe"
+ "SoundMAXPnP" "SMax4PNP MFC Application" "Analog Devices, Inc." "c:\program files\analog devices\soundmax\smax4pnp.exe"
+ "SunJavaUpdateSched" "Java™ Update Scheduler" "Sun Microsystems, Inc." "c:\program files\common files\java\java update\jusched.exe"
+ "tgcmd" "" "" "File not found: C:\Program Files\Support.com\bin\tgcmd.exe"
+ "USB2Check" "Pinnacle Systems CoInstaller" "Pinnacle Systems" "c:\winnt\system32\pclecoinst.dll"
+ "USBToolTip" "Pinnacle USB Tip - for Multi Media eXtensions" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\programs\usbtip\usbtip.exe"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup" "" "" ""
+ "Kodak EasyShare software.lnk" "Kodak EasyShare Software" "Eastman Kodak Company" "c:\program files\kodak\kodak easyshare software\bin\easyshare.exe"
+ "Microsoft Office.lnk" "Microsoft Office 2000 component" "Microsoft Corporation" "c:\program files\microsoft office\office\osa9.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Address Book 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
+ "CRLUpdate" "" "" "c:\winnt\system32\updcrl.exe"
+ "EnableRevocation" "" "" "File not found: 2"
+ "Microsoft Outlook Express 6" "Outlook Express Setup Library" "Microsoft Corporation" "c:\program files\outlook express\setup50.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "DriverUpdaterPro" "" "" "File not found: C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t"
+ "PowerPanel Personal Edition User Interaction" "" "" "c:\program files\cyberpower powerpanel personal edition\pppeuser.exe"
+ "updateMgr" "" "" "File not found: C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "application/x-mfe-ipt" "McAfee MSC IE plugin DLL" "McAfee, Inc." "c:\program files\mcafee\msc\mcsniepl.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "pure-go" "Pure Service Provider DLL" "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\puresp4.dll"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components" "" "" ""
+ "0" "" "" "File not found: About:Home"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers" "" "" ""
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "igfxcui" "igfxpph Module" "Intel Corporation" "c:\winnt\system32\igfxpph.dll"
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "Fax Tiff Data Column Provider" "" "" "File not found: C:\WINNT\system32\faxshell.dll"
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "McCtxMenuFrmWrk" "McAfee ContextMenu Framework" "McAfee, Inc." "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"
+ "Network Magic Folders" "nmspce Dynamic Link Library" "Cisco Systems, Inc." "c:\program files\pure networks\network magic\nmspce2.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Link Helper" "Adobe PDF Helper for Internet Explorer" "Adobe Systems Incorporated" "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "DriveLetterAccess" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlashx_w.dll"
+ "Java™ Plug-In 2 SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jp2ssv.dll"
+ "Java™ Plug-In SSV Helper" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\ssv.dll"
+ "JQSIEStartDetectorImpl Class" "Java™ Quick Starter binary" "Sun Microsystems, Inc." "c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll"
+ "Spybot-S&D IE Protection" "" "" "File not found: C:\PROGRA~1\SPYBOT~1\SDHelper.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Spybot - Search & Destroy Configuration" "" "" "File not found: C:\PROGRA~1\SPYBOT~1\SDHelper.dll"
+ "Windows Messenger" "Windows Messenger" "Microsoft Corporation" "c:\program files\messenger\msmsgs.exe"
"Task Scheduler" "" "" ""
+ "Adobe Flash Player Updater.job" "AdobeŽ FlashŽ Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\winnt\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AppleSoftwareUpdate.job" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "EasyShare Registration Task.job" "EasyShare software update page" "Eastman Kodak Company" "c:\documents and settings\all users\application data\kodak\easysharesetup\$registration\registration_8.2.30.1.sxt"
+ "GoogleUpdateTaskMachineCore.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "GoogleUpdateTaskMachineUA.job" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "ACDaemon" "ArcSoft Connect Service" "ArcSoft Inc." "c:\program files\common files\arcsoft\connection service\bin\acservice.exe"
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\winnt\system32\macromed\flash\flashplayerupdateservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "gusvc" "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1150\intel 32\idrivert.exe"
+ "imonNT" "Intel® Active Monitor Win9x Background Service" "Intel Corp." "c:\program files\intel\intel® active monitor\imonnt.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "JavaQuickStarterService" "Prefetches JRE files for faster startup of Java applets and applications" "Sun Microsystems, Inc." "c:\program files\java\jre6\bin\jqs.exe"
+ "mcmscsvc" "McAfee Services" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNaiAnn" "McAfee VirusScan Announcer" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McNASvc" "Allows McAfee applications to communicate securely on the local network." "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McODS" "McAfee Scanner" "McAfee, Inc." "c:\program files\mcafee\virusscan\mcods.exe"
+ "McProxy" "McAfee Proxy Service" "McAfee, Inc." "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"
+ "McShield" "McAfee OnAccess Scanner" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mcshield.exe"
+ "mfefire" "Provides firewall services to McAfee products" "McAfee, Inc." "c:\program files\common files\mcafee\systemcore\mfefire.exe"
+ "mfevtp" "Provides validation trust protection services" "McAfee, Inc." "c:\winnt\system32\mfevtps.exe"
+ "nmservice" "Enables Pure Networks Platform services such as file sharing, printer sharing, and network monitoring." "Cisco Systems, Inc." "c:\program files\common files\pure networks shared\platform\nmsrvc.exe"
+ "ppped" "PowerPanel Personal Edition Service minitor the battery backup activity and take protect while power problem exist." "" "c:\program files\cyberpower powerpanel personal edition\ppped.exe"
+ "SoundMAX Agent Service (default)" "SoundMAX service agent component" "Analog Devices, Inc." "c:\program files\analog devices\soundmax\smagent.exe"
+ "SupportSoft RemoteAssist" "ssrc Module" "SupportSoft, Inc." "c:\program files\common files\supportsoft\bin\ssrc.exe"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "aeaudio" "Andrea Audio Noise Cancellation Driver" "Andrea Electronics Corporation" "c:\winnt\system32\drivers\aeaudio.sys"
+ "ASAPIW2k" "ASAPIW2K Service" "VOB Computersysteme GmbH" "c:\winnt\system32\drivers\asapiw2k.sys"
+ "Ausbflt" "WDM filter driver for USB devices" "Adaptec Inc." "c:\winnt\system32\drivers\ausbflt.sys"
+ "Cdr4_2K" "CDR4_2k CDR Helper" "Roxio" "c:\winnt\system32\drivers\cdr4_2k.sys"
+ "Cdralw2k" "CDRAL Place Holder Driver (see PxHelp)" "Sonic Solutions" "c:\winnt\system32\drivers\cdralw2k.sys"
+ "cfwids" "McAfee Personal Firewall IDS Plugin" "McAfee, Inc." "c:\winnt\system32\drivers\cfwids.sys"
+ "Changer" "" "" "File not found: C:\WINNT\System32\Drivers\Changer.sys"
+ "cpudrv" "" "" "c:\program files\systemrequirementslab\cpudrv.sys"
+ "DCamUSBEMPIA" "USB 28xx WDM Driver" "eMPIA Technology, Inc." "c:\winnt\system32\drivers\emdevice.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Sonic Solutions" "c:\winnt\system32\drivers\dlacdbhm.sys"
+ "DLADResN" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dladresn.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlapoolm.sys"
+ "DLARTL_N" "Shared Driver Component" "Sonic Solutions" "c:\winnt\system32\drivers\dlartl_n.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Sonic Solutions" "c:\winnt\system32\dla\dlaudfam.sys"
+ "drvmcdb" "Device Driver" "Sonic Solutions" "c:\winnt\system32\drivers\drvmcdb.sys"
+ "drvnddm" "Device Driver Manager" "Sonic Solutions" "c:\winnt\system32\drivers\drvnddm.sys"
+ "E100B" "Intel® PRO/100 Adapter NDIS 5.1 driver" "Intel Corporation" "c:\winnt\system32\drivers\e100b325.sys"
+ "emAudio" "USB Audio Driver" "Pinnacle Systems, Inc." "c:\winnt\system32\drivers\emaudio.sys"
+ "FiltUSBEMPIA" "USB 28xx WDM Lower filter" "eMPIA Technology, Inc." "c:\winnt\system32\drivers\emfilter.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\winnt\system32\drivers\gearaspiwdm.sys"
+ "HPZid412" "IEEE-1284.4-1999 Driver (Windows 2000)" "HP" "c:\winnt\system32\drivers\hpzid412.sys"
+ "HPZipr12" "IEEE-1284.4-1999 Print Class Driver" "HP" "c:\winnt\system32\drivers\hpzipr12.sys"
+ "HPZius12" "1284.4<->Usb Datalink Driver (Windows 2000)" "HP" "c:\winnt\system32\drivers\hpzius12.sys"
+ "i2omgmt" "" "" "File not found: C:\WINNT\System32\Drivers\i2omgmt.sys"
+ "ialm" "Controller Hub for Intel Graphics Driver" "Intel Corporation" "c:\winnt\system32\drivers\ialmnt5.sys"
+ "iSMBIOS" "iSMBios Driver for Windows NT®" "Intel Corporation" "c:\winnt\system32\drivers\ismbios.sys"
+ "lbrtfdc" "" "" "File not found: C:\WINNT\System32\Drivers\lbrtfdc.sys"
+ "MarvinBus" "Pinnacle Marvin Discrete Bus Enumerator" "Pinnacle Systems GmbH" "c:\winnt\system32\drivers\marvinbus.sys"
+ "mfeapfk" "Access Protection Filter Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfeapfk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfeavfk.sys"
+ "mfeavfk01" "" "" "File not found: C:\WINNT\System32\Drivers\mfeavfk01.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfebopk.sys"
+ "mfefirek" "McAfee Core Firewall Engine Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfefirek.sys"
+ "mfehidk" "McAfee Link Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfehidk.sys"
+ "mfendisk" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfendisk.sys"
+ "mfendiskmp" "McAfee NDIS Intermediate Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfendisk.sys"
+ "mferkdet" "McAfee Code Analysis Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mferkdet.sys"
+ "mferkdk" "" "" "File not found: C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys"
+ "mfetdi2k" "Anti-Virus Mini-Firewall Driver" "McAfee, Inc." "c:\winnt\system32\drivers\mfetdi2k.sys"
+ "MidiSyn" "Analog Devices Kernel DLS Synthesizer" "Analog Devices Inc" "c:\winnt\system32\drivers\midisyn.sys"
+ "MR97310_VGA_DUAL_CAMERA" "WDM Driver for USB Dual-Mode Camera" "Mars Semiconductor Corp." "c:\winnt\system32\drivers\mr97310v.sys"
+ "NTIDrvr" "NTI CD-ROM Filter Driver" "NewTech Infosystems, Inc." "c:\winnt\system32\drivers\ntidrvr.sys"
+ "PCIDump" "" "" "File not found: C:\WINNT\System32\Drivers\PCIDump.sys"
+ "PCLEPCI" "PCLEPCI" "Pinnacle Systems GmbH" "c:\winnt\system32\drivers\pclepci.sys"
+ "PDCOMP" "" "" "File not found: C:\WINNT\System32\Drivers\PDCOMP.sys"
+ "PDFRAME" "" "" "File not found: C:\WINNT\System32\Drivers\PDFRAME.sys"
+ "PDRELI" "" "" "File not found: C:\WINNT\System32\Drivers\PDRELI.sys"
+ "PDRFRAME" "" "" "File not found: C:\WINNT\System32\Drivers\PDRFRAME.sys"
+ "pfc" "Padus® ASPI Shell" "Padus, Inc." "c:\winnt\system32\drivers\pfc.sys"
+ "pnarp" "Provides support for Pure Networks Platform device discovery." "Cisco Systems, Inc." "c:\winnt\system32\drivers\pnarp.sys"
+ "Ptilink" "Direct Parallel Link Driver" "Parallel Technologies, Inc." "c:\winnt\system32\drivers\ptilink.sys"
+ "purendis" "Provides support for Pure Networks Platform wireless adapter configuration." "Cisco Systems, Inc." "c:\winnt\system32\drivers\purendis.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\winnt\system32\drivers\pxhelp20.sys"
+ "ScanUSBEMPIA" "USB 28xx WDM Upper Filter" "eMPIA Technology, Inc." "c:\winnt\system32\drivers\emscan.sys"
+ "Secdrv" "SafeDisc driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\winnt\system32\drivers\secdrv.sys"
+ "sf" "DSP service driver" "Sonic Focus, Inc" "c:\winnt\system32\drivers\sf.sys"
+ "SIODRV" "SuperIO Driver for Windows NT®" "Intel Corporation" "c:\winnt\system32\drivers\siodrv.sys"
+ "SMBios" "Intel® System Managment BIOS Driver" "Intel Corporation" "c:\winnt\system32\drivers\smbios.sys"
+ "smbusp" "System Management Bus 2.0 (SMBus) Driver" "Intel Corporation" "c:\winnt\system32\drivers\smb.sys"
+ "smwdm" "SoundMAX Integrated Digital Audio " "Analog Devices, Inc." "c:\winnt\system32\drivers\smwdm.sys"
+ "tga" "" "" "File not found: C:\WINNT\System32\Drivers\tga.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\winnt\system32\drivers\usbaapl.sys"
+ "vsdatant" "TrueVector Device Driver" "Zone Labs Inc." "c:\winnt\system32\vsdatant.sys"
+ "VVBackd5" "" "" "c:\winnt\system32\drivers\vvbackd5.sys"
+ "WDICA" "" "" "File not found: C:\WINNT\System32\Drivers\WDICA.sys"
+ "{6080A529-897E-4629-A488-ABA0C29B635E}" "Intel Graphics Platform (SoftBIOS) Driver for Windows 2000® & Windows XP™" "Intel Corporation" "c:\winnt\system32\drivers\ialmsbw.sys"
+ "{D31A0762-0CEB-444e-ACFF-B049A1F6FE91}" "Intel Graphics Chipset (KCH) Driver for Windows 2000® & Windows XP™" "Intel Corporation" "c:\winnt\system32\drivers\ialmkchw.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.iac2" "IndeoŽ audio software" "Intel Corporation" "c:\winnt\system32\iac25_32.ax"
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\winnt\system32\l3codeca.acm"
+ "msacm.sl_anet" "Audio codec for MS ACM" "Sipro Lab Telecom Inc." "c:\winnt\system32\sl_anet.acm"
+ "msacm.trspch" "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50" "DSP GROUP, INC." "c:\winnt\system32\tssoft32.acm"
+ "vidc.cvid" "CinepakŽ Codec" "Radius Inc." "c:\winnt\system32\iccvid.dll"
+ "vidc.iv31" "" "" "c:\winnt\system32\ir32_32.dll"
+ "vidc.iv32" "" "" "c:\winnt\system32\ir32_32.dll"
+ "vidc.iv41" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "vidc.iv50" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\winnt\system32\ir50_32.dll"
+ "VIDC.MJPG" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\winnt\system32\pvmjpg30.dll"
+ "VIDC.PIM1" "" "" "File not found: pclepim1.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "IndeoŽ video 4.4 Compression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Compression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Decompression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
+ "IndeoŽ video 4.4 Decompression Filter" "Intel IndeoŽ Video 4.5" "Intel Corporation" "c:\winnt\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "ACELP.net Audio Decoder" "ACELP.net Audio Decoder" "Sipro Lab Telecom Inc." "c:\winnt\system32\acelpdec.ax"
+ "Acorn Source" "USB-DVR2 Source (DVC120)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc120\usbdvr2src.ax"
+ "Allocator Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Arcsoft LPCM Decoder" "Special Effects Sample" "MyCompanyName" "c:\program files\arcsoft\showbiz\lpcmdec.ax"
+ "ArcSoft Mpeg Writer" "MPEG Writer Filter" "Arcsoft Inc." "c:\program files\arcsoft\showbiz\mpegwriter.ax"
+ "AudioGrab" "Audio Level Monitor Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\audiograb.ax"
+ "AudioResampler" "Audio Resampler - DS Graph Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\audioresampler.ax"
+ "AVI_PASS" "AVI-MPEG Decapsulation Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\avi_pass.ax"
+ "AVSynChronizer Filter" "AVSynChronizer - AVSynChronizer" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\avsynchronizer.ax"
+ "AXWavRender" "Wave File Renderer - DS Graph Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\axwavrender.ax"
+ "Bitmap" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Cirrus Logic USB-DVR2 Sink" "USB-DVR2 Sink (DVC150)" "Magnum Semiconductor" "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2snk.ax"
+ "DVC 150 XFormDEADCAFE" "DVC150 Audio Video Transformation Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\dvc150xformdeadcafe.ax"
+ "DVC150 Muxer" "DVC 150 Muxer Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\dvc150muxer.ax"
+ "DVC150 Source" "USB-DVR2 Source (DVC150)" "Magnum Semiconductor" "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2src.ax"
+ "DVDPremaster" "DVDPremaster Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dvdpremasterfilter.ax"
+ "Emuzed Flow Control" "Pinnacle Flow Control filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\flowctrl.ax"
+ "ESink" "ESink Filter " "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\esink.ax"
+ "ESinkAudio" "File Dump Filter (Sample)" "MyCompanyName" "c:\program files\pinnacle\shared files\filter\esinkaudio.ax"
+ "File Dump" "FileDump DLL" "ArcSoft Inc." "c:\program files\arcsoft\showbiz\filedump.ax"
+ "Frame Eater" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "H261 Decode Filter" "" "" "File not found: C:\WINNT\System32\h261_32.ax"
+ "H261 Encode Transform Filter" "" "" "File not found: C:\WINNT\System32\h261_32.ax"
+ "H263 Decode Filter" "" "" "File not found: C:\WINNT\System32\h263_32.ax"
+ "H263 Encode Transform Filter" "" "" "File not found: C:\WINNT\System32\h263_32.ax"
+ "HD DVD RT Muxer Filter" "RTDVDMuxFilter Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclertdvdmux.ax"
+ "Honestech VCD/SVCD Encoder" "honest technology, VCD/SVCD encoder" "honest technology" "c:\winnt\system32\htvcdsvcd.ax"
+ "Indeo Video ® 5.1 Progressive Download Source" "Intel IndeoŽ video IVF Source Filter 5.10" "Intel Corporation" "c:\winnt\system32\ivfsrc.ax"
+ "IndeoŽ audio software" "IndeoŽ audio software" "Intel Corporation" "c:\winnt\system32\iac25_32.ax"
+ "IndeoŽ video 5.10 Compression Filter" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\winnt\system32\ir50_32.dll"
+ "IndeoŽ video 5.10 Decompression Filter" "Intel IndeoŽ video 5.10" "Intel Corporation" "c:\winnt\system32\ir50_32.dll"
+ "Intel RTP Demux Filter" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP RPH for G.711/G.723.1" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP RPH for Generic Audio" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP RPH for H.263/H.261" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP SPH for G.711/G.723.1" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP SPH for Generic Audio" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Intel RTP SPH for H.263/H.261" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "InterVideo Audio Decoder" "IVIAUDIO" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaudio.ax"
+ "InterVideo Audio Encoder" "InterVideo?Audio Encoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviaenc.ax"
+ "InterVideo Audio Processor Fx" "" "" "c:\program files\intervideo\common\bin\auprocfx.ax"
+ "InterVideo Demux" "InterVideoŽ MPEG System Demultiplexer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ividemxx.ax"
+ "Intervideo Disc Read2 Filter" "" "" "c:\program files\intervideo\common\bin\discread.ax"
+ "InterVideo Disc Write2 Filter" "DiscRite" "InterVideo Inc." "c:\program files\intervideo\common\bin\discrite.ax"
+ "InterVideo Down Scale Filter" "InterVideoŽ Down Scale Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ividowns.ax"
+ "InterVideo File Writer" "InterVideoŽ File Writer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviwrite.ax"
+ "InterVideo Multiplexer" "InterVideoŽ MPEG System Multiplexer Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivimux.ax"
+ "InterVideo Navigator" "IVINAV" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivinav.ax"
+ "InterVideo Pre-scaling Filter" "InterVideoŽ PreScale Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviscale.ax"
+ "InterVideo Still Capture" "InterVideoŽ Still Capture Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviscapt.ax"
+ "InterVideo Time Shift" "InterVideo Time Shifting Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivits.ax"
+ "InterVideo Video Decoder" "IVIVIDEO" " InterVideo Inc." "c:\program files\intervideo\common\bin\ivivideo.ax"
+ "InterVideo Video Encoder" "InterVideoŽ MPEG Video Encoder Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\ivivenc.ax"
+ "InterVideo Wave Wrapper" "InterVideo Wave Wrapper Filter" "InterVideo Inc." "c:\program files\intervideo\common\bin\iviwavex.ax"
+ "MediaSampleGrab" "FrameGrab" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\framegrab.ax"
+ "Microsoft PCM Audio Mixer" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "MPEG Layer-3 Decoder" "MPEG Layer-3 Audio Decoder" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\winnt\system32\l3codecx.ax"
+ "MultiFile Streaming Filter" "MFStreamer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\mfstreamerfilter.ax"
+ "PCM Silence Suppressor" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "Photo Story 3 Source Filter" "Photo Story 3 for Windows" "Microsoft Corp." "c:\program files\photo story 3 for windows\pssourcefilter3.dll"
+ "PICVideo M-JPEG 3 Compressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\winnt\system32\pvmjpg30.dll"
+ "PICVideo M-JPEG 3 Decompressor" "PICVideo M-JPEG 3 codec" "Pegasus Imaging Corporation" "c:\winnt\system32\pvmjpg30.dll"
+ "Pinnacle AC3 Audio Source" "Pinnacle AC3 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleac3mediasource.ax"
+ "Pinnacle AC3 Decoder" "Pinnacle AC3 Decoder - AC3 Decoder Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3decoder.ax"
+ "Pinnacle AC3 Encoder (2 Channels)" "AC3 Consumer Encoder - 2 Channels only" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3enc2ch.ax"
+ "Pinnacle AC3 Encoder (5.1 Channels)" "AC3 Consumer Encoder - 5.1 Channels" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleac3enc5_1ch.ax"
+ "Pinnacle ASF Audio Source" "Pinnacle ASF Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleasfmediasource.ax"
+ "Pinnacle ASF Video Source" "Pinnacle ASF Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleasfmediasource.ax"
+ "Pinnacle Audio / Video synchronisation filter" "Pinnacle Audio / Video synchronisation filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesync.ax"
+ "Pinnacle Audio Codec" "PcleAudioCodec - AudioCodec" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcleaudiocodec.ax"
+ "Pinnacle Audio Scene Analyzer" "ASA DirectShow Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwaudiosceneanalyzer.ax"
+ "Pinnacle AVI Audio Source" "Pinnacle AVI Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleavimediasource.ax"
+ "Pinnacle AVI Video Source" "Pinnacle AVI Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pcleavimediasource.ax"
+ "Pinnacle Bender AudioPrefilter2" "Audio preprocessing filter for AV/DV2 outpt" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclebenderaudioprefilter2.ax"
+ "Pinnacle CSC" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Cutlist Audio Source 3" "Pinnacle Cutlist Reader Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclecutlistsource3.ax"
+ "Pinnacle Cutlist Video Source 3" "Pinnacle Cutlist Reader Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclecutlistsource3.ax"
+ "Pinnacle DCxx MJPEG Decompressor" "Pinnacle MJPEG decompress filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\mjpgdecompress.ax"
+ "Pinnacle DV Decoder" "Pinnacle DV Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcledvbox.ax"
+ "Pinnacle DV Encoder" "Pinnacle DV Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcledvbox.ax"
+ "Pinnacle DVD Data Streamer Filter" "DVDDataStreamer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dvddatastreamerfilter.ax"
+ "Pinnacle Error Handler" "Pinnacle Error Handler" "Avid, Inc." "c:\program files\pinnacle\shared files\filter\pcleerrorhandler.ax"
+ "Pinnacle Field Reverser Filter" "FieldReverserTransform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwfieldreverser.ax"
+ "Pinnacle file sink 2" "DirectShow file writer filter based on RAL" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwsink2.ax"
+ "Pinnacle file source 4" "Pinnacle file reader filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwsource4.ax"
+ "Pinnacle File Writer" "Media File Renderer" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\mpegrender.ax"
+ "Pinnacle Float2PCM" "Float2PCM Dynamic Link Library" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\float2pcm.ax"
+ "Pinnacle Image Converter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Image Scaler" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Infinite Pin Tee" "Infinite Tee - DS Graph Stream Splitter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pinftee.ax"
+ "Pinnacle LPCM PCM Transform Filter" "Pinnacle LPCM PCM Transformation Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclelpcmtransform.ax"
+ "Pinnacle MCE Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MP3 Audio Source" "Pinnacle MP3 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclemp3mediasource.ax"
+ "Pinnacle MP3 Encoder" "Pinnacle MP3 compressor" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclemp3encoder.ax"
+ "Pinnacle MPADecoder" "MPEG Audio Decoder" "Private" "c:\program files\pinnacle\shared files\filter\mpadecoder.ax"
+ "Pinnacle MPEG 2 Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Multiplexer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Splicer" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Adjust" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Audio Source" "Pinnacle MPEG Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempegmediasource.ax"
+ "Pinnacle MPEG Demuxer" "MPEG Demuxer Filter - Program stream demuxer" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempgdemux.ax"
+ "Pinnacle MPEG Encoder" "Pinnacle MPEG Encoder - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegenc.ax"
+ "Pinnacle MPEG Layer 1-3 Audio Decoder" "MPEG Audio Decoder - Layer 1,2,3" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempadecoder.ax"
+ "Pinnacle MPEG Layer-1/2 Audio Decoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Layer-2 Audio Encoder" "MPA Audio Encoder - MPEG Layer-2" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempaencoder.ax"
+ "Pinnacle MPEG Layer-2 Audio Encoder" "Pinnacle MPEG Codec - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Source 2" "MPEGSource Filter" "" "c:\program files\pinnacle\shared files\filter\pclempegsource2.ax"
+ "Pinnacle MPEG Video Decoder (P)" "DirectShow MPEG 1/2 Video Decoder Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclempegdec.ax"
+ "Pinnacle MPEG Video Source" "Pinnacle MPEG Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempegmediasource.ax"
+ "Pinnacle MPEG2 Demux II" "pcledemux2" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcledemux2.ax"
+ "Pinnacle MPEG2 Demux II (MovieBox USB version)" "PcleDemux2MBox" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcledemux2mbox.ax"
+ "Pinnacle MPEG4 Audio Source" "Pinnacle MPEG4 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempeg4mediasource.ax"
+ "Pinnacle MPEG4 Video Source" "Pinnacle MPEG4 Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclempeg4mediasource.ax"
+ "Pinnacle NEOVideoRepair" "MPEG GOPRenumber" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pcleneovideorepair.ax"
+ "Pinnacle pipe" "Studio IQualityControl dispatcher" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwqualitycontrol.ax"
+ "Pinnacle RT DVD Muxer Filter" "RTDVDMuxFilter Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclertdvdmux.ax"
+ "Pinnacle Sample Sink" "Pinnacle Sample Sink Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesamplesink.ax"
+ "Pinnacle Scene Detect Filter" "Scene Detect Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwscenedetect2.ax"
+ "Pinnacle Silencer" "Silencer Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesilencer.ax"
+ "Pinnacle Single Audio Source" "Pinnacle Single Source Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesinglesource.ax"
+ "Pinnacle Single Video Source" "Pinnacle Single Source Filter" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\pclesinglesource.ax"
+ "Pinnacle Stream Source Filter" "Pinnacle VideoInfo Changer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\streamsource.ax"
+ "Pinnacle Time Fixer Filter" "Pinnacle Time Fixer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\timefixer2.ax"
+ "Pinnacle VariSpeed Filter" "Variable Speed Transform Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\dwvarispeed.ax"
+ "Pinnacle Video AntiJitter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Block Filter" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Deinterlacer" "Color Space Converter - DirectX Filter" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pclecsc.ax"
+ "Pinnacle Video Renderer" "Pinnacle DirectShow Video Renderer -" "Pinnacle Systems GmbH" "c:\program files\pinnacle\shared files\filter\pcle_ovr.ax"
+ "Pinnacle VideoInfo Changer Filter" "Pinnacle VideoInfo Changer Filter" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\videoinfochanger2.ax"
+ "Pinnacle WAV Audio Source" "Pinnacle WAV Media Source" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\pclewavmediasource.ax"
+ "Pinnacle wave source" "Pinnacle Wave Capture Filter" "" "c:\program files\pinnacle\shared files\filter\dwwavecapture.ax"
+ "Pinnacle Windows Media Renderer2" "Windows Media Format file renderer" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\filter\wmrenderer2.ax"
+ "Pinnacle(dicas) AMR Audio Decoder" "dsamrauddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pcleamrauddec.ax"
+ "Pinnacle(dicas) H263 Video Encoder" "dsh263videnc" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pcleh263videnc.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Decoder" "dsmpeg4auddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4auddec.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Encoder" "dsmpeg4audenc" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4audenc.ax"
+ "Pinnacle(dicas) MPEG-4 File Reader" "dsmp4filereader" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclemp4filereader.ax"
+ "Pinnacle(dicas) MPEG-4 File Writer" "dsmp4filewriter" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclemp4filewriter.ax"
+ "Pinnacle(dicas) MPEG-4 Multiplexer" "dsmpeg4mux" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4mux.ax"
+ "Pinnacle(dicas) MPEG-4 Video Decoder" "dsmpeg4viddec" "dicas digital image coding GmbH" "c:\program files\pinnacle\shared files\filter\pclempeg4viddec.ax"
+ "Plus! Photo Story 3 WAV Dest" "Photo Story 3 for Windows" "Microsoft Corp." "c:\program files\photo story 3 for windows\wavdest3.dll"
+ "Program Stream Desplit" "USB-DVR2 Splitter (DVC150)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc150\usbdvr2splt.ax"
+ "Program Stream Desplit" "USB-DVR2 Splitter (DVC120)" "Cirrus Logic, Inc." "c:\program files\pinnacle\shared files\filter\dvc120\usbdvr2splt.ax"
+ "PushSink" "File Dump Filter (Sample)" "Microsoft Corporation" "c:\program files\pinnacle\shared files\filter\pushsink.ax"
+ "RealMediaRenderer2" "Real Media Renderer 2" "Pinnacle Systems, Inc." "c:\program files\pinnacle\shared files\realvideo\pclermrenderer2.ax"
+ "Record Queue" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Render Dib" "Special Effects Sample" "ArcSoft" "c:\program files\arcsoft\photoimpression 4\ezrgb24.ax"
+ "RTP Render Filter" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "RTP Source Filter" "" "" "File not found: C:\WINNT\System32\dxmrtp.dll"
+ "ShotDetect" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SmartSound SDS Reader" "SDS Media File Reader Filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\sdsreader.dll"
+ "SmartSound Soundtrack" "Quicktracks Soundtrack source filter" "SmartSound Software Inc." "c:\program files\smartsound software\quicktracks\directqx.dll"
+ "Snapshot" "Arcsoft Snapshot Filter 1.0" "Arcsoft Corporation" "c:\program files\common files\arcsoft\mpeg engine\arcsnap.ax"
+ "Stetch" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Video Resize" "Special Effects Sample" "MyCompanyName" "c:\winnt\system32\ezrgb24.ax"
+ "WaveFormatEx Detective" "WaveFormatEx Detective" "Pinnacle Systems" "c:\program files\pinnacle\shared files\filter\wfxdetective.ax"
+ "WIA Stream Snapshot Filter" "WIA Stream Snapshot Filter" "MyCompanyName" "c:\winnt\system32\wiasf.ax"
+ "WM VIH2 Fix" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DirectX Transform Wrapper" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Screen capture Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
"HKLM\Software\Classes\CLSID\{ABE3B9A4-257D-4B97-BD1A-294AF496222E}\Instance" "" "" ""
+ "{584FDB1D-51C4-4A1D-B674-D548D915EE01}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{6DDC8FCE-C470-444A-9425-8EAC662A99F7}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{821C65A9-C22B-4387-9503-265472E25544}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{90F5AF52-6D6C-4C83-8A7D-1C12923A1022}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
+ "{C73B6814-9FF3-4D10-A5C0-678904F869E9}" "WIC Metadata Handler Plug-in" "Eastman Kodak Company" "c:\program files\common files\kodak\wic_support\metadatawicmetadatahandler-platopt.dll"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify" "" "" ""
+ "igfxcui" "igfxsrvc Module" "Intel Corporation" "c:\winnt\system32\igfxsrvc.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "hpzsnt07" "" "HP" "c:\winnt\system32\hpzsnt07.dll"

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:16 PM

Posted 01 February 2013 - 01:31 AM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users