Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I think I am Infected


  • Please log in to reply
15 replies to this topic

#1 nholmes8669

nholmes8669

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 10 February 2013 - 08:18 PM

I keep having new tabs open on their own and avast is warning me of suspicious programs attempting to startup.  I have ran malwarebytes and avast with no luck.  Please help....



BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 10 February 2013 - 08:24 PM


  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#3 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 10 February 2013 - 09:17 PM

I ran TDSSkiller, there were no threats found. The log is too big to post for some reason and I tried to attach the file but it tells me the file is too big to upload.  I will try your other suggestions and post the results.

 

 



#4 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 10 February 2013 - 09:30 PM

Here is the aswMBR log:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-10 21:20:43
-----------------------------
21:20:43.223    OS Version: Windows 6.0.6002 Service Pack 2
21:20:43.223    Number of processors: 2 586 0xF06
21:20:43.224    ComputerName: HOLMESFAMILY-PC  UserName: Holmes Family
21:21:00.995    Initialize success
21:21:02.111    AVAST engine defs: 13021001
21:21:45.712    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:21:45.714    Disk 0 Vendor: WDC_WD32 12.0 Size: 305245MB BusType: 3
21:21:45.740    Disk 0 MBR read successfully
21:21:45.743    Disk 0 MBR scan
21:21:45.746    Disk 0 Windows VISTA default MBR code
21:21:45.749    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       54 MB offset 63
21:21:45.761    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS        10240 MB offset 112640
21:21:45.777    Disk 0 Partition 3 80 (A) 07    HPFS/NTFS NTFS       294949 MB offset 21084160
21:21:45.782    Disk 0 scanning sectors +625139712
21:21:45.867    Disk 0 scanning C:\Windows\system32\drivers
21:22:00.369    Service scanning
21:22:21.829    Modules scanning
21:22:31.257    Disk 0 trace - called modules:
21:22:31.602    ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
21:22:31.606    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86e28ac8]
21:22:31.610    3 CLASSPNP.SYS[843a98b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x863f8030]
21:22:32.351    AVAST engine scan C:\Windows
21:22:35.018    AVAST engine scan C:\Windows\system32
21:25:52.614    AVAST engine scan C:\Windows\system32\drivers
21:26:08.996    AVAST engine scan C:\Users\Holmes Family
21:28:56.604    Disk 0 MBR has been saved successfully to "C:\Users\Holmes Family\Desktop\MBR.dat"
21:28:56.605    The log file has been saved successfully to "C:\Users\Holmes Family\Desktop\aswMBR.txt"
 



#5 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 11 February 2013 - 07:15 PM

Here is the rsults of the ESET Scan:

 

 

C:\Users\Holmes Family\AppData\Roaming\Mozilla\Firefox\Profiles\gyrlod3d.default\extensions\50a30ca5a366f@50a30ca5a36a9.com.xpi Win32/Adware.MultiPlug.H application deleted - quarantined
C:\Windows\Installer\fc21bb8.msi Win32/Toolbar.Widgi application deleted - quarantined
C:\Windows\Installer\{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}\ARPPRODUCTICON.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
C:\Windows\Installer\{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}\UNINST_Uninstall_G_F6A848FB884248E6A4CDCBDCF41F6A74_1.exe Win32/Toolbar.Widgi application cleaned by deleting - quarantined
 



#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 11 February 2013 - 10:27 PM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log


 



#7 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 12 February 2013 - 07:13 PM

Malwarebytes Log:

 

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.12.08

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Holmes Family :: HOLMESFAMILY-PC [administrator]

2/12/2013 4:52:48 PM
mbam-log-2013-02-12 (16-52-48).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 271792
Time elapsed: 6 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#8 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 12 February 2013 - 07:19 PM

MiniToolBox Log:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Holmes Family (administrator) on 12-02-2013 at 19:14:58
Running from "C:\Users\Holmes Family\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.no_proxies_on", "*.local"

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

::1             localhost

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® 82566DC Gigabit Network Connection = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : HolmesFamily-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.mi.comcast.net.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net.
   Description . . . . . . . . . . . : Intel® 82566DC Gigabit Network Connection
   Physical Address. . . . . . . . . : 00-19-D1-80-80-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::3d6e:b892:6996:d15e%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.199(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 10, 2013 9:01:12 PM
   Lease Expires . . . . . . . . . . : Wednesday, February 13, 2013 8:28:51 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 201333201
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-EF-04-1C-00-19-D1-80-80-9B
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:2c77:1f53:3f57:ff38(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2c77:1f53:3f57:ff38%8(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.mi.comcast.net.
   Description . . . . . . . . . . . : isatap.hsd1.mi.comcast.net.
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  2607:f8b0:4009:803::100e
   74.125.225.128
   74.125.225.129
   74.125.225.134
   74.125.225.136
   74.125.225.132
   74.125.225.131
   74.125.225.130
   74.125.225.142
   74.125.225.133
   74.125.225.137
   74.125.225.135

 

Pinging google.com [74.125.225.129] with 32 bytes of data:

Reply from 74.125.225.129: bytes=32 time=25ms TTL=56

Reply from 74.125.225.129: bytes=32 time=16ms TTL=56

 

Ping statistics for 74.125.225.129:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 16ms, Maximum = 25ms, Average = 20ms

DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.0.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

Reply from 206.190.36.45: bytes=32 time=70ms TTL=51

Reply from 206.190.36.45: bytes=32 time=105ms TTL=51

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 70ms, Maximum = 105ms, Average = 87ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
  9 ...00 19 d1 80 80 9b ...... Intel® 82566DC Gigabit Network Connection
  1 ........................... Software Loopback Interface 1
  8 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 12 ...00 00 00 00 00 00 00 e0  isatap.hsd1.mi.comcast.net.
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.199     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.199    266
    192.168.0.199  255.255.255.255         On-link     192.168.0.199    266
    192.168.0.255  255.255.255.255         On-link     192.168.0.199    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.199    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.199    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  8     18 ::/0                     On-link
  1    306 ::1/128                  On-link
  8     18 2001::/32                On-link
  8    266 2001:0:9d38:953c:2c77:1f53:3f57:ff38/128
                                    On-link
  9    266 fe80::/64                On-link
  8    266 fe80::/64                On-link
  8    266 fe80::2c77:1f53:3f57:ff38/128
                                    On-link
  9    266 fe80::3d6e:b892:6996:d15e/128
                                    On-link
  1    306 ff00::/8                 On-link
  8    266 ff00::/8                 On-link
  9    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\System32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\System32\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/12/2013 03:02:25 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft SQL Server 2005 Express Edition -- Error 29503. The SQL Server service failed to start. For more information, see the SQL Server Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting SQL Server Manually."
The error is  (13) The data is invalid.
.

Error: (02/12/2013 03:02:25 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

Error: (02/12/2013 03:02:25 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

Error: (02/12/2013 03:02:25 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: TDSSNIClient initialization failed with error 0xd, status code 0x1.

Error: (02/12/2013 03:02:25 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: TDSSNIClient initialization failed with error 0xd, status code 0x4.

Error: (02/11/2013 03:02:34 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Product: Microsoft SQL Server 2005 Express Edition -- Error 29503. The SQL Server service failed to start. For more information, see the SQL Server Books Online topics, "How to: View SQL Server 2005 Setup Log Files" and "Starting SQL Server Manually."
The error is  (13) The data is invalid.
.

Error: (02/11/2013 03:02:32 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: SQL Server could not spawn FRunCM thread. Check the SQL Server error log and the Windows event logs for information about possible related problems.

Error: (02/11/2013 03:02:32 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: Could not start the network library because of an internal error in the network library. To determine the cause, review the errors immediately preceding this one in the error log.

Error: (02/11/2013 03:02:32 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: TDSSNIClient initialization failed with error 0xd, status code 0x1.

Error: (02/11/2013 03:02:32 AM) (Source: MSSQL$MSSMLBIZ) (User: )
Description: TDSSNIClient initialization failed with error 0xd, status code 0x4.


System errors:
=============
Error: (02/12/2013 03:04:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332){48F7E3B7-2C8F-4900-AE32-F3D8F29C988D}102

Error: (02/12/2013 03:02:25 AM) (Source: Service Control Manager) (User: )
Description: SQL Server (MSSMLBIZ)13 (0xD)

Error: (02/11/2013 03:05:04 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332){48F7E3B7-2C8F-4900-AE32-F3D8F29C988D}102

Error: (02/11/2013 03:02:32 AM) (Source: Service Control Manager) (User: )
Description: SQL Server (MSSMLBIZ)13 (0xD)

Error: (02/10/2013 09:05:04 PM) (Source: Service Control Manager) (User: )
Description: KtmRm for Distributed Transaction Coordinator2147942438 (0x80070026)

Error: (02/10/2013 08:07:35 PM) (Source: Service Control Manager) (User: )
Description: FastFreeConverterUpdt1

Error: (02/10/2013 03:11:00 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332){48F7E3B7-2C8F-4900-AE32-F3D8F29C988D}102

Error: (02/10/2013 03:05:46 AM) (Source: Service Control Manager) (User: )
Description: SQL Server (MSSMLBIZ)13 (0xD)

Error: (02/09/2013 03:05:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: 0x80070643Microsoft SQL Server 2005 Express Edition Service Pack 4 (KB2463332){48F7E3B7-2C8F-4900-AE32-F3D8F29C988D}102

Error: (02/09/2013 03:02:48 AM) (Source: Service Control Manager) (User: )
Description: SQL Server (MSSMLBIZ)13 (0xD)


Microsoft Office Sessions:
=========================
Error: (08/20/2007 00:30:55 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 120 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-01-19 12:54:01.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:54:01.140
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:54:00.887
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:54:00.637
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:54:00.388
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:54:00.140
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.0.6000.16386_none_32a3e3ecf533e7fe\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:51:57.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:51:57.607
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:51:57.356
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-01-19 12:51:57.107
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\fveapi.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
µTorrent (Version: 3.2.2.28500)
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Reader 7.0.8 (Version: 7.0.8)
Adobe Shockwave Player 11.5 (Version: 11.5.1.601)
Amazon MP3 Downloader 1.0.5
AnswerWorks 4.0 Runtime - English (Version: 4.0.101)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
Apex Medina v4 Appraiser
Apple Application Support (Version: 2.3.2)
Apple Mobile Device Support (Version: 6.0.1.3)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1474.0)
Blue's Treasure Hunt
Bonjour (Version: 3.0.0.10)
Business Contact Manager for Outlook 2007 SP2 (Version: 3.0.8619.1)
CardRd81 (Version: 4.00.0000.0004)
CCleaner (Version: 3.22)
CCScore (Version: 6.02.1001.0001)
Comcast Universal Installer v1.2 (Version: 30)
Conexant D850 PCI V.92 Modem
Corel Paint Shop Pro Photo XI (Version: 11.003.0000)
Corel Snapfire Plus (Version: 1.003.0000)
Coupon Printer for Windows (Version: 5.0.0.0)
CR2 (Version: 4.00.0000.0003)
Dell Games (Version: DELLTF0401)
Dell Support Center (Support Software) (Version: 2.2.09085)
Dell System Customization Wizard (Version: 1.00.0000)
DellSupport (Version: 6.0.3030)
Digital Line Detect (Version: 1.21)
Download Navigator (Version: 3.4.1)
DVD Decrypter (Remove Only)
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
Epson Connect Printer Setup (Version: 1.1.1)
EPSON Printer Finder (Version: 1.0.0)
EPSON Scan
EPSON WF-2540 Series Printer Uninstall
ERUNT 1.1j
ESET Online Scanner v3
ESSBrwr (Version: 6.03.0001.0001)
ESSCDBK (Version: 6.03.0001.0001)
ESScore (Version: 6.03.0001.0001)
ESSgui (Version: 6.03.0001.0001)
ESSini (Version: 6.03.0001.0001)
ESSPCD (Version: 6.03.0001.0001)
ESSPDock (Version: 6.03.0001.0004)
ESSSONIC (Version: 6.2.0001.0001)
ESSTOOLS (Version: 5.00.0000.0004)
essvatgt (Version: 6.03.0001.0001)
Feedback Tool (Version: 1.1.0)
Firebird 2.1.0.16780 (Win32) (Version: 2.1.0.16780)
Games, Music, & Photos Launcher (Version: 1.00.0000)
Garmin City Navigator North America NT 2010.30 (Version: 13.30.0.0)
Garmin Communicator Plugin (Version: 2.9.1)
Garmin USB Drivers (Version: 2.3.0.0)
GDR 4060 for SQL Server Database Services 2005 ENU (KB2494113) (Version: 9.3.4060)
Google Earth Plug-in (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.123)
Image Plugin (Version: 3.04.0226)
Intel® Matrix Storage Manager
Intel® Viiv™ Software (Version: 1.6.429.0)
Internet Service Offers Launcher (Version: 1.00.0000)
iTunes (Version: 11.0.1.12)
Java™ SE Runtime Environment 6 (Version: 1.6.0.0)
kgcbase (Version: 5.03.0000.0004)
Kodak EasyShare software
KSU (Version: 632.62.0002.0001)
LeapFrog Connect (Version: 3.1.16.13095)
LeapFrog My Pals Plugin (Version: 3.1.15.13008)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2003 Web Components (Version: 11.0.8173.0)
Microsoft Office 2007 Primary Interop Assemblies (Version: 12.0.4518.1014)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Express Edition (ALAMODE) (Version: 9.4.5000.00)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.3.4035.00)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.58299)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MobileMe Control Panel (Version: 3.0.1.1)
Modem Diagnostic Tool (Version: 1.0.17.8)
Mozilla Firefox 18.0.1 (x86 en-US) (Version: 18.0.1)
Mozilla Firefox Packages
Mozilla Maintenance Service (Version: 18.0.1)
MP3 Player Utilities 5.11 (Version: 5.11)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyPublisher BookMaker
netbrdg (Version: 6.03.0001.0002)
NetWaiting (Version: 2.5.44)
Notifier (Version: 6.02.0001.0001)
NVIDIA Drivers (Version: 1.3)
OfotoXMI (Version: 6.03.0001.0001)
PDF-XChange 3
Presto! PageManager 7.15.14 (Version: 7.15.14E)
Product Documentation Launcher (Version: 1.00.0000)
QuickTime (Version: 7.70.80.34)
Revo Uninstaller Pro 2.5.9 (Version: 2.5.9)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Drag-to-Disc (Version: 9.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
Sansa Updater (Version: 1.313)
ScanSoft OmniPage SE 4.0 (Version: 15.00.0020)
Scrapbook Factory Deluxe 4.0 (Version: 4.0.0.9)
SFR (Version: 6.02.0001.0001)
SHASTA (Version: 6.03.0000.0001)
SigmaTel Audio (Version: 5.10.5102.0)
skin0001 (Version: 6.03.0001.0001)
SKINXSDK (Version: 6.02.1001.0001)
Sonic Activation Module (Version: 1.0)
staticcr (Version: 6.03.0001.0001)
The Land Before Time Dinosaur Arcade
The Land Before Time Kindergarten Adventure
Thomas and Friends Special Delivery
tooltips (Version: 6.03.0001.0001)
TurboTax 2008
TurboTax 2008 WinPerFedFormset (Version: 008.000.0332)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0217)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0189)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.0993)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0426)
TurboTax 2008 wmiiper (Version: 008.000.0124)
TurboTax 2008 wrapper (Version: 008.000.0063)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.1480)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0282)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0218)
TurboTax 2009 wmiiper (Version: 009.000.0622)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222)
TurboTax 2010 wmiiper (Version: 010.000.1790)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.2596)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0424)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0209)
TurboTax 2011 wmiiper (Version: 011.000.1389)
TurboTax 2011 wrapper (Version: 011.000.0120)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.1767)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0402)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0164)
TurboTax 2012 wmiiper (Version: 012.000.1229)
TurboTax 2012 wrapper (Version: 012.000.0127)
TurboTax Deluxe 2007
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
URL Assistant
Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)
User's Guides
uTorrentControl_v2 Toolbar (Version: 6.9.0.16)
Videora iPod Converter 3.07 (Version: 3.07)
VoiceOver Kit (Version: 1.42.128.0)
VPRINTOL (Version: 6.02.0001.0001)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (Version: 06/03/2009 2.3.0.0)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
WIRELESS (Version: 6.03.0001.0001)
Yahoo! Music Jukebox (Version: 2.0.1.041)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 2045.21 MB
Available physical RAM: 958.74 MB
Total Pagefile: 4335.42 MB
Available Pagefile: 2539.92 MB
Total Virtual: 2047.88 MB
Available Virtual: 1945.69 MB

========================= Partitions: =====================================

2 Drive c: (OS) (Fixed) (Total:288.04 GB) (Free:77.58 GB) NTFS
3 Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:4.6 GB) NTFS
4 Drive e: (TurboTax 2012) (CDROM) (Total:0.36 GB) (Free:0 GB) CDFS

========================= Users: ========================================

User accounts for \\HOLMESFAMILY-PC

Administrator            ASPNET                   Guest                   
Holmes Family            IUSR_NMPR               


**** End of log ****



#9 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 12 February 2013 - 07:24 PM

FSS Log:

 

Farbar Service Scanner Version: 10-02-2013
Ran by Holmes Family (administrator) on 12-02-2013 at 19:22:50
Running from "C:\Users\Holmes Family\Desktop"
Windows Vista ™ Home Premium Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcsvc.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\ipnathlp.dll => MD5 is legit
C:\Windows\system32\iphlpsvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit


**** End of log ****



#10 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 12 February 2013 - 07:42 PM

AdwCleaner Log:

 

# AdwCleaner v2.112 - Logfile created 02/12/2013 at 19:25:26
# Updated 10/02/2013 by Xplode
# Operating system : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# User : Holmes Family - HOLMESFAMILY-PC
# Boot Mode : Normal
# Running from : C:\Users\Holmes Family\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\END
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Smartdl
Folder Deleted : C:\Program Files\uTorrentControl_v2
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\Users\Holmes Family\AppData\Local\Conduit
Folder Deleted : C:\Users\Holmes Family\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Holmes Family\AppData\LocalLow\uTorrentControl_v2
Folder Deleted : C:\Users\Holmes Family\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Holmes Family\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Holmes Family\AppData\Roaming\Mozilla\Firefox\Profiles\gyrlod3d.default\CT3220468
Folder Deleted : C:\Users\Holmes Family\AppData\Roaming\Mozilla\Firefox\Profiles\gyrlod3d.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
Folder Deleted : C:\Users\Holmes Family\AppData\Roaming\Mozilla\Firefox\Profiles\gyrlod3d.default\extensions\{b54561db-0bbb-41b4-a814-df8301fe0a8e}
Folder Deleted : C:\Users\Holmes Family\AppData\Roaming\Mozilla\Firefox\Profiles\gyrlod3d.default\Smartbar

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Giant Savings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentControl_v2 Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3045277
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C66D0CD-16DA-46B6-96CA-B96CB0B40F73}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75444430-3503-464C-88FD-3B61D1C293E9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473B6BD-4691-4744-A82B-7854EB3D70B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar
Key Deleted : HKLM\Software\uTorrentControl_v2
Key Deleted : HKU\S-1-5-21-1076502481-2879309433-631242482-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7473B6BD-4691-4744-A82B-7854EB3D70B6}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.1 (en-US)

File : C:\Users\Holmes Family\AppData\Roaming\Mozilla\Firefox\Profiles\gyrlod3d.default\prefs.js

Deleted : user_pref("CT3220468.129813684259252248.APP_WIN_FEATURES", "resizable=0,saveresizedsize=0,titlebar=0[...]
Deleted : user_pref("CT3220468.BT_Stats", "{\"last_log\":1357774827,\"uuid\":276529575800784,\"seq_id\":6,\"ss[...]
Deleted : user_pref("CT3220468.BT_Usage", "{\"uuid\":276529575800784,\"seq_id\":2}");
Deleted : user_pref("CT3220468.CBOpenMAMSettings", "0");
Deleted : user_pref("CT3220468.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Deleted : user_pref("CT3220468.Facebook_Mode", "2");
Deleted : user_pref("CT3220468.Facebook_User_Locale", "en");
Deleted : user_pref("CT3220468.FirstTime", "true");
Deleted : user_pref("CT3220468.FirstTimeFF3", "true");
Deleted : user_pref("CT3220468.UserID", "UN30379200525554695");
Deleted : user_pref("CT3220468.addressBarTakeOverEnabledInHidden", "true");
Deleted : user_pref("CT3220468.autoDisableScopes", -1);
Deleted : user_pref("CT3220468.cb_experience_000", "5");
Deleted : user_pref("CT3220468.cb_firstuse0100", "1");
Deleted : user_pref("CT3220468.cb_user_id_000", "CB687766838590_1357606444317_Firefox");
Deleted : user_pref("CT3220468.cbcountry_001", "US");
Deleted : user_pref("CT3220468.cbfirsttime", "Tue Nov 13 2012 22:01:40 GMT-0500 (Eastern Standard Time)");
Deleted : user_pref("CT3220468.defaultSearch", "FALSE");
Deleted : user_pref("CT3220468.embeddedsData", "[{\"appId\":\"129813684258939747\",\"apiPermissions\":{\"cross[...]
Deleted : user_pref("CT3220468.enableAlerts", "always");
Deleted : user_pref("CT3220468.enableSearchFromAddressBar", "FALSE");
Deleted : user_pref("CT3220468.firstTimeDialogOpened", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundError", "true");
Deleted : user_pref("CT3220468.fixPageNotFoundErrorInHidden", "true");
Deleted : user_pref("CT3220468.fixUrls", true);
Deleted : user_pref("CT3220468.hxxp___facebook_conduitapps_com.APP_WIN_FEATURES", "resizable=0,hscroll=0,vscro[...]
Deleted : user_pref("CT3220468.hxxp___www_socialgrowthtechnologies_com_couponbuddy_v001.APP_WIN_FEATURES", "op[...]
Deleted : user_pref("CT3220468.installId", "fftCABE.tmp.exe");
Deleted : user_pref("CT3220468.installType", "XPE");
Deleted : user_pref("CT3220468.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.isNewTabEnabled", true);
Deleted : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
Deleted : user_pref("CT3220468.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Deleted : user_pref("CT3220468.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.youtube.com%[...]
Deleted : user_pref("CT3220468.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.openThankYouPage", "true");
Deleted : user_pref("CT3220468.openUninstallPage", "FALSE");
Deleted : user_pref("CT3220468.search.searchAppId", "129813684258939747");
Deleted : user_pref("CT3220468.search.searchCount", "2");
Deleted : user_pref("CT3220468.searchInNewTabEnabledInHidden", "true");
Deleted : user_pref("CT3220468.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Deleted : user_pref("CT3220468.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Deleted : user_pref("CT3220468.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data[...]
Deleted : user_pref("CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357270993209");
Deleted : user_pref("CT3220468.serviceLayer_services_appsMetadata_lastUpdate", "1357688181679");
Deleted : user_pref("CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357270993215");
Deleted : user_pref("CT3220468.serviceLayer_services_login_10.10.20.14_lastUpdate", "1357768198737");
Deleted : user_pref("CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357270993259");
Deleted : user_pref("CT3220468.serviceLayer_services_searchAPI_lastUpdate", "1357688182712");
Deleted : user_pref("CT3220468.serviceLayer_services_serviceMap_lastUpdate", "1357688181152");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357270993151");
Deleted : user_pref("CT3220468.serviceLayer_services_toolbarSettings_lastUpdate", "1357768198560");
Deleted : user_pref("CT3220468.serviceLayer_services_translation_lastUpdate", "1357688181407");
Deleted : user_pref("CT3220468.settingsINI", true);
Deleted : user_pref("CT3220468.shouldFirstTimeDialog", "false");
Deleted : user_pref("CT3220468.smartbar.CTID", "CT3220468");
Deleted : user_pref("CT3220468.smartbar.Uninstall", "0");
Deleted : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
Deleted : user_pref("CT3220468.toolbarBornServerTime", "14-11-2012");
Deleted : user_pref("CT3220468.toolbarCurrentServerTime", "10-1-2013");
Deleted : user_pref("CT3220468.url_history0001", "hxxp://login.yahoo.com/config/login?logout=1&.direct=2&.done[...]
Deleted : user_pref("extensions.50a30ca5a371c.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...]
Deleted : user_pref("extensions.crossriderapp4479.adsOldValue", 10);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Holmes Family\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [12248 octets] - [12/02/2013 19:25:26]

########## EOF - C:\AdwCleaner[S1].txt - [12309 octets] ##########



#11 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 12 February 2013 - 07:52 PM

JRT Log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Windows Vista ™ Home Premium x86
Ran by Holmes Family on Tue 02/12/2013 at 19:45:07.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 


~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1076502481-2879309433-631242482-1004\software\microsoft\internet explorer\searchscopes\\DefaultScope

 

~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}
Failed to delete: [Registry Key] "hkey_local_machine\software\microsoft\windows nt\currentversion\schedule\taskcache\tree\scheduled update for ask toolbar"

 

~~~ Files

Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npcouponprinter.dll"
Successfully deleted: [File] "C:\Program Files\mozilla firefox\plugins\npmozcouponprinter.dll"

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\pc optimizer pro"
Successfully deleted: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Program Files\red kawa"

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/12/2013 at 19:48:08.87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#12 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 12 February 2013 - 07:55 PM

Rkill Log:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/12/2013 07:53:41 PM in x86 mode.
Windows Version: Windows Vista ™ Home Premium Service Pack 2

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (PID: 4012) [WD-HEUR]
 * C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe (PID: 4724) [WD-HEUR]
 * C:\Users\Holmes Family\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe (PID: 4836) [UP-HEUR]

3 proccesses terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
  * HKCU\SOFTWARE\Classes\.exe "@" exists and is set to exefile!
  * HKCU\SOFTWARE\Classes\.exe has been deleted!

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost
  ::1             localhost

Program finished at: 02/12/2013 07:53:58 PM
Execution time: 0 hours(s), 0 minute(s), and 17 seconds(s)



#13 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 12 February 2013 - 07:59 PM

Autoruns Log:

 

"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms" "" "" ""
+ "rdpclip" "" "" "File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "AppleSyncNotifier" "AppleSyncNotifier" "Apple Inc." "c:\program files\common files\apple\mobile device support\applesyncnotifier.exe"
+ "APSDaemon" "Apple Push" "Apple Inc." "c:\program files\common files\apple\apple application support\apsdaemon.exe"
+ "avast" "avast! Antivirus" "AVAST Software" "c:\program files\avast software\avast\avastui.exe"
+ "BrowserPlugInHelper" "" "" "File not found: C:\Program Files\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe"
+ "CCUTRAYICON" "Intel® Viiv™ Settings" "Intel® Corporation" "c:\program files\intel\inteldh\ccu\ccu_trayicon.exe"
+ "dellsupportcenter" "Dell Support Center Updates" "SupportSoft, Inc." "c:\program files\dell support center\bin\sprtcmd.exe"
+ "ECenter" " " " " "c:\dell\e-center\eulalauncher.exe"
+ "IAAnotif" "Event Monitor User Notification Tool" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaanotif.exe"
+ "ISUSPM Startup" "Macrovision FLEXnet Connect Software Manager" "Macrovision Corporation" "c:\program files\common files\installshield\updateservice\isuspm.exe"
+ "ISUSScheduler" "InstallShield Update Service Scheduler" "InstallShield Software Corporation" "c:\program files\common files\installshield\updateservice\issch.exe"
+ "iTunesHelper" "iTunesHelper" "Apple Inc." "c:\program files\itunes\ituneshelper.exe"
+ "Malwarebytes Anti-Malware (reboot)" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbam.exe"
+ "Monitor" "Monitor Application" "LeapFrog Enterprises, Inc." "c:\program files\leapfrog\leapfrog connect\monitor.exe"
+ "NMSSupport" "Network monitor for Intel® Hub Connect Technology" "Intel Corporation" "c:\program files\common files\intel\inteldh\nms\support\intelhctagent.exe"
+ "NvCplDaemon" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
+ "NvMediaCenter" "NVIDIA Media Center Library" "NVIDIA Corporation" "c:\windows\system32\nvmctray.dll"
+ "The Assistant" "a la mode Assistant" "a la mode, inc." "c:\program files\a la mode\sched\esched.exe"
+ "Windows Defender" "Windows Defender User Interface" "Microsoft Corporation" "c:\program files\windows defender\msascui.exe"
+ "WrtMon.exe" "NsWrtMon Microsoft Base Class Application" "" "c:\windows\system32\spool\drivers\w32x86\3\wrtmon.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup" "" "" ""
+ "Adobe Reader Speed Launch.lnk" "Adobe Acrobat SpeedLauncher" "Adobe Systems Incorporated" "c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe"
+ "Digital Line Detect.lnk" "Digital Line Detection" "Avanquest Software " "c:\program files\digital line detect\dlg.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components" "" "" ""
+ "Microsoft Windows Mail 7" "Windows Mail" "Microsoft Corporation" "c:\program files\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run" "" "" ""
+ "SansaDispatch" "Sansa Dispatcher" "SanDisk Corporation" "c:\users\holmes family\appdata\roaming\sandisk\sansa updater\sansadispatch.exe"
+ "swg" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"
+ "uTorrent" "µTorrent" "BitTorrent, Inc." "c:\program files\utorrent\utorrent.exe"
+ "WMPNSCFG" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter" "" "" ""
+ "text/xml" "Microsoft Office XML MIME Filter" "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler" "" "" ""
+ "ms-help" "Microsoft® Help Data Services Module" "Microsoft Corporation" "c:\program files\common files\microsoft shared\help\hxds.dll"
+ "mso-offdap11" "Microsoft Office Web Components 2003" "Microsoft Corporation" "c:\program files\common files\microsoft shared\web components\11\owc11.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "WondershareVideoConverterFileOpreation" "" "" "c:\windows\system32\wscm32.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers" "" "" ""
+ "Roxio DragToDisc Shell Extension" "DirectCD Shell Extention DLL" "Roxio" "c:\program files\roxio\drag-to-disc\shellex.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers" "" "" ""
+ "NvCplDesktopContext" "NVIDIA Display Properties Extension" "NVIDIA Corporation" "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers" "" "" ""
+ "PDF Shell Extension" "PDF Shell Extension" "Adobe Systems, Inc." "c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers" "" "" ""
+ "avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
+ "MBAMShlExt" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "RUShellExt" "Revo Uninstaller Pro Extension" "VS Revo Group" "c:\program files\vs revo group\revo uninstaller pro\ruext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers" "" "" ""
+ "00avast" "avast! Shell Extension" "AVAST Software" "c:\program files\avast software\avast\ashshell.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects" "" "" ""
+ "Adobe PDF Reader Link Helper" "Adobe Acrobat IE Helper Version 7.0 for ActiveX" "Adobe Systems Incorporated" "c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll"
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Burn4Free Toolbar Helper" "Burn4Free Toolbar" "" "c:\program files\burn4free toolbar\v3.3.0.3\burn4free_toolbar.dll"
+ "CBrowserHelperObject Object" "BAE.dll" "Dell Inc." "c:\program files\bae\bae.dll"
+ "Google Dictionary Compression sdch" "Fast Search" "Google Inc." "c:\program files\google\google toolbar\component\fastsearch_b7c5ac242193bb3e.dll"
+ "Google Toolbar Helper" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
+ "Google Toolbar Notifier BHO" "GoogleToolbarNotifier" "Google Inc." "c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll"
+ "SSVHelper Class" "Java™ Platform SE binary" "Sun Microsystems, Inc." "c:\program files\java\jre1.6.0\bin\ssv.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar" "" "" ""
+ "avast! WebRep" "avast! WebRep Plugin" "AVAST Software" "c:\program files\avast software\avast\aswwebrepie.dll"
+ "Google Toolbar" "Google Toolbar" "Google Inc." "c:\program files\google\google toolbar\googletoolbar_32.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions" "" "" ""
+ "Sun Java Console" "Java Plug-in 1.6.0 for Netscape Navigator (DLL Helper)" "Sun Microsystems, Inc." "c:\program files\java\jre1.6.0\bin\npjpi160.dll"
"Task Scheduler" "" "" ""
+ "\a la mode Assistant" "a la mode Assistant" "a la mode, inc." "c:\program files\a la mode\sched\esched.exe"
+ "\Adobe Flash Player Updater" "Adobe® Flash® Player Update Service 11.5 r502" "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "\alaRunAsStdUser Task" "" "a la mode, inc." "c:\a la mode\wintotal\utils\alamapishell.exe"
+ "\Apple\AppleSoftwareUpdate" "Apple Software Update" "Apple Inc." "c:\program files\apple software update\softwareupdate.exe"
+ "\avast! Emergency Update" "avast! Emergency Update" "AVAST Software" "c:\program files\avast software\avast\avastemupdate.exe"
+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe"
+ "\GoogleUpdateTaskMachineCore" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\GoogleUpdateTaskMachineUA" "Google Installer" "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan" "Windows Defender Command Line Utility" "Microsoft Corporation" "c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows\Wired\GatherWiredInfo" "" "" "c:\windows\system32\gatherwiredinfo.vbs"
+ "\Microsoft\Windows\Wireless\GatherWirelessInfo" "" "" "c:\windows\system32\gatherwirelessinfo.vbs"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "AdobeFlashPlayerUpdateSvc" "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes." "Adobe Systems Incorporated" "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "AlertService" "This service reports the notices from Intel® Viiv™ software. If this service is stopped or disabled, components of Intel Viiv software that depend on the notices will not receive them." "Intel® Corporation" "c:\program files\intel\inteldh\ccu\alertservice.exe"
+ "Apple Mobile Device" "Provides the interface to Apple mobile devices." "Apple Inc." "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"
+ "avast! Antivirus" "Manages and implements avast! antivirus services for this computer. This includes the resident protection, the virus chest and the scheduler." "AVAST Software" "c:\program files\avast software\avast\avastsvc.exe"
+ "BcmSqlStartupSvc" "Controls the start of the Business Contact Manager SQL Server instance (MSSMLBIZ)." "Microsoft Corporation" "c:\program files\microsoft small business\business contact manager\bcmsqlstartupsvc.exe"
+ "Bonjour Service" "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence." "Apple Inc." "c:\program files\bonjour\mdnsresponder.exe"
+ "DQLWinService" "DQLWinSe Application" "" "c:\program files\common files\intel\inteldh\nms\adpplugins\dqlwinservice.exe"
+ "DSBrokerService" "Gteko BrkrSvc Application" "" "c:\program files\dellsupport\brkrsvc.exe"
+ "EpsonScanSvc" "Epson Scanner Service (32bit)" "Seiko Epson Corporation" "c:\windows\system32\escsvc.exe"
+ "FirebirdGuardianDefaultInstance" "Firebird Server Guardian - www.firebirdsql.org" "FirebirdSQL Project" "c:\program files\firebird\firebird_2_1\bin\fbguard.exe"
+ "FirebirdServerDefaultInstance" "Firebird Database Server - www.firebirdsql.org" "FirebirdSQL Project" "c:\program files\firebird\firebird_2_1\bin\fbserver.exe"
+ "gupdate" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gupdatem" "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it." "Google Inc." "c:\program files\google\update\googleupdate.exe"
+ "gusvc" "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work." "Google" "c:\program files\google\common\google updater\googleupdaterservice.exe"
+ "IAANTMON" "RAID Monitor" "Intel Corporation" "c:\program files\intel\intel matrix storage manager\iaantmon.exe"
+ "IDriverT" "Provides support for the Running Object Table for InstallShield Drivers" "Macrovision Corporation" "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"
+ "IntuitUpdateService" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files\common files\intuit\update service\intuitupdateservice.exe"
+ "IntuitUpdateServiceV4" "Helps Intuit applications automatically update themselves." "Intuit Inc." "c:\program files\common files\intuit\update service v4\intuitupdateservice.exe"
+ "iPod Service" "iPod hardware management services" "Apple Inc." "c:\program files\ipod\bin\ipodservice.exe"
+ "ISSM" "Intel® Software services manager" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\issm.exe"
+ "LeapFrog Connect Device Service" "Manages LeapFrog Connect devices." "LeapFrog Enterprises, Inc." "c:\program files\leapfrog\leapfrog connect\commandservice.exe"
+ "M1 Server" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\mediaserver.exe"
+ "MBAMScheduler" "Malwarebytes Anti-Malware scheduler" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService" "Malwarebytes Anti-Malware service" "Malwarebytes Corporation" "c:\program files\malwarebytes' anti-malware\mbamservice.exe"
+ "MCLServiceATL" "Intel® Application Tracker" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\shells\mclserviceatl.exe"
+ "MozillaMaintenance" "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled." "Mozilla Foundation" "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "MSSQL$ALAMODE" "Provides storage, processing and controlled access of data and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql.2\mssql\binn\sqlservr.exe"
+ "MSSQL$MSSMLBIZ" "Provides storage, processing and controlled access of data and rapid transaction processing." "Microsoft Corporation" "c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe"
+ "nvsvc" "Provides system and desktop level support to the NVIDIA display driver" "NVIDIA Corporation" "c:\windows\system32\nvvsvc.exe"
+ "odserv" "Run portions of Microsoft Office Diagnostics." "Microsoft Corporation" "c:\program files\common files\microsoft shared\office12\odserv.exe"
+ "ose" "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports." "Microsoft Corporation" "c:\program files\common files\microsoft shared\source engine\ose.exe"
+ "Remote UI Service" "Intel® Remoting Service" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\shells\remote ui service.exe"
+ "RoxMediaDB9" "Roxio RoxMediaDB9 Service" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"
+ "RoxWatch9" "RoxSniffer9 Module" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe"
+ "sprtsvc_dellsupportcenter" "SupportSoft Sprocket Service" "SupportSoft, Inc." "c:\program files\dell support center\bin\sprtsvc.exe"
+ "SQLBrowser" "Provides SQL Server connection information to client computers." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlbrowser.exe"
+ "SQLWriter" "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure." "Microsoft Corporation" "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "stllssvr" "SureThing Labelflash Disc Printer Service Module" "MicroVision Development, Inc." "c:\program files\common files\surething shared\stllssvr.exe"
+ "WinDefend" "Scan your computer for unwanted software, schedule scans, and get the latest unwanted software definitions." "Microsoft Corporation" "c:\program files\windows defender\mpsvc.dll"
+ "WMPNetworkSvc" "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play" "Microsoft Corporation" "c:\program files\windows media player\wmpnetwk.exe"
+ "XAudioService" "User-mode gate for Modem Speakephone" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.exe"
"HKLM\System\CurrentControlSet\Services" "" "" ""
+ "aswFsBlk" "avast! mini-filter driver (aswFsBlk)" "AVAST Software" "c:\windows\system32\drivers\aswfsblk.sys"
+ "aswMonFlt" "avast! mini-filter driver (aswMonFlt)" "AVAST Software" "c:\windows\system32\drivers\aswmonflt.sys"
+ "AswRdr" "avast! TDI Redirect driver" "AVAST Software" "c:\windows\system32\drivers\aswrdr.sys"
+ "aswSnx" "avast! virtualization driver (aswSnx)" "AVAST Software" "c:\windows\system32\drivers\aswsnx.sys"
+ "aswSP" "avast! Self Protection" "AVAST Software" "c:\windows\system32\drivers\aswsp.sys"
+ "aswTdi" "avast! Network Shield TDI driver" "AVAST Software" "c:\windows\system32\drivers\aswtdi.sys"
+ "BrFiltLo" "Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp" "Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver" "Brother Industries, Ltd." "c:\windows\system32\drivers\brfiltup.sys"
+ "BrUsbSer" "Brother USB Serial Driver" "Brother Industries Ltd." "c:\windows\system32\drivers\brusbser.sys"
+ "DLABMFSM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlabmfsm.sys"
+ "DLABOIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaboiom.sys"
+ "DLACDBHM" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlacdbhm.sys"
+ "DLADResM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dladresm.sys"
+ "DLAIFS_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaifs_m.sys"
+ "DLAOPIOM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaopiom.sys"
+ "DLAPoolM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlapoolm.sys"
+ "DLARTL_M" "Shared Driver Component" "Roxio" "c:\windows\system32\drivers\dlartl_m.sys"
+ "DLAUDF_M" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudf_m.sys"
+ "DLAUDFAM" "Drive Letter Access Component" "Roxio" "c:\windows\system32\dla\dlaudfam.sys"
+ "DRVMCDB" "Device Driver" "Sonic Solutions" "c:\windows\system32\drivers\drvmcdb.sys"
+ "DRVNDDM" "Device Driver Manager" "Roxio" "c:\windows\system32\drivers\drvnddm.sys"
+ "DSproct" "Process Trigger Driver" "Gteko Ltd." "c:\program files\dellsupport\gtaction\triggers\dsproct.sys"
+ "dsunidrv" "GUniDriver" "Gteko Ltd." "c:\program files\dellsupport\drivers\dsunidrv.sys"
+ "e1express" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1e6032.sys"
+ "E1G60" "Intel® PRO/1000 Adapter NDIS 6 deserialized driver" "Intel Corporation" "c:\windows\system32\drivers\e1g60i32.sys"
+ "GEARAspiWDM" "CD DVD Filter" "GEAR Software Inc." "c:\windows\system32\drivers\gearaspiwdm.sys"
+ "HSF_DPV" "HSF_DP driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_dpv.sys"
+ "HSXHWBS2" "HSF_HWB2 WDM driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsxhwbs2.sys"
+ "iaStor" "Intel Matrix Storage Manager driver" "Intel Corporation" "c:\windows\system32\drivers\iastor.sys"
+ "IntelDH" "Intel® software driver for Intel® Viiv™ technology" "Intel Corporation" "c:\windows\system32\drivers\inteldh.sys"
+ "IpInIp" "IP in IP Tunnel Driver" "" "File not found: system32\DRIVERS\ipinip.sys"
+ "MBAMProtector" "Malwarebytes Anti-Malware" "Malwarebytes Corporation" "c:\windows\system32\drivers\mbam.sys"
+ "mdmxsdk" "Diagnostic Interface x86 Driver" "Conexant" "c:\windows\system32\drivers\mdmxsdk.sys"
+ "mfeavfk" "Anti-Virus File System Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfeavfk.sys"
+ "mfebopk" "Buffer Overflow Protection Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfebopk.sys"
+ "mfehidk" "Host Intrusion Detection Link Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfehidk.sys"
+ "mferkdk" "VSCore Code Analysis Driver" "McAfee, Inc." "c:\windows\system32\drivers\mferkdk.sys"
+ "mfesmfk" "System Monitor Filter Driver" "McAfee, Inc." "c:\windows\system32\drivers\mfesmfk.sys"
+ "nmsgopro" "GoProto Protocol Driver for NMS" "Gteko Ltd." "c:\windows\system32\drivers\nmsgopro.sys"
+ "nmsunidr" "GUniDriver" "Gteko Ltd." "c:\windows\system32\drivers\nmsunidr.sys"
+ "nvlddmkm" "NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 182.24 " "NVIDIA Corporation" "c:\windows\system32\drivers\nvlddmkm.sys"
+ "NwlnkFlt" "IPX Traffic Filter Driver" "" "File not found: system32\DRIVERS\nwlnkflt.sys"
+ "NwlnkFwd" "IPX Traffic Forwarder Driver" "" "File not found: system32\DRIVERS\nwlnkfwd.sys"
+ "pfc" "Padus® ASPI Shell" "Padus, Inc." "c:\windows\system32\drivers\pfc.sys"
+ "PxHelp20" "Px Engine Device Driver for Windows 2000/XP" "Sonic Solutions" "c:\windows\system32\drivers\pxhelp20.sys"
+ "R300" "ATI Radeon Kernel Mode Driver" "ATI Technologies Inc." "c:\windows\system32\drivers\atikmdag.sys"
+ "Revoflt" "Revo Uninstaller Filter driver" "VS Revo Group" "c:\windows\system32\drivers\revoflt.sys"
+ "SDDMI2" "" "" "File not found: C:\Windows\system32\DDMI2.sys"
+ "secdrv" "Macrovision SECURITY Driver" "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K." "c:\windows\system32\drivers\secdrv.sys"
+ "STHDA" "NDRC" "SigmaTel, Inc." "c:\windows\system32\drivers\stwrt.sys"
+ "TSHWMDTCP" "" "" "c:\program files\intel\inteldh\intel media server\media server\bin\tshwmdtcp.sys"
+ "USBAAPL" "Apple Mobile Device USB Driver" "Apple, Inc." "c:\windows\system32\drivers\usbaapl.sys"
+ "winachsf" "HSF_CNXT driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\hsx_cnxt.sys"
+ "wvncvvsp" "" "" "File not found: C:\Windows\system32\drivers\wvncvvsp.sys"
+ "XAudio" "Modem Audio Device Driver" "Conexant Systems, Inc." "c:\windows\system32\drivers\xaudio.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32" "" "" ""
+ "msacm.l3acm" "MPEG Layer-3 Audio Codec for MSACM" "Fraunhofer Institut Integrierte Schaltungen IIS" "c:\windows\system32\l3codeca.acm"
+ "vidc.cvid" "Cinepak® Codec" "Radius Inc." "c:\windows\system32\iccvid.dll"
"HKLM\Software\Classes\Filter" "" "" ""
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions  AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions  AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance" "" "" ""
+ "9x8Resize" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Allocator Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Bitmap" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Capture ASF Writer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "CoreCaption Filter" "CoreCaption" "MyCompanyName" "c:\program files\common files\corel\directshowcomponents\corecaption.ax"
+ "CoreImgSrc" "" "" "c:\program files\common files\corel\directshowcomponents\coreimgsrc.ax"
+ "CoreMovSrc" "" "" "c:\program files\common files\corel\directshowcomponents\coremovsrc.ax"
+ "CoreVolume Filter" "CoreVolume" "MyCompanyName" "c:\program files\common files\corel\directshowcomponents\corevolume.ax"
+ "Frame Eater" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Intel DVRMS TrickMode Filter" "Intel ® TSDVRMSTrickMode Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tsdvrmstrickmode.ax"
+ "Intel Metadata Skipper" "Metadata Skipper" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\metaskipper.ax"
+ "Intel Pull Mode MPEG2 Transcoder" "Intel ® WLTranscoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\wltranscoder.ax"
+ "Intel Transport Sink Filter" "Intel ® Transport Sink Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tstransportsink.ax"
+ "Intel Video Transcoder" "Intel ® Video Transcoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tstranscoder.ax"
+ "Intel WMV Source Filter" "Intel ® WMV Source Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\tswmvreader.ax"
+ "Intel® IPP AAC Decoder" "Intel® AAC Decoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_aac_dec_filter.ax"
+ "Intel® IPP AAC Parser" "Intel® AAC Splitter Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_aac_spl_filter.ax"
+ "Intel® IPP Audio Resampling" "Intel® Audio Resampling Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_audio_resampl_filter.ax"
+ "Intel® IPP AVI Splitter" "Intel® AVI Splitter Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_avi_spl_filter.ax"
+ "Intel® IPP MP3 Decoder" "Intel® MP3 Decoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mp3_dec_filter.ax"
+ "Intel® IPP MP4 Splitter" "Intel® MPEG4 Splitter Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mpeg4_spl_filter.ax"
+ "Intel® IPP MPEG-4 Decoder" "Intel® MPEG4 Decoder Filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_mpeg4_dec_filter.ax"
+ "Intel® IPP VOB Source Filter" "Intel® vob source filter" "Intel® Corporation" "c:\program files\intel\inteldh\intel media server\media server\bin\umc_vob_source_filter.ax"
+ "Ligos Audio Decoder Filter" "Ligos MPEG Audio Decoder" "Ligos Corporation" "c:\windows\system32\lmpgac3.ax"
+ "Ligos D-10 Parser" "Ligos D-10 MPEG Parser" "Ligos Corporation" "c:\windows\system32\lmpgd10.ax"
+ "Ligos MPEG Splitter" "Ligos Transport Stream Splitter" "Ligos Corporation" "c:\windows\system32\lmpgtspl.ax"
+ "Ligos MPEG Splitter" "Ligos MPEG Splitter" "Ligos Corporation" "c:\windows\system32\lmpgspl.ax"
+ "Ligos MPEG Video Decoder" "Ligos MPEG Video Decoder" "Ligos Corporation" "c:\windows\system32\lmpgvd.ax"
+ "LVMWriter" "LVMWriter" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmwriter.ax"
+ "MainConcept (Sonic) DV Video Decoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "MainConcept (Sonic) DV Video Encoder" "DirectShow DV Video Encoder and Decoder" "MainConcept AG (Sonic)" "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"
+ "Media Analyser" "analyse Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mediaanalyser.ax"
+ "Multiple File Output" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Nero Digital API ES Video Reader" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\yahoo!\yahoo! music jukebox\ndxparser.ax"
+ "Nero Digital API Parser" "NeroDigital / mp4 / avi / mov parser" "Nero AG" "c:\program files\yahoo!\yahoo! music jukebox\ndxparser.ax"
+ "Proxy Sink" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Proxy Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "PSI Parser" "" "" "c:\program files\roxio\videocore 9\psiparser.ax"
+ "Record Queue" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Roxio Audio Decoder (DVD)" "ROXIO Audio Decoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"
+ "ROXIO Audio Source 3.0" "VW Audio Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\audiosrc.ax"
+ "ROXIO Audio VCFChunker 3.0" "Chunker Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\chunker.ax"
+ "ROXIO Audio VCFLooper 3.0" "Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\looper.ax"
+ "ROXIO AudioConvert 3.0" "AudioConvert Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audconv.ax"
+ "ROXIO AudioGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO ColorSpace Converter 3.0" "ROXIO Color Space Converter" "Sonic Solutions" "c:\program files\roxio\videocore 9\colorspconv.dll"
+ "ROXIO CrossGraphEx Renderer 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "ROXIO CrossGraphEx Source 3.0" "CrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\crossgraphex.ax"
+ "roxio DCFilters Audio Sync Filter 2" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Dragons Lair" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVD Muxer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Reader" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters DVDStream Splitter" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Mpeg I/II Decoder" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Smart Resizer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "roxio DCFilters Subpicture Mixer" "roxio DiscCopier DirectShow Filter Collection" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"
+ "ROXIO Deinterlace 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\deinter.ax"
+ "ROXIO DVDCrossGraphEx Renderer 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO DVDCrossGraphEx Source 3.0" "DVDCrossGraphEx.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"
+ "ROXIO Image/Colour Source 3.0" "Colour Frame Source" "Sonic Solutions" "c:\program files\roxio\videocore 9\imagesource.ax"
+ "ROXIO ListImage Source 3.0" "ListFrameSource" "Sonic Solutions" "c:\program files\roxio\videocore 9\listimagesource.ax"
+ "ROXIO LPCMSyncFilter" "LPCMSync Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"
+ "Roxio LVM File Source (Async.)" "LVMAsync" "Sonic Solutions" "c:\program files\roxio\videocore 9\lvmasync.ax"
+ "Roxio MPEG Analyzer Filter" "MPEG File Analyzer Dynamic Link Library" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"
+ "Roxio MPEG Stream Analyzer" "Roxio MPEG Stream Splitter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"
+ "Roxio MPEG1 Audio Encoder" "ROXIO MPEG Audio Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"
+ "Roxio MPEG1 Encoder" "ROXIO MPEG1 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"
+ "Roxio MPEG1 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"
+ "Roxio MPEG2 Demuxer" "ROXIO MPEG Demuxer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"
+ "Roxio MPEG2 Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio MPEG2 Muxer" "ROXIO MPEG MUXER" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"
+ "Roxio MPEG2 Video Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO Pan Zoom 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\panzoom.ax"
+ "ROXIO Pin Tee" "" "" "c:\program files\roxio\videocore 9\roxioinftee.ax"
+ "Roxio Plasma CrossGraph Renderer" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "Roxio Plasma CrossGraph Source" "MGICGFilter.ax" "Sonic Solutions" "c:\program files\roxio\videocore 9\plasmacgfilter.ax"
+ "ROXIO QT Source" "QuickTime Loader" "Sonic Solutions" "c:\program files\roxio\videocore 9\qtsource.ax"
+ "ROXIO QuickGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "ROXIO Raw Writer" "ROXIO Raw Writer" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"
+ "Roxio Repack Filter" "Repack Filter" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"
+ "ROXIO Scene Detector 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenedetector.ax"
+ "ROXIO SceneRecorder 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"
+ "ROXIO Simple Dump 3.0" "Simple Dump Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\rxsimpledump.ax"
+ "Roxio Smart Decoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "Roxio Smart Encoder" "ROXIO MPEG2 Codec" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"
+ "ROXIO SpyPos 3.0" "Null-In-Place (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\mginullip.ax"
+ "ROXIO ThumbnailGrabber 3.0" "VideoWave Frame Grabber" "Sonic Solutions" "c:\program files\roxio\videocore 9\thumbnailgraber.ax"
+ "Roxio Transport Stream Source" "ListFrameSource" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"
+ "ROXIO VCFAudioMixer 3.0" "AudioFlt Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\audmf.ax"
+ "ROXIO VCFDvrSupport 3.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"
+ "ROXIO VCFDVSceneDetect 1.0" "DVR support filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"
+ "ROXIO VCFLatency 3.0" "Latency Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\latency.ax"
+ "ROXIO VCFpeakmeter 3.0" "Peakmeter Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\peakmeter.ax"
+ "ROXIO VCFVideoCutList 3.0" "Video CutList Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vcutlist.ax"
+ "ROXIO VCFWaveform 1.0" "Waveform Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\waveform.ax"
+ "ROXIO Video Resampler 3.0" "Video Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vresamfilt.ax"
+ "ROXIO Video VCFLooper 3.0" "Video Looper Filter (Sample)" "Sonic Solutions" "c:\program files\roxio\videocore 9\vlooper.ax"
+ "ROXIO VideoCombine 3.0" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\videocombine.ax"
+ "Roxio VOB Formatter" "VOBFormatter" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobformatter.ax"
+ "Roxio Vob Loader" "VOBLoader" "Sonic Solutions" "c:\program files\roxio\videocore 9\vobloader.ax"
+ "ROXIO WAV Dest 3.0" "MGI Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\wavhead.ax"
+ "Sewer" "MVWcDSutil" "Sonic Solutions" "c:\program files\roxio\videocore 9\mvwcdsutil.dll"
+ "ShotDetect" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "Sonic MP4 Demultiplexer" "Sonic MP4 Demultiplexer" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"
+ "Sonic MPEG Audio Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG Video Decoder" "MPEG Video and Audio Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"
+ "Sonic MPEG-2 Video Decoder" "MPEG-2 Video Decoder" "Sonic Solutions Inc" "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"
+ "Sonic MPEG-4 Video Decoder" "Sonic Mpeg-4 Video Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicm4vd.ax"
+ "Sonic Solutions AMR Decoder" "Sonic Solutions  AMR Decoder" "Sonic Solutions Inc." "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"
+ "Stetch" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "SubPicture Encoder" "ROXIO SubPicture Encoder" "Sonic Solutions" "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"
+ "VCG Null Renderer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCG Video Mixer 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VCGImageSource" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VMR9 Wrapper 3.0" "" "" "c:\program files\roxio\videocore 9\videocompositing.ax"
+ "VW Input Selector" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "VW Input Selector 2" "Video Effect Filter" "Sonic Solutions" "c:\program files\roxio\videocore 9\inputselector.ax"
+ "WM VIH2 Fix" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Audio Analyzer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Black Frame Generator" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT DV Extract Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT FormatConversion" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Import Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Interlacer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Log Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT MuxDeMux Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Sample Info Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Switch Filter" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Renderer" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Virtual Source" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WMT Volume" "Windows Movie Maker Filters" "Microsoft Corporation" "c:\program files\movie maker\wmm2filt.dll"
+ "WS ScreenCapture" "" "" "File not found: C:\Program Files\Wondershare\Video Converter Ultimate\ScreenCaptureFilter.ax"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}" "Roxio MP3 Encoder Dynamic Link Library" "Roxio" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}" "Roxio Audio Source Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}" "Roxio Audio Stream Reader Filter" "Microsoft Corporation" "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries" "" "" ""
+ "mdnsNSP" "Bonjour Namespace Provider" "Apple Inc." "c:\program files\bonjour\mdnsnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors" "" "" ""
+ "Canon BJ Language Monitor MP530" "IJ Language Monitor" "CANON INC." "c:\windows\system32\cnmlm7r.dll"
+ "Canon MP FAX Language Monitor MP530" "MP FAX Language Monitor DLL" "Canon Inc." "c:\windows\system32\cncf2la.dll"
+ "Epson Inbox Language Monitor" "EPSON Printer Driver" "SEIKO EPSON CORPORATION" "c:\windows\system32\ep0slm00.dll"
+ "EPSON WF-2540 Series 32MonitorBE" "EPSON Bi-directional Monitor x86" "SEIKO EPSON CORPORATION" "c:\windows\system32\e_tlbiue.dll"
+ "PDF-XChange" "PDF-XChange Port Monitor" "Tracker Software" "c:\windows\system32\pxc25pm.dll"
"C:\Users\Holmes Family\AppData\Local\Microsoft\Windows Sidebar\Settings.ini" "" "" ""
+ "Clock" "Watch the clock in your own time zone or any city in the world." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\Clock.gadget\en-US\Gadget.xml"
+ "Feed Headlines" "Track the latest news, sports, and entertainment headlines." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\RSSFeeds.Gadget\en-US\Gadget.xml"
+ "Slide Show" "Show a continuous slide show of your pictures." "Microsoft Corporation" "C:\Program Files\windows sidebar\gadgets\SlideShow.Gadget\en-US\Gadget.xml"
 



#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:49 AM

Posted 12 February 2013 - 09:24 PM

That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

 



#15 nholmes8669

nholmes8669
  • Topic Starter

  • Members
  • 56 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 15 February 2013 - 04:26 PM

Thank You for all your help!!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users