Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP laptop infected


  • Please log in to reply
17 replies to this topic

#1 Tom.Fox

Tom.Fox

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 12:37 AM

I'm trying to help my husband fix his laptop. It is running very slow and randomly misdirects/redirects. It appears that it is a search engine redirect from what he is telling me. Links in google will go to an advertisement. (He let his virus protection lapse!)

 

Any help is appreciated.

 

Thanks,

 

Madeline



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 24 December 2013 - 12:57 AM

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

 


Download Security Check by screen317 from here.


  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

 

 


Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Post the log here,

 

 

 

  • Please download Adware cleaner from the link below.
  • http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner
  • Save it to your desktop.
  • Right click run as admin.
  • Hit the scan button.
  • Allow completion.
  • Make sure all items are ticked.
  • Hit the clean button.
  • Even if no items are displayed to be ticked hit the clean button anyway.
  • The machine will reboot this is normal.
  • Post the log in your next reply.

 

Please download JRT from here & double click to start the program.

  1. Hit any key when prompted and allow it to run through it's process.

    H2HaYv4.png
  2. Post the log when it's finished.
  3.  


#3 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 01:11 AM

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Tom Fox (administrator) on 24-12-2013 at 00:06:28
Running from "C:\Documents and Settings\Tom Fox\My Documents\Homilies\Downloads"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Disconnected)
Dell Wireless 1390 WLAN Mini-Card = Wireless Network Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : Tommy

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Dell Wireless 1390 WLAN Mini-Card

        Physical Address. . . . . . . . . : 00-1E-4C-53-37-EA

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.64

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.1.1

        Lease Obtained. . . . . . . . . . : Monday, December 23, 2013 9:42:03 PM

        Lease Expires . . . . . . . . . . : Tuesday, December 24, 2013 9:42:03 PM

Server:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.227.174, 74.125.227.160, 74.125.227.161, 74.125.227.162
      74.125.227.163, 74.125.227.164, 74.125.227.165, 74.125.227.166, 74.125.227.167
      74.125.227.168, 74.125.227.169



Pinging google.com [173.194.115.14] with 32 bytes of data:



Reply from 173.194.115.14: bytes=32 time=21ms TTL=55

Reply from 173.194.115.14: bytes=32 time=24ms TTL=55



Ping statistics for 173.194.115.14:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 21ms, Maximum = 24ms, Average = 22ms

Server:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=113ms TTL=50

Reply from 98.138.253.109: bytes=32 time=111ms TTL=50



Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 111ms, Maximum = 113ms, Average = 112ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1e 4c 53 37 ea ...... Dell Wireless 1390 WLAN Mini-Card - McAfee Core NDIS Intermediate Filter Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.64      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0     192.168.1.64    192.168.1.64      25
     192.168.1.64  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.1.255  255.255.255.255     192.168.1.64    192.168.1.64      25
        224.0.0.0        240.0.0.0     192.168.1.64    192.168.1.64      25
  255.255.255.255  255.255.255.255     192.168.1.64    192.168.1.64      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [90112] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/23/2013 00:02:44 PM) (Source: Application Hang) (User: )
Description: Hanging application WINWORD.EXE, version 9.0.0.2717, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/23/2013 00:01:32 PM) (Source: Application Hang) (User: )
Description: Hanging application DrgToDsc.exe, version 9.0.0.53, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/20/2013 04:59:44 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/20/2013 04:59:43 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/20/2013 04:59:42 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/20/2013 04:59:41 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/20/2013 04:59:41 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/20/2013 04:59:39 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/20/2013 04:59:38 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.

Error: (12/20/2013 04:59:37 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This network connection does not exist.


System errors:
=============
Error: (12/23/2013 09:15:47 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.

Error: (12/21/2013 02:52:28 PM) (Source: 0) (User: )
Description: \Device\ACPIEC

Error: (12/21/2013 02:38:07 PM) (Source: ipnathlp) (User: )
Description: The Network Address Translator (NAT) was unable to request an operation
of the kernel-mode translation module.
This may indicate misconfiguration, insufficient resources, or
an internal error.
The data is the error code.

Error: (12/20/2013 04:58:59 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (12/20/2013 04:58:59 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/20/2013 04:58:59 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (12/20/2013 04:58:59 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (12/05/2013 07:31:03 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (12/05/2013 07:31:03 PM) (Source: W32Time) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (11/27/2013 10:38:58 PM) (Source: W32Time) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible.
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.


Microsoft Office Sessions:
=========================
Error: (12/23/2013 00:02:44 PM) (Source: Application Hang)(User: )
Description: WINWORD.EXE9.0.0.2717hungapp0.0.0.000000000

Error: (12/23/2013 00:01:32 PM) (Source: Application Hang)(User: )
Description: DrgToDsc.exe9.0.0.53hungapp0.0.0.000000000

Error: (12/20/2013 04:59:44 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/20/2013 04:59:43 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/20/2013 04:59:42 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/20/2013 04:59:41 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/20/2013 04:59:41 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/20/2013 04:59:39 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/20/2013 04:59:38 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.

Error: (12/20/2013 04:59:37 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis network connection does not exist.


=========================== Installed Programs ============================

ABBYY FineReader 6.0 Sprint (Version: 6.00.2146.41621)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.202)
Adobe Reader 8.1.4 (Version: 8.1.4)
AMD Processor Driver (Version: 1.3.2.)
America Online (Choose which version to remove)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Connectivity Services
AOLIcon (Version: 1.00.0000)
ATI Catalyst Control Center (Version: 1.2.2475.36837)
ATI Display Driver (Version: 8.31-061011a-053721C-Dell)
BibleWorks 7 (Version: 1.00.000)
Broadcom Management Programs (Version: 9.07.01)
BroadJump Client Foundation
Browser Address Error Redirector (Version: 1.00.0000)
Compatibility Pack for the 2007 Office system (Version: 12.0.6514.5001)
Conexant HDA D110 MDC V.92 Modem
Critical Update for Windows Media Player 11 (KB959772)
Curitel PC Card Software (Version: 2.0.8.406)
Dell Support Center (Version: 2.1.08060)
Dell System Restore (Version: 2.00.0000)
Dell Toolbar (Version: 1.8.12.0)
Dell V310-V510 Series
Dell Wireless WLAN Card (Version: 4.10.47.3)
Digital Line Detect (Version: 1.15)
Documentation & Support Launcher (Version: 1.00.0000)
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
EpicPlay
EPSON Connect version 1.0 (Version: 1.0)
Epson Customer Participation (Version: 1.6.3.0)
Epson Event Manager (Version: 3.01.0013)
EPSON Scan
EPSON XP-200 Series Printer Uninstall
EPSON XP-410 Series Printer Uninstall
Epson XP-410 User's Guide version 1.0 (Version: 1.0)
EpsonNet Print (Version: 2.6.0)
Games, Music, & Photos Launcher (Version: 1.00.0000)
Google Chrome (Version: 31.0.1650.63)
Google Desktop (Version: -)
Google Earth (Version: 7.1.2.2041)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.22.3)
Google Updater (Version: 2.4.2432.1652)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
Internet Service Offers Launcher (Version: 1.00.0000)
IrfanView (remove only)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Learn2 Player (Uninstall Only)
LTCM Client (Version: 1.20.3792)
Macromedia Shockwave Player
MapsGalaxy Toolbar
McAfee Security Scan Plus (Version: 3.8.130.10)
McAfee SecurityCenter (Version: 11.0.678)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Excel Viewer (Version: 12.0.6219.1000)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Word 2000 (Version: 9.00.2720)
Microsoft Works (Version: 08.05.0818)
Modem Helper (Version: 3.01)
Mozilla Firefox 26.0 (x86 en-US) (Version: 26.0)
Mozilla Maintenance Service (Version: 26.0)
MSN
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
Musicmatch for Windows Media Player (Version: 0.00.000)
NetWaiting (Version: 2.5.23)
NetZeroInstallers (Version: 1.0.0)
OpenOffice.org 3.1 (Version: 3.1.9399)
PowerDVD 5.7
QualxServ Service Agreement (Version: 1.11.0000)
QuickSet (Version: 8.1.10)
QuickTime
RealPlayer Basic
Recover My Files (Version: 3.9.8.5658)
Roxio Creator Audio (Version: 3.3.0)
Roxio Creator BDAV Plugin (Version: 3.3.0)
Roxio Creator Copy (Version: 3.3.0)
Roxio Creator Data (Version: 3.3.0)
Roxio Creator DE (Version: 3.3.0)
Roxio Creator Tools (Version: 3.3.0)
Roxio Drag-to-Disc (Version: 9.0)
Roxio Express Labeler (Version: 2.1.0)
Roxio MyDVD DE (Version: 9.0.116)
Roxio Update Manager (Version: 3.0.0)
SearchAssist
Software Updater (Version: 4.0.1)
Sonic Activation Module (Version: 1.0)
StartNow Toolbar (Version: 2.5.0)
Synaptics Pointing Device Driver (Version: 8.2.4.6)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 7 (KB976749) (Version: 1)
Update for Windows Internet Explorer 7 (KB980182) (Version: 1)
Update for Windows XP (KB894391) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB900485) (Version: 2)
Update for Windows XP (KB904942) (Version: 2)
Update for Windows XP (KB910437) (Version: 1)
Update for Windows XP (KB911280) (Version: 2)
Update for Windows XP (KB912945) (Version: 1)
Update for Windows XP (KB916595) (Version: 1)
Update for Windows XP (KB920872) (Version: 1)
Update for Windows XP (KB922582) (Version: 1)
Update for Windows XP (KB925720) (Version: 1)
Update for Windows XP (KB927891) (Version: 3)
Update for Windows XP (KB930916) (Version: 1)
Update for Windows XP (KB931836) (Version: 1)
Update for Windows XP (KB932823-v3) (Version: 3)
Update for Windows XP (KB933360) (Version: 1)
Update for Windows XP (KB938828) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB942840) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
VZAccess Manager (Version: 7.2.1.2)
WeatherBlink Toolbar
WeatherBug (Version: 7.0.0.3)
WebFldrs XP (Version: 9.50.7523)
WG111 Smart Wizard
Windows Imaging Component (Version: 3.0.0.0)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows XP Hotfix - KB873339 (Version: 20041117.092459)
Windows XP Hotfix - KB885250 (Version: 20050118.202711)
Windows XP Hotfix - KB885835 (Version: 20041027.181713)
Windows XP Hotfix - KB885836 (Version: 20041028.173203)
Windows XP Hotfix - KB885855 (Version: 20040930.104104)
Windows XP Hotfix - KB886185 (Version: 20041021.090540)
Windows XP Hotfix - KB887472 (Version: 20041014.162858)
Windows XP Hotfix - KB888302 (Version: 20041207.111426)
Windows XP Hotfix - KB889673 (Version: 20041116.085848)
Windows XP Hotfix - KB890859 (Version: 1)
Windows XP Hotfix - KB891781 (Version: 20050110.165439)
Windows XP Hotfix - KB893056 (Version: 20050126.164313)

========================= Devices: ================================

Name: Broadcom 440x 10/100 Integrated Controller
Description: Broadcom 440x 10/100 Integrated Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Broadcom
Service: bcm4sbxp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 1917.97 MB
Available physical RAM: 1348.88 MB
Total Pagefile: 3811.46 MB
Available Pagefile: 3056.55 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.21 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:71.44 GB) (Free:40.96 GB) NTFS

========================= Users: ========================================

User accounts for \\TOMMY

Administrator            Guest                    HelpAssistant            
SUPPORT_388945a0         Tom Fox                  


**** End of log ****
 



#4 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 01:18 AM

Results of screen317's Security Check version 0.99.77  
 Windows XP Service Pack 2 x86   
 Out of date service pack!!
 Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Disabled!  
 McAfee Security Scan Plus   
 McAfee SecurityCenter     
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Reader 8 Adobe Reader out of Date!
 Mozilla Firefox (26.0)
 Google Chrome 31.0.1650.57  
 Google Chrome 31.0.1650.63  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 11% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
 



#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 24 December 2013 - 01:31 AM

As far as the autoruns you can upload the file here.

http://www.filedropper.com/

 

Or simply copy and paste it.



#6 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 01:46 AM

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "9/27/2011 6:38 PM"
+ "Adobe Reader Speed Launcher"    "Adobe Acrobat SpeedLauncher"    "Adobe Systems Incorporated"    "c:\program files\adobe\reader 8.0\reader\reader_sl.exe"    "10/15/2008 3:04 AM"
+ "ATICCC"    ""    ""    "c:\program files\ati technologies\ati.ace\clistart.exe"    "5/10/2006 9:12 AM"
+ "Broadcom Wireless Manager UI"    "Dell Wireless WLAN Card Wireless Network Tray Applet"    "Dell Inc."    "c:\windows\system32\wltray.exe"    "12/16/2005 8:40 PM"
+ "Dell QuickSet"    "QuickSet"    "Dell Inc"    "c:\program files\dell\quickset\quickset.exe"    "2/20/2007 12:29 PM"
+ "DellSupportCenter"    ""    "SupportSoft, Inc."    "c:\program files\dell support center\bin\sprtcmd.exe"    "10/1/2007 3:00 AM"
+ "dleamon.exe"    "Printer Device Monitor"    ""    "c:\program files\dell v310-v510 series\dleamon.exe"    "12/16/2009 11:03 AM"
+ "dscactivate"    " "    " "    "c:\program files\dell support center\gs_agent\custom\dsca.exe"    "7/30/2007 10:19 AM"
+ "DVDLauncher"    "CyberLink PowerCinema Resident Program"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\dvdlauncher.exe"    "12/9/2005 6:29 AM"
+ "ECenter"    " "    " "    "c:\dell\e-center\eulalauncher.exe"    "5/23/2007 12:28 PM"
+ "EEventManager"    "EEventManager Application"    "SEIKO EPSON CORPORATION"    "c:\program files\epson software\event manager\eeventmanager.exe"    "7/30/2012 8:13 PM"
+ "EzPrint"    ""    ""    "c:\program files\dell v310-v510 series\ezprint.exe"    "6/22/2009 7:08 AM"
+ "Google Desktop Search"    "Google Desktop"    "Google"    "c:\program files\google\google desktop search\googledesktop.exe"    "8/20/2007 12:41 AM"
+ "ISUSPM Startup"    "Macrovision FLEXnet Connect Software Manager"    "Macrovision Corporation"    "c:\program files\common files\installshield\updateservice\isuspm.exe"    "8/9/2004 5:03 AM"
+ "ISUSScheduler"    "Macrovision FLEXnet Connect Scheduler"    "Macrovision Corporation"    "c:\program files\common files\installshield\updateservice\issch.exe"    "8/9/2004 5:03 AM"
+ "LTCM Client"    "LTCM Communications Client"    "Leader Technologies Inc."    "c:\program files\ltcm client\ltcmclient.exe"    "4/7/2011 4:44 PM"
+ "MapsGalaxy Search Scope Monitor"    "MindSpark Toolbar Platform SearchScope Monitor"    "MindSpark"    "c:\program files\mapsgalaxy_39\bar\1.bin\39srchmn.exe"    "12/3/2011 1:20 AM"
+ "MapsGalaxy_39 Browser Plugin Loader"    "VER_DESCRIPTION"    "VER_COMPANY_NAME"    "c:\program files\mapsgalaxy_39\bar\1.bin\39brmon.exe"    "5/11/2011 11:51 PM"
+ "mcui_exe"    "McAfee Security Center"    "McAfee, Inc."    "c:\program files\mcafee.com\agent\mcagent.exe"    "3/21/2012 6:44 PM"
+ "QuickTime Task"    ""    "Apple Computer, Inc."    "c:\program files\quicktime\qttask.exe"    "1/6/2004 4:12 PM"
+ "RoxioDragToDisc"    "Drag To Disc Application"    "Roxio"    "c:\program files\roxio\drag-to-disc\drgtodsc.exe"    "8/17/2006 9:23 AM"
+ "RoxWatchTray"    "RoxMMTrayApp Module"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe"    "11/5/2006 1:22 PM"
+ "SigmatelSysTrayApp"    "Sigmatel Audio system tray application"    "SigmaTel, Inc."    "c:\windows\stsystra.exe"    "7/27/2006 12:13 PM"
+ "StartNowToolbarHelper"    ""    ""    "File not found: C:\Program Files\StartNow Toolbar\ToolbarHelper.exe"    ""
+ "SynTPEnh"    "Synaptics TouchPad Enhancements"    "Synaptics, Inc."    "c:\program files\synaptics\syntp\syntpenh.exe"    "3/8/2006 2:48 PM"
+ "WeatherBlink Browser Plugin Loader"    "VER_DESCRIPTION"    "VER_COMPANY_NAME"    "c:\program files\weatherblink\bar\1.bin\gcbrmon.exe"    "5/11/2011 11:51 PM"
+ "WeatherBlink Search Scope Monitor"    "MindSpark Toolbar Platform SearchScope Monitor"    "MindSpark"    "c:\program files\weatherblink\bar\1.bin\gcsrchmn.exe"    "12/3/2011 1:20 AM"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup"    ""    ""    ""    "11/14/2013 8:24 PM"
+ "Digital Line Detect.lnk"    "Digital Line Detection"    "BVRP Software"    "c:\program files\digital line detect\dlg.exe"    "10/29/2003 2:23 AM"
+ "McAfee Security Scan Plus.lnk"    "McAfee Security Scanner Scheduler"    "McAfee, Inc."    "c:\program files\mcafee security scan\3.8.130\ssscheduler.exe"    "9/6/2013 10:07 AM"
+ "Microsoft Office.lnk"    "Microsoft Office 2000 component"    "Microsoft Corporation"    "c:\program files\microsoft office\office\osa9.exe"    "2/17/1999 2:05 PM"
+ "Smart Wizard Wireless Settings.lnk"    "NETGEAR Smart Wizard Wireless Utility"    ""    "c:\program files\netgear\wg111 configuration utility\wg111.exe"    "3/5/2004 12:01 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "12/17/2007 4:32 PM"
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "8/3/2004 11:58 PM"
+ "Google Chrome"    "Google Chrome"    "Google Inc."    "c:\program files\google\chrome\application\31.0.1650.63\installer\chrmstp.exe"    "12/3/2013 7:54 PM"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "8/3/2004 11:58 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "9/25/2011 8:35 PM"
+ "DellSupportCenter"    ""    "SupportSoft, Inc."    "c:\program files\dell support center\bin\sprtcmd.exe"    "10/1/2007 3:00 AM"
+ "DW6"    ""    ""    "File not found: C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"    ""
+ "EPLTarget\P0000000000000000"    "EPSON Status Monitor 3"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\spool\drivers\w32x86\3\e_fatiiee.exe"    "2/29/2012 1:11 AM"
+ "EPLTarget\P0000000000000001"    "EPSON Status Monitor 3"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\spool\drivers\w32x86\3\e_fatilae.exe"    "1/24/2013 1:20 AM"
+ "ModemOnHold"    ""    ""    "c:\program files\netwaiting\netwaiting.exe"    "9/10/2003 1:40 AM"
+ "MSMSGS"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"    "10/13/2004 10:24 AM"
+ "StartNow Search Protect"    "StartNow Search Update"    ""    "c:\program files\startnow toolbar\search_protect.exe"    "12/5/2009 4:50 PM"
+ "swg"    "GoogleToolbarNotifier"    "Google Inc."    "c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe"    "3/1/2007 4:23 PM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce"    ""    ""    ""    "9/25/2011 8:35 PM"
+ "1223_22128901466609"    ""    ""    "c:\documents and settings\tom fox\local settings\application data\logmein rescue applet\lmir0001.tmp_r.bat"    "12/23/2013 10:46 PM"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "8/10/2004 7:03 PM"
+ "application/x-mfe-ipt"    "McAfee MSC IE plugin DLL"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcsniepl.dll"    "3/21/2012 6:49 PM"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""    "8/10/2004 7:03 PM"
+ "dssrequest"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"    "11/5/2013 12:13 PM"
+ "ms-itss"    "Microsoft® InfoTech Storage System Library"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"    "6/20/2001 10:26 AM"
+ "sacore"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"    "11/5/2013 12:13 PM"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""    "12/17/2007 12:05 PM"
+ "0"    ""    ""    "File not found: About:Home"    ""
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "8/10/2004 6:58 AM"
+ "McCtxMenuFrmWrk"    "McAfee ContextMenu Framework"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"    "3/21/2012 6:48 PM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers"    ""    ""    ""    "12/12/2007 1:07 PM"
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\drag-to-disc\shellex.dll"    "8/17/2006 9:23 AM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "12/12/2007 1:07 PM"
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\drag-to-disc\shellex.dll"    "8/17/2006 9:23 AM"
"HKLM\Software\Classes\Directory\Shellex\CopyHookHandlers"    ""    ""    ""    "12/12/2007 1:07 PM"
+ "Roxio DragToDisc Shell Extension"    "DirectCD Shell Extention DLL"    "Roxio"    "c:\program files\roxio\drag-to-disc\shellex.dll"    "8/17/2006 9:23 AM"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "8/10/2004 7:03 PM"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"    "5/11/2007 12:54 AM"
+ "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"    ""    "Sun Microsystems, Inc."    "c:\program files\openoffice.org 3\basis\program\shlxthdl\shlxthdl.dll"    "4/17/2009 12:46 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "8/10/2004 7:03 PM"
+ "McCtxMenuFrmWrk"    "McAfee ContextMenu Framework"    "McAfee, Inc."    "c:\program files\mcafee\msc\mcctxmenufrmwrk.dll"    "3/21/2012 6:48 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "9/26/2011 7:29 AM"
+ "Adobe PDF Reader Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll"    "10/23/2006 1:08 AM"
+ "CBrowserHelperObject Object"    "BAE.dll"    "Dell Inc."    "c:\program files\dell\bae\bae.dll"    "11/9/2006 11:56 AM"
+ "Dell Toolbar"    ""    ""    "c:\program files\dell toolbar\toolband.dll"    "12/10/2008 3:10 AM"
+ "EpicPlay Games"    ""    ""    "c:\program files\epicplay\epicplaygames.dll"    ""
+ "Google Toolbar Helper"    "Google Toolbar"    "Google Inc."    "c:\program files\google\google toolbar\googletoolbar_32.dll"    "9/30/2013 7:25 PM"
+ "Google Toolbar Notifier BHO"    "GoogleToolbarNotifier"    "Google Inc."    "c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll"    "6/12/2013 11:11 AM"
+ "McAfee Phishing Filter"    ""    ""    "File not found: c:\progra~1\mcafee\msk\mskapbho.dll"    ""
+ "McAfee SiteAdvisor BHO"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"    "11/5/2013 12:13 PM"
+ "MSS+ Identifier"    "Quick Browser Identifier for MSS+ Tool"    "McAfee, Inc."    "c:\program files\mcafee security scan\3.8.130\mcafeemss_ie.dll"    "9/6/2013 10:05 AM"
+ "scriptproxy"    "VSCore Script Scanner"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\scriptsn.20120725211558.dll"    "12/9/2011 8:16 PM"
+ "Search Assistant BHO"    "MindSpark Search Assistant"    "MindSpark"    "c:\program files\mapsgalaxy_39\bar\1.bin\39srcas.dll"    "1/19/2012 9:46 PM"
+ "Search Assistant BHO"    "MindSpark Search Assistant"    "MindSpark"    "c:\program files\weatherblink\bar\1.bin\gcsrcas.dll"    "1/19/2012 9:46 PM"
+ "SSVHelper Class"    "Java™ 2 Platform Standard Edition binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre1.5.0_06\bin\ssv.dll"    "11/10/2005 3:22 PM"
+ "StartNow Toolbar Helper"    "Toolbar"    ""    "c:\program files\startnow toolbar\toolbar32.dll"    "5/24/2012 10:03 AM"
+ "Toolbar BHO"    "MindSpark Toolbar Platform"    "MindSpark"    "c:\program files\mapsgalaxy_39\bar\1.bin\39bar.dll"    "10/19/2012 1:03 PM"
+ "Toolbar BHO"    "MindSpark Toolbar Platform"    "MindSpark"    "c:\program files\weatherblink\bar\1.bin\gcbar.dll"    "10/5/2012 8:39 AM"
"HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks"    ""    ""    ""    "12/2/2013 7:24 PM"
+ "39srcas.dll"    "MindSpark Search Assistant"    "MindSpark"    "c:\program files\mapsgalaxy_39\bar\1.bin\39srcas.dll"    "1/19/2012 9:46 PM"
+ "gcsrcas.dll"    "MindSpark Search Assistant"    "MindSpark"    "c:\program files\weatherblink\bar\1.bin\gcsrcas.dll"    "1/19/2012 9:46 PM"
+ "McAfee SiteAdvisor Toolbar"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"    "11/5/2013 12:13 PM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "9/27/2011 6:43 PM"
+ "Dell Toolbar"    ""    ""    "c:\program files\dell toolbar\toolband.dll"    "12/10/2008 3:10 AM"
+ "Google Toolbar"    "Google Toolbar"    "Google Inc."    "c:\program files\google\google toolbar\googletoolbar_32.dll"    "9/30/2013 7:25 PM"
+ "MapsGalaxy"    "MindSpark Toolbar Platform"    "MindSpark"    "c:\program files\mapsgalaxy_39\bar\1.bin\39bar.dll"    "10/19/2012 1:03 PM"
+ "McAfee SiteAdvisor"    "SiteAdvisor"    "McAfee, Inc."    "c:\program files\mcafee\siteadvisor\mcieplg.dll"    "11/5/2013 12:13 PM"
+ "StartNow Toolbar"    "Toolbar"    ""    "c:\program files\startnow toolbar\toolbar32.dll"    "5/24/2012 10:03 AM"
+ "WeatherBlink"    "MindSpark Toolbar Platform"    "MindSpark"    "c:\program files\weatherblink\bar\1.bin\gcbar.dll"    "10/5/2012 8:39 AM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "9/27/2011 6:43 PM"
+ "Sun Java Console"    "Java™ 2 Platform Standard Edition binary"    "Sun Microsystems, Inc."    "c:\program files\java\jre1.5.0_06\bin\ssv.dll"    "11/10/2005 3:22 PM"
+ "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"    "10/13/2004 10:24 AM"
"Task Scheduler"    ""    ""    ""    ""
+ "EPSON XP-410 Series Invitation {60454C86-6948-4DB0-9723-7B2A4B915339}.job"    "E_DTSKSD.EXE"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\spool\drivers\w32x86\3\e_ftslae.exe"    "2/27/2013 6:44 PM"
+ "EPSON XP-410 Series Update {60454C86-6948-4DB0-9723-7B2A4B915339}.job"    "E_DTSKSD.EXE"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\spool\drivers\w32x86\3\e_ftslae.exe"    "2/27/2013 6:44 PM"
+ "Google Software Updater.job"    "gusvc"    "Google"    "c:\program files\google\common\google updater\googleupdaterservice.exe"    "3/2/2012 3:13 PM"
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "8/22/2008 1:35 PM"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "8/22/2008 1:35 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "12/12/2007 6:41 PM"
+ "AOL ACS"    "AOL Connectivity Service"    "America Online, Inc."    "c:\program files\common files\aol\acs\aolacsd.exe"    "4/7/2004 9:32 AM"
+ "AppMgmt"    "Provides software installation services such as Assign, Publish, and Remove."    ""    "File not found: C:\WINDOWS\System32\appmgmts.dll"    ""
+ "Ati HotKey Poller"    "ATI External Event Utility EXE Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.exe"    "10/11/2006 7:37 PM"
+ "dlea_device"    "Printer Communication System"    " "    "c:\windows\system32\dleacoms.exe"    "12/9/2009 1:35 PM"
+ "dleaCATSCustConnectService"    "Service Executable"    ""    "c:\windows\system32\spool\drivers\w32x86\3\dleaserv.exe"    "1/6/2009 11:48 PM"
+ "EpsonCustomerParticipation"    "Epson Customer Participation"    "SEIKO EPSON CORPORATION"    "c:\program files\epson\epsoncustomerparticipation\epcp.exe"    "9/20/2013 2:32 AM"
+ "EpsonScanSvc"    "Epson Scanner Service (32bit)"    "Seiko Epson Corporation"    "c:\windows\system32\escsvc.exe"    "5/17/2012 5:12 AM"
+ "GoogleDesktopManager"    "Google Desktop"    "Google"    "c:\program files\google\google desktop search\googledesktop.exe"    "8/20/2007 12:41 AM"
+ "gupdate1c9ff7baf140a5a"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "8/22/2008 1:35 PM"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "8/22/2008 1:35 PM"
+ "gusvc"    "Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work."    "Google"    "c:\program files\google\common\google updater\googleupdaterservice.exe"    "3/2/2012 3:13 PM"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"    "4/3/2005 11:41 PM"
+ "MapsGalaxy_39Service"    "PRODUCTVERS_TITLE"    "COMPANYVERS_NAME"    "c:\program files\mapsgalaxy_39\bar\1.bin\39barsvc.exe"    "5/13/2011 1:03 AM"
+ "McAfee SiteAdvisor Service"    "McAfee SiteAdvisor Service"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"    "1/27/2011 5:26 PM"
+ "McComponentHostService"    "McAfee Security Scan Component Host Service"    "McAfee, Inc."    "c:\program files\mcafee security scan\3.8.130\mcchsvc.exe"    "9/6/2013 10:06 AM"
+ "McMPFSvc"    "Helps protect your computer from intrusion and let's you manage your computer's trusted programs."    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"    "1/27/2011 5:26 PM"
+ "mcmscsvc"    "McAfee Services"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"    "1/27/2011 5:26 PM"
+ "McNaiAnn"    "McAfee VirusScan Announcer"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"    "1/27/2011 5:26 PM"
+ "McNASvc"    "Allows McAfee applications to communicate securely on the local network."    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"    "1/27/2011 5:26 PM"
+ "McODS"    "McAfee Scanner"    "McAfee, Inc."    "c:\program files\mcafee\virusscan\mcods.exe"    "1/12/2011 5:57 PM"
+ "McProxy"    "McAfee Proxy Service"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"    "1/27/2011 5:26 PM"
+ "McShield"    "McAfee OnAccess Scanner"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mcshield.exe"    "12/9/2011 8:15 PM"
+ "mfefire"    "Provides firewall services to McAfee products"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mfefire.exe"    "2/13/2012 5:40 PM"
+ "mfevtp"    "Provides validation trust protection services"    "McAfee, Inc."    "c:\program files\common files\mcafee\systemcore\mfevtps.exe"    "2/13/2012 5:34 PM"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"    "12/5/2013 11:09 AM"
+ "MSK80Service"    "This service filters e-mail messages on your computer"    "McAfee, Inc."    "c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe"    "1/27/2011 5:26 PM"
+ "RoxMediaDB9"    "Roxio RoxMediaDB9 Service"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe"    "11/5/2006 1:15 PM"
+ "RoxWatch9"    "RoxSniffer9 Module"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe"    "11/5/2006 1:12 PM"
+ "sprtsvc_dellsupportcenter"    "SupportSoft Sprocket Service"    "SupportSoft, Inc."    "c:\program files\dell support center\bin\sprtsvc.exe"    "10/1/2007 3:02 AM"
+ "stllssvr"    "SureThing Labelflash Disc Printer Service Module"    "MicroVision Development, Inc."    "c:\program files\common files\surething shared\stllssvr.exe"    "4/7/2006 8:34 PM"
+ "Updater Service for StartNow Toolbar"    "The startup of this service enables the periodic checking of software updates for the StartNow Toolbar and the download and installation of such updates if applicable. Disabling this service will stop the StartNow Toolbar from being updated and therefore is not recommended."    ""    "c:\program files\startnow toolbar\toolbarupdaterservice.exe"    "5/24/2012 7:43 AM"
+ "WeatherBlinkService"    "PRODUCTVERS_TITLE"    "COMPANYVERS_NAME"    "c:\program files\weatherblink\bar\1.bin\gcbarsvc.exe"    "5/13/2011 1:03 AM"
+ "wltrysvc"    "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant."    ""    "c:\windows\system32\wltrysvc.exe"    "12/16/2005 8:40 PM"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "10/18/2006 10:05 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "12/12/2007 6:41 PM"
+ "AmdK8"    "AMD Processor Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdk8.sys"    "7/1/2006 11:39 PM"
+ "APPDRV"    "App Support Driver"    "Dell Inc"    "c:\windows\system32\drivers\appdrv.sys"    "6/30/2004 9:39 AM"
+ "ASCTRM"    "TR Manager"    "Windows ® 2000 DDK provider"    "c:\windows\system32\drivers\asctrm.sys"    "2/5/2001 11:50 AM"
+ "ati2mtag"    "ATI Radeon WindowsNT Miniport Driver"    "ATI Technologies Inc."    "c:\windows\system32\drivers\ati2mtag.sys"    "10/11/2006 7:43 PM"
+ "BCM43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwl5.sys"    "11/2/2005 2:41 PM"
+ "bcm4sbxp"    "Broadcom Corporation NDIS 5.1 ethernet driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcm4sbxp.sys"    "8/17/2006 9:55 AM"
+ "cfwids"    "McAfee Personal Firewall IDS Plugin"    "McAfee, Inc."    "c:\windows\system32\drivers\cfwids.sys"    "2/13/2012 5:40 PM"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"    ""
+ "DLABMFSM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dlabmfsm.sys"    "8/18/2006 2:15 PM"
+ "DLABOIOM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dlaboiom.sys"    "8/18/2006 2:15 PM"
+ "DLACDBHM"    "Shared Driver Component"    "Roxio"    "c:\windows\system32\drivers\dlacdbhm.sys"    "8/11/2006 11:35 AM"
+ "DLADResM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dladresm.sys"    "8/18/2006 2:17 PM"
+ "DLAIFS_M"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dlaifs_m.sys"    "8/18/2006 2:14 PM"
+ "DLAOPIOM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dlaopiom.sys"    "8/18/2006 2:16 PM"
+ "DLAPoolM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dlapoolm.sys"    "8/18/2006 2:15 PM"
+ "DLARTL_M"    "Shared Driver Component"    "Roxio"    "c:\windows\system32\drivers\dlartl_m.sys"    "8/11/2006 11:33 AM"
+ "DLAUDF_M"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dlaudf_m.sys"    "8/18/2006 2:15 PM"
+ "DLAUDFAM"    "Drive Letter Access Component"    "Roxio"    "c:\windows\system32\dla\dlaudfam.sys"    "8/18/2006 2:15 PM"
+ "DRVMCDB"    "Device Driver"    "Sonic Solutions"    "c:\windows\system32\drivers\drvmcdb.sys"    "7/21/2006 12:20 PM"
+ "DRVNDDM"    "Device Driver Manager"    "Roxio"    "c:\windows\system32\drivers\drvnddm.sys"    "8/11/2006 12:05 PM"
+ "E100B"    "NDIS 5 driver"    "Intel Corporation"    "c:\windows\system32\drivers\e100b325.sys"    "6/12/2001 11:02 AM"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"    "8/12/2004 6:45 PM"
+ "HSF_DPV"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsx_dpv.sys"    "12/1/2005 7:40 PM"
+ "HSXHWAZL"    "HSF_HWAZL WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsxhwazl.sys"    "12/1/2005 7:40 PM"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"    ""
+ "mdmxsdk"    "Diagnostic Interface DRIVER"    "Conexant"    "c:\windows\system32\drivers\mdmxsdk.sys"    "10/5/2005 5:58 PM"
+ "mfeapfk"    "Access Protection Filter Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfeapfk.sys"    "2/13/2012 5:36 PM"
+ "mfeavfk"    "Anti-Virus File System Filter Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfeavfk.sys"    "2/13/2012 5:37 PM"
+ "mfeavfk01"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\mfeavfk01.sys"    ""
+ "mfebopk"    "Buffer Overflow Protection Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfebopk.sys"    "2/13/2012 5:37 PM"
+ "mfefirek"    "McAfee Core Firewall Engine Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfefirek.sys"    "2/13/2012 5:39 PM"
+ "mfehidk"    "McAfee Link Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfehidk.sys"    "2/13/2012 5:35 PM"
+ "mfendisk"    "McAfee NDIS Intermediate Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfendisk.sys"    "2/13/2012 5:36 PM"
+ "mfendiskmp"    "McAfee NDIS Intermediate Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfendisk.sys"    "2/13/2012 5:36 PM"
+ "mferkdet"    "McAfee Code Analysis Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mferkdet.sys"    "2/13/2012 5:37 PM"
+ "mfetdi2k"    "Anti-Virus Mini-Firewall Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mfetdi2k.sys"    "2/13/2012 5:36 PM"
+ "nv"    "NVIDIA Compatible Windows 2000 Miniport Driver, Version 56.73 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nv4_mini.sys"    "4/7/2004 8:30 PM"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"    ""
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"    ""
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"    ""
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"    ""
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"    ""
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"    "8/17/2001 2:49 PM"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"    "7/24/2006 6:18 PM"
+ "rimmptsk"    "RICOH MMC Driver"    "REDC"    "c:\windows\system32\drivers\rimmptsk.sys"    "7/14/2005 3:58 AM"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "9/13/2006 7:18 AM"
+ "SMSIVZAM5"    "Smith Micro NDIS 5.0 Protocol Driver"    "Smith Micro Inc."    "c:\program files\verizon wireless\vzaccess manager\smsivzam5.sys"    "10/7/2008 10:57 AM"
+ "STHDA"    "NDRC"    "SigmaTel, Inc."    "c:\windows\system32\drivers\sthda.sys"    "7/27/2006 12:07 PM"
+ "SynTP"    "Synaptics Touchpad Driver"    "Synaptics, Inc."    "c:\windows\system32\drivers\syntp.sys"    "3/8/2006 2:35 PM"
+ "wanatw"    "Wan Miniport (ATW)"    "America Online, Inc."    "c:\windows\system32\drivers\wanatw4.sys"    "7/16/2002 9:23 AM"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"    ""
+ "winachsf"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsx_cnxt.sys"    "12/1/2005 7:40 PM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "12/23/2013 9:41 PM"
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "8/4/2004 1:56 AM"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "1/29/2010 8:43 AM"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"    "8/4/2004 1:56 AM"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"    "8/17/2001 11:35 PM"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"    "8/4/2004 1:56 AM"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/17/2001 11:33 PM"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/17/2001 11:33 PM"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "8/4/2004 1:56 AM"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "8/4/2004 1:56 AM"
+ "vidc.tscc"    "TechSmith Screen Capture Codec"    "TechSmith Corporation"    "c:\windows\system32\tsccvid.dll"    "10/17/2000 10:26 AM"
"HKLM\Software\Classes\Filter"    ""    ""    ""    "12/20/2013 5:08 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "8/4/2004 1:56 AM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "8/4/2004 1:56 AM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "8/4/2004 1:56 AM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "8/4/2004 1:56 AM"
+ "Musicmatch Radio Source"    "Musicmatch Radio Filter"    "Musicmatch, Inc."    "c:\program files\musicmatch\musicmatch music services\mmradiodsfilter.ax"    "9/10/2004 1:01 PM"
+ "Musicmatch Radio Source"    "Musicmatch Radio Filter"    "Musicmatch, Inc."    "c:\program files\musicmatch\musicmatch music services\mmradiodsfilter.ax"    "9/10/2004 1:01 PM"
+ "Sonic MP4 Demultiplexer"    "Sonic MP4 Demultiplexer"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"    "8/2/2006 6:23 AM"
+ "Sonic MP4 Demultiplexer"    "Sonic MP4 Demultiplexer"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"    "8/2/2006 6:23 AM"
+ "Sonic Solutions AMR Decoder"    "Sonic Solutions  AMR Decoder"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"    "5/29/2006 6:47 AM"
+ "Sonic Solutions AMR Decoder"    "Sonic Solutions  AMR Decoder"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"    "5/29/2006 6:47 AM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "8/10/2004 7:03 PM"
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"    "8/17/2001 11:35 PM"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "Audio Destination"    "WAVDest Filter (Sample)"    "Microsoft Corporation"    "c:\program files\google\google earth\client\wavdest.ax"    "10/7/2013 1:33 PM"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "CyberLink Audio Decoder"    "CyberLink Audio Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\movie\claud.ax"    "7/29/2005 1:32 AM"
+ "CyberLink AudioCD Filter"    "CyberLink AudioCD Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\movie\claudiocd.ax"    "1/5/2004 4:57 AM"
+ "CyberLink DVD Navigator"    "CyberLink DVD Navigation Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\movie\clnavx.ax"    "7/26/2005 9:56 PM"
+ "CyberLink Line21 Decoder Filter"    "CyberLink Line21 Decoder Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\movie\clline21.ax"    "8/18/2004 3:01 AM"
+ "CyberLink TimeStretch Filter"    "CLAuTS.ax"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\movie\clauts.ax"    "1/19/2005 9:51 AM"
+ "CyberLink Video/SP Decoder DELL 5.3"    "CyberLink Video/SP Filter DELL 5.3"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\movie\clvsd.ax"    "11/14/2005 5:01 AM"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "8/4/2004 1:56 AM"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "8/4/2004 1:56 AM"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "8/4/2004 1:56 AM"
+ "LVMWriter"    "LVMWriter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\lvmwriter.ax"    "9/21/2006 12:04 AM"
+ "MainConcept (Sonic) DV Video Decoder"    "DirectShow DV Video Encoder and Decoder"    "MainConcept AG (Sonic)"    "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"    "3/24/2003 1:48 AM"
+ "MainConcept (Sonic) DV Video Encoder"    "DirectShow DV Video Encoder and Decoder"    "MainConcept AG (Sonic)"    "c:\program files\roxio\videocore 9\sonicmcdsdv.ax"    "3/24/2003 1:48 AM"
+ "Media Analyser"    "analyse Filter (Sample)"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\mediaanalyser.ax"    "9/20/2006 11:51 PM"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"    "1/29/2010 8:43 AM"
+ "Musicmatch Radio Source"    "Musicmatch Radio Filter"    "Musicmatch, Inc."    "c:\program files\musicmatch\musicmatch music services\mmradiodsfilter.ax"    "9/10/2004 1:01 PM"
+ "Photo Story 2 Trial Source Filter"    "Plus! Photo Story 2 LE"    "Microsoft Corporation"    "c:\program files\microsoft plus! photo story 2 le\pssf2try.dll"    "9/18/2003 4:40 PM"
+ "PSI Parser"    ""    ""    "c:\program files\roxio\videocore 9\psiparser.ax"    "9/20/2006 11:51 PM"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "Roxio Audio Decoder (DVD)"    "ROXIO Audio Decoder"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\roxiodvdaudio.dll"    "9/20/2006 11:16 PM"
+ "ROXIO Audio Source 3.0"    "VW Audio Source"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\audiosrc.ax"    "9/20/2006 11:51 PM"
+ "ROXIO Audio VCFChunker 3.0"    "Chunker Filter (Sample)"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\chunker.ax"    "9/20/2006 11:51 PM"
+ "ROXIO Audio VCFLooper 3.0"    "Looper Filter (Sample)"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\looper.ax"    "9/20/2006 11:48 PM"
+ "ROXIO AudioConvert 3.0"    "AudioConvert Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\audconv.ax"    "9/20/2006 11:48 PM"
+ "ROXIO AudioGrabber 3.0"    "VideoWave Frame Grabber"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\thumbnailgraber.ax"    "9/20/2006 11:50 PM"
+ "ROXIO ColorSpace Converter 3.0"    "ROXIO Color Space Converter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\colorspconv.dll"    "9/20/2006 11:50 PM"
+ "ROXIO CrossGraphEx Renderer 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\crossgraphex.ax"    "9/20/2006 11:49 PM"
+ "ROXIO CrossGraphEx Source 3.0"    "CrossGraphEx.ax"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\crossgraphex.ax"    "9/20/2006 11:49 PM"
+ "roxio DCFilters Audio Sync Filter 2"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "roxio DCFilters Dragons Lair"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "roxio DCFilters DVD Muxer"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "roxio DCFilters DVDStream Reader"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "roxio DCFilters DVDStream Splitter"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "roxio DCFilters Mpeg I/II Decoder"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "roxio DCFilters Smart Resizer"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "roxio DCFilters Subpicture Mixer"    "roxio DiscCopier DirectShow Filter Collection"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\dllshared\dcfilters9.dll"    "9/21/2006 2:50 AM"
+ "ROXIO Deinterlace 3.0"    "Video Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\deinter.ax"    "9/20/2006 11:49 PM"
+ "ROXIO DVDCrossGraphEx Renderer 3.0"    "DVDCrossGraphEx.ax"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"    "9/20/2006 11:50 PM"
+ "ROXIO DVDCrossGraphEx Source 3.0"    "DVDCrossGraphEx.ax"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\dvdcrossgraphex.ax"    "9/20/2006 11:50 PM"
+ "ROXIO Image/Colour Source 3.0"    "Colour Frame Source"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\imagesource.ax"    "9/20/2006 11:48 PM"
+ "ROXIO ListImage Source 3.0"    "ListFrameSource"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\listimagesource.ax"    "9/20/2006 11:51 PM"
+ "ROXIO LPCMSyncFilter"    "LPCMSync Filter"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\lpcmsyncfilter.dll"    "9/20/2006 11:14 PM"
+ "Roxio LVM File Source (Async.)"    "LVMAsync"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\lvmasync.ax"    "9/21/2006 12:05 AM"
+ "Roxio MPEG Analyzer Filter"    "MPEG File Analyzer Dynamic Link Library"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegprop.dll"    "9/20/2006 11:14 PM"
+ "Roxio MPEG Stream Analyzer"    "Roxio MPEG Stream Splitter"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpegstreamanalyzer.dll"    "9/20/2006 11:15 PM"
+ "Roxio MPEG1 Audio Encoder"    "ROXIO MPEG Audio Encoder"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\roxioaudioenc.dll"    "9/20/2006 11:15 PM"
+ "Roxio MPEG1 Encoder"    "ROXIO MPEG1 Codec"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1vidcodec.dll"    "9/20/2006 11:14 PM"
+ "Roxio MPEG1 Muxer"    "ROXIO MPEG MUXER"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpeg1muxer.dll"    "9/20/2006 11:14 PM"
+ "Roxio MPEG2 Demuxer"    "ROXIO MPEG Demuxer"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\roxiompegdemuxer.dll"    "9/20/2006 11:15 PM"
+ "Roxio MPEG2 Encoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"    "9/20/2006 11:14 PM"
+ "Roxio MPEG2 Muxer"    "ROXIO MPEG MUXER"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2muxer.dll"    "9/20/2006 11:14 PM"
+ "Roxio MPEG2 Video Decoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"    "9/20/2006 11:14 PM"
+ "ROXIO Pan Zoom 3.0"    "Video Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\panzoom.ax"    "9/20/2006 11:50 PM"
+ "ROXIO Pin Tee"    ""    ""    "c:\program files\roxio\videocore 9\roxioinftee.ax"    "9/20/2006 11:52 PM"
+ "Roxio Plasma CrossGraph Renderer"    "MGICGFilter.ax"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\plasmacgfilter.ax"    "9/21/2006 12:06 AM"
+ "Roxio Plasma CrossGraph Source"    "MGICGFilter.ax"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\plasmacgfilter.ax"    "9/21/2006 12:06 AM"
+ "ROXIO QT Source"    "QuickTime Loader"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\qtsource.ax"    "9/20/2006 11:49 PM"
+ "ROXIO QuickGrabber 3.0"    "VideoWave Frame Grabber"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\thumbnailgraber.ax"    "9/20/2006 11:50 PM"
+ "ROXIO Raw Writer"    "ROXIO Raw Writer"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mgirawwriter.dll"    "9/20/2006 11:14 PM"
+ "Roxio Repack Filter"    "Repack Filter"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\repackfilter.dll"    "9/20/2006 11:15 PM"
+ "ROXIO Scene Detector 3.0"    "Video Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\scenedetector.ax"    "9/20/2006 11:50 PM"
+ "ROXIO SceneRecorder 1.0"    "DVR support filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\scenerecorderfilt.ax"    "9/20/2006 11:51 PM"
+ "ROXIO Simple Dump 3.0"    "Simple Dump Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\rxsimpledump.ax"    "9/20/2006 11:49 PM"
+ "Roxio Smart Decoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"    "9/20/2006 11:14 PM"
+ "Roxio Smart Encoder"    "ROXIO MPEG2 Codec"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\mpeg2vidcodec.dll"    "9/20/2006 11:14 PM"
+ "ROXIO SpyPos 3.0"    "Null-In-Place (Sample)"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\mginullip.ax"    "9/20/2006 11:51 PM"
+ "ROXIO ThumbnailGrabber 3.0"    "VideoWave Frame Grabber"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\thumbnailgraber.ax"    "9/20/2006 11:50 PM"
+ "Roxio Transport Stream Source"    "ListFrameSource"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\tsmpegsource.dll"    "9/20/2006 11:15 PM"
+ "ROXIO VCFAudioMixer 3.0"    "AudioFlt Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\audmf.ax"    "9/20/2006 11:49 PM"
+ "ROXIO VCFDvrSupport 3.0"    "DVR support filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\dvrsupportfilt.ax"    "9/20/2006 11:51 PM"
+ "ROXIO VCFDVSceneDetect 1.0"    "DVR support filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\dvscenedetectfilt.ax"    "9/20/2006 11:51 PM"
+ "ROXIO VCFLatency 3.0"    "Latency Filter (Sample)"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\latency.ax"    "9/20/2006 11:51 PM"
+ "ROXIO VCFpeakmeter 3.0"    "Peakmeter Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\peakmeter.ax"    "9/20/2006 11:49 PM"
+ "ROXIO VCFVideoCutList 3.0"    "Video CutList Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\vcutlist.ax"    "9/20/2006 11:48 PM"
+ "ROXIO VCFWaveform 1.0"    "Waveform Filter (Sample)"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\waveform.ax"    "9/20/2006 11:49 PM"
+ "ROXIO Video Resampler 3.0"    "Video Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\vresamfilt.ax"    "9/20/2006 11:48 PM"
+ "ROXIO Video VCFLooper 3.0"    "Video Looper Filter (Sample)"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\vlooper.ax"    "9/20/2006 11:48 PM"
+ "ROXIO VideoCombine 3.0"    "Video Effect Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\videocombine.ax"    "9/20/2006 11:49 PM"
+ "Roxio VOB Formatter"    "VOBFormatter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\vobformatter.ax"    "9/21/2006 12:02 AM"
+ "Roxio Vob Loader"    "VOBLoader"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\vobloader.ax"    "9/21/2006 12:02 AM"
+ "ROXIO WAV Dest 3.0"    "MGI Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\wavhead.ax"    "9/20/2006 11:50 PM"
+ "Sewer"    "MVWcDSutil"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\mvwcdsutil.dll"    "9/20/2006 11:48 PM"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "Sonic MP4 Demultiplexer"    "Sonic MP4 Demultiplexer"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicmp4demux.ax"    "8/2/2006 6:23 AM"
+ "Sonic MPEG Audio Decoder"    "MPEG Video and Audio Decoder"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"    "5/31/2006 8:57 AM"
+ "Sonic MPEG Video Decoder"    "MPEG Video and Audio Decoder"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicdsmpeg.ax"    "5/31/2006 8:57 AM"
+ "Sonic MPEG-2 Video Decoder"    "MPEG-2 Video Decoder"    "Sonic Solutions Inc"    "c:\program files\common files\sonic shared\sonicmc01\sonicm2vd.ax"    "5/26/2006 9:35 PM"
+ "Sonic MPEG-4 Video Decoder"    "Sonic Mpeg-4 Video Decoder"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicm4vd.ax"    "8/1/2006 1:15 AM"
+ "Sonic Solutions AMR Decoder"    "Sonic Solutions  AMR Decoder"    "Sonic Solutions Inc."    "c:\program files\common files\sonic shared\sonicmc01\sonicamrd.ax"    "5/29/2006 6:47 AM"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "SubPicture Encoder"    "ROXIO SubPicture Encoder"    "Sonic Solutions"    "c:\program files\common files\roxio shared\9.0\mpeg\subpictenc.dll"    "9/20/2006 11:14 PM"
+ "VCG Null Renderer 3.0"    ""    ""    "c:\program files\roxio\videocore 9\videocompositing.ax"    "9/21/2006 12:21 AM"
+ "VCG Video Mixer 3.0"    ""    ""    "c:\program files\roxio\videocore 9\videocompositing.ax"    "9/21/2006 12:21 AM"
+ "VCGImageSource"    ""    ""    "c:\program files\roxio\videocore 9\videocompositing.ax"    "9/21/2006 12:21 AM"
+ "VMR9 Wrapper 3.0"    ""    ""    "c:\program files\roxio\videocore 9\videocompositing.ax"    "9/21/2006 12:21 AM"
+ "VW Input Selector"    "Video Effect Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\inputselector.ax"    "9/20/2006 11:51 PM"
+ "VW Input Selector 2"    "Video Effect Filter"    "Sonic Solutions"    "c:\program files\roxio\videocore 9\inputselector.ax"    "9/20/2006 11:51 PM"
+ "WAV Dest Trial"    "Plus! Photo Story 2 LE"    "Microsoft Corporation"    "c:\program files\microsoft plus! photo story 2 le\wavd2try.dll"    "9/18/2003 4:40 PM"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"    "8/17/2001 11:35 PM"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "8/4/2004 1:57 AM"
+ "{1AD512C6-24AF-4395-82B4-2D3CF21F44A2}"    "Roxio MP3 Encoder Dynamic Link Library"    "Roxio"    "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamwriter.ax"    "9/20/2006 8:32 PM"
+ "{472C92F0-5438-423D-9B30-FD2932EA44EE}"    "Roxio Audio Source Filter"    "Microsoft Corporation"    "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiosource.ax"    "9/20/2006 8:32 PM"
+ "{58FF69ED-8388-483B-B9AC-3EB04BBEB913}"    "Roxio Audio Stream Reader Filter"    "Microsoft Corporation"    "c:\program files\common files\roxio shared\9.0\sharedcom\rxdsaudiostreamreader.ax"    "9/20/2006 8:33 PM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls"    ""    ""    ""    "12/12/2007 1:08 PM"
+ "C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"    "Google Desktop"    "Google"    "c:\program files\google\google desktop search\googledesktopnetwork3.dll"    "8/20/2007 12:17 AM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""    "12/23/2013 9:41 PM"
+ "AtiExtEvent"    "ATI External Event Utility DLL Module"    "ATI Technologies Inc."    "c:\windows\system32\ati2evxx.dll"    "10/11/2006 7:38 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "12/23/2013 9:41 PM"
+ "EPSON XP-200 Series 32MonitorBA"    "EPSON Bi-directional Monitor x86"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\e_flbiea.dll"    "4/18/2011 10:12 PM"
+ "EPSON XP-200 Series 32MonitorBE"    "EPSON Bi-directional Monitor x86"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\e_flbiee.dll"    "4/18/2011 10:12 PM"
+ "EPSON XP-410 Series 32MonitorBE"    "EPSON Bi-directional Monitor x86"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\e_flmblae.dll"    "4/16/2013 5:45 PM"
+ "EpsonNet Print Port"    "EpsonNet Print Component"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\enppmon.dll"    "11/12/2012 12:15 AM"
+ "V310-V510 Series Port"    "Printer Communication System"    " "    "c:\windows\system32\dlealmpm.dll"    "12/9/2009 1:36 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"    ""    ""    ""    "8/10/2004 7:00 PM"
+ "BCMLogon"    "Dell Wireless WLAN Card Logon Provider"    "Broadcom Corporation"    "c:\windows\system32\bcmlogon.dll"    "12/16/2005 8:37 PM"
 



#7 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 09:36 AM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.24.01

Windows XP Service Pack 2 x86 NTFS
Internet Explorer 7.0.5730.13
Tom Fox :: TOMMY [administrator]

12/24/2013 12:56:56 AM
mbam-log-2013-12-24 (00-56-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 236933
Time elapsed: 33 minute(s), 23 second(s)

Memory Processes Detected: 1
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe (PUP.Optional.SweetPacks.A) -> 880 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
HKLM\SYSTEM\CurrentControlSet\Services\Updater Service for StartNow Toolbar (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{33119133-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{13119113-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\WeatherBlink.SkinLauncher.1 (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\WeatherBlink.SkinLauncher (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{03119103-0854-469d-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\Interface\{23119123-0854-469D-807A-171568457991} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\WeatherBlink.SkinLauncherSettings.1 (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCR\WeatherBlink.SkinLauncherSettings (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.

Registry Values Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|StartNow Search Protect (PUP.Optional.StartNow) -> Data: "C:\Program Files\StartNow Toolbar\search_protect.exe" /RELAY /REPORT /PROTECT -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy Search Scope Monitor (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~1\MAPSGA~2\bar\1.bin\39srchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MapsGalaxy_39 Browser Plugin Loader (PUP.Optional.MindSpark) -> Data: C:\PROGRA~1\MAPSGA~2\bar\1.bin\39brmon.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WeatherBlink Search Scope Monitor (PUP.Optional.MindSpark) -> Data: "C:\PROGRA~1\WEATHE~2\bar\1.bin\gcsrchmn.exe" /m=2 /w /h -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|WeatherBlink Browser Plugin Loader (PUP.Optional.MindSpark) -> Data: C:\PROGRA~1\WEATHE~2\bar\1.bin\gcbrmon.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 1
HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully.

Folders Detected: 0
(No malicious items detected)

Files Detected: 17
C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe (PUP.Optional.SweetPacks.A) -> Delete on reboot.
C:\Program Files\WeatherBlink\bar\1.bin\gcsknlcr.dll (PUP.Optional.FunWebProducts.A) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\TBU001\ToolbarUpdate.exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\4PANWHMV\updater-startnow-200-2.5-d[1].exe (PUP.Optional.SweetPacks.A) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clbcoko.dll (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Fox\Local Settings\Application Data\010112010146111103.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Fox\Local Settings\Application Data\010112010146114101.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Fox\Local Settings\Application Data\01011201014650115.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Tom Fox\Local Settings\Application Data\0101120101465198.xxe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\bk23567.dat (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\fdgg34353edfgdfdf (KoobFace.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\lgo (Koobface.Trace) -> Quarantined and deleted successfully.
C:\Program Files\StartNow Toolbar\search_protect.exe (PUP.Optional.StartNow) -> Quarantined and deleted successfully.
C:\Program Files\MapsGalaxy_39\bar\1.bin\39SrchMn.exe (PUP.Optional.MindSpark) -> Delete on reboot.
C:\Program Files\MapsGalaxy_39\bar\1.bin\39brmon.exe (PUP.Optional.MindSpark) -> Delete on reboot.
C:\Program Files\WeatherBlink\bar\1.bin\gcSrchMn.exe (PUP.Optional.MindSpark) -> Delete on reboot.
C:\Program Files\WeatherBlink\bar\1.bin\gcbrmon.exe (PUP.Optional.MindSpark) -> Delete on reboot.

(end)
 



#8 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 10:11 AM

# AdwCleaner v3.016 - Report created 24/12/2013 at 08:57:41
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 2 (32 bits)
# Username : Tom Fox - TOMMY
# Running from : C:\Documents and Settings\Tom Fox\My Documents\Homilies\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : MapsGalaxy_39Service

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\mapsgalaxy_39
Folder Deleted : C:\Program Files\StartNow Toolbar
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Documents and Settings\Tom Fox\Local Settings\Application Data\iac
Folder Deleted : C:\Documents and Settings\Tom Fox\Local Settings\Application Data\StartNow
Folder Deleted : C:\Documents and Settings\Tom Fox\Application Data\mapsgalaxy_39
Folder Deleted : C:\Documents and Settings\Tom Fox\Application Data\StartNow Toolbar
Folder Deleted : C:\Documents and Settings\Tom Fox\Application Data\Mozilla\Firefox\Profiles\c7gpkbw9.default\Extensions\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Folder Deleted : C:\Documents and Settings\Tom Fox\Application Data\Mozilla\Firefox\Profiles\c7gpkbw9.default\Extensions\39ffxtbr@MapsGalaxy_39.com
File Deleted : C:\Documents and Settings\Tom Fox\Application Data\Mozilla\Firefox\Profiles\c7gpkbw9.default\searchplugins\my-web-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [39ffxtbr@MapsGalaxy_39.com]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\incfcgceegpikennjoplhfghaaikdgei
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\&Search
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [StartNowToolbarHelper]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@MapsGalaxy_39.com/Plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{364EA597-E728-4CE4-BB4A-ED846EF47970}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E65F40C8-3CEB-47C2-9E01-BF73323DF4E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{38BF9661-BDA0-4A74-BB3B-576EC7AE16DC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{364EA597-E728-4CE4-BB4A-ED846EF47970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ABD93EAF-D775-BC54-E63B-2804F22FD156}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{364EA597-E728-4CE4-BB4A-ED846EF47970}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5911488E-9D1E-40EC-8CBB-06B231CC153F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{364EA597-E728-4CE4-BB4A-ED846EF47970}]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\MapsGalaxy_39
Key Deleted : HKCU\Software\StartNow Toolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\Software\MapsGalaxy_39
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MapsGalaxy_39bar Uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MapsGalaxy_39bar Uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.17055

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\w1qe0n80.default\prefs.js ]


[ File : C:\Documents and Settings\Tom Fox\Application Data\Mozilla\Firefox\Profiles\c7gpkbw9.default\prefs.js ]

Line Deleted : user_pref("extensions.mywebsearch.prevDefaultEngine", "Secure Search");
Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.startnow.com/s/?src=addrbar&provider=&provider_name=startnow&provider_code=&partner_id=999&product_id=10&affiliate_id=&channel=&toolbar_id[...]
Line Deleted : user_pref("extensions.mywebsearch.prevSelectedEngine", "StartNow ");
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=undefined&n=77ee160e&ptnrS=UXxpi000");
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.hp.user.defined", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.installDate", "2012091918");
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerId", "UXxpi000");
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerSubId", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.success", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.toolbarId", "undefined");
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.defaultSearch", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.homePageEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.keywordEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.tabEnabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.searchHistory", "catholic peerministry||espn personality||catholic examination of conscience||the bread of life discourse||About Me: Letters to the [...]
Line Deleted : user_pref("extensions.toolbar.mindspark._39Members_.weather.location", "70112");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=81B8B92C-8E6A-4094-A138-0916D46FE7E1&n=77ee5f1c&ptnrS=XNxdm002YYus&si=CKaAvp-yubMCFXSSPAod0n[...]
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.hp.enabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.hp.user.defined", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.initialized", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.installation.contextKey", "");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.installation.installDate", "2012110620");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerId", "XNxdm002YYus");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerSubId", "CKaAvp-yubMCFXSSPAod0nEAew");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.installation.success", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.installation.toolbarId", "81B8B92C-8E6A-4094-A138-0916D46FE7E1");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.lastActivePing", "1387878691485");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.options.defaultSearch", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.options.homePageEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.options.keywordEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.options.tabEnabled", true);
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.searchHistory", "landrieu||times-picayune.com||the cross room||wedding vows");
Line Deleted : user_pref("extensions.toolbar.mindspark._gcMembers_.weather.location", "70112");
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Line Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "weatherblink@mindspark.com");
Line Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=81B8B92C-8E6A-4094-A138-0916D46FE7E1&n=77ee5f1c&ind=2012110620&id=XNxdm002YYus&ptnrS=XNxdm002YYus&si=CKaAvp-[...]
Line Deleted : user_pref("plugin.blocklisted.npviewpoint", true);
Line Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.install_folder", "C:\\Program Files\\StartNow Toolbar");
Line Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.name", "StartNow Toolbar");
Line Deleted : user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.startpage", "tr.startnow.com");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Documents and Settings\Tom Fox\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : icon_url
Deleted : search_url
Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [12422 octets] - [24/12/2013 08:45:54]
AdwCleaner[S0].txt - [12489 octets] - [24/12/2013 08:57:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12550 octets] ##########
 



#9 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 10:23 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Tom Fox on Tue 12/24/2013 at  9:14:12.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.dynamicbarbutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.dynamicbarbutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.feedmanager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.feedmanager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlmenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlmenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlpanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.htmlpanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.multiplebutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.multiplebutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.pseudotransparentplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.pseudotransparentplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radio
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radio.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radiosettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.radiosettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.scriptbutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.scriptbutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.settingsplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.settingsplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlauncher.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlaunchersettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.skinlaunchersettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.thirdpartyinstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.thirdpartyinstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.urlalertbutton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.urlalertbutton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.xmlsessionplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\mapsgalaxy_39.xmlsessionplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1241CEBD-9777-4BC6-AAE5-2A77E25DB246}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{173A5778-34BF-48A2-8A5E-6963CE922FED}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1796EC91-D094-4A5F-B681-E16015D1CEAC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{26842A09-FFA8-4E2C-AE12-0C80F01C3295}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37ED966D-4D0E-4D66-9633-BEA542C92860}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3ED5E5EC-0965-4DD3-B7D8-DBC48A1172B9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4B7D0B0C-CFF3-49C5-9BC3-FFABC031C822}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4F28FA5F-7D15-4753-B4FC-D548A0F02BFB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{5E1BDCF6-DD5F-4DD3-8783-B1454AEF1830}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7D4DFAF7-F2CE-4C91-91A4-514C9612914D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9B58A6CE-B337-43D5-9C2F-8C6D92FBA094}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A083C35D-61A9-4625-BBB6-FB54E71B8527}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A35FF019-6DBE-4044-B080-6F3FA78A947F}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B70E008C-967B-4104-BC7B-6F7C77DBC38D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C4A25B73-8EF5-4282-9D21-C8920DD577A1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CAE88E60-CEA5-4FCB-B611-54EA6305D8AB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DB1384D8-1BDA-4C8D-A743-E9CA671FEB00}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E045DF14-BF1D-405C-A37B-A75C1551AD17}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F3477E9D-D2F6-49F0-9B23-854D7958D07E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56E4076B-A42B-4745-BA35-34DA8AC4C2F2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71C1D63A-C944-428A-A5BD-BA513190E5D2}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B9DCAE3-BE34-424C-8D73-75E305A9E091}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Tom Fox\Application Data\weatherblink"
Successfully deleted: [Folder] "C:\Program Files\epicplay"
Successfully deleted: [Folder] "C:\Program Files\weatherblink"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Tom Fox\Application Data\mozilla\firefox\profiles\c7gpkbw9.default\searchplugins\my-web-search.xml
Successfully deleted the following from C:\Documents and Settings\Tom Fox\Application Data\mozilla\firefox\profiles\c7gpkbw9.default\prefs.js

user_pref("browser.search.defaultenginename", "My Web Search");
user_pref("browser.search.selectedEngine", "My Web Search");
user_pref("browser.startup.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=81B8B92C-8E6A-4094-A138-0916D46FE7E1&n=77fdcf69&ptnrS=XNxdm002YYus&si=CKaAvp-yubMCFXSSPAod0n
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=81B8B92C-8E6A-4094-A138-0916D46FE7E1&n=77fdcf69&ind=201312240
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._gcMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=81B8B92C-8E6A-4094-A138-0916D46FE7E1&n=77fdcf69&ptnrS=XNxdm002YYus&
user_pref("extensions.toolbar.mindspark._gcMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.installDate", "2013122409");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerId", "XNxdm002YYus");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.partnerSubId", "CKaAvp-yubMCFXSSPAod0nEAew");
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.installation.toolbarId", "81B8B92C-8E6A-4094-A138-0916D46FE7E1");
user_pref("extensions.toolbar.mindspark._gcMembers_.lastActivePing", "1387897774891");
user_pref("extensions.toolbar.mindspark._gcMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._gcMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "weatherblink@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "weatherblink@mindspark.com");
user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=81B8B92C-8E6A-4094-A138-0916D46FE7E1&n=77fdcf69&ind=2013122409&id=XNxdm002YYus&ptnr
user_pref("{5911488E-9D1E-40ec-8CBB-06B231CC153F}.update_url", "hxxp://tbupdate.zugo.com/ztb/update?partner_id={partner_id}&product_id={product_id}&affiliate_id={affiliate_id}





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/24/2013 at  9:21:12.31
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#10 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 24 December 2013 - 10:24 AM

I think that's it. I've done everything as recommended above.

 

He needs to update programs, but I'll wait to see if there is anything else we should do first.


Edited by Tom.Fox, 24 December 2013 - 10:28 AM.


#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:19 PM

Posted 24 December 2013 - 03:59 PM

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

___________________-

 

Download tdss killer

http://support.kaspersky.com/downloads/utils/tdsskiller.exe


Right Click it Run As Admin xp users double click . Click on Change parameters Select TDLFS file system

Hit the Scan button Post the LOG In your next reply

Do not change the default options on scan results

 

___________________________________________-
 

 

Download, & save & then run the MS Safety scanner
Run a Full Scan
http://www.microsoft.com/security/scanner/en-us/default.aspx
Post. the result.

The safety scanner log should be called msert.txt
It should be located in the same folder as where you had msert.exe
If not there, then look for it under c:\windows

 

 

 

____________________________________________-

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Tell me how the machine is running now.



#12 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 03 January 2014 - 12:43 AM

Farbar Service Scanner Version: 05-12-2013
Ran by Tom Fox (administrator) on 02-01-2014 at 23:41:10
Running from "C:\Documents and Settings\Tom Fox\My Documents\Homilies\Downloads"
Microsoft Windows XP Home Edition Service Pack 2 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2004-08-10 12:50] - [2006-05-19 06:59] - 0111616 ____A (Microsoft Corporation) EF545E1A4B043DA4C84E230DD471C55F

C:\WINDOWS\system32\Drivers\afd.sys
[2004-08-10 12:50] - [2008-08-14 03:51] - 0138368 ____A (Microsoft Corporation) 55E6E1C51B6D30E54335750955453702

C:\WINDOWS\system32\Drivers\netbt.sys
[2004-08-10 12:51] - [2004-08-04 05:00] - 0162816 ____A (Microsoft Corporation) 0C80E410CD2F47134407EE7DD19CC86B

C:\WINDOWS\system32\Drivers\tcpip.sys
[2004-08-10 12:51] - [2008-06-20 04:45] - 0360320 ____A (Microsoft Corporation) 2A5554FC5B1E04E131230E3CE035C3F9

C:\WINDOWS\system32\Drivers\ipsec.sys
[2004-08-10 12:51] - [2004-08-04 05:00] - 0074752 ____A (Microsoft Corporation) 64537AA5C003A6AFEEE1DF819062D0D1

C:\WINDOWS\system32\dnsrslvr.dll
[2004-08-10 12:50] - [2008-02-19 23:32] - 0045568 ____A (Microsoft Corporation) AAC8FFBFD61E784FA3BAC851D4A0BD5F

C:\WINDOWS\system32\ipnathlp.dll
[2004-08-10 12:51] - [2004-08-04 05:00] - 0331264 ____A (Microsoft Corporation) 36CC8C01B5E50163037BEF56CB96DEFF

C:\WINDOWS\system32\netman.dll
[2004-08-10 12:51] - [2005-08-22 12:29] - 0197632 ____A (Microsoft Corporation) 36739B39267914BA69AD0610A0299732

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 13:01] - [2004-08-04 05:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\srsvc.dll
[2004-08-10 13:02] - [2004-08-04 05:00] - 0170496 ____A (Microsoft Corporation) 92BDF74F12D6CBEC43C94D4B7F804838

C:\WINDOWS\system32\Drivers\sr.sys
[2004-08-10 13:02] - [2004-08-04 05:00] - 0073472 ____A (Microsoft Corporation) E41B6D037D6CD08461470AF04500DC24

C:\WINDOWS\system32\wscsvc.dll
[2004-08-10 12:51] - [2004-08-04 05:00] - 0081408 ____A (Microsoft Corporation) 4D59DAA66C60858CDF4F67A900F42D4A

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2004-08-10 13:01] - [2004-08-04 05:00] - 0144896 ____A (Microsoft Corporation) F399242A80C4066FD155EFA4CF96658E

C:\WINDOWS\system32\wuauserv.dll
[2004-08-10 13:02] - [2004-08-04 05:00] - 0006656 ____A (Microsoft Corporation) 13D72740963CBA12D9FF76A7F218BCD8

C:\WINDOWS\system32\qmgr.dll
[2004-08-10 13:02] - [2004-08-04 05:00] - 0382464 ____A (Microsoft Corporation) 2C69EC7E5A311334D10DD95F338FCCEA

C:\WINDOWS\system32\es.dll
[2004-08-10 12:51] - [2008-07-07 14:32] - 0253952 ____A (Microsoft Corporation) 60D1A6342238378BFB7545C81EE3606C

C:\WINDOWS\system32\cryptsvc.dll
[2004-08-10 12:50] - [2004-08-04 05:00] - 0060416 ____A (Microsoft Corporation) 10654F9DDCEA9C46CFB77554231BE73B

C:\WINDOWS\system32\svchost.exe
[2004-08-10 12:51] - [2004-08-04 05:00] - 0014336 ____A (Microsoft Corporation) 8F078AE4ED187AAABC0A305146DE6716

C:\WINDOWS\system32\rpcss.dll
[2004-08-10 12:51] - [2009-02-09 04:01] - 0401408 ____A (Microsoft Corporation) 24B5D53B9ACCC1E2EDCF0A878D6659D4

C:\WINDOWS\system32\services.exe
[2004-08-10 12:51] - [2009-02-06 04:22] - 0110592 ____A (Microsoft Corporation) 4712531AB7A01B7EE059853CA17D39BD


Extra List:
=======
Gpc(6) IPSec(4) mfetdi2k(8) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

 

23:45:02.0187 4856  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:45:04.0203 4856  ============================================================
23:45:04.0203 4856  Current date / time: 2014/01/02 23:45:04.0203
23:45:04.0203 4856  SystemInfo:
23:45:04.0203 4856  
23:45:04.0203 4856  OS Version: 5.1.2600 ServicePack: 2.0
23:45:04.0203 4856  Product type: Workstation
23:45:04.0203 4856  ComputerName: TOMMY
23:45:04.0203 4856  UserName: Tom Fox
23:45:04.0203 4856  Windows directory: C:\WINDOWS
23:45:04.0203 4856  System windows directory: C:\WINDOWS
23:45:04.0203 4856  Processor architecture: Intel x86
23:45:04.0203 4856  Number of processors: 2
23:45:04.0203 4856  Page size: 0x1000
23:45:04.0203 4856  Boot type: Normal boot
23:45:04.0203 4856  ============================================================
23:45:07.0015 4856  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
23:45:07.0031 4856  ============================================================
23:45:07.0046 4856  \Device\Harddisk0\DR0:
23:45:07.0046 4856  MBR partitions:
23:45:07.0046 4856  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2B24B, BlocksNum 0x8EE1AEE
23:45:07.0046 4856  ============================================================
23:45:07.0093 4856  C: <-> \Device\Harddisk0\DR0\Partition1
23:45:07.0093 4856  ============================================================
23:45:07.0093 4856  Initialize success
23:45:07.0093 4856  ============================================================
23:46:48.0359 5084  ============================================================
23:46:48.0359 5084  Scan started
23:46:48.0359 5084  Mode: Manual;
23:46:48.0359 5084  ============================================================
23:46:48.0796 5084  ================ Scan system memory ========================
23:46:48.0796 5084  System memory - ok
23:46:48.0812 5084  ================ Scan services =============================
23:46:48.0906 5084  Abiosdsk - ok
23:46:48.0953 5084  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
23:46:49.0187 5084  abp480n5 - ok
23:46:49.0234 5084  [ A10C7534F7223F4A73A948967D00E69B ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
23:46:49.0234 5084  ACPI - ok
23:46:49.0265 5084  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
23:46:49.0265 5084  ACPIEC - ok
23:46:49.0296 5084  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
23:46:49.0531 5084  adpu160m - ok
23:46:49.0578 5084  [ 1EE7B434BA961EF845DE136224C30FEC ] aec             C:\WINDOWS\system32\drivers\aec.sys
23:46:49.0593 5084  aec - ok
23:46:49.0640 5084  [ 55E6E1C51B6D30E54335750955453702 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
23:46:49.0640 5084  AFD - ok
23:46:49.0671 5084  [ 2C428FA0C3E3A01ED93C9B2A27D8D4BB ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
23:46:49.0671 5084  agp440 - ok
23:46:49.0703 5084  [ 67288B07D6ABA6C1267B626E67BC56FD ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
23:46:49.0718 5084  agpCPQ - ok
23:46:49.0750 5084  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
23:46:49.0984 5084  Aha154x - ok
23:46:50.0000 5084  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
23:46:50.0218 5084  aic78u2 - ok
23:46:50.0250 5084  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
23:46:50.0468 5084  aic78xx - ok
23:46:50.0500 5084  [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
23:46:50.0515 5084  Alerter - ok
23:46:50.0546 5084  [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG             C:\WINDOWS\System32\alg.exe
23:46:50.0546 5084  ALG - ok
23:46:50.0593 5084  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
23:46:50.0812 5084  AliIde - ok
23:46:50.0843 5084  [ F312B7CEF21EFF52FA23056B9D815FAD ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
23:46:50.0859 5084  alim1541 - ok
23:46:50.0875 5084  [ 675C16A3C1F8482F85EE4A97FC0DDE3D ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
23:46:50.0875 5084  amdagp - ok
23:46:50.0937 5084  [ EFBB0956BAED786E137351B5CA272AEF ] AmdK8           C:\WINDOWS\system32\DRIVERS\AmdK8.sys
23:46:50.0937 5084  AmdK8 - ok
23:46:50.0953 5084  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
23:46:51.0187 5084  amsint - ok
23:46:51.0343 5084  [ 8FA646F0E639D9A8C8B98E217D471DC0 ] AOL ACS         C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
23:46:51.0609 5084  AOL ACS - ok
23:46:51.0656 5084  [ EC94E05B76D033B74394E7B2175103CF ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
23:46:52.0093 5084  APPDRV - ok
23:46:52.0109 5084  AppMgmt - ok
23:46:52.0187 5084  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
23:46:52.0406 5084  asc - ok
23:46:52.0437 5084  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
23:46:52.0671 5084  asc3350p - ok
23:46:52.0703 5084  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
23:46:52.0921 5084  asc3550 - ok
23:46:52.0984 5084  [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
23:46:53.0203 5084  ASCTRM - ok
23:46:53.0390 5084  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
23:46:53.0671 5084  aspnet_state - ok
23:46:53.0812 5084  [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
23:46:53.0828 5084  AsyncMac - ok
23:46:53.0859 5084  [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
23:46:53.0875 5084  atapi - ok
23:46:53.0875 5084  Atdisk - ok
23:46:53.0937 5084  [ 8BB6A2488A93259FDDC18D040008C1A4 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
23:46:54.0218 5084  Ati HotKey Poller - ok
23:46:54.0312 5084  [ E78B73EB84C257D0D940E041742D2699 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
23:46:54.0515 5084  ati2mtag - ok
23:46:54.0562 5084  [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
23:46:54.0562 5084  Atmarpc - ok
23:46:54.0609 5084  [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
23:46:54.0609 5084  AudioSrv - ok
23:46:54.0656 5084  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
23:46:54.0671 5084  audstub - ok
23:46:54.0765 5084  [ 30D20FC98BCFD52E1DA778CF19B223D4 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
23:46:54.0781 5084  BCM43XX - ok
23:46:54.0828 5084  [ 6489310D11971F6BA6C7F49BE0BAF6E0 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
23:46:55.0250 5084  bcm4sbxp - ok
23:46:55.0296 5084  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
23:46:55.0296 5084  Beep - ok
23:46:55.0375 5084  [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS            C:\WINDOWS\system32\qmgr.dll
23:46:55.0390 5084  BITS - ok
23:46:55.0453 5084  [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser         C:\WINDOWS\System32\browser.dll
23:46:55.0453 5084  Browser - ok
23:46:55.0484 5084  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
23:46:55.0500 5084  cbidf - ok
23:46:55.0515 5084  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
23:46:55.0515 5084  cbidf2k - ok
23:46:55.0531 5084  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
23:46:55.0750 5084  cd20xrnt - ok
23:46:55.0765 5084  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
23:46:55.0765 5084  Cdaudio - ok
23:46:55.0796 5084  [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
23:46:55.0796 5084  Cdfs - ok
23:46:55.0812 5084  [ AF9C19B3100FE010496B1A27181FBF72 ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
23:46:55.0828 5084  Cdrom - ok
23:46:55.0875 5084  [ 1C7B1E36F3CED9E4B0B13385E627FE8B ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
23:46:56.0109 5084  cfwids - ok
23:46:56.0109 5084  Changer - ok
23:46:56.0156 5084  [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc           C:\WINDOWS\system32\cisvc.exe
23:46:56.0156 5084  CiSvc - ok
23:46:56.0203 5084  [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
23:46:56.0203 5084  ClipSrv - ok
23:46:56.0265 5084  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:46:56.0531 5084  clr_optimization_v2.0.50727_32 - ok
23:46:56.0578 5084  [ 4266BE808F85826AEDF3C64C1E240203 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
23:46:56.0578 5084  CmBatt - ok
23:46:56.0609 5084  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
23:46:56.0609 5084  CmdIde - ok
23:46:56.0640 5084  [ DF1B1A24BF52D0EBC01ED4ECE8979F50 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
23:46:56.0656 5084  Compbatt - ok
23:46:56.0656 5084  COMSysApp - ok
23:46:56.0703 5084  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
23:46:56.0718 5084  Cpqarray - ok
23:46:56.0750 5084  [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
23:46:56.0750 5084  CryptSvc - ok
23:46:56.0781 5084  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
23:46:56.0812 5084  dac2w2k - ok
23:46:56.0828 5084  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
23:46:57.0062 5084  dac960nt - ok
23:46:57.0109 5084  [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
23:46:57.0125 5084  DcomLaunch - ok
23:46:57.0171 5084  [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
23:46:57.0171 5084  Dhcp - ok
23:46:57.0218 5084  [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
23:46:57.0234 5084  Disk - ok
23:46:57.0281 5084  [ 0659E6E0A95564F958D9DF7313F7701E ] DLABMFSM        C:\WINDOWS\system32\DLA\DLABMFSM.SYS
23:46:57.0531 5084  DLABMFSM - ok
23:46:57.0531 5084  [ 8691C78908F0BD66170669DB268369F2 ] DLABOIOM        C:\WINDOWS\system32\DLA\DLABOIOM.SYS
23:46:57.0781 5084  DLABOIOM - ok
23:46:57.0796 5084  [ 76167B5EB2DFFC729EDC36386876B40B ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
23:46:58.0015 5084  DLACDBHM - ok
23:46:58.0031 5084  [ 5615744A1056933B90E6AC54FEB86F35 ] DLADResM        C:\WINDOWS\system32\DLA\DLADResM.SYS
23:46:58.0250 5084  DLADResM - ok
23:46:58.0250 5084  [ 1AECA2AFA5005CE4A550CF8EB55A8C88 ] DLAIFS_M        C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
23:46:58.0500 5084  DLAIFS_M - ok
23:46:58.0515 5084  [ 840E7F6ABB885C72B9FFDDB022EF5B6D ] DLAOPIOM        C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
23:46:58.0765 5084  DLAOPIOM - ok
23:46:58.0765 5084  [ 0294D18731AC05DA80132CE88F8A876B ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS
23:46:59.0000 5084  DLAPoolM - ok
23:46:59.0015 5084  [ 91886FED52A3F9966207BCE46CFD794F ] DLARTL_M        C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
23:46:59.0265 5084  DLARTL_M - ok
23:46:59.0281 5084  [ CCA4E121D599D7D1706A30F603731E59 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
23:46:59.0531 5084  DLAUDFAM - ok
23:46:59.0546 5084  [ 7DAB85C33135DF24419951DA4E7D38E5 ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
23:46:59.0812 5084  DLAUDF_M - ok
23:46:59.0968 5084  [ 8A0A21C9E566959A31FEE2BB8629AE7B ] dleaCATSCustConnectService C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\dleaserv.exe
23:47:00.0234 5084  dleaCATSCustConnectService - ok
23:47:00.0250 5084  dlea_device - ok
23:47:00.0265 5084  dmadmin - ok
23:47:00.0359 5084  [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
23:47:00.0406 5084  dmboot - ok
23:47:00.0437 5084  [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
23:47:00.0453 5084  dmio - ok
23:47:00.0484 5084  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
23:47:00.0484 5084  dmload - ok
23:47:00.0515 5084  [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver        C:\WINDOWS\System32\dmserver.dll
23:47:00.0531 5084  dmserver - ok
23:47:00.0578 5084  [ A6F881284AC1150E37D9AE47FF601267 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
23:47:00.0578 5084  DMusic - ok
23:47:00.0640 5084  [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
23:47:00.0640 5084  Dnscache - ok
23:47:00.0671 5084  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
23:47:00.0687 5084  dpti2o - ok
23:47:00.0718 5084  [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
23:47:00.0718 5084  drmkaud - ok
23:47:00.0734 5084  [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
23:47:00.0984 5084  DRVMCDB - ok
23:47:01.0015 5084  [ 6E6AB29D3C06E64CE81FEACDA85394B5 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
23:47:01.0265 5084  DRVNDDM - ok
23:47:01.0296 5084  [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
23:47:01.0515 5084  E100B - ok
23:47:01.0625 5084  [ 3192C2F511FC0ED41989AE1AB32BAEE3 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
23:47:01.0890 5084  EpsonCustomerParticipation - ok
23:47:01.0937 5084  [ B538590B338F5379D4B33E266902008B ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc.exe
23:47:02.0203 5084  EpsonScanSvc - ok
23:47:02.0250 5084  [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc           C:\WINDOWS\System32\ersvc.dll
23:47:02.0265 5084  ERSvc - ok
23:47:02.0296 5084  [ 4712531AB7A01B7EE059853CA17D39BD ] Eventlog        C:\WINDOWS\system32\services.exe
23:47:02.0312 5084  Eventlog - ok
23:47:02.0359 5084  [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem     C:\WINDOWS\system32\es.dll
23:47:02.0359 5084  EventSystem - ok
23:47:02.0421 5084  [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
23:47:02.0437 5084  Fastfat - ok
23:47:02.0500 5084  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
23:47:02.0656 5084  FastUserSwitchingCompatibility - ok
23:47:02.0718 5084  [ FCBD571FA0EE8DC238944AE5FAB74461 ] Fax             C:\WINDOWS\system32\fxssvc.exe
23:47:02.0734 5084  Fax - ok
23:47:02.0765 5084  [ CED2E8396A8838E59D8FD529C680E02C ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
23:47:02.0781 5084  Fdc - ok
23:47:02.0796 5084  [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
23:47:02.0812 5084  Fips - ok
23:47:02.0843 5084  [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
23:47:02.0843 5084  Flpydisk - ok
23:47:02.0906 5084  [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
23:47:03.0187 5084  FltMgr - ok
23:47:03.0265 5084  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
23:47:03.0281 5084  FontCache3.0.0.0 - ok
23:47:03.0312 5084  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
23:47:03.0312 5084  Fs_Rec - ok
23:47:03.0343 5084  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
23:47:03.0343 5084  Ftdisk - ok
23:47:03.0531 5084  [ ADA3073919C14251DA17D4D9574822D1 ] GoogleDesktopManager C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
23:47:03.0953 5084  GoogleDesktopManager - ok
23:47:03.0984 5084  [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
23:47:03.0984 5084  Gpc - ok
23:47:04.0046 5084  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9ff7baf140a5a C:\Program Files\Google\Update\GoogleUpdate.exe
23:47:04.0046 5084  gupdate1c9ff7baf140a5a - ok
23:47:04.0062 5084  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:47:04.0062 5084  gupdatem - ok
23:47:04.0125 5084  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:47:04.0375 5084  gusvc - ok
23:47:04.0421 5084  [ E31363D186B3E1D7C4E9117884A6AEE5 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
23:47:04.0437 5084  HDAudBus - ok
23:47:04.0484 5084  [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
23:47:04.0484 5084  helpsvc - ok
23:47:04.0500 5084  HidServ - ok
23:47:04.0546 5084  [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
23:47:04.0562 5084  HidUsb - ok
23:47:04.0578 5084  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
23:47:04.0812 5084  hpn - ok
23:47:04.0875 5084  [ E8EC1767EA315A39A0DD8989952CA0E9 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
23:47:04.0921 5084  HSF_DPV - ok
23:47:04.0953 5084  [ 61478FA42EE04562E7F11F4DCA87E9C8 ] HSXHWAZL        C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
23:47:05.0156 5084  HSXHWAZL - ok
23:47:05.0203 5084  [ 9F8B0F4276F618964FD118BE4289B7CD ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
23:47:05.0218 5084  HTTP - ok
23:47:05.0265 5084  [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
23:47:05.0281 5084  HTTPFilter - ok
23:47:05.0312 5084  [ 8F09F91B5C91363B77BCD15599570F2C ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
23:47:05.0328 5084  i2omgmt - ok
23:47:05.0359 5084  [ ED6BF9E441FDEA13292A6D30A64A24C3 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
23:47:05.0359 5084  i2omp - ok
23:47:05.0390 5084  [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
23:47:05.0406 5084  i8042prt - ok
23:47:05.0484 5084  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
23:47:05.0765 5084  IDriverT - ok
23:47:05.0875 5084  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:47:06.0156 5084  idsvc - ok
23:47:06.0187 5084  [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
23:47:06.0187 5084  Imapi - ok
23:47:06.0234 5084  [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService    C:\WINDOWS\system32\imapi.exe
23:47:06.0250 5084  ImapiService - ok
23:47:06.0281 5084  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
23:47:06.0500 5084  ini910u - ok
23:47:06.0531 5084  [ 2D722B2B54AB55B2FA475EB58D7B2AAD ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
23:47:06.0531 5084  IntelIde - ok
23:47:06.0562 5084  [ 279FB78702454DFF2BB445F238C048D2 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
23:47:06.0578 5084  intelppm - ok
23:47:06.0593 5084  [ 4448006B6BC60E6C027932CFC38D6855 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
23:47:06.0609 5084  Ip6Fw - ok
23:47:06.0625 5084  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
23:47:06.0640 5084  IpFilterDriver - ok
23:47:06.0656 5084  [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
23:47:06.0671 5084  IpInIp - ok
23:47:06.0734 5084  [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
23:47:06.0734 5084  IpNat - ok
23:47:06.0750 5084  [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
23:47:06.0765 5084  IPSec - ok
23:47:06.0796 5084  [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
23:47:06.0796 5084  IRENUM - ok
23:47:06.0828 5084  [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
23:47:06.0828 5084  isapnp - ok
23:47:06.0875 5084  [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
23:47:06.0875 5084  Kbdclass - ok
23:47:06.0921 5084  [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
23:47:06.0953 5084  kmixer - ok
23:47:06.0968 5084  [ 1BE7CC2535D760AE4D481576EB789F24 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
23:47:07.0125 5084  KSecDD - ok
23:47:07.0171 5084  [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
23:47:07.0328 5084  lanmanserver - ok
23:47:07.0359 5084  [ E1F27CFCD114EC9F1E1F44674B2FF9F0 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
23:47:07.0515 5084  lanmanworkstation - ok
23:47:07.0531 5084  lbrtfdc - ok
23:47:07.0593 5084  [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
23:47:07.0593 5084  LmHosts - ok
23:47:07.0671 5084  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:47:07.0937 5084  McAfee SiteAdvisor Service - ok
23:47:08.0031 5084  [ E4DFBE4C4A9C2BD87C1430F445F3E3CB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
23:47:08.0296 5084  McComponentHostService - ok
23:47:08.0296 5084  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:47:08.0312 5084  McMPFSvc - ok
23:47:08.0328 5084  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] mcmscsvc        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:47:08.0328 5084  mcmscsvc - ok
23:47:08.0343 5084  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNaiAnn        C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:47:08.0343 5084  McNaiAnn - ok
23:47:08.0359 5084  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McNASvc         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:47:08.0375 5084  McNASvc - ok
23:47:08.0500 5084  [ B3CD9ADE1C2665124CA34125B331B0B4 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
23:47:08.0781 5084  McODS - ok
23:47:08.0812 5084  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] McProxy         C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
23:47:08.0828 5084  McProxy - ok
23:47:08.0906 5084  [ 593FA4C378818ECE76BA64A11AD56CF2 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
23:47:09.0156 5084  McShield - ok
23:47:09.0203 5084  [ E246A32C445056996074A397DA56E815 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
23:47:09.0625 5084  mdmxsdk - ok
23:47:09.0656 5084  [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
23:47:09.0671 5084  Messenger - ok
23:47:09.0718 5084  [ 43C31BDF404A6D7A7AC1BFD5EAD2A566 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
23:47:09.0968 5084  mfeapfk - ok
23:47:10.0000 5084  [ C1DC5F42D3367F33B6451BE78B38BD46 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
23:47:10.0250 5084  mfeavfk - ok
23:47:10.0250 5084  mfeavfk01 - ok
23:47:10.0281 5084  [ 0435C43F4C2BE01B84868AD2A906397B ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
23:47:10.0531 5084  mfebopk - ok
23:47:10.0562 5084  [ 7E1F8B1BDC8240F08BD358B3A466C005 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:47:10.0828 5084  mfefire - ok
23:47:10.0859 5084  [ 4EA6FF90015424517843E931448E00F1 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
23:47:11.0109 5084  mfefirek - ok
23:47:11.0156 5084  [ D1E998748BA24A731106611D535C6BBF ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
23:47:11.0671 5084  mfehidk - ok
23:47:11.0687 5084  [ 26C76D10ED650E6492800D6F081ECFBA ] mfendisk        C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:47:11.0937 5084  mfendisk - ok
23:47:11.0953 5084  [ 26C76D10ED650E6492800D6F081ECFBA ] mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
23:47:11.0953 5084  mfendiskmp - ok
23:47:11.0984 5084  [ F454A13377F0A006D20A8C14A753C432 ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
23:47:12.0234 5084  mferkdet - ok
23:47:12.0281 5084  [ 070D3FAF2EAC417C59D8674A8752F7A6 ] mfetdi2k        C:\WINDOWS\system32\drivers\mfetdi2k.sys
23:47:12.0531 5084  mfetdi2k - ok
23:47:12.0562 5084  [ B10C4EFD40810C08F4B44DF2EFCB54F7 ] mfevtp          C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
23:47:12.0781 5084  mfevtp - ok
23:47:12.0828 5084  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
23:47:12.0843 5084  mnmdd - ok
23:47:12.0875 5084  [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
23:47:12.0890 5084  mnmsrvc - ok
23:47:12.0921 5084  [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
23:47:12.0921 5084  Modem - ok
23:47:12.0953 5084  [ 34E1F0031153E491910E12551400192C ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
23:47:12.0953 5084  Mouclass - ok
23:47:12.0968 5084  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
23:47:13.0000 5084  mouhid - ok
23:47:13.0015 5084  [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
23:47:13.0031 5084  MountMgr - ok
23:47:13.0078 5084  [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:47:13.0328 5084  MozillaMaintenance - ok
23:47:13.0343 5084  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
23:47:13.0578 5084  mraid35x - ok
23:47:13.0593 5084  [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
23:47:13.0609 5084  MRxDAV - ok
23:47:13.0671 5084  [ FB6C89BB3CE282B08BDB1E3C179E1C39 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
23:47:14.0140 5084  MRxSmb - ok
23:47:14.0171 5084  [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
23:47:14.0187 5084  MSDTC - ok
23:47:14.0234 5084  [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
23:47:14.0234 5084  Msfs - ok
23:47:14.0250 5084  MSIServer - ok
23:47:14.0281 5084  [ 7E6932EEDA54C8EAF7DC6C2225261B85 ] MSK80Service    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
23:47:14.0296 5084  MSK80Service - ok
23:47:14.0312 5084  [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
23:47:14.0328 5084  MSKSSRV - ok
23:47:14.0359 5084  [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
23:47:14.0359 5084  MSPCLOCK - ok
23:47:14.0375 5084  [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
23:47:14.0375 5084  MSPQM - ok
23:47:14.0421 5084  [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
23:47:14.0421 5084  mssmbios - ok
23:47:14.0437 5084  [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
23:47:14.0453 5084  Mup - ok
23:47:14.0500 5084  [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
23:47:14.0515 5084  NDIS - ok
23:47:14.0531 5084  [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
23:47:14.0531 5084  NdisTapi - ok
23:47:14.0593 5084  [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
23:47:14.0593 5084  Ndisuio - ok
23:47:14.0609 5084  [ 0B90E255A9490166AB368CD55A529893 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
23:47:14.0609 5084  NdisWan - ok
23:47:14.0625 5084  [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
23:47:14.0640 5084  NDProxy - ok
23:47:14.0656 5084  [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
23:47:14.0656 5084  NetBIOS - ok
23:47:14.0687 5084  [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
23:47:14.0687 5084  NetBT - ok
23:47:14.0734 5084  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE          C:\WINDOWS\system32\netdde.exe
23:47:14.0750 5084  NetDDE - ok
23:47:14.0765 5084  [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
23:47:14.0765 5084  NetDDEdsdm - ok
23:47:14.0812 5084  [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon        C:\WINDOWS\system32\lsass.exe
23:47:14.0812 5084  Netlogon - ok
23:47:14.0859 5084  [ 36739B39267914BA69AD0610A0299732 ] Netman          C:\WINDOWS\System32\netman.dll
23:47:14.0875 5084  Netman - ok
23:47:14.0921 5084  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:47:14.0953 5084  NetTcpPortSharing - ok
23:47:15.0000 5084  [ 097722F235A1FB698BF9234E01B52637 ] Nla             C:\WINDOWS\System32\mswsock.dll
23:47:15.0015 5084  Nla - ok
23:47:15.0046 5084  [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
23:47:15.0046 5084  Npfs - ok
23:47:15.0125 5084  [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
23:47:15.0156 5084  Ntfs - ok
23:47:15.0187 5084  [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
23:47:15.0187 5084  NtLmSsp - ok
23:47:15.0250 5084  [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
23:47:15.0281 5084  NtmsSvc - ok
23:47:15.0296 5084  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
23:47:15.0296 5084  Null - ok
23:47:15.0406 5084  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
23:47:15.0484 5084  nv - ok
23:47:15.0531 5084  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
23:47:15.0531 5084  NwlnkFlt - ok
23:47:15.0546 5084  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
23:47:15.0562 5084  NwlnkFwd - ok
23:47:15.0578 5084  [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
23:47:15.0593 5084  Parport - ok
23:47:15.0625 5084  [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
23:47:15.0625 5084  PartMgr - ok
23:47:15.0640 5084  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
23:47:15.0640 5084  ParVdm - ok
23:47:15.0656 5084  [ 8086D9979234B603AD5BC2F5D890B234 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
23:47:15.0656 5084  PCI - ok
23:47:15.0671 5084  PCIDump - ok
23:47:15.0687 5084  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
23:47:15.0687 5084  PCIIde - ok
23:47:15.0718 5084  [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
23:47:15.0734 5084  Pcmcia - ok
23:47:15.0734 5084  PDCOMP - ok
23:47:15.0750 5084  PDFRAME - ok
23:47:15.0765 5084  PDRELI - ok
23:47:15.0765 5084  PDRFRAME - ok
23:47:15.0781 5084  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
23:47:16.0031 5084  perc2 - ok
23:47:16.0046 5084  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
23:47:16.0062 5084  perc2hib - ok
23:47:16.0109 5084  [ 4712531AB7A01B7EE059853CA17D39BD ] PlugPlay        C:\WINDOWS\system32\services.exe
23:47:16.0109 5084  PlugPlay - ok
23:47:16.0125 5084  [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
23:47:16.0125 5084  PolicyAgent - ok
23:47:16.0140 5084  [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
23:47:16.0156 5084  PptpMiniport - ok
23:47:16.0187 5084  [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
23:47:16.0203 5084  Processor - ok
23:47:16.0203 5084  [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
23:47:16.0218 5084  ProtectedStorage - ok
23:47:16.0218 5084  [ 48671F327553DCF1D27F6197F622A668 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
23:47:16.0234 5084  PSched - ok
23:47:16.0250 5084  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
23:47:16.0265 5084  Ptilink - ok
23:47:16.0281 5084  [ FEFFCFDC528764A04C8ED63D5FA6E711 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
23:47:16.0531 5084  PxHelp20 - ok
23:47:16.0562 5084  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
23:47:16.0578 5084  ql1080 - ok
23:47:16.0578 5084  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
23:47:16.0593 5084  Ql10wnt - ok
23:47:16.0609 5084  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
23:47:16.0625 5084  ql12160 - ok
23:47:16.0640 5084  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
23:47:16.0656 5084  ql1240 - ok
23:47:16.0687 5084  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
23:47:16.0687 5084  ql1280 - ok
23:47:16.0718 5084  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
23:47:16.0734 5084  RasAcd - ok
23:47:16.0765 5084  [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto         C:\WINDOWS\System32\rasauto.dll
23:47:16.0781 5084  RasAuto - ok
23:47:16.0812 5084  [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
23:47:16.0812 5084  Rasl2tp - ok
23:47:16.0875 5084  [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan          C:\WINDOWS\System32\rasmans.dll
23:47:17.0031 5084  RasMan - ok
23:47:17.0031 5084  [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
23:47:17.0046 5084  RasPppoe - ok
23:47:17.0062 5084  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
23:47:17.0062 5084  Raspti - ok
23:47:17.0109 5084  [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
23:47:17.0140 5084  Rdbss - ok
23:47:17.0140 5084  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
23:47:17.0140 5084  RDPCDD - ok
23:47:17.0187 5084  [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
23:47:17.0203 5084  rdpdr - ok
23:47:17.0250 5084  [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
23:47:17.0265 5084  RDPWD - ok
23:47:17.0312 5084  [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
23:47:17.0328 5084  RDSessMgr - ok
23:47:17.0359 5084  [ B31B4588E4086D8D84ADBF9845C2402B ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
23:47:17.0359 5084  redbook - ok
23:47:17.0406 5084  [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
23:47:17.0406 5084  RemoteAccess - ok
23:47:17.0437 5084  [ 24ED7AF20651F9FA1F249482E7C1F165 ] rimmptsk        C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
23:47:17.0890 5084  rimmptsk - ok
23:47:18.0031 5084  [ EBCDE8B48FADC6479D96A56D0A432160 ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
23:47:18.0406 5084  RoxMediaDB9 - ok
23:47:18.0453 5084  [ AB2B1DE1C8F31EFCE2384B14B3DC4260 ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
23:47:18.0703 5084  RoxWatch9 - ok
23:47:18.0750 5084  [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator      C:\WINDOWS\system32\locator.exe
23:47:18.0765 5084  RpcLocator - ok
23:47:18.0796 5084  [ 24B5D53B9ACCC1E2EDCF0A878D6659D4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
23:47:18.0812 5084  RpcSs - ok
23:47:18.0859 5084  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
23:47:18.0859 5084  RSVP - ok
23:47:18.0890 5084  [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs           C:\WINDOWS\system32\lsass.exe
23:47:18.0890 5084  SamSs - ok
23:47:18.0937 5084  [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
23:47:18.0953 5084  SCardSvr - ok
23:47:18.0984 5084  [ 92360854316611F6CC471612213C3D92 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
23:47:19.0000 5084  Schedule - ok
23:47:19.0062 5084  [ 45C6411C6F9F911A9F1C8561B1FA1115 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
23:47:19.0281 5084  sdbus - ok
23:47:19.0312 5084  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
23:47:19.0328 5084  Secdrv - ok
23:47:19.0359 5084  [ B1E0CE09895376871746F36DC5773B4F ] seclogon        C:\WINDOWS\System32\seclogon.dll
23:47:19.0375 5084  seclogon - ok
23:47:19.0375 5084  [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS            C:\WINDOWS\system32\sens.dll
23:47:19.0390 5084  SENS - ok
23:47:19.0406 5084  [ A2D868AEEFF612E70E213C451A70CAFB ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
23:47:19.0421 5084  serenum - ok
23:47:19.0437 5084  [ CD9404D115A00D249F70A371B46D5A26 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
23:47:19.0453 5084  Serial - ok
23:47:19.0515 5084  [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
23:47:19.0515 5084  Sfloppy - ok
23:47:19.0578 5084  [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
23:47:19.0578 5084  SharedAccess - ok
23:47:19.0609 5084  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
23:47:19.0625 5084  ShellHWDetection - ok
23:47:19.0625 5084  Simbad - ok
23:47:19.0671 5084  [ 732D859B286DA692119F286B21A2A114 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
23:47:19.0687 5084  sisagp - ok
23:47:19.0734 5084  [ 1E715247EFFFDDA938C085913045D599 ] SMSIVZAM5       C:\PROGRA~1\VERIZO~1\VZACCE~1\SMSIVZAM5.SYS
23:47:20.0171 5084  SMSIVZAM5 - ok
23:47:20.0203 5084  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
23:47:20.0218 5084  Sparrow - ok
23:47:20.0250 5084  [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
23:47:20.0265 5084  splitter - ok
23:47:20.0312 5084  [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
23:47:20.0328 5084  Spooler - ok
23:47:20.0375 5084  sprtsvc_dellsupportcenter - ok
23:47:20.0390 5084  [ E41B6D037D6CD08461470AF04500DC24 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
23:47:20.0390 5084  sr - ok
23:47:20.0437 5084  [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice       C:\WINDOWS\system32\srsvc.dll
23:47:20.0453 5084  srservice - ok
23:47:20.0515 5084  [ 7A4F147CC6B133F905F6E65E2F8669FB ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
23:47:20.0750 5084  Srv - ok
23:47:20.0796 5084  [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
23:47:20.0812 5084  SSDPSRV - ok
23:47:20.0906 5084  [ 8990440E4B2A7CA5A56A1833B03741FD ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
23:47:21.0125 5084  STHDA - ok
23:47:21.0187 5084  [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
23:47:21.0343 5084  stisvc - ok
23:47:21.0406 5084  [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
23:47:21.0640 5084  stllssvr - ok
23:47:21.0703 5084  [ 03C1BAE4766E2450219D20B993D6E046 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
23:47:21.0703 5084  swenum - ok
23:47:21.0750 5084  [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
23:47:21.0765 5084  swmidi - ok
23:47:21.0781 5084  SwPrv - ok
23:47:21.0812 5084  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
23:47:22.0031 5084  symc810 - ok
23:47:22.0046 5084  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
23:47:22.0281 5084  symc8xx - ok
23:47:22.0296 5084  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
23:47:22.0312 5084  sym_hi - ok
23:47:22.0328 5084  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
23:47:22.0562 5084  sym_u3 - ok
23:47:22.0609 5084  [ FA2DAA32BED908023272A0F77D625DAE ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
23:47:22.0843 5084  SynTP - ok
23:47:22.0875 5084  [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
23:47:22.0875 5084  sysaudio - ok
23:47:22.0921 5084  [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
23:47:22.0937 5084  SysmonLog - ok
23:47:22.0984 5084  [ FB78839B36025AA286A51289ED28B73E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
23:47:23.0000 5084  TapiSrv - ok
23:47:23.0062 5084  [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
23:47:23.0078 5084  Tcpip - ok
23:47:23.0093 5084  [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
23:47:23.0109 5084  TDPIPE - ok
23:47:23.0109 5084  [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
23:47:23.0125 5084  TDTCP - ok
23:47:23.0156 5084  [ A540A99C281D933F3D69D55E48727F47 ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
23:47:23.0156 5084  TermDD - ok
23:47:23.0234 5084  [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService     C:\WINDOWS\System32\termsrv.dll
23:47:23.0250 5084  TermService - ok
23:47:23.0281 5084  [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes          C:\WINDOWS\System32\shsvcs.dll
23:47:23.0281 5084  Themes - ok
23:47:23.0312 5084  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
23:47:23.0328 5084  TosIde - ok
23:47:23.0359 5084  [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
23:47:23.0375 5084  TrkWks - ok
23:47:23.0421 5084  [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
23:47:23.0421 5084  Udfs - ok
23:47:23.0437 5084  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
23:47:23.0671 5084  ultra - ok
23:47:23.0687 5084  [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
23:47:23.0703 5084  Update - ok
23:47:23.0750 5084  [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost        C:\WINDOWS\System32\upnphost.dll
23:47:23.0906 5084  upnphost - ok
23:47:23.0953 5084  [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS             C:\WINDOWS\System32\ups.exe
23:47:23.0953 5084  UPS - ok
23:47:24.0046 5084  [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
23:47:24.0046 5084  usbccgp - ok
23:47:24.0078 5084  [ 708579B01FED227AADB393CB0C3B4A2C ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
23:47:24.0296 5084  usbehci - ok
23:47:24.0312 5084  [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
23:47:24.0312 5084  usbhub - ok
23:47:24.0328 5084  [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
23:47:24.0343 5084  usbohci - ok
23:47:24.0375 5084  [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
23:47:24.0375 5084  usbprint - ok
23:47:24.0437 5084  [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
23:47:24.0437 5084  usbscan - ok
23:47:24.0484 5084  [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
23:47:24.0484 5084  USBSTOR - ok
23:47:24.0531 5084  [ F8FD1400092E23C8F2F31406EF06167B ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
23:47:24.0531 5084  usbuhci - ok
23:47:24.0562 5084  [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
23:47:24.0578 5084  VgaSave - ok
23:47:24.0609 5084  [ D92E7C8A30CFD14D8E15B5F7F032151B ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
23:47:24.0609 5084  viaagp - ok
23:47:24.0625 5084  [ 59CB1338AD3654417BEA49636457F65D ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
23:47:24.0640 5084  ViaIde - ok
23:47:24.0671 5084  [ EE4660083DEBA849FF6C485D944B379B ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
23:47:24.0671 5084  VolSnap - ok
23:47:24.0734 5084  [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS             C:\WINDOWS\System32\vssvc.exe
23:47:24.0750 5084  VSS - ok
23:47:24.0812 5084  [ 2B281958F5D0CF99ED626E3EF39D5C8D ] w32time         C:\WINDOWS\system32\w32time.dll
23:47:24.0828 5084  w32time - ok
23:47:24.0859 5084  [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
23:47:24.0859 5084  Wanarp - ok
23:47:24.0890 5084  [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw          C:\WINDOWS\system32\DRIVERS\wanatw4.sys
23:47:24.0906 5084  wanatw - ok
23:47:24.0921 5084  WDICA - ok
23:47:24.0937 5084  [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
23:47:24.0953 5084  wdmaud - ok
23:47:24.0968 5084  WeatherBlinkService - ok
23:47:25.0015 5084  [ 265F534EF76832435AFBF771EC97176D ] WebClient       C:\WINDOWS\System32\webclnt.dll
23:47:25.0171 5084  WebClient - ok
23:47:25.0234 5084  [ BA6B6FB242A6BA4068C8B763063BEB63 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
23:47:25.0671 5084  winachsf - ok
23:47:25.0765 5084  [ F399242A80C4066FD155EFA4CF96658E ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
23:47:25.0765 5084  winmgmt - ok
23:47:25.0796 5084  wltrysvc - ok
23:47:25.0843 5084  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
23:47:25.0843 5084  WmdmPmSN - ok
23:47:25.0875 5084  [ AE2C8544E747C20062DB27456EA2D67A ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
23:47:25.0875 5084  WmiAcpi - ok
23:47:25.0906 5084  [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
23:47:25.0921 5084  WmiApSrv - ok
23:47:26.0031 5084  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
23:47:26.0093 5084  WMPNetworkSvc - ok
23:47:26.0156 5084  [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
23:47:26.0156 5084  wscsvc - ok
23:47:26.0203 5084  [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
23:47:26.0203 5084  wuauserv - ok
23:47:26.0250 5084  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
23:47:26.0265 5084  WudfPf - ok
23:47:26.0281 5084  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
23:47:26.0296 5084  WudfRd - ok
23:47:26.0312 5084  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
23:47:26.0328 5084  WudfSvc - ok
23:47:26.0375 5084  [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
23:47:26.0406 5084  WZCSVC - ok
23:47:26.0437 5084  [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
23:47:26.0453 5084  xmlprov - ok
23:47:26.0453 5084  ================ Scan global ===============================
23:47:26.0500 5084  [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
23:47:26.0562 5084  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
23:47:26.0750 5084  [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
23:47:26.0781 5084  [ 4712531AB7A01B7EE059853CA17D39BD ] C:\WINDOWS\system32\services.exe
23:47:26.0781 5084  [Global] - ok
23:47:26.0796 5084  ================ Scan MBR ==================================
23:47:26.0812 5084  [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
23:47:27.0078 5084  \Device\Harddisk0\DR0 - ok
23:47:27.0078 5084  ================ Scan VBR ==================================
23:47:27.0093 5084  [ 6642EC9A12C4AEB184273F7076CCD26A ] \Device\Harddisk0\DR0\Partition1
23:47:27.0093 5084  \Device\Harddisk0\DR0\Partition1 - ok
23:47:27.0093 5084  ============================================================
23:47:27.0093 5084  Scan finished
23:47:27.0093 5084  ============================================================
23:47:27.0125 5000  Detected object count: 0
23:47:27.0125 5000  Actual detected object count: 0


Edited by Tom.Fox, 03 January 2014 - 12:50 AM.


#13 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 04 January 2014 - 01:40 AM

The MS Safety scan found yet another adware and a koobface worm and removed both.

 

The ESET scan found no threats.

 

I then updated with service pack 3 and installed MS Security Essentials.

 

Everything appears fine, and the PC is running SO much better. Thanks for your help.



#14 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 04 January 2014 - 01:44 AM

I have been made aware that Microsoft will no longer provide support for Windows XP as of April 8, 2014, and that includes security features such as MS Security Essentials. Can you recommend another free or very inexpensive anti-virus program for this outdated operating system?



#15 Tom.Fox

Tom.Fox
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:04:19 PM

Posted 04 January 2014 - 01:57 AM

Windows Firewall is disabled. How do I correct this?

 

ETA: Nevermind. I fixed it.


Edited by Tom.Fox, 04 January 2014 - 02:02 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users