Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer is very slow and takes forever to boot up...what is wrong??


  • Please log in to reply
16 replies to this topic

#1 pigfoot

pigfoot

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 09 January 2014 - 01:06 AM

My computer recently started to take so long to boot up into windows and when it does it takes such a long time to get to the desktop.  For example..when I turn on the computer it goes to the Microsoft Windows Screen and stays there for about2 or 3 minutes...then it goes to a blank black screen for maybe a minute...then finally to the desktop where it still takes another 2 minutes to get things to load and work.  I sure need to know how to solve this problem.  By the way it is a Windows  XP.--


Edited by pigfoot, 09 January 2014 - 01:06 AM.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 AM

Posted 09 January 2014 - 06:22 AM

Step 1

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

Step 2

 

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 3.

 

 

Please download HitmanPro. to your desktop.

  • Launch the program by double clicking on HitmanPro.exe. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).
  • Click on the next button. You must agree with the terms of EULA.
  • Check the box beside "No, I only want to perform a one-time scan to check this computer".
  • Click on the next button.
  • The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.
  • Click on the next button and choose the option activate free license
  • Click on the next button and the infections where will be deleted.
  • Click now on the Save Log option and save this log to your desktop.
  • Click on the next button and restart the computer.
  • Copy the information of HitmanPro_20130116_1239.log in your next reply

Step 4.

 

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.



#3 pigfoot

pigfoot
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 09 January 2014 - 07:59 PM

# AdwCleaner v3.016 - Report created 09/01/2014 at 17:55:01
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ken - KEN-RW9IJ6PKV6S
# Running from : C:\Documents and Settings\Ken\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\NCH Software
Folder Deleted : C:\Documents and Settings\Ken\Application Data\NCH Software
Folder Deleted : C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\ICQToolbarData

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKLM\SOFTWARE\Classes\PCProxy.DataContainer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CNXT_MODEM_PCI_VEN_14F1&DEV_2016&SUBSYS_021913E0
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v25.0.1 (en-US)

[ File : C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\etfywvr3.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2371 octets] - [09/01/2014 17:53:02]
AdwCleaner[S0].txt - [2332 octets] - [09/01/2014 17:55:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2392 octets] ##########
 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Ken on Thu 01/09/2014 at 18:03:35.82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{AD79BAD6-9504-4F09-ACEC-7B319584A4C1}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Documents and Settings\Ken\Application Data\mozilla\firefox\profiles\j7s5h6jz.default\minidumps [89 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/09/2014 at 18:10:57.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

HitmanPro 3.7.8.208
www.hitmanpro.com

   Computer name . . . . : KEN-RW9IJ6PKV6S
   Windows . . . . . . . : 5.1.3.2600.X86/1
   User name . . . . . . : KEN-RW9IJ6PKV6S\Ken
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-01-09 18:16:36
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 17m 45s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 28

   Objects scanned . . . : 863,833
   Files scanned . . . . : 58,806
   Remnants scanned  . . : 176,045 files / 628,982 keys

Potential Unwanted Programs _________________________________________________

   HKU\.DEFAULT\Software\AskToolbar\ (AskBar)
   HKU\S-1-5-18\Software\AskToolbar\ (AskBar)

Repairs _____________________________________________________________________

   Proxy server on this computer (User)
   127.0.0.1:27811

   Proxy server on this computer (User)
   127.0.0.1:27811


Cookies _____________________________________________________________________

   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:amazonmerchants.122.2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:basco.122.2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:cooperindustries.122.2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:dmtracker.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:doubleclick.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:in.getclicky.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:invitemedia.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:msnbc.112.2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:pcworldcommunication.122.2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:statcounter.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:stats.paypal.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:statse.webtrendslive.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:survey.g.doubleclick.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:timeinc.122.2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:wegmansfoods.112.2o7.net
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:www.googleadservices.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:xiti.com
   C:\Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\cookies.sqlite:yadro.ru
   C:\Documents and Settings\Ken\Cookies\9GN4J39Q.txt
   C:\Documents and Settings\Ken\Cookies\KV8FOWWV.txt
   C:\Documents and Settings\Ken\Cookies\S5JDJ213.txt
   C:\Documents and Settings\Ken\Cookies\XEPJMRAB.txt
   C:\Documents and Settings\Ken\Cookies\Y02YD3RN.txt
 

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Ken (administrator) on 09-01-2014 at 18:49:16
Running from "C:\Documents and Settings\Ken\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
ProxyServer: 85.185.149.31:80

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.backup.ftp", "127.0.0.1"
"network.proxy.backup.ftp_port", 8080
"network.proxy.backup.gopher", "127.0.0.1"
"network.proxy.backup.gopher_port", 8080
"network.proxy.backup.socks", "127.0.0.1"
"network.proxy.backup.socks_port", 8080
"network.proxy.backup.ssl", "127.0.0.1"
"network.proxy.backup.ssl_port", 8080
"network.proxy.ftp", "127.0.0.1"
"network.proxy.ftp_port", 8080
"network.proxy.gopher", "127.0.0.1"
"network.proxy.gopher_port", 8080
"network.proxy.http", "127.0.0.1"
"network.proxy.http_port", 8080
"network.proxy.share_proxy_settings", true
"network.proxy.socks", "127.0.0.1"
"network.proxy.socks_port", 8080
"network.proxy.ssl", "127.0.0.1"
"network.proxy.ssl_port", 8080
"network.proxy.type", 1

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       adobeereg.com
127.0.0.1       localhost
127.0.0.1       activate.adobe.com
127.0.0.1       activate-sjc0.adobe.com
127.0.0.1       practivate.adobe.com
127.0.0.1       ereg.adobe.com
127.0.0.1       activate.wip3.adobe.com
127.0.0.1       wip3.adobe.com
127.0.0.1       3dns-3.adobe.com
127.0.0.1       3dns-2.adobe.com
127.0.0.1       adobe-dns.adobe.com
127.0.0.1       adobe-dns-2.adobe.com
127.0.0.1       adobe-dns-3.adobe.com
127.0.0.1       ereg.wip3.adobe.com
127.0.0.1       wwis-dubc1-vip60.adobe.com
127.0.0.1       ood.opsource.net
127.0.0.1       CRL.VERISIGN.NET
127.0.0.1       adobeereg.com
127.0.0.1       OCSP.SPO1.VERISIGN.COM
127.0.0.1       activate-sea.adobe.com

There are 1 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration        Host Name . . . . . . . . . . . . : ken-rw9ij6pkv6s        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Unknown        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : NoEthernet adapter Local Area Connection:        Connection-specific DNS Suffix  . :         Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC        Physical Address. . . . . . . . . : 00-C0-A8-7E-B6-60        Dhcp Enabled. . . . . . . . . . . : Yes        Autoconfiguration Enabled . . . . : Yes        IP Address. . . . . . . . . . . . : 192.168.2.2        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.2.1        DHCP Server . . . . . . . . . . . : 192.168.2.1        DNS Servers . . . . . . . . . . . : 192.168.2.1        Lease Obtained. . . . . . . . . . : Thursday, January 09, 2014 6:39:54 PM        Lease Expires . . . . . . . . . . : Sunday, January 12, 2014 6:39:54 PMServer:  UnKnown
Address:  192.168.2.1

Name:    google.com
Addresses:  74.125.227.165, 74.125.227.160, 74.125.227.162, 74.125.227.161
      74.125.227.167, 74.125.227.166, 74.125.227.169, 74.125.227.164, 74.125.227.168
      74.125.227.174, 74.125.227.163

Pinging google.com [74.125.227.160] with 32 bytes of data:Reply from 74.125.227.160: bytes=32 time=36ms TTL=56Reply from 74.125.227.160: bytes=32 time=36ms TTL=56Ping statistics for 74.125.227.160:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 36ms, Maximum = 36ms, Average = 36msServer:  UnKnown
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:Reply from 206.190.36.45: bytes=32 time=102ms TTL=49Reply from 206.190.36.45: bytes=32 time=119ms TTL=49Ping statistics for 206.190.36.45:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 102ms, Maximum = 119ms, Average = 110msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 c0 a8 7e b6 60 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.2      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.2.0    255.255.255.0      192.168.2.2     192.168.2.2      20
      192.168.2.2  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.2.255  255.255.255.255      192.168.2.2     192.168.2.2      20
        224.0.0.0        240.0.0.0      192.168.2.2     192.168.2.2      20
  255.255.255.255  255.255.255.255      192.168.2.2     192.168.2.2      1
Default Gateway:       192.168.2.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\HMIPCore.dll [282928] (My Privacy Tools, Inc.)
Catalog9 02 C:\WINDOWS\system32\HMIPCore.dll [282928] (My Privacy Tools, Inc.)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\HMIPCore.dll [282928] (My Privacy Tools, Inc.)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/09/2014 06:40:03 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .

Error: (01/09/2014 05:57:32 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .

Error: (01/09/2014 02:59:59 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .

Error: (01/09/2014 04:26:55 AM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (01/09/2014 04:26:33 AM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module unknown, version 0.0.0.0, fault address 0x044f0a20.
Processing media-specific event for [explorer.exe!ws!]

Error: (01/08/2014 11:53:22 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .

Error: (01/08/2014 11:47:24 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .

Error: (01/08/2014 11:31:45 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .

Error: (01/08/2014 10:24:44 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .

Error: (01/08/2014 10:02:49 PM) (Source: Apache Service) (User: )
Description: The Apache service named  reported the following error:
>>> httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName     .


System errors:
=============
Error: (01/09/2014 06:29:45 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/09/2014 06:18:17 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/09/2014 05:49:09 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 00C0A87EB660 has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/09/2014 04:09:30 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 00C0A87EB660 has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/09/2014 03:23:43 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate1ca13184601dd2 with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (01/09/2014 04:32:31 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 00C0A87EB660 has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/09/2014 02:59:08 AM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.2 for the Network Card with network address 00C0A87EB660 has been
denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).

Error: (01/09/2014 00:23:23 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1058" attempting to start the service gupdate1ca13184601dd2 with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (01/08/2014 11:47:10 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/08/2014 11:47:10 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0


Microsoft Office Sessions:
=========================
Error: (01/09/2014 06:40:03 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName

Error: (01/09/2014 05:57:32 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName

Error: (01/09/2014 02:59:59 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName

Error: (01/09/2014 04:26:55 AM) (Source: Application Error)(User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (01/09/2014 04:26:33 AM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512unknown0.0.0.0044f0a20

Error: (01/08/2014 11:53:22 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName

Error: (01/08/2014 11:47:24 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName

Error: (01/08/2014 11:31:45 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName

Error: (01/08/2014 10:24:44 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName

Error: (01/08/2014 10:02:49 PM) (Source: Apache Service)(User: )
Description: The Apache service namedreported the following error:
>>>httpd.exe: Could not reliably determine the server's fully qualified domain name, using 192.168.2.2 for ServerName


=========================== Installed Programs ============================

µTorrent (Version: 3.3.2.30180)
32 Bit HP CIO Components Installer (Version: 7.1.8)
7-Zip 9.20
ACDSee
Acrobat.com (Version: 2.0.0)
Acrobat.com (Version: 2.0.0.0)
Adobe AIR (Version: 1.5.3.9120)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.270)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170)
Adobe Illustrator CS5
Adobe Reader XI (11.0.05) (Version: 11.0.05)
AdsGone Spyware Blocker Popup Killer 2009 8.0.0 build 1!
Akamai NetSession Interface
AoA Audio Extractor
Apache HTTP Server 2.2.14 (Version: 2.2.14)
Apple Application Support (Version: 2.3.4)
Apple Software Update (Version: 2.1.3.127)
Applian FLV Player (Version: 2.0.24)
ArcSoft PhotoFantasy
AVS Update Manager 1.0
AVS Video Converter 6
AVS4YOU Software Navigator 1.3
Bass Audio Decoder (remove only)
Best Anonymous Browser
Blaze Media Pro (Version: 9.10)
BufferChm (Version: 120.0.194.000)
Burn4Free CD & DVD 5.1.0.0
BusinessCards MX (Version: 4.88)
CCleaner (Version: 4.06)
ClickBook 14 (Version: 14)
Copy (Version: 120.0.194.000)
Corel Applications
Critical Update for Windows Media Player 11 (KB959772)
DeleteHistoryFree (Version: 2.3)
Dell ResourceCD
Destination Component (Version: 110.0.0.0)
DeviceDiscovery (Version: 120.0.194.000)
DJ_AIO_05_F4400_Software_Min (Version: 120.0.235.000)
eFax Messenger Plus (Version: 2.07)
Elecard Codec SDK G4 Eval (Version: 1.0.1.80507)
eMule
EPSON Printer Software
Eraser 5.8.8 (Version: Eraser 5.8.8)
ESET Online Scanner v3
F4400 (Version: 120.0.235.000)
FFMPEG Core Files (remove only)
File-Saver
Free MOV 2 AVI  (Version: )
Google Update Helper (Version: 1.3.22.3)
GPBaseService2 (Version: 120.0.194.000)
Greeting Card Factory Photo Card Maker 2.0 (Version: 2.0.0.4)
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000)
Hide My IP 5.1
Hide The IP 2009
Hide The IP 2009 (Version: 2.2.1.1)
HP Deskjet F4400 All-In-One Driver Software 12.0 Rel .5 (Version: 12.0)
HP Imaging Device Functions 12.0 (Version: 12.0)
HP Product Detection (Version: 11.14.0001)
HP Smart Web Printing (Version: 4.05)
HP Solution Center 12.0 (Version: 12.0)
HP SwfScan (Version: 1.0.71.2)
HP Update (Version: 5.003.001.001)
HPProductAssistant (Version: 120.0.194.000)
ICQ7.5 (Version: 7.5)
InfraRecorder
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JavaFX 2.0.3 (Version: 2.0.3)
Junk Mail filter update (Version: 14.0.8117.416)
Juno Internet (Version: 8.9.4.0)
LG VZW United Drivers (Version: 2.13.0)
liteCAM (Version: 2.92.0000)
Logitech QuickCam (Version: 6.00.0000)
Magic M4A to MP3 Converter 3.1
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
ManyCam 2.6.43 (remove only) (Version: 2.6.43)
McAfee Security Scan Plus (Version: 3.0.318.3)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Picture It! Photo 2002 (Version: 6.0.0.0000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (Version: 10.0.40219)
Microsoft Works 2002 Setup Launcher
Microsoft XML Parser (Version: 8.70.1104.04)
Modem Helper
Mozilla Firefox 25.0.1 (x86 en-US) (Version: 25.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
NeoDownloader 2.6.3 (Version: 2.6.3)
NeoDownloader Lite 2.4
Nero 12 Full Repack
Nero 8 Essentials (Version: 8.10.380)
neroxml (Version: 1.0.0)
NetZero Internet (Version: 8.9.3.0)
NVIDIA Display Driver
NVIDIA Windows 2000/XP Display Drivers
OpenSource AVI Splitter (remove only)
OpenSource Flash Video Splitter (remove only)
Opera 11.64 (Version: 11.64.1403)
Opera 12.16 (Version: 12.16.1860)
PhoneTools
PowerDVD
QuickCam Drivers
QuickTime (Version: 7.74.80.86)
Scan (Version: 12.0.0.0)
Secure-Delete 1.0 (Version: 1.0)
Segoe UI (Version: 14.0.4327.805)
Skype™ 6.3 (Version: 6.3.105)
SmartWebPrinting (Version: 120.0.194.000)
SnagIt 6 (Version: 6.1)
SolutionCenter (Version: 120.0.194.000)
Sothink SWF Quicker (Version: 4.7)
Sound Blaster Live! Value
Status (Version: 120.0.194.000)
SUPERAntiSpyware (Version: 4.44.1000)
TimeLeft (Version: 3.57)
Toolbox (Version: 120.0.194.000)
TrayApp (Version: 120.0.194.000)
Trillian
Undelete File Recovery
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VCRedistSetup (Version: 1.0.0)
Video Thumbnails Maker by Scorp (remove only)
VKMusic 4 (Version: 4.36)
VLC media player 2.0.1 (Version: 2.0.1)
WeatherMate (Version: 3.4)
WebFldrs XP (Version: 9.50.5318)
WebReg (Version: 120.0.194.000)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Sign-in Assistant (Version: 5.000.818.6)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
Windows XP Service Pack 3 (Version: 20080414.031525)
Winmx Community 1
WinRAR archiver
Works Suite OS Pack (Version: 1.0.0.0000)
Works Synchronization (Version: 1.0.0.0000)
X-Lite 3.0
Xvid 1.1.3 final uninstall (Version: 1.1)
Yahoo! Messenger
Yahoo! Software Update
Zoom Player (remove only)

========================= Devices: ================================

Name:
Description:
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Kernel Acoustic Echo Canceller
Description: Microsoft Kernel Acoustic Echo Canceller
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: aec
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 1023.01 MB
Available physical RAM: 726.01 MB
Total Pagefile: 1311.54 MB
Available Pagefile: 1151.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.72 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:127.99 GB) (Free:62.31 GB) NTFS
5 Drive f: (New Volume) (Fixed) (Total:104.89 GB) (Free:1.8 GB) NTFS

========================= Users: ========================================

User accounts for \\KEN-RW9IJ6PKV6S

Administrator            Guest                    HelpAssistant            
Ken                      SUPPORT_388945a0         


**** End of log ****
 

 

 

 

 

 

 

 

 



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 AM

Posted 09 January 2014 - 08:20 PM

Reset your hosts files.

 

http://go.microsoft.com/?linkid=9668866

 

 

Download Security Check by screen317 from here.


  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe After the scan is finished then click on File>>>>>>>>>>>Save The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option. in other words make sure it is a .txt file instead of .arn Attach the text in your next reply

 

 

 

Update and do a quick scan with Malwarebytes remove all that it finds and reboot.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Post the log here,

 

 

 

Please download FarbarServiceScanner and run it on the computer with the issue.


Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center/Action Center
Windows Update

Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.

 

 

 

 

____________________________________________-

 

Run a scan with Eset. You will need to disable your antivirus during this scan.
http://www.eset.com/us/online-scanner/
Make sure remove found threats and scan archives is checked.
When the scan finish list found threats save to clipboard copy to notepad Post the log here.


Tell me how the machine is running now.



#5 pigfoot

pigfoot
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 10 January 2014 - 01:49 AM

Eset hangs up when trying to do a full scan..it hangs up at 20% and just  stops it seems not doing anything.  I will post what I have so far and try to do an eset scan one more time to see it it scans completely.  The  txt file with results from eset scan is only a 20% complete scan.

 

 Results of screen317's Security Check version 0.99.78  
 Windows XP Service Pack 3 x86   
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 ESET Online Scanner v3   
 McAfee Security Scan Plus   
`````````Anti-malware/Other Utilities Check:`````````
 AdsGone Spyware Blocker Popup Killer 2009 8.0.0 build 1!
 SUPERAntiSpyware     
 Malwarebytes Anti-Malware version 1.75.0.1300  
 CCleaner     
 JavaFX 2.0.3    
 Java 7 Update 45  
 Adobe Flash Player     11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox 25.0.1 Firefox out of Date!  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:: 8%
````````````````````End of Log``````````````````````
 

 

"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "10/2/2010 4:10 PM"
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 12:30 PM"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 12:30 PM"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""    "10/13/2008 10:48 PM"
+ "skype4com"    "Skype for COM API"    "Skype Technologies"    "c:\program files\common files\skype\skype4com.dll"    "2/26/2013 4:25 AM"
+ "wlmailhtml"    "Windows Live Mail"    "Microsoft Corporation"    "c:\program files\windows live\mail\mailcomm.dll"    "4/16/2010 10:17 PM"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""    "8/15/2011 8:34 PM"
+ "0"    ""    ""    "File not found: About:Home"    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""    "6/27/2012 11:02 PM"
+ "SABShellExecuteHook Class"    "ShellExecuteHook"    "SuperAdBlocker.com"    "c:\program files\superantispyware\sasseh.dll"    "5/12/2008 2:13 PM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "12/14/2010 12:20 AM"
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"    "11/18/2010 10:08 AM"
+ "AVS Video Converter 6"    "AVS Video Converter Shell Extension"    "Online Media Technologies Ltd."    "c:\program files\avs4you\avsvideoconverter6\avsvideoconvertershext.dll"    "6/9/2009 2:47 AM"
+ "BackupData"    "Secure-Delete Helper"    ""    "c:\program files\secure-delete\secure-delete.dll"    "7/14/2007 6:11 PM"
+ "Cover Designer"    "Cover Designer"    "Nero AG"    "c:\program files\nero\nero8\nero coverdesigner\coveredextension.dll"    "10/31/2007 11:32 AM"
+ "Erasext"    "Eraser Shell Extension."    "-"    "c:\windows\system32\erasext.dll"    "12/14/2009 7:03 PM"
+ "NBShellHook Class"    "Nero BackItUp"    "Nero AG"    "c:\program files\nero\nero8\nero backitup\nbshell.dll"    "9/18/2007 11:58 AM"
+ "NeroShellExt Class"    "Nero Burning ROM Shell Extension"    "Nero AG"    "c:\program files\common files\nero\neroshellext\neroshellext.dll"    "8/10/2012 2:43 AM"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"    "2/27/2007 1:35 PM"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "9/16/2008 8:18 AM"
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers"    ""    ""    ""    "12/23/2008 1:57 AM"
+ "Erasext"    "Eraser Shell Extension."    "-"    "c:\windows\system32\erasext.dll"    "12/14/2009 7:03 PM"
+ "NeroShellExt Class"    "Nero Burning ROM Shell Extension"    "Nero AG"    "c:\program files\common files\nero\neroshellext\neroshellext.dll"    "8/10/2012 2:43 AM"
+ "ShellPlusContextMenu"    "Burn4Free right context menu"    "Ikysasoft s.r.l. uninominale"    "c:\program files\burn4free\b4fm.dll"    "6/19/1992 4:22 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "10/13/2008 11:42 PM"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "2/28/2013 2:39 PM"
+ "ShellPlusContextMenu"    "Burn4Free right context menu"    "Ikysasoft s.r.l. uninominale"    "c:\program files\burn4free\b4fm.dll"    "6/19/1992 4:22 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""    "12/23/2008 1:57 AM"
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"    "11/18/2010 10:08 AM"
+ "BackupData"    "Secure-Delete Helper"    ""    "c:\program files\secure-delete\secure-delete.dll"    "7/14/2007 6:11 PM"
+ "NeroShellExt Class"    "Nero Burning ROM Shell Extension"    "Nero AG"    "c:\program files\common files\nero\neroshellext\neroshellext.dll"    "8/10/2012 2:43 AM"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"    "2/27/2007 1:35 PM"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "9/16/2008 8:18 AM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "12/23/2008 1:57 AM"
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"    "11/18/2010 10:08 AM"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "9/16/2008 8:18 AM"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "10/13/2008 10:48 PM"
+ "NeroDigitalColumnHandler Class"    "Nero Digital Shell Extension"    "Nero AG"    "c:\program files\common files\nero\lib\nerodigitalext.dll"    "2/25/2008 2:28 AM"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"    "5/11/2013 3:34 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "10/13/2008 10:48 PM"
+ "BackupData"    "Secure-Delete Helper"    ""    "c:\program files\secure-delete\secure-delete.dll"    "7/14/2007 6:11 PM"
+ "Erasext"    "Eraser Shell Extension."    "-"    "c:\windows\system32\erasext.dll"    "12/14/2009 7:03 PM"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"    "2/28/2013 2:39 PM"
+ "NBShellHook Class"    "Nero BackItUp"    "Nero AG"    "c:\program files\nero\nero8\nero backitup\nbshell.dll"    "9/18/2007 11:58 AM"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "9/16/2008 8:18 AM"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""    "10/13/2008 10:48 PM"
+ "Erasext"    "Eraser Shell Extension."    "-"    "c:\windows\system32\erasext.dll"    "12/14/2009 7:03 PM"
+ "NBShellHook"    "Nero BackItUp"    "Nero AG"    "c:\program files\nero\nero8\nero backitup\nbshell.dll"    "9/18/2007 11:58 AM"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"    "9/16/2008 8:18 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "6/27/2012 11:02 PM"
+ "HP Print Enhancer"    "HP Smart Web Printing add-on for Internet Explorer"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll"    "10/15/2008 2:53 PM"
+ "HP Smart BHO Class"    "HP Smart Web Printing add-on for Internet Explorer"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"    "10/15/2008 2:53 PM"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jp2ssv.dll"    "10/8/2013 8:43 AM"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre7\bin\ssv.dll"    "10/8/2013 8:43 AM"
+ "Juno Toolbar Helper"    "Juno Internet"    "Juno, Inc."    "c:\program files\juno\ucreg.dll"    "4/26/2012 1:01 PM"
+ "MSS+ Identifier"    "Quick Browser Identifier for MSS+ Tool"    "McAfee, Inc."    "c:\program files\mcafee security scan\3.0.318\mcafeemss_ie.dll"    "2/5/2013 9:41 AM"
+ "NetZero Toolbar Helper"    "NetZero Internet"    "NetZero, Inc."    "c:\program files\netzero\ucreg.dll"    "6/29/2010 3:37 PM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "10/10/2013 12:48 AM"
+ "JunoBar"    "Juno Toolbar"    "Juno, Inc."    "c:\program files\juno\toolbar.dll"    "4/26/2012 1:01 PM"
+ "ZeroBar"    "NetZero Toolbar"    "NetZero, Inc."    "c:\program files\netzero\toolbar.dll"    "6/29/2010 3:40 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "10/10/2013 12:48 AM"
+ "HP Smart Select"    "HP Smart Web Printing add-on for Internet Explorer"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll"    "10/15/2008 2:53 PM"
+ "ICQ7.5"    "ICQ"    "ICQ, LLC."    "c:\program files\icq7.5\icq.exe"    "7/31/2011 6:45 AM"
+ "Sothink SWF Catcher"    ""    ""    "c:\program files\common files\sourcetec\swf catcher\internetexplorer.htm"    "11/11/2009 11:36 AM"
+ "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"    "4/13/2008 12:34 PM"
"Task Scheduler"    ""    ""    ""    ""
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "8/22/2008 1:35 PM"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "8/22/2008 1:35 PM"
+ "RealDownloaderDownloaderScheduledTaskS-1-5-21-329068152-688789844-839522115-1004.job"    ""    ""    "File not found: C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe /bgrecordaliveevent"    ""
+ "RealDownloaderRealUpgradeLogonTaskS-1-5-21-329068152-688789844-839522115-1004.job"    ""    ""    "File not found: C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /logoncheck"    ""
+ "RealDownloaderRealUpgradeScheduledTaskS-1-5-21-329068152-688789844-839522115-1004.job"    ""    ""    "File not found: C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe /scheduledcheck"    ""
+ "RealPlayerRealUpgradeLogonTaskS-1-5-21-329068152-688789844-839522115-1004.job"    ""    ""    "File not found: C:\Program Files\Real\RealUpgrade\realupgrade.exe /logoncheck"    ""
+ "RealPlayerRealUpgradeScheduledTaskS-1-5-21-329068152-688789844-839522115-1004.job"    ""    ""    "File not found: C:\Program Files\Real\RealUpgrade\realupgrade.exe /scheduledcheck"    ""
+ "RealUpgradeLogonTaskS-1-5-21-329068152-688789844-839522115-1004.job"    ""    ""    "File not found: C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /logoncheck"    ""
+ "RealUpgradeScheduledTaskS-1-5-21-329068152-688789844-839522115-1004.job"    ""    ""    "File not found: C:\Program Files\Real\RealUpgrade\RealUpgrade.exe /scheduledcheck"    ""
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "7/14/2013 4:05 AM"
+ "Apache2.2"    "Apache/2.2.14 (Win32)"    "Apache Software Foundation"    "c:\program files\apache software foundation\apache2.2\bin\httpd.exe"    "9/28/2009 9:41 PM"
+ "AppMgmt"    "Provides software installation services such as Assign, Publish, and Remove."    ""    "File not found: C:\WINDOWS\System32\appmgmts.dll"    ""
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "8/22/2008 1:35 PM"
+ "hpqcxs08"    "HP CUE Context Manager Objects"    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqcxs08.dll"    "10/16/2008 7:28 PM"
+ "hpqddsvc"    "This service detects and monitors CUE devices on the system."    "Hewlett-Packard Co."    "c:\program files\hp\digital imaging\bin\hpqddsvc.dll"    "10/16/2008 7:40 PM"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"    "10/8/2013 8:29 AM"
+ "McComponentHostService"    "McAfee Security Scan Component Host Service"    "McAfee, Inc."    "c:\program files\mcafee security scan\3.0.318\mcchsvc.exe"    "2/5/2013 9:43 AM"
+ "MDM"    "Manages local and remote debugging for Visual Studio debuggers"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\vs7debug\mdm.exe"    "2/23/2001 4:07 AM"
+ "Net Driver HPZ12"    "Dot4Net Module"    "Hewlett-Packard"    "c:\windows\system32\hpzinw12.dll"    "8/5/2010 11:43 PM"
+ "NMIndexingService"    "Nero Home"    "Nero AG"    "c:\program files\common files\nero\lib\nmindexingservice.exe"    "1/3/2008 8:45 AM"
+ "NVSvc"    "Provides system and desktop level support to the NVIDIA display driver"    "NVIDIA Corporation"    "c:\windows\system32\nvsvc32.exe"    "4/8/2002 6:03 PM"
+ "Pml Driver HPZ12"    "PmlDrv Module"    "Hewlett-Packard"    "c:\windows\system32\hpzipm12.dll"    "8/5/2010 11:43 PM"
+ "SkypeUpdate"    "Enables the detection, download and installation of updates for Skype."    "Skype Technologies"    "c:\program files\skype\updater\updater.exe"    "3/1/2013 6:11 AM"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "10/18/2006 10:05 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "7/14/2013 4:05 AM"
+ "basic2"    "NTRksample driver"    "Conexant Systems"    "c:\windows\system32\drivers\basic2.sys"    "7/18/2001 11:01 AM"
+ "bvrp_pci"    ""    ""    "c:\windows\system32\drivers\bvrp_pci.sys"    "6/20/2001 9:32 AM"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"    ""
+ "ctljystk"    "Creative Joyport Enabler"    "Creative Technology Ltd."    "c:\windows\system32\drivers\ctljystk.sys"    "7/19/2001 4:28 PM"
+ "emu10k"    "Creative SB Live! Adapter Driver"    "Creative Technology Ltd."    "c:\windows\system32\drivers\emu10k1f.sys"    "9/13/2001 4:09 AM"
+ "emu10k1"    "Creative SB Live! Interface Driver"    "Creative Technology Ltd."    "c:\windows\system32\drivers\ctlface.sys"    "7/10/2001 9:34 PM"
+ "Eplpdx02"    "LPT I/O driver for EPSON PRINTER"    "MK Systems CO., LTD."    "c:\windows\system32\drivers\eplpdx02.sys"    "8/9/2001 5:48 PM"
+ "Fallback"    "Fallback driver"    "Conexant Systems"    "c:\windows\system32\drivers\fallback.sys"    "7/18/2001 11:04 AM"
+ "Fsks"    "FSKsNT driver"    "Conexant Systems"    "c:\windows\system32\drivers\fsksnt.sys"    "7/18/2001 11:06 AM"
+ "HPZid412"    "IEEE-1284.4-1999 Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzid412.sys"    "10/21/2005 1:28 AM"
+ "HPZipr12"    "IEEE-1284.4-1999 Print Class Driver"    "HP"    "c:\windows\system32\drivers\hpzipr12.sys"    "10/21/2005 1:28 AM"
+ "HPZius12"    "1284.4<->Usb Datalink Driver (Windows 2000)"    "HP"    "c:\windows\system32\drivers\hpzius12.sys"    "10/21/2005 1:22 AM"
+ "HSF_DP"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsfdpsp2.sys"    "6/17/2004 4:55 PM"
+ "hsf_msft"    "WinACHSF driver"    "Conexant"    "c:\windows\system32\drivers\hsf_msft.sys"    "6/11/2001 9:35 AM"
+ "HSFHWBS2"    "HSF_HWB2 WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsfbs2s2.sys"    "6/17/2004 4:56 PM"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"    ""
+ "K56"    "K56NT driver"    "Conexant Systems"    "c:\windows\system32\drivers\k56nt.sys"    "7/18/2001 11:06 AM"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"    ""
+ "LVBulk"    "Bulk Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvbulk.sys"    "2/1/2002 1:03 PM"
+ "ManyCam"    ""    ""    "File not found: system32\DRIVERS\ManyCam.sys"    ""
+ "mdmxsdk"    "Diagnostic Interface DRIVER"    "Conexant"    "c:\windows\system32\drivers\mdmxsdk.sys"    "3/17/2004 1:04 PM"
+ "mferkdk"    "VSCore Code Analysis Driver"    "McAfee, Inc."    "c:\windows\system32\drivers\mferkdk.sys"    "7/31/2009 4:03 PM"
+ "nv"    "NVIDIA Compatible Windows 2000 Miniport Driver, Version 52.16 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nv4_mini.sys"    "10/6/2003 5:56 PM"
+ "OMCI"    "OMCI Device Driver"    "Dell Computer Corporation"    "c:\windows\system32\drivers\omci.sys"    "8/22/2001 10:42 AM"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"    ""
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"    ""
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"    ""
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"    ""
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"    ""
+ "PfModNT"    "PCI/ISA Device Info. Service"    "Creative Technology Ltd."    "c:\windows\system32\pfmodnt.sys"    "12/15/1999 10:14 PM"
+ "PID_0900_V"    "ClickSmart 310 driver"    "Logitech Inc."    "c:\windows\system32\drivers\lv551av.sys"    "2/1/2002 1:07 PM"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"    "8/17/2001 2:49 PM"
+ "PxHelp20"    "Px Engine Device Driver for Windows 2000/XP"    "Sonic Solutions"    "c:\windows\system32\drivers\pxhelp20.sys"    "10/20/2009 11:57 AM"
+ "Rksample"    "Rksample WDM driver"    "Conexant Systems"    "c:\windows\system32\drivers\rksample.sys"    "7/18/2001 11:01 AM"
+ "rtl8139"    "Realtek RTL8139 NDIS 5.0 Driver"    "Realtek Semiconductor Corporation"    "c:\windows\system32\drivers\rtl8139.sys"    "6/12/2003 11:29 PM"
+ "SASDIFSV"    "SASDIFSV.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasdifsv.sys"    "2/17/2010 12:19 PM"
+ "SASKUTIL"    "SASKUTIL.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\saskutil.sys"    "5/10/2010 11:15 AM"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "9/13/2006 7:18 AM"
+ "sfman"    "SoundFont® Manager"    "Creative Technology Ltd."    "c:\windows\system32\drivers\sfman.sys"    "8/30/2001 11:37 PM"
+ "SoftFax"    "FaxNT driver"    "Conexant Systems"    "c:\windows\system32\drivers\faxnt.sys"    "7/18/2001 11:05 AM"
+ "SpeakerPhone"    "SpkpNT driver"    "Conexant Systems"    "c:\windows\system32\drivers\spkpnt.sys"    "7/18/2001 11:06 AM"
+ "Tones"    "TonesNT driver"    "Conexant Systems"    "c:\windows\system32\drivers\tonesnt.sys"    "7/18/2001 11:04 AM"
+ "usbbus"    "LG Mobile USB Multi function Driver"    "LG Electronics Inc."    "c:\windows\system32\drivers\lgusbbus.sys"    "4/23/2013 10:44 PM"
+ "UsbDiag"    "LGE Mobile USB Serial Port"    "LG Electronics Inc."    "c:\windows\system32\drivers\lgusbdiag.sys"    "4/23/2013 10:44 PM"
+ "USBModem"    "LGE Mobile Modem Support"    "LG Electronics Inc."    "c:\windows\system32\drivers\lgusbmodem.sys"    "4/23/2013 10:44 PM"
+ "V124"    "V124NT driver"    "Conexant Systems"    "c:\windows\system32\drivers\v124nt.sys"    "7/18/2001 11:01 AM"
+ "vulfnths"    "VIA USB Host Controller Lower Filter Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\vulfnth.sys"    "6/2/2003 4:03 AM"
+ "vulfntrs"    "VIA USB Roothub Lower Filter Driver"    "VIA Technologies, Inc."    "c:\windows\system32\drivers\vulfntr.sys"    "7/21/2003 2:39 AM"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"    ""
+ "winachsf"    "WinACHSF driver"    "Conexant Systems"    "c:\windows\system32\drivers\hsf_cnxt.sys"    "7/25/2001 9:58 AM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "1/9/2014 10:38 PM"
+ "aux"    "Creative WDM Driver"    "Creative Technology Ltd."    "c:\windows\system32\ctwdm32.dll"    "7/10/2001 9:35 PM"
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 6:09 PM"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "1/29/2010 8:43 AM"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"    "4/13/2008 6:11 PM"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"    "8/17/2001 11:35 PM"
+ "msacm.voxacm160"    "Voxware Audio Compression Manager Driver"    "Voxware, Inc."    "c:\windows\system32\vct3216.acm"    "6/10/1998 12:42 PM"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"    "6/17/2010 8:03 AM"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/17/2001 11:33 PM"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/17/2001 11:33 PM"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 6:10 PM"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 6:10 PM"
+ "VIDC.SP53"    "Sunplus 32-bit AVI compression driver"    "Sunplus Corporation"    "c:\windows\system32\sp5x_32.dll"    "8/14/2001 9:53 PM"
+ "VIDC.SP54"    "Sunplus 32-bit AVI compression driver"    "Sunplus Corporation"    "c:\windows\system32\sp5x_32.dll"    "8/14/2001 9:53 PM"
+ "VIDC.SP55"    "Sunplus 32-bit AVI compression driver"    "Sunplus Corporation"    "c:\windows\system32\sp5x_32.dll"    "8/14/2001 9:53 PM"
+ "VIDC.SP56"    "Sunplus 32-bit AVI compression driver"    "Sunplus Corporation"    "c:\windows\system32\sp5x_32.dll"    "8/14/2001 9:53 PM"
+ "VIDC.SP57"    "Sunplus 32-bit AVI compression driver"    "Sunplus Corporation"    "c:\windows\system32\sp5x_32.dll"    "8/14/2001 9:53 PM"
+ "VIDC.SP58"    "Sunplus 32-bit AVI compression driver"    "Sunplus Corporation"    "c:\windows\system32\sp5x_32.dll"    "8/14/2001 9:53 PM"
+ "VIDC.SP59"    "Sunplus 32-bit AVI compression driver"    "Sunplus Corporation"    "c:\windows\system32\sp5x_32.dll"    "8/14/2001 9:53 PM"
+ "vidc.tscc"    "TechSmith Screen Capture Codec"    "TechSmith Corporation"    "c:\windows\system32\tsccvid.dll"    "5/22/2005 10:11 AM"
+ "vidc.XVID"    ""    ""    "c:\windows\system32\xvidvfw.dll"    "4/27/2008 2:35 AM"
"HKLM\Software\Classes\Filter"    ""    ""    ""    "1/9/2014 10:34 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 6:10 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 6:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 6:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 6:10 PM"
+ "LAME Audio Encoder"    "LAME Audio Encoder"    ""    "c:\program files\magic m4a to mp3 converter\lame.ax"    "8/1/2005 6:43 AM"
+ "LAME Audio Encoder"    "LAME Audio Encoder"    ""    "c:\program files\magic m4a to mp3 converter\lame.ax"    "8/1/2005 6:43 AM"
+ "PVTimeScale Plugin"    "AMSDSPVT"    "Creative Technology Ltd."    "c:\program files\creative\sharedll\audplug\amsdspvt.dll"    "6/21/1999 1:18 PM"
+ "PVTimeScale Plugin"    "AMSDSPVT"    "Creative Technology Ltd."    "c:\program files\creative\sharedll\audplug\amsdspvt.dll"    "6/21/1999 1:18 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "10/13/2008 11:42 PM"
+ "3GPPShow"    "viscom3gpenc.dll"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscom3gpenc.dll"    "5/9/2007 9:40 AM"
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "AC3 Source Filter"    "AC3 Source Filter"    "Creative Technology Ltd."    "c:\program files\creative\sharedll\audplug\ac3filt.dll"    "9/7/2000 7:00 AM"
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"    "8/17/2001 11:35 PM"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "Audio Source"    "Windows Media Preview Object"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmprevu.dll"    "5/1/2001 6:18 PM"
+ "AVS Video Out"    "AVSVideoOutFilter DirectShow Filter"    "Online Media Technologies Ltd"    "c:\program files\common files\avsmedia\activex\avsvideooutfilter3.ax"    "4/6/2009 6:21 AM"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "CustomFrameGrabber Filter"    "Viscom Frame"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscomframe.dll"    "3/4/2007 3:54 AM"
+ "CyberLink Audio Decoder"    "CyberLink Audio Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\claud.ax"    "10/3/2001 4:51 AM"
+ "CyberLink Audio Renderer Connector"    ""    ""    "c:\program files\cyberlink\powerdvd\clarc.ax"    "1/10/2002 8:52 PM"
+ "CyberLink DxVA Filter"    ""    ""    "c:\program files\cyberlink\powerdvd\cldxva.ax"    "1/30/2002 1:09 AM"
+ "CyberLink Video/SP Decoder"    "CyberLink Video/SP Filter"    "CyberLink Corp."    "c:\program files\cyberlink\powerdvd\clvsd.ax"    "1/2/2002 9:30 PM"
+ "DC-Bass Source"    "DirectShow™ Audio Decoder"    "http://www.dsp-worx.de"    "c:\program files\bass audio decoder\dcbasssource.ax"    "6/19/1992 4:22 PM"
+ "Dump"    "Audio Encoder"    "Viscom Software"    "c:\program files\aoa audio extractor\viscomaudioencoder.dll"    "11/11/2006 7:38 AM"
+ "Dump"    "Audio Encoder"    "Viscom Software"    "c:\program files\blaze media pro\video processing\viscomaudioencoder.dll"    "12/5/2006 2:19 AM"
+ "DV Scenes"    "DV-Timecode based Scenechange Detection"    "Nero AG"    "c:\program files\nero\nero8\nero vision\nvdv.dll"    "7/18/2007 6:19 AM"
+ "DV Source Filter"    "DV-Timecode based Scenechange Detection"    "Nero AG"    "c:\program files\nero\nero8\nero vision\nvdv.dll"    "7/18/2007 6:19 AM"
+ "FLVDecoder"    "Viscomflvdec"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscomflvdec_licenseto_mystikmedia.dll"    "3/20/2008 12:54 AM"
+ "FLVShow"    "flash encoder"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscomflvenc_licenseto_mystikmedia.dll"    "9/23/2007 2:23 AM"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "Image Effects"    "Audio Data"    "Viscom Software"    "c:\program files\aoa audio extractor\viscomaudiodata.dll"    "12/2/2006 7:55 AM"
+ "Indeo Video ® 5.1 Progressive Download Source"    "Intel Indeo® video IVF Source Filter 5.10"    "Intel Corporation"    "c:\windows\system32\ivfsrc.ax"    "4/13/2008 6:10 PM"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 6:09 PM"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 6:10 PM"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 6:10 PM"
+ "LAME Audio Encoder"    "LAME Audio Encoder"    ""    "c:\program files\magic m4a to mp3 converter\lame.ax"    "8/1/2005 6:43 AM"
+ "Lava Filter"    "LAVA DirectShow Filter"    "Creative Technology Ltd."    "c:\program files\creative\sharedll\audplug\ctoozicft.dll"    "9/25/2000 12:00 AM"
+ "MPC Avi Source"    "Avi Splitter"    "MPC-HC Team"    "c:\program files\opensource avi splitter\osavisplitter.ax"    "1/1/2012 3:17 PM"
+ "MPC Avi Splitter"    "Avi Splitter"    "MPC-HC Team"    "c:\program files\opensource avi splitter\osavisplitter.ax"    "1/1/2012 3:17 PM"
+ "MPC Flv Source"    "FLV Splitter"    "MPC-HC Team"    "c:\program files\opensource flash video splitter\flvsplitter.ax"    "1/1/2012 3:16 PM"
+ "MPC Flv Splitter"    "FLV Splitter"    "MPC-HC Team"    "c:\program files\opensource flash video splitter\flvsplitter.ax"    "1/1/2012 3:16 PM"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"    "6/15/2010 10:17 AM"
+ "MPEG2 Audio decoder"    "viscomdvds.dll"    "Viscom Software"    "c:\program files\blaze media pro\dvd ripper\viscomdvds.dll"    "1/5/2009 8:35 AM"
+ "MPEG2 Video decoder"    "viscomdvds.dll"    "Viscom Software"    "c:\program files\blaze media pro\dvd ripper\viscomdvds.dll"    "1/5/2009 8:35 AM"
+ "NeAudio2"    "Nero Audio Decoder 2"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neaudio2.ax"    "1/11/2008 9:46 AM"
+ "NeAudioRender"    "Nero Audio Renderer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neaudiorender.ax"    "1/11/2008 9:45 AM"
+ "Nero Audible Decoder"    "Nero Audible Decoder"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neaudible.ax"    "1/11/2008 9:48 AM"
+ "Nero Audio CD Filter"    "Nero Audio CD Source Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neaudcd.ax"    "1/11/2008 9:47 AM"
+ "Nero Audio CD Navigator"    "Nero Audio CD Source Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neaudcd.ax"    "1/11/2008 9:47 AM"
+ "Nero Audio Transcoder"    "Audio Transcoding Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\netranscoder.ax"    "1/11/2008 9:47 AM"
+ "Nero AV Synchronizer"    "Audio/Video Synchronizer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neavsync.ax"    "1/11/2008 10:02 AM"
+ "Nero Colorspace Converter"    "Colorspace Converter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\necolorspace.ax"    "1/11/2008 10:06 AM"
+ "Nero Deinterlace"    "Deinterlacing Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nedeinterlace.ax"    "1/11/2008 10:05 AM"
+ "Nero Digital Audio Encoder 8"    "AAC LC/HE Audio Encoder"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nendaud.ax"    "1/11/2008 10:03 AM"
+ "Nero Digital File Writer 8"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nendmux.ax"    "1/11/2008 10:03 AM"
+ "Nero Digital Muxer 8"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nendmux.ax"    "1/11/2008 10:03 AM"
+ "Nero Digital Null Renderer 8"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nendmux.ax"    "1/11/2008 10:03 AM"
+ "Nero Digital Subpicture Enc 8"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nendmux.ax"    "1/11/2008 10:03 AM"
+ "Nero Digital Video Enc 8"    "MPEG4 and H.264 (AVC) Video Encoder"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nendvid.ax"    "1/11/2008 10:03 AM"
+ "Nero DV Splitter"    "DV Splitter Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nedvsplitter.ax"    "1/11/2008 9:49 AM"
+ "Nero DVD Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nevideo.ax"    "1/11/2008 10:02 AM"
+ "Nero DVD Navigator"    "DVD Navigator Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nedvd.ax"    "1/11/2008 9:23 AM"
+ "Nero Elementary Stream Parser"    "Nero Elementary Stream Parser"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neesparser.ax"    "1/11/2008 9:47 AM"
+ "Nero File Source (Async.)"    "Nero Home"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nefilesourceasync.ax"    "1/11/2008 10:10 AM"
+ "Nero FLV Splitter"    "Nero FLV Splitter Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neflvsplitter.ax"    "1/11/2008 10:06 AM"
+ "Nero Frame Capture"    "Direct Show frame grabber filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\necapture.ax"    "1/11/2008 10:03 AM"
+ "Nero Framerate Converter"    "Framerate Conversion DirectShow Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neframerate.ax"    "1/11/2008 10:06 AM"
+ "Nero HD Audio Mixer"    "Nero Audio Mixer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nehdaudiomixer.ax"    "1/11/2008 9:47 AM"
+ "Nero InteractiveGraphics Decoder"    "Graphics Decoder Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nebdgraphic.ax"    "1/11/2008 10:04 AM"
+ "Nero MP3 Encoder"    "MP3 Encoding Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nemp3encoder.ax"    "1/11/2008 9:47 AM"
+ "Nero MP4 Splitter"    "MP4 Splitter Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nemp4splitter.ax"    "1/11/2008 9:49 AM"
+ "Nero Mpeg Video Encoder"    "NeroMpeg Dynamic Link Library"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nempegvideoenc.ax"    "1/11/2008 10:10 AM"
+ "Nero Mpeg2 Encoder"    "MPEG 1/2 encoder filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nevcr.ax"    "1/11/2008 10:09 AM"
+ "Nero Ogg Splitter"    "Ogg Splitter Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neoggsplitter.ax"    "1/11/2008 9:48 AM"
+ "Nero Photo Source"    "Nero Home"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nephotosource.ax"    "1/11/2008 10:10 AM"
+ "Nero PresentationGraphics Decoder"    "Graphics Decoder Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nebdgraphic.ax"    "1/11/2008 10:04 AM"
+ "Nero PS Muxer"    "PS Muxer Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nepsmuxer.ax"    "1/11/2008 9:48 AM"
+ "Nero QuickTime™ Audio Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neqtdec.ax"    "1/11/2008 10:06 AM"
+ "Nero QuickTime™ Video Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neqtdec.ax"    "1/11/2008 10:06 AM"
+ "Nero Resize"    "Resizing Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neresize.ax"    "1/11/2008 10:06 AM"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nescenedetector.ax"    "1/11/2008 10:04 AM"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nescenedetector.ax"    "1/11/2008 10:04 AM"
+ "Nero Sound Processor"    "Nero Sound Processor"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nesoundproc.ax"    "1/11/2008 9:48 AM"
+ "Nero Splitter"    "Splitter Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nesplitter.ax"    "1/11/2008 9:49 AM"
+ "Nero Stream Buffer Sink"    "Nero Stream Buffer Engine"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nesbe.ax"    "1/11/2008 9:48 AM"
+ "Nero Stream Buffer Source"    "Nero Stream Buffer Engine"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nesbe.ax"    "1/11/2008 9:48 AM"
+ "Nero Subpicture Decoder"    "Nero Subpicture Decoder"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nesubpicture.ax"    "1/11/2008 10:04 AM"
+ "Nero Subtitle"    "Subtitle Renderer & Mixer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nesubtitle.ax"    "1/11/2008 10:05 AM"
+ "Nero Teletext Decoder"    "Teletext Decoder Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\neteletext.ax"    "1/11/2008 10:05 AM"
+ "Nero Thumbnail Decoder"    "Thumbnail Decoder Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nebdthumbnail.ax"    "1/11/2008 10:04 AM"
+ "Nero TS Muxer"    "Nero Transport Stream Muxltiplexer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\netsmuxer.ax"    "1/11/2008 10:07 AM"
+ "Nero Vcd Navigator"    "Nero Vcd Navigator Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nevcd.ax"    "1/11/2008 10:01 AM"
+ "Nero Video Analyzer"    "Nero Video Analyzer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nevideoanalyzer.ax"    "1/11/2008 10:05 AM"
+ "Nero Video Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nevideo.ax"    "1/11/2008 10:02 AM"
+ "Nero Video Decoder HD"    "Nero HD Video Decoder"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nevideohd.ax"    "1/11/2008 10:02 AM"
+ "Nero Video Processor"    "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nerovideoproc.ax"    "1/11/2008 10:05 AM"
+ "Nero Video Renderer"    "Nero Video Renderer"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nevideorenderer.ax"    "1/11/2008 10:05 AM"
+ "NeroVobuGenerator"    "Nero Vobu Generator"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nerovobugenerator.ax"    "6/5/2007 5:27 AM"
+ "NeSoundSwitch"    "Nero Sound Switcher"    "Nero AG"    "c:\program files\common files\nero\dsfilter\nesoundswitch.ax"    "1/11/2008 9:48 AM"
+ "NVF Filter"    "Nomad Voice File Source Filter"    "Creative Technology Ltd."    "c:\program files\creative\sharedll\audplug\ctnvfflt.dll"    "1/7/2001 8:57 PM"
+ "PVTimeScale Plugin"    "AMSDSPVT"    "Creative Technology Ltd."    "c:\program files\creative\sharedll\audplug\amsdspvt.dll"    "6/21/1999 1:18 PM"
+ "QuickTime Writer"    ""    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscomqtenc.dll"    "6/27/2007 1:43 AM"
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "Screen capture Filter"    "WMESrcWp Module"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmesrcwp.dll"    "5/1/2001 6:18 PM"
+ "ShotBoundaryDet"    "Windows Movie Maker"    "Microsoft Corporation"    "c:\program files\movie maker\wmmfilt.dll"    "8/17/2001 11:36 PM"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "Standard MPEG Encoder v6"    "DirectShow MPEG Encoding and Multiplexing DirectShow Filter"    "Standard MPEG"    "c:\windows\system32\directencode.dll"    "10/3/2008 10:14 AM"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "TextImageTrans Filter"    "Tranform Filter"    "Mainmedia Software www.mainmediasoft.com"    "c:\windows\system32\viscomtran.dll"    "5/12/2007 5:01 AM"
+ "Video Source"    "Windows Media Preview Object"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmprevu.dll"    "5/1/2001 6:18 PM"
+ "VISCOM AudioMixer Filter"    ""    ""    "c:\program files\aoa audio extractor\viscommixer.dll"    "1/27/2009 2:12 AM"
+ "VISCOM DVDRipper"    ""    ""    "c:\program files\blaze media pro\dvd ripper\viscommpgdecrip.dll"    "12/12/2008 5:44 AM"
+ "VISCOM Overlay Text Filter"    ""    ""    "c:\program files\blaze media pro\video processing\viscomtran.dll"    "11/9/2008 9:20 AM"
+ "VISCOM QuickTime Source Filter"    "QuickTime Decoder"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscomqtde.dll"    "11/4/2009 8:55 AM"
+ "VISCOM Wave Form Display Filter"    "Wave Form"    "Viscom Software www.viscomsoft.com"    "c:\program files\aoa audio extractor\viscomwaveform.dll"    "1/26/2009 9:04 AM"
+ "Viscomsoft Animated GIF Encoder"    ""    ""    "c:\program files\blaze media pro\video processing\viscomgifenc.dll"    "5/12/2008 2:27 AM"
+ "Viscomsoft Audio Filter"    "viscomaudio.dll"    "Viscom Software www.viscomsoft.com"    "c:\program files\aoa audio extractor\viscomaudio.dll"    "12/8/2008 8:25 AM"
+ "Viscomsoft MPEG Audio Decoder"    "viscommpgadec.dll"    "Viscom Software www.viscomsoft.com"    "c:\program files\aoa audio extractor\viscommpgadec.dll"    "1/27/2009 6:47 PM"
+ "Viscomsoft Mpeg Encoder"    "viscomdata3.dll"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscomdata3.dll"    "11/1/2008 12:20 AM"
+ "Viscomsoft Mpeg Source"    "viscomsplitter"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscomsplitter.dll"    "8/17/2008 11:18 PM"
+ "Viscomsoft MPEG Video Decoder"    "viscommpgdec.dll"    "Viscom Software www.viscomsoft.com"    "c:\program files\blaze media pro\video processing\viscommpgdec.dll"    "8/17/2008 10:53 PM"
+ "VU Meter"    ""    ""    "c:\windows\system32\vumeter.ax"    "4/19/2003 9:35 PM"
+ "WAV Dest"    ""    "Viscom Software"    "c:\program files\aoa audio extractor\viscomwave.dll"    "8/17/2003 11:31 PM"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"    "8/17/2001 11:35 PM"
+ "Windows Media Pad VU Data Grabber"    "Windows Movie Maker"    "Microsoft Corporation"    "c:\program files\movie maker\wmmfilt.dll"    "8/17/2001 11:36 PM"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMEncSourceSink"    "WMESrcWp Module"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmesrcwp.dll"    "5/1/2001 6:18 PM"
+ "WMS Filter"    "Creative Windows Media Source Filter"    "Creative Technology Ltd."    "c:\program files\creative\sharedll\audplug\ctwmsflt.dll"    "3/15/2001 12:30 AM"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 6:11 PM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""    "1/9/2014 10:38 PM"
+ "!SASWinLogon"    "SUPERAntiSpyware WinLogon Processor"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\saswinlo.dll"    "9/3/2009 4:09 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries"    ""    ""    ""    "12/10/2011 6:30 PM"
+ "000000000001"    "My Privacy Tools SecureNet Service."    "My Privacy Tools, Inc."    "c:\windows\system32\hmipcore.dll"    "6/6/2010 7:41 PM"
+ "000000000002"    "My Privacy Tools SecureNet Service."    "My Privacy Tools, Inc."    "c:\windows\system32\hmipcore.dll"    "6/6/2010 7:41 PM"
+ "000000000013"    "My Privacy Tools SecureNet Service."    "My Privacy Tools, Inc."    "c:\windows\system32\hmipcore.dll"    "6/6/2010 7:41 PM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "1/9/2014 10:38 PM"
+ "EPSON Printer Port"    "Eplpmx02 Epson Printer Monitor for Windows2000"    "MK Systems CO.,LTD."    "c:\windows\system32\eplpmx02.dll"    "8/10/2001 9:48 AM"
+ "EPSON V5 2KMonitor"    "EPSON Bidirectional Monitor"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\ebpmon2.dll"    "5/21/2001 12:54 AM"
+ "hpf3l083.dll"    "LanguageMonitor"    "Hewlett-Packard Company"    "c:\windows\system32\hpf3l083.dll"    "10/6/2008 4:08 AM"
 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.10.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Ken :: KEN-RW9IJ6PKV6S [administrator]

1/9/2014 10:59:51 PM
mbam-log-2014-01-09 (22-59-51).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 239093
Time elapsed: 18 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

 

 

Farbar Service Scanner Version: 08-01-2014
Ran by Ken (administrator) on 09-01-2014 at 23:25:26
Running from "C:\Documents and Settings\Ken\My Documents\emoticons"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0A00000005000000010000000200000003000000040000000A0000000600000007000000090000000B000000
IpSec Tag value is correct.

**** End of log ****

 

 

 

 

ESET SCAN

 

C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\27\60b5d41b-64f60050    a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\30\333895de-197b8944    Java/Exploit.CVE-2012-0507.CE trojan
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\33\53784821-1d92ed23    a variant of Java/TrojanDownloader.Agent.NDJ trojan
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\39\60f0eba7-40eef379    multiple threats
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\6\511051c6-1e1018d5    multiple threats
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\7\14709687-7936eaab    a variant of Java/Exploit.CVE-2010-0840.NAL trojan
 

 

 

 

P.S.  The computer is still running the same..everything seems so slow and takes longer and longer to do simple tasks./



#6 pigfoot

pigfoot
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 10 January 2014 - 03:22 AM

Trying to Eset scan again at the moment....I looking at task manager and it is running at 100%cpu when running eset....this is what seems to be why eset is hanging up?  Also I see the same 6 infected files came up on this next scan..I guess it will not delete them unless and entire scan is completely finished?


Edited by pigfoot, 10 January 2014 - 03:24 AM.


#7 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 AM

Posted 10 January 2014 - 07:06 AM

Run eset in safe mode with networking. :)



#8 pigfoot

pigfoot
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 10 January 2014 - 03:06 PM

Run eset in safe mode with networking. :)

Before I saw your last post  I let Escan run again while I went to bed.  I think it took a long long time to complete...maybe 5 hours or more?   It came up and found some Trojans but I am not sure it deleted all of them.  Do they go to the quarantined section and then do you delete the quarantined items?  I looked in the eset quarantined section and it shows quite a few items there.  I also was reading a link I saw on another blog and it is interesting but not know if it deals with my trojans?    http://www.f-secure.com/v-descs/trojan_w32_reveton.shtml

 

ESET SCAN RESULTS

C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\27\60b5d41b-64f60050    a variant of Java/TrojanDownloader.Agent.NDJ trojan    cleaned by deleting - quarantined
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\30\333895de-197b8944    Java/Exploit.CVE-2012-0507.CE trojan    cleaned by deleting - quarantined
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\33\53784821-1d92ed23    a variant of Java/TrojanDownloader.Agent.NDJ trojan    cleaned by deleting - quarantined
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\39\60f0eba7-40eef379    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\6\511051c6-1e1018d5    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\7\14709687-7936eaab    a variant of Java/Exploit.CVE-2010-0840.NAL trojan    cleaned by deleting - quarantined
C:\WINDOWS\pss\ctfmon.lnkStartup    Win32/Reveton.J trojan    cleaned by deleting - quarantined
C:\_OTL\MovedFiles\08112012_174252\C_Documents and Settings\Ken\Application Data\Mozilla\Firefox\Profiles\j7s5h6jz.default\extensions\plugin@yontoo.com\content\overlay.js    Win32/Adware.Yontoo application    cleaned by deleting - quarantined
 

 

Should  I still try to run another scan in safe mode?


Edited by pigfoot, 10 January 2014 - 03:07 PM.


#9 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 AM

Posted 10 January 2014 - 03:27 PM

Lets see if this will speed your machine up a bit.

 

Run start up lite.

https://www.malwarebytes.org/startuplite/

 

Disable all it suggest.

 

  • Hit the Start button then.
  • Right Click My computer
  • Properties
  • Harwdare Tab
  • Device Manager.
  • Scroll down to the IDE ATA/ATAPI Controlers Left click the + to the left of the drivers.
  • Right Click and uninstall all of your Primary IDE drivers.
  • There most likely will be more than one of the Primary IDE Drivers!!
  • Make sure and un-install All of them prior to rebooting.
  • Make sure that you only remove the Primary IDE Drivers nothing else
  • Reboot the machine.
  • Another request will be made to reboot after the initial.
  • Reboot again.

 

Then lets run a scan in normal mode with a diff tool.

 

Please download the Kaspersky Virus Removal Tool from here to your Desktop.

Double-click the Removal Tool.

Win 7 Vista User's Right Click and run as Admin.
Click the cog in the upper right corner:

AVPfront.gif

Select down to and including your main drive.
Once done please select the Automatic Scan tab and press Start Scan.

avpsettings.gif

Allow AVP to delete all infections found.
Once it has finished select the Report tab.
Select the Detected threats report from the left and press the Save button.
Save it to your Desktop and post the contents in your next reply.



#10 pigfoot

pigfoot
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 10 January 2014 - 04:39 PM

I need to ask a question before I did your last post request.  I see in device manager only 1 ide controller.  Is there suppose to be more?  I see  Secondary  also.

 

drivers-controllers_zps86b85434.jpg



#11 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 AM

Posted 10 January 2014 - 05:08 PM

Just remove the primary ide driver some mahcines have one others have 4 it all depends. :)



#12 pigfoot

pigfoot
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 11 January 2014 - 02:59 PM

Ran the Kapersky scan...it took forever.  I t came up with 3 items but 2 was quaratined. How do you delete the quarantined  items? Should you do it?

 

 

 

KAPERSKY SCAN

 

Status: Quarantined   (events: 2)    
1/11/2014 2:42:24 AM    Quarantined    Trojan program HEUR:Exploit.Script.Generic    C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\0\1fd16c80-1b0c0a87    High    
1/11/2014 2:42:28 AM    Quarantined    Trojan program HEUR:Exploit.Java.Generic    C:\Documents and Settings\Ken\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\33\2d7883e1-44155894    High    
Status: Deleted   (events: 1)    
1/11/2014 1:21:11 PM    Deleted    Trojan program Packed.Win32.Krap.hc    C:\System Volume Information\_restore{5C2322B6-87DC-4D45-8B02-C59C325E7481}\RP13\A0005295.exe    High    
 


Edited by pigfoot, 11 January 2014 - 02:59 PM.


#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 AM

Posted 11 January 2014 - 03:09 PM

So long as they are quarantined you are good.

 

 

Perform a full online scan with  SUPERAntiSpyware.com - Online Scanner  post back the result in your next repy and tell me if you are still having any issues.


Edited by InadequateInfirmity, 11 January 2014 - 03:09 PM.


#14 pigfoot

pigfoot
  • Topic Starter

  • Members
  • 186 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:MIAMI, FLORIDA, USA
  • Local time:01:29 AM

Posted 12 January 2014 - 02:09 PM

Here is  the scan...do I allow it to remove  all the threats it found?

I hope so because  I clicked  REMOVE THREATS.

 

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/12/2014 at 06:33 AM

Application Version : 5.7.1016

Core Rules Database Version : 10973
Trace Rules Database Version: 8785

Scan type       : Complete Scan
Total Scan Time : 01:46:31

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned      : 429
Memory threats detected   : 0
Registry items scanned    : 40369
Registry threats detected : 1
File items scanned        : 65795
File threats detected     : 137

Disabled.SecurityCenterOption
    HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY

Adware.Tracking Cookie
    C:\Documents and Settings\Ken\Cookies\T8RA6B9Q.txt [ /atdmt.com ]
    C:\Documents and Settings\Ken\Cookies\93C2N8Y7.txt [ /doubleclick.net ]
    C:\Documents and Settings\Ken\Cookies\5IH9LWK5.txt [ /ads.yahoo.com ]
    C:\Documents and Settings\Ken\Cookies\37YH1RZY.txt [ /c1.atdmt.com ]
    C:\Documents and Settings\Ken\Cookies\1Q2ED7NN.txt [ /interclick.com ]
    C:\Documents and Settings\Ken\Cookies\2L7DSSDC.txt [ /serving-sys.com ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\WJ7CVSQQ.txt [ Cookie:system@imrworldwide.com/cgi-bin ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\J10UMA6U.txt [ Cookie:system@ru4.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TVRJV9KX.txt [ Cookie:system@fastclick.net/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\O3U8SGZ0.txt [ Cookie:system@www.burstnet.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\AI91XO0G.txt [ Cookie:system@myroitracking.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\FJNSWFNL.txt [ Cookie:system@media6degrees.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1HOVXL3S.txt [ Cookie:system@click.imagesearchanswers.com/ads-clicktrack/click/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\OXCJE0VJ.txt [ Cookie:system@revsci.net/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\IE1FKCQP.txt [ Cookie:system@a1.interclick.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UIL6LAIE.txt [ Cookie:system@atdmt.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\0H7SV23V.txt [ Cookie:system@doubleclick.net/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2BPA5CRL.txt [ Cookie:system@lucidmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\S43DJKR6.txt [ Cookie:system@trafficmp.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\I13JEJ29.txt [ Cookie:system@collective-media.net/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TL506A6K.txt [ Cookie:system@realmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\D2H0922V.txt [ Cookie:system@rotator.hadj7.adjuggler.net/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7RK78URV.txt [ Cookie:system@martiniadnetwork.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\1TR5I8QP.txt [ Cookie:system@burstnet.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\UOOIP93Y.txt [ Cookie:system@adbrite.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TGFB1382.txt [ Cookie:system@yieldmanager.net/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\77O1U8RH.txt [ Cookie:system@apmebf.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\9L5X400L.txt [ Cookie:system@adxpose.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\P4GHW816.txt [ Cookie:system@pubmatic.com/AdServer/AdClickTrackerServlet/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\J6TW0U55.txt [ Cookie:system@pro-market.net/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\7196ZKYP.txt [ Cookie:system@casalemedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\Y4A8W0N7.txt [ Cookie:system@questionmarket.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\TXU926KH.txt [ Cookie:system@network.realmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\WAQS462M.txt [ Cookie:system@statcounter.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\DHED5DZU.txt [ Cookie:system@tribalfusion.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\I0KUBCT8.txt [ Cookie:system@247realmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2XT4JRTZ.txt [ Cookie:system@adtech.de/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\095V9KBZ.txt [ Cookie:system@clicksor.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\2XZHI6OS.txt [ Cookie:system@advertising.com/ ]
    C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\Cookies\94JQ4262.txt [ Cookie:system@findology.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\6WOM90AR.txt [ Cookie:system@imrworldwide.com/cgi-bin ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\9SPY01XI.txt [ Cookie:system@ru4.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\O7E1XR5D.txt [ Cookie:system@1sadx.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0S22EKZL.txt [ Cookie:system@www.burstnet.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\1P0DZF7Y.txt [ Cookie:system@fastclick.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JBKGGO4B.txt [ Cookie:system@banners.gossipcenter.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HHYQ87VR.txt [ Cookie:system@stat.onestat.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\SA2CH9IF.txt [ Cookie:system@pointroll.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\U9MOXK7V.txt [ Cookie:system@createthegroup.122.2o7.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\FJ6V9MNJ.txt [ Cookie:system@media6degrees.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\67HSZJ5A.txt [ Cookie:system@revsci.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\KR143QM5.txt [ Cookie:system@delivery.bluefinmediaads.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\LS4O2BQN.txt [ Cookie:system@a1.interclick.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2OA2B3U1.txt [ Cookie:system@atdmt.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2DTIUQ26.txt [ Cookie:system@adsonar.com/adserving ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\SVX6M7XC.txt [ Cookie:system@doubleclick.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\VM0DTGGI.txt [ Cookie:system@lucidmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\P3C5WV2K.txt [ Cookie:system@adnetwork.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QNDEBSDU.txt [ Cookie:system@collective-media.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\8RNYXTEJ.txt [ Cookie:system@ads.pointroll.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\112XV5XI.txt [ Cookie:system@realmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\B6AZBCSI.txt [ Cookie:system@eas21.emediate.eu/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\84L1CP80.txt [ Cookie:system@martiniadnetwork.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\RI85V8AP.txt [ Cookie:system@burstnet.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\10QO3VB8.txt [ Cookie:system@adbrite.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\YAJNN77T.txt [ Cookie:system@yieldmanager.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\MEUZCYJB.txt [ Cookie:system@delivery.adseekmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\ILEJLB8Y.txt [ Cookie:system@apmebf.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\3FPOIWEI.txt [ Cookie:system@adxpose.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\BQ4N2W3V.txt [ Cookie:system@ox-d.fondnessmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\0KTKQMVQ.txt [ Cookie:system@bs.serving-sys.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\X0VK66JY.txt [ Cookie:system@pro-market.net/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\C69EWJUF.txt [ Cookie:system@casalemedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\HTQM5STZ.txt [ Cookie:system@questionmarket.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\FK30IIRQ.txt [ Cookie:system@adserver.adtechus.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\I7NDCNYN.txt [ Cookie:system@network.realmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\JDY1T4HD.txt [ Cookie:system@tribalfusion.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\R4FOHBZL.txt [ Cookie:system@statcounter.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\QIDO27ZK.txt [ Cookie:system@247realmedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\2QRL134D.txt [ Cookie:system@mediaservices-d.openxenterprise.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\6PX1LI06.txt [ Cookie:system@cdn.jemamedia.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\OVZN3KKS.txt [ Cookie:system@yadro.ru/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\5GR60F11.txt [ Cookie:system@advertising.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\UVSWYYMK.txt [ Cookie:system@media.charter.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\Y7HC7XNH.txt [ Cookie:system@xiti.com/ ]
    C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\Cookies\OLE6X3MS.txt [ Cookie:system@micklemedia.com/ ]
    accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6wnloapc5sdo.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    tracking.websitealive.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6wcl4cocpkeq.stats.esomniture.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .estat.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .solvemedia.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .solvemedia.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .media2.legacy.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .media2.legacy.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    www.peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .peoplefinders.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .liveperson.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    sales.liveperson.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .microsoftsto.112.2o7.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .dmtracker.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    demandmedia.trc.taboola.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    demandmedia.trc.taboola.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    demandmedia.trc.taboola.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    demandmedia.trc.taboola.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    accounts.google.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    .nhlbi.122.2o7.net [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\DOCUMENTS AND SETTINGS\KEN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\J7S5H6JZ.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Symmi
    C:\PROGRAM FILES\VIDEO THUMBNAILS MAKER\VIDEOTHUMBNAILSVIEWER.EXE

Trojan.Agent/Gen-Nullo[Short]
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{5C2322B6-87DC-4D45-8B02-C59C325E7481}\RP13\A0005294.EXE

Trojan.Dropper/Win-NV
    C:\WINDOWS\$HF_MIG$\KB896423\SP2QFE\SPOOLSV.EXE
    C:\WINDOWS\$HF_MIG$\KB900725\SP2QFE\LINKINFO.DLL
    C:\WINDOWS\$NTSERVICEPACKUNINSTALL$\LINKINFO.DLL
    C:\WINDOWS\$NTSERVICEPACKUNINSTALL$\SPOOLSV.EXE
    C:\WINDOWS\ERDNT\CACHE\FIREFOX.EXE
    C:\WINDOWS\ERDNT\CACHE\LINKINFO.DLL
    C:\WINDOWS\ERDNT\CACHE\SPOOLSV.EXE

Trojan.Agent/Gen-Injector
    C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\INFOCARD.EXE
 



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:29 AM

Posted 12 January 2014 - 03:31 PM


Trojan.Agent/Gen-Injector
    C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\INFOCARD.EXE
 

 

The above is concerning lets run another check.

 

Also yes you were supposed to remove the items found with SAS. :)

 

 

Please download TDSSKiller.exe to your desktop.. Vista/Windows 7 users right-click and select Run As Administrator.

  • Click on Change Parameters and click Detect TDLFS File System.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A TDSSKiller text file would be saved in Local Disk C.
  • Copy and paste the contents of that file in your next reply.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users