Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

100% CPU usage XP3 - possible SearchIndexer issues


  • This topic is locked This topic is locked
11 replies to this topic

#1 MrMark52

MrMark52

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 25 August 2014 - 05:05 PM

Computer really started again struggling last week and not really sure it got 100% clean from 2-3 months ago (it did run better, but never as good as it had before that time).

 

Over the past 3-4 dyas, I've run the following -

 

RuBotted

Malwarebytes

Spybot

JRT

HitmanPro (although I am beyond the 30 day trial period)

ADWCleaner

and just a short while ago, CCleaner

 

I can run HiJackThis if/when needed.

 

I have seen some reduction in CPU demand, but for the most part, it's still working at a higher than lower demand - and most times when I check Tassk Manager, it's running 100%.

 

I also had a processor fan issue last week that I thought was the fan, but after tearing into the laptop, I found a load of dust collected against the fin heat sink was stopping th efan from turning (thie computer I am on is a Dell D610 lapton, os a small radial fan in th eupper left corner blows air across a fin aluminum heat sink which in turn absorbs heat from a heat pipe that cools the processor).

 

DDS Attach and .txt file below and attached. Thanks again to Bleeping COmputer team for th ehelp and suppport!

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.67.2
Run by Markie at 16:27:28 on 2014-08-25
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3318.2206 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
C:\WINDOWS\System32\snmp.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Documents and Settings\Markie\Application Data\DirectLife\ALconnect\ALconnect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Apoint\Apntex.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ASUS\Download Master Utility\DM2.exe
C:\Program Files\Apoint\HidFind.exe
C:\Documents and Settings\Markie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Markie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Suunto\Moveslink for Movestick Mini\Moveslink.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\My Dell\uaclauncher.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearch Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mStart Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [cdloader] "c:\documents and settings\markie\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [ALconnect] c:\documents and settings\markie\application data\directlife\alconnect\ALconnect.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Download Master] c:\program files\asus\download master utility\DM2.exe /hide
uRun: [Akamai NetSession Interface] "c:\documents and settings\markie\local settings\application data\akamai\netsession_win.exe"
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Dell QuickSet] c:\program files\dell\quickset\Quickset.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\stsystra.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [OSSelectorReinstall] c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [WD Drive Manager] c:\program files\western digital\wd drive manager\WDBtnMgrUI.exe
mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\movesl~1.lnk - c:\windows\installer\{4d036aca-dfdf-41b2-a680-e0d736f3e947}\_22A9010B636AF7A61D8E03.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tp-lin~1.lnk - c:\program files\tp-link\tp-link wireless configuration utility\TWCU.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Free YouTube Download - c:\program files\common files\dvdvideosoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files\common files\dvdvideosoft\plugins\freeytmp3downloader.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: dell.com
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {62BA437C-7712-48C6-9F0B-D251FA43192B} - hxxp://www.sayatv.com/download/SayaTV.cab
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353069653843
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 192.168.200.100
TCP: Interfaces\{189AACEE-B5D5-4B50-B406-771EE865D9C1} : DHCPNameServer = 192.168.200.100
TCP: Interfaces\{39C29138-E35B-4581-B377-8DD2AFA3474F} : DHCPNameServer = 192.168.200.100
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {621FCD24-4498-4324-A81E-07D331376EDF} - c:\program files\pixiepack codec pack\InstallerHelper.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\markie\application data\mozilla\firefox\profiles\551nahy4.default-1408563354453\
FF - plugin: c:\documents and settings\markie\application data\mozilla\plugins\npatgpc.dll
FF - plugin: c:\documents and settings\markie\local settings\application data\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\logitech\harmony remote driver\NprtHarmonyPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1204144.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-18 49944]
R0 aswVmm;avast! VM Monitor;c:\windows\system32\drivers\aswVmm.sys [2013-3-18 192352]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswsnx.sys [2012-3-9 779536]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswsp.sys [2012-3-9 414392]
R1 Ext2Fsd;Linux ext2 file system driver;c:\windows\system32\drivers\ext2fsd.sys [2014-4-2 686360]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-5-1 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [2013-3-18 67824]
S3 bnsdusb;Panasonic USB Reader Writer Filter Driver;c:\windows\system32\drivers\bnsdusb.sys --> c:\windows\system32\drivers\bnsdusb.sys [?]
S3 cmvad;C-Media Wi-Sonic Wireless Audio Interface;c:\windows\system32\drivers\cmudaxv.sys --> c:\windows\system32\drivers\cmudaxv.sys [?]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2011-6-2 11336]
S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-7-11 54232]
.
=============== Created Last 30 ================
.
2014-08-25 16:20:50    302760    ----a-w-    c:\windows\system32\drivers\tmcomm.sys
2014-08-18 18:15:00    --------    d-----w-    c:\documents and settings\all users\application data\Canon IJ Network Tool
2014-08-18 18:14:48    321024    ----a-w-    c:\windows\system32\CNC_BLL.dll
2014-08-18 18:14:48    103936    ----a-w-    c:\windows\system32\CNC_BLU.dll
2014-08-18 18:14:33    --------    d--h--w-    c:\documents and settings\all users\application data\CanonIJFAX
2014-08-14 16:20:39    --------    d-----w-    c:\program files\Western Digital
2014-08-14 15:46:33    --------    d-----w-    c:\program files\Western Digital Corporation
2014-08-14 13:24:19    --------    d-----w-    c:\documents and settings\markie\local settings\application data\Adobe
2014-08-14 12:25:40    --------    d-----w-    c:\program files\iPod
2014-08-14 12:25:35    --------    d-----w-    c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-11 18:49:07    --------    d-----w-    c:\documents and settings\markie\application data\TP-LINK
2014-08-11 18:48:42    21361    ----a-w-    c:\windows\system32\drivers\AegisP.sys
2014-08-11 18:48:37    376832    ----a-w-    c:\windows\system32\AegisI5Installer.exe
2014-08-11 18:48:36    --------    d-----w-    c:\program files\TP-LINK
2014-08-11 18:48:14    1076968    ----a-w-    c:\windows\system32\rtl8192cu.sys
2014-08-11 18:48:14    1076968    ----a-w-    c:\windows\system32\drivers\RTL8192cu.sys
2014-08-06 17:42:24    145408    ----a-w-    c:\windows\system32\javacpl.cpl
2014-08-06 17:42:00    96680    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-08-05 17:20:22    227728    ----a-w-    c:\program files\mozilla firefox\plugins\nppdf32.dll
2014-08-05 17:20:22    227728    ----a-w-    c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2014-08-22 15:55:07    110296    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-14 13:21:39    71344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-14 13:21:39    699568    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-07-15 17:28:14    54232    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-07-10 15:45:01    779536    ----a-w-    c:\windows\system32\drivers\aswsnx.sys
2014-07-10 15:45:01    67824    ----a-w-    c:\windows\system32\drivers\aswmonflt.sys
2014-07-10 15:45:01    49944    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-07-10 15:45:01    24184    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2014-07-10 15:45:01    192352    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-07-10 15:45:00    43152    ----a-w-    c:\windows\avastSS.scr
2014-06-30 21:40:30    26624    ----a-w-    c:\windows\system32\drivers\tap0901.sys
2013-02-14 22:52:47    336    ----a-w-    c:\program files\temp995.bat
2009-09-27 14:39:26    415744    --sh--w-    c:\windows\system32\avisynth.dll
2004-02-22 15:11:08    764416    --sh--w-    c:\windows\system32\devil.dll
.
============= FINISH: 16:36:51.10 ===============
 



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:47 AM

Posted 30 August 2014 - 05:10 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/545682 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 MrMark52

MrMark52
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 02 September 2014 - 10:16 AM

Since originally posting the problem, I have run Kaspersky online and nothing was found to be a problem. CPU appears to be running cool as laptop is cool to the touch as opposed to what it was before replacing the fan (not necessarily a BleepingComputer concern but just wanted to comment that I don't think my issue is harware related).
 
Presently the scheduled scan for SPyBot is hung up and takes a minute or so to end using Task Manager. Current DDS log below and attached. FWIW - it takes 4-5 minutes for DDS to complete it's scan due to high CPU usage. Presently, searchindexer does not now appear to be the cause for high cpu usage. Task Manager reports usage is everything from FIrefox to Outlook to "system.exe" to wmiprvse.exe
 
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 11.20.2
Run by Markie at 9:55:31 on 2014-09-02
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3318.2110 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe
C:\WINDOWS\System32\snmp.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\HidFind.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Documents and Settings\Markie\Application Data\DirectLife\ALconnect\ALconnect.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\ASUS\Download Master Utility\DM2.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Documents and Settings\Markie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Documents and Settings\Markie\Local Settings\Application Data\Akamai\netsession_win.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Suunto\Moveslink for Movestick Mini\Moveslink.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\msdtc.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k bthsvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uSearch Bar = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
uSearch Page = hxxps://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
mStart Page = hxxps://www.yahoo.com?fr=hp-avast&type=avastbcl
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.8.0_20\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre1.8.0_20\bin\jp2ssv.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll
uRun: [H/PC Connection Agent] "c:\program files\microsoft activesync\wcescomm.exe"
uRun: [cdloader] "c:\documents and settings\markie\application data\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [ALconnect] c:\documents and settings\markie\application data\directlife\alconnect\ALconnect.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [WinPatrol] c:\program files\billp studios\winpatrol\winpatrol.exe -expressboot
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"
uRun: [Download Master] c:\program files\asus\download master utility\DM2.exe /hide
uRun: [Akamai NetSession Interface] "c:\documents and settings\markie\local settings\application data\akamai\netsession_win.exe"
uRun: [DellSystemDetect] c:\documents and settings\markie\local settings\apps\2.0\5kzkx0w5.9vo\t7w9z775.nh4\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [Apoint] c:\program files\apoint\Apoint.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Dell QuickSet] c:\program files\dell\quickset\Quickset.exe
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\stsystra.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvastUI.exe" /nogui
mRun: [OSSelectorReinstall] c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [WD Drive Manager] c:\program files\western digital\wd drive manager\WDBtnMgrUI.exe
mRun: [IJNetworkScannerSelectorEX] c:\program files\canon\ij network scanner selector ex\CNMNSST.exe /FORCE
mRun: [Trend Micro RUBotted V2.0 Beta] c:\program files\trend micro\rubotted\RUBottedGUI.exe
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\movesl~1.lnk - c:\windows\installer\{4d036aca-dfdf-41b2-a680-e0d736f3e947}\_22A9010B636AF7A61D8E03.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\tp-lin~1.lnk - c:\program files\tp-link\tp-link wireless configuration utility\TWCU.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108863
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: Append to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert link target to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert link target to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert selected links to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert selected links to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Convert selection to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Convert selection to existing PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert to Adobe PDF - c:\program files\adobe\acrobat 8.0\acrobat\AcroIEFavClient.dll/AcroIECapture.html
IE: Free YouTube Download - c:\program files\common files\dvdvideosoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files\common files\dvdvideosoft\plugins\freeytmp3downloader.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\program files\microsoft activesync\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Trusted Zone: dell.com
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} - hxxp://support.dell.com/systemprofiler/SysPro.CAB
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - hxxp://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} - hxxp://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {62BA437C-7712-48C6-9F0B-D251FA43192B} - hxxp://www.sayatv.com/download/SayaTV.cab
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353069653843
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
TCP: NameServer = 192.168.200.100
TCP: Interfaces\{189AACEE-B5D5-4B50-B406-771EE865D9C1} : DHCPNameServer = 192.168.200.100
TCP: Interfaces\{39C29138-E35B-4581-B377-8DD2AFA3474F} : DHCPNameServer = 192.168.200.100
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {621FCD24-4498-4324-A81E-07D331376EDF} - c:\program files\pixiepack codec pack\InstallerHelper.exe
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\markie\application data\mozilla\firefox\profiles\m2aip370.default-1409153344718\
FF - plugin: c:\documents and settings\markie\application data\mozilla\plugins\npatgpc.dll
FF - plugin: c:\documents and settings\markie\local settings\application data\citrix\plugins\104\npappdetector.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre1.8.0_20\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre1.8.0_20\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\logitech\harmony remote driver\NprtHarmonyPlugin.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1204144.dll
FF - plugin: c:\windows\system32\adobe\director\np32dsw_1207148.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;c:\windows\system32\drivers\aswRvrt.sys [2013-3-18 49944]
R2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys [2014-5-1 24184]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys [2013-3-18 67824]
.
=============== Created Last 30 ================
.
2014-08-27 19:13:13    172032    ----a-w-    c:\windows\system32\igfxres.dll
2014-08-26 14:11:46    --------    d-----w-    c:\documents and settings\all users\application data\Oracle
2014-08-25 16:20:50    302760    ----a-w-    c:\windows\system32\drivers\tmcomm.sys
2014-08-18 18:15:00    --------    d-----w-    c:\documents and settings\all users\application data\Canon IJ Network Tool
2014-08-18 18:14:48    321024    ----a-w-    c:\windows\system32\CNC_BLL.dll
2014-08-18 18:14:48    103936    ----a-w-    c:\windows\system32\CNC_BLU.dll
2014-08-18 18:14:33    --------    d--h--w-    c:\documents and settings\all users\application data\CanonIJFAX
2014-08-14 16:20:39    --------    d-----w-    c:\program files\Western Digital
2014-08-14 15:46:33    --------    d-----w-    c:\program files\Western Digital Corporation
2014-08-14 13:24:19    --------    d-----w-    c:\documents and settings\markie\local settings\application data\Adobe
2014-08-14 12:25:40    --------    d-----w-    c:\program files\iPod
2014-08-14 12:25:35    --------    d-----w-    c:\documents and settings\all users\application data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-11 18:49:07    --------    d-----w-    c:\documents and settings\markie\application data\TP-LINK
2014-08-11 18:48:42    21361    ----a-w-    c:\windows\system32\drivers\AegisP.sys
2014-08-11 18:48:37    376832    ----a-w-    c:\windows\system32\AegisI5Installer.exe
2014-08-11 18:48:36    --------    d-----w-    c:\program files\TP-LINK
2014-08-11 18:48:14    1076968    ----a-w-    c:\windows\system32\rtl8192cu.sys
2014-08-11 18:48:14    1076968    ----a-w-    c:\windows\system32\drivers\RTL8192cu.sys
2014-08-06 17:42:24    146432    ----a-w-    c:\windows\system32\javacpl.cpl
2014-08-06 17:42:00    96680    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2014-08-05 17:20:22    227728    ----a-w-    c:\program files\mozilla firefox\plugins\nppdf32.dll
2014-08-05 17:20:22    227728    ----a-w-    c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2014-08-22 15:55:07    110296    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-14 13:21:39    71344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-08-14 13:21:39    699568    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-07-15 17:28:14    54232    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-07-10 15:45:01    779536    ----a-w-    c:\windows\system32\drivers\aswsnx.sys
2014-07-10 15:45:01    67824    ----a-w-    c:\windows\system32\drivers\aswmonflt.sys
2014-07-10 15:45:01    49944    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-07-10 15:45:01    24184    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2014-07-10 15:45:01    192352    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-07-10 15:45:00    43152    ----a-w-    c:\windows\avastSS.scr
2014-06-30 21:40:30    26624    ----a-w-    c:\windows\system32\drivers\tap0901.sys
2013-02-14 22:52:47    336    ----a-w-    c:\program files\temp995.bat
2009-09-27 14:39:26    415744    --sh--w-    c:\windows\system32\avisynth.dll
2004-02-22 15:11:08    764416    --sh--w-    c:\windows\system32\devil.dll
.
============= FINISH: 10:02:26.76 ===============

Attached Files



#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:47 AM

Posted 02 September 2014 - 12:05 PM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi MrMark52,
 
I do not think this is a malware issue, but please do this for me:
 
Please download Farbar Recovery Scan Tool and save it to your Desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.
 
--------------
 
To recap, in your next reply I would like to see the following. Make sure to copy & paste them unless I ask otherwise:

  • FRST.txt
  • Addition.txt

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#5 MrMark52

MrMark52
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 03 September 2014 - 01:36 PM

xxToffeexx,

 

I thought I had posted my logs earlier today - but upon my return here, they are not here. But - after I supposedly posted the logs, I went ahead and tore the laptop down and put the old fan back into it. I just wasn't happy with never hearing or feeling the fan run as I had i the past (of course, the amount of accumulated dust that I found previously would be the cause for the noise I had heard previous to my original teardown and subsequent posting of issues - issues which existed at that time).

 

After this overhaul, CPU load ranges from 11% - 25% with Outlook and FIrefox runnning (before, it was nearly unresponsive at 100% CPU). The machine even booted quicker and had coupled to the wireless router quicker than it has in a long time. There must have been something wrong inside of the laptop that got corrected when I overhauled it this time. I did have to remove and reseat the memory several times, and it's always possible that a screw was in the wrong place which caused a section of board to not work correctly (not a short, as a short would more likely render the laptop to not even boot).

 

So, I am attaching my FRST logs anyway just so you can take a look - in the event something is there that might possibly intemittent (from asoftware perspective).

 

Thanks again for your help!!

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 03-09-2014
Ran by Markie (administrator) on MARKDELL on 03-09-2014 08:24:19
Running from C:\Documents and Settings\Markie\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\WINDOWS\system32\WLTRYSVC.EXE
(Dell Inc.) C:\WINDOWS\system32\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation) C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\WINDOWS\system32\Crypserv.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\NicConfigSvc.exe
(Trend Micro Inc.) C:\Program Files\trend micro\RUBotted\RUBotSrv.exe
(Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\WINDOWS\system32\fxssvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\WINDOWS\system32\WLTRAY.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(SigmaTel, Inc.) C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\hidfind.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(WDC) C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Trend Micro Inc.) C:\Program Files\trend micro\RUBotted\RUBottedGUI.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Koninklijke Philips Electronics N.V.) C:\Documents and Settings\Markie\Application Data\DirectLife\ALconnect\ALconnect.exe
(Microsoft Corporation) C:\PROGRA~1\MI3AA1~1\rapimgr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Markie\Local Settings\Application Data\Akamai\netsession_win.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Dell) C:\Documents and Settings\Markie\Local Settings\Apps\2.0\5KZKX0W5.9VO\T7W9Z775.NH4\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(BVRP Software) C:\Program Files\Digital Line Detect\DLG.exe
(Akamai Technologies, Inc.) C:\Documents and Settings\Markie\Local Settings\Application Data\Akamai\netsession_win.exe
(Suunto Oy) C:\Program Files\Suunto\Moveslink for Movestick Mini\Moveslink.exe
() C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\WINDOWS\system32\WLTRAY.exe [2498560 2010-10-29] (Dell Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [176128 2005-10-07] (Alps Electric Co., Ltd.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-10-06] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [Dell QuickSet] => C:\Program Files\Dell\QuickSet\Quickset.exe [1228800 2007-07-20] (Dell Inc.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [405504 2007-05-10] (SigmaTel, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-10] (AVAST Software)
HKLM\...\Run: [OSSelectorReinstall] => C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall.exe [2209224 2007-02-26] ()
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM\...\Run: [WD Drive Manager] => C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrUI.exe [450560 2009-06-26] (WDC)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM\...\Run: [Trend Micro RUBotted V2.0 Beta] => C:\Program Files\Trend Micro\RUBotted\RUBottedGUI.exe [1102872 2013-07-25] (Trend Micro Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\wcescomm.exe [1289000 2006-11-13] (Microsoft Corporation)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [cdloader] => C:\Documents and Settings\Markie\Application Data\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [ALconnect] => C:\Documents and Settings\Markie\Application Data\DirectLife\ALconnect\ALconnect.exe [716424 2012-09-04] (Koninklijke Philips Electronics N.V.)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [429120 2014-01-23] (BillP Studios)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6688024 2014-08-12] (SUPERAntiSpyware)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [Download Master] => C:\Program Files\ASUS\Download Master Utility\DM2.exe [6010368 2013-10-09] (ASUSTeK COMPUTER INC.)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [Akamai NetSession Interface] => C:\Documents and Settings\Markie\Local Settings\Application Data\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1220945662-1532298954-1417001333-1003\...\Run: [DellSystemDetect] => C:\Documents and Settings\Markie\Local Settings\Apps\2.0\5KZKX0W5.9VO\T7W9Z775.NH4\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\DellSystemDetect.exe [265280 2014-08-27] (Dell)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Moveslink for Movestick Mini.lnk
ShortcutTarget: Moveslink for Movestick Mini.lnk -> C:\WINDOWS\Installer\{4D036ACA-DFDF-41B2-A680-E0D736F3E947}\_22A9010B636AF7A61D8E03.exe ()
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)
ShellIconOverlayIdentifiers: AutoCAD Digital Signatures Icon Overlay Handler -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll (Autodesk)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {5E9DB3E5-68B8-4983-BBA3-BE258EB9FF32} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {4A2CC286-3F90-49AD-AA0F-AD6EDC923BAC} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {5E9DB3E5-68B8-4983-BBA3-BE258EB9FF32} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {E9DB9E7B-A275-41D1-8158-D0423FBEBDEB} URL = http://www.google.com/cse?cx=partner-pub-3540673482024757:xbhdw8hkfz5&cof=&q={searchTerms}
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {01A88BB1-1174-41EC-ACCB-963509EAE56B} http://support.dell.com/systemprofiler/SysPro.CAB
DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} http://biz.lgservice.com/DjvuViewer/DjVuControl-6.1.4.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {362C56AA-6E4F-40C7-A0B5-85501DBDAD77} http://i.dell.com/images/global/js/scanner/SysProExe.cab
DPF: {62BA437C-7712-48C6-9F0B-D251FA43192B} http://www.sayatv.com/download/SayaTV.cab
DPF: {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.200.100

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Markie\Application Data\Mozilla\Firefox\Profiles\m2aip370.default-1409153344718
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA -> C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Documents and Settings\Markie\Local Settings\Application Data\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32asw.dll (Macromedia, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Markie\Application Data\mozilla\plugins\ieatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Documents and Settings\Markie\Application Data\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-03-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2012-12-12]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10]
CHR HKLM\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files\Logitech\Harmony Remote Driver\harmony_chrome.crx [2013-01-02]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-08-12] (SUPERAntiSpyware.com)
R2 ASFIPmon; C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe [61440 2005-10-18] (Broadcom Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software)
R2 Crypkey License; C:\WINDOWS\system32\crypserv.exe [122880 2007-05-23] (CrypKey (Canada) Ltd.) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-07-14] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-08-06] (Oracle Corporation)
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [475136 2007-07-20] (Dell Inc.) [File not signed]
R2 RUBotSrv; C:\Program Files\Trend Micro\RUBotted\RUBotSrv.exe [443416 2013-07-25] (Trend Micro Inc.)
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 WDBtnMgrSvc.exe; C:\Program Files\Western Digital\WD Drive Manager\WDBtnMgrSvc.exe [102400 2009-06-26] (WDC) [File not signed]
R2 wltrysvc; C:\WINDOWS\System32\bcmwltry.exe [2232320 2010-10-29] (Dell Inc.) [File not signed]
S2 RoxLiveShare9; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2014-08-11] (Cisco Systems, Inc.) [File not signed]
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-07-10] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-07-10] (AVAST Software)
R1 AswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-07-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-07-10] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-07-10] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414392 2014-07-10] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-07-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-07-10] ()
R2 BASFND; C:\Program Files\Broadcom\ASFIPMon\BASFND.sys [6025 2003-04-24] (Broadcom Corporation) [File not signed]
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2649216 2010-10-29] (Broadcom Corporation)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
S3 DSproct; C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys [4864 2006-01-10] (GTek Technologies Ltd.) [File not signed]
R1 Ext2Fsd; C:\WINDOWS\system32\Drivers\Ext2Fsd.sys [686360 2011-07-09] (www.ext2fsd.com)
S3 FTDIBUS; C:\WINDOWS\System32\drivers\ftdibus.sys [57800 2009-10-22] (FTDI Ltd.)
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2010-02-04] () [File not signed]
S3 grmnusb; C:\WINDOWS\System32\drivers\grmnusb.sys [9344 2009-04-17] (GARMIN Corp.) [File not signed]
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1035008 2005-07-22] (Conexant Systems, Inc.)
R0 imagedrv; C:\WINDOWS\System32\Drivers\imagedrv.sys [11304 2007-07-03] (Ahead Software AG)
R0 imagesrv; C:\WINDOWS\System32\DRIVERS\imagesrv.sys [132904 2007-07-03] (Ahead Software AG)
R3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54232 2014-07-15] (Malwarebytes Corporation)
R3 mcdbus; C:\WINDOWS\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed]
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R2 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 oneuport; C:\WINDOWS\System32\DRIVERS\oneuport.sys [851840 2005-02-11] ()
S3 PID_0928; C:\WINDOWS\System32\DRIVERS\LV561AV.SYS [495768 2009-04-30] (Logitech Inc.)
S3 RT-USB; C:\WINDOWS\System32\drivers\RT-USB.SYS [59464 2010-06-16] (Ross-Tech LLC)
S3 RTL8192cu; C:\WINDOWS\System32\DRIVERS\RTL8192cu.sys [1076968 2013-03-12] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Ser2pl; C:\WINDOWS\System32\DRIVERS\ser2pl.sys [119424 2005-06-16] (Prolific Technology Inc.) [File not signed]
R1 StarOpen; C:\WINDOWS\system32\Drivers\StarOpen.sys [5632 2009-07-22] () [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1222840 2007-05-10] (SigmaTel, Inc.)
R3 tap0901; C:\WINDOWS\System32\DRIVERS\tap0901.sys [26624 2014-06-30] (The OpenVPN Project) [File not signed]
S3 tbhsd; C:\WINDOWS\System32\drivers\tbhsd.sys [26784 2007-12-11] (RapidSolution Software AG)
R1 vcdrom; C:\Downloads\Microsoft\Virtual CD\VCdRom.sys [8576 2001-12-19] (Microsoft Corporation) [File not signed]
S3 bnsdusb; system32\DRIVERS\bnsdusb.sys [X]
S3 catchme; \??\C:\DOCUME~1\Markie\LOCALS~1\Temp\catchme.sys [X]
U2 CertPropSvc; No ImagePath
S3 cmvad; system32\drivers\cmudaxv.sys [X]
S4 IntelIde; No ImagePath
S3 Lavasoft Kernexplorer; \??\C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys [X]
S2 PCASp50; system32\drivers\PCASp50.sys [X]
S3 PORTIO; \??\C:\Program Files\PICPgm\PortIO.sys [X]
S3 RimUsb; System32\Drivers\RimUsb.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:24 - 2014-09-03 08:30 - 00026572 _____ () C:\Documents and Settings\Markie\Desktop\FRST.txt
2014-08-27 14:32 - 2014-08-27 14:33 - 18118056 _____ (Intel Corporation) C:\Documents and Settings\Markie\Desktop\winxp_14324.exe
2014-08-27 14:13 - 2007-03-30 19:58 - 00172032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxres.dll
2014-08-27 12:04 - 2014-08-27 12:04 - 00000000 ____D () C:\Documents and Settings\Markie\Start Menu\Programs\Dell
2014-08-27 11:33 - 2014-08-29 11:05 - 00015505 _____ () C:\WINDOWS\setupapi.log
2014-08-27 11:33 - 2014-08-27 11:33 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 11:33 - 2014-08-27 11:33 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-08-27 09:52 - 2014-09-03 08:10 - 00000496 _____ () C:\WINDOWS\error.log
2014-08-26 09:24 - 2014-08-26 09:24 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-26 09:11 - 2014-08-26 09:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2014-08-25 12:05 - 2014-08-25 12:05 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-08-25 11:20 - 2014-08-25 11:20 - 00302760 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2014-08-21 15:11 - 2014-08-21 15:11 - 00000933 _____ () C:\Documents and Settings\Markie\Desktop\Spybot - Search & Destroy.lnk
2014-08-21 15:11 - 2014-08-21 15:11 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-08-20 20:07 - 2014-08-20 20:07 - 00008324 _____ () C:\Documents and Settings\Markie\Desktop\HitmanPro_20140820_2007.log
2014-08-20 19:39 - 2014-08-20 19:39 - 00000613 _____ () C:\Documents and Settings\Markie\Desktop\JRT.txt
2014-08-20 16:41 - 2014-08-20 16:41 - 01364531 _____ () C:\Documents and Settings\All Users\Desktop\adwcleaner_3.308.exe
2014-08-20 16:19 - 2014-08-20 16:20 - 10279264 _____ (SurfRight B.V.) C:\Documents and Settings\All Users\Desktop\HitmanPro.exe
2014-08-20 16:15 - 2014-04-06 01:36 - 01016261 _____ (Thisisu) C:\Documents and Settings\Markie\Desktop\JRT_NEW.exe
2014-08-20 07:51 - 2014-08-20 07:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Trend Micro RUBotted
2014-08-18 13:15 - 2014-08-18 13:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
2014-08-18 13:14 - 2014-08-18 13:14 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\CanonIJFAX
2014-08-18 13:14 - 2012-09-21 09:33 - 00321024 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BLL.dll
2014-08-18 13:14 - 2012-05-25 09:21 - 00103936 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BLU.dll
2014-08-18 13:12 - 2014-08-18 13:13 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-08-18 11:30 - 2014-08-18 11:30 - 00000000 ____T () C:\WINDOWS\system32\CNBJNP_180CAC32082E
2014-08-14 11:20 - 2014-08-14 11:20 - 00000000 ____D () C:\Program Files\Western Digital
2014-08-14 10:46 - 2014-08-14 10:46 - 00000000 ____D () C:\Program Files\Western Digital Corporation
2014-08-14 10:46 - 2014-08-14 10:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Western Digital Corporation
2014-08-14 08:24 - 2014-08-26 08:51 - 00000000 ____D () C:\Documents and Settings\Markie\Local Settings\Application Data\Adobe
2014-08-14 07:26 - 2014-08-14 07:26 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-08-14 07:26 - 2014-08-14 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-08-14 07:25 - 2014-08-14 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-14 07:25 - 2014-08-14 07:25 - 00000000 ____D () C:\Program Files\iPod
2014-08-11 13:49 - 2014-08-19 18:07 - 00000000 ____D () C:\Documents and Settings\Markie\Application Data\TP-LINK
2014-08-11 13:48 - 2014-08-11 13:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TP-LINK
2014-08-11 13:48 - 2014-08-11 13:48 - 00376832 _____ () C:\WINDOWS\system32\AegisI5Installer.exe
2014-08-11 13:48 - 2014-08-11 13:48 - 00021361 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\AegisP.sys
2014-08-11 13:48 - 2014-08-11 13:48 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\TP-LINK Wireless Configuration Utility.lnk
2014-08-11 13:48 - 2014-08-11 13:48 - 00000000 ____D () C:\Program Files\TP-LINK
2014-08-11 13:48 - 2013-03-12 20:49 - 01076968 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\rtl8192cu.sys
2014-08-11 13:48 - 2013-03-12 20:49 - 01076968 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\RTL8192cu.sys
2014-08-11 13:48 - 2013-03-12 20:49 - 00007482 _____ () C:\WINDOWS\system32\net8192cu.cat
2014-08-06 12:59 - 2014-08-06 12:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-06 12:42 - 2014-08-26 09:13 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-06 12:42 - 2014-08-26 09:13 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-06 12:42 - 2014-08-06 12:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-06 12:42 - 2014-08-06 12:41 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-06 12:42 - 2014-08-06 12:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-06 12:42 - 2014-08-06 12:41 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-03 08:30 - 2014-09-03 08:24 - 00026572 _____ () C:\Documents and Settings\Markie\Desktop\FRST.txt
2014-09-03 08:30 - 2013-10-16 14:12 - 00000000 ____D () C:\Documents and Settings\Markie\Local Settings\temp
2014-09-03 08:26 - 2014-07-08 10:54 - 00000000 ____D () C:\FRST
2014-09-03 08:23 - 2014-07-08 10:54 - 01096704 _____ (Farbar) C:\Documents and Settings\Markie\Desktop\FRST.exe
2014-09-03 08:23 - 2012-07-09 08:05 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-09-03 08:22 - 2009-03-13 15:19 - 01052614 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-03 08:20 - 2014-06-18 09:16 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-09-03 08:17 - 2012-09-05 16:47 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-03 08:14 - 2009-03-13 08:59 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-09-03 08:12 - 2013-04-03 16:25 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 08:12 - 2008-04-14 07:00 - 00013732 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-03 08:11 - 2014-03-30 16:33 - 00000224 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2014-09-03 08:11 - 2009-03-13 09:11 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-03 08:10 - 2014-08-27 09:52 - 00000496 _____ () C:\WINDOWS\error.log
2014-09-03 08:10 - 2013-10-02 09:41 - 00000316 _____ () C:\WINDOWS\Tasks\Spybot - Search & Destroy Updater -  Scheduled Task.job
2014-09-03 08:10 - 2009-03-13 15:25 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-03 08:10 - 2009-03-13 15:24 - 00000000 ____D () C:\Documents and Settings\NetworkService\Local Settings\Temp
2014-09-03 08:10 - 2009-03-13 09:11 - 00000048 _____ () C:\WINDOWS\wiaservc.log
2014-09-03 08:08 - 2009-07-29 09:17 - 00000012 _____ () C:\WINDOWS\bthservsdp.dat
2014-09-03 08:08 - 2009-03-13 15:25 - 00032524 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-03 08:07 - 2009-03-13 15:26 - 00000178 ___SH () C:\Documents and Settings\Markie\ntuser.ini
2014-09-03 08:00 - 2009-03-13 15:26 - 00000000 ____D () C:\Documents and Settings\Markie
2014-09-03 07:41 - 2013-04-03 16:25 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-02 09:51 - 2013-10-02 09:42 - 00000310 _____ () C:\WINDOWS\Tasks\Spybot - Search & Destroy -  Scheduled Task.job
2014-08-30 12:00 - 2009-09-12 08:35 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-08-29 11:05 - 2014-08-27 11:33 - 00015505 _____ () C:\WINDOWS\setupapi.log
2014-08-28 13:45 - 2009-03-13 15:17 - 00000000 ____D () C:\WINDOWS\Registration
2014-08-27 22:50 - 2014-01-31 18:10 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-08-27 14:33 - 2014-08-27 14:32 - 18118056 _____ (Intel Corporation) C:\Documents and Settings\Markie\Desktop\winxp_14324.exe
2014-08-27 14:10 - 2013-12-17 09:11 - 01235432 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1220945662-1532298954-1417001333-1003-0.dat
2014-08-27 14:10 - 2013-08-13 21:21 - 00462202 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2014-08-27 14:02 - 2009-03-14 07:35 - 00000000 ____D () C:\WINDOWS\system32\ReinstallBackups
2014-08-27 13:21 - 2009-07-08 06:29 - 00000000 ____D () C:\Documents and Settings\Markie\Local Settings\Application Data\Deployment
2014-08-27 12:04 - 2014-08-27 12:04 - 00000000 ____D () C:\Documents and Settings\Markie\Start Menu\Programs\Dell
2014-08-27 11:33 - 2014-08-27 11:33 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-27 11:33 - 2014-08-27 11:33 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-08-27 11:29 - 2009-03-13 15:18 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-08-26 09:24 - 2014-08-26 09:24 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-08-26 09:13 - 2014-08-06 12:42 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2014-08-26 09:13 - 2014-08-06 12:42 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-08-26 09:11 - 2014-08-26 09:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Oracle
2014-08-26 09:08 - 2009-05-05 01:35 - 00000000 ____D () C:\Program Files\Java
2014-08-26 08:52 - 2009-03-23 21:09 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-08-26 08:51 - 2014-08-14 08:24 - 00000000 ____D () C:\Documents and Settings\Markie\Local Settings\Application Data\Adobe
2014-08-25 16:21 - 2014-07-08 07:47 - 00688992 ____R (Swearware) C:\Documents and Settings\Markie\Desktop\dds.com
2014-08-25 12:39 - 2014-03-04 10:24 - 00000935 _____ () C:\Documents and Settings\All Users\Desktop\Panda Cloud Cleaner.lnk
2014-08-25 12:21 - 2013-09-21 12:56 - 00000000 ____D () C:\Documents and Settings\Markie\Application Data\BitTorrent
2014-08-25 12:21 - 2012-05-14 18:41 - 00000000 ____D () C:\Documents and Settings\Markie\Application Data\Media Player Classic
2014-08-25 12:21 - 2009-07-08 06:16 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-25 12:05 - 2014-08-25 12:05 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2014-08-25 12:05 - 2012-03-16 11:50 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-25 12:05 - 2012-03-16 11:50 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2014-08-25 11:20 - 2014-08-25 11:20 - 00302760 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2014-08-25 08:41 - 2009-07-02 09:43 - 00000000 ____D () C:\Program Files\Microsoft Small Business
2014-08-25 01:48 - 2009-03-13 09:07 - 00000361 __RSH () C:\boot.ini
2014-08-22 10:55 - 2014-07-11 13:07 - 00110296 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-21 15:24 - 2009-09-12 08:35 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-08-21 15:11 - 2014-08-21 15:11 - 00000933 _____ () C:\Documents and Settings\Markie\Desktop\Spybot - Search & Destroy.lnk
2014-08-21 15:11 - 2014-08-21 15:11 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
2014-08-21 15:04 - 2010-05-12 10:03 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2014-08-21 12:32 - 2010-05-04 08:44 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\CanonIJScan
2014-08-21 12:32 - 2010-02-17 18:06 - 00000000 ____D () C:\Documents and Settings\Markie\Application Data\Canon
2014-08-20 20:07 - 2014-08-20 20:07 - 00008324 _____ () C:\Documents and Settings\Markie\Desktop\HitmanPro_20140820_2007.log
2014-08-20 19:39 - 2014-08-20 19:39 - 00000613 _____ () C:\Documents and Settings\Markie\Desktop\JRT.txt
2014-08-20 16:59 - 2013-10-16 13:04 - 00000000 ____D () C:\AdwCleaner
2014-08-20 16:41 - 2014-08-20 16:41 - 01364531 _____ () C:\Documents and Settings\All Users\Desktop\adwcleaner_3.308.exe
2014-08-20 16:20 - 2014-08-20 16:19 - 10279264 _____ (SurfRight B.V.) C:\Documents and Settings\All Users\Desktop\HitmanPro.exe
2014-08-20 11:42 - 2014-05-29 16:09 - 00393582 _____ () C:\Documents and Settings\Markie\Local Settings\Application Data\census.cache
2014-08-20 11:40 - 2014-05-29 16:08 - 00265053 _____ () C:\Documents and Settings\Markie\Local Settings\Application Data\ars.cache
2014-08-20 08:10 - 2010-05-06 10:25 - 00000000 ____D () C:\WINDOWS\pss
2014-08-20 08:10 - 2008-04-14 07:00 - 00000503 ____N () C:\WINDOWS\win.ini
2014-08-20 08:10 - 2008-04-14 07:00 - 00000227 ____N () C:\WINDOWS\system.ini
2014-08-20 07:51 - 2014-08-20 07:51 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Trend Micro RUBotted
2014-08-19 18:07 - 2014-08-11 13:49 - 00000000 ____D () C:\Documents and Settings\Markie\Application Data\TP-LINK
2014-08-19 17:55 - 2014-05-02 11:50 - 00000000 _____ () C:\WINDOWS\RTacDbg.txt
2014-08-19 11:31 - 2009-04-12 20:24 - 00000000 ____D () C:\Documents and Settings\Markie\Local Settings\Application Data\WMTools Downloaded Files
2014-08-19 11:30 - 2009-05-10 14:17 - 00187904 _____ () C:\Documents and Settings\Markie\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-19 11:29 - 2009-04-12 20:20 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini
2014-08-19 11:28 - 2013-10-10 11:05 - 00000000 ____D () C:\Documents and Settings\Markie\Application Data\vlc
2014-08-18 13:20 - 2010-02-17 17:04 - 00000000 ____D () C:\Program Files\Canon
2014-08-18 13:15 - 2014-08-18 13:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Canon IJ Network Tool
2014-08-18 13:15 - 2010-03-19 19:31 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Canon Utilities
2014-08-18 13:14 - 2014-08-18 13:14 - 00000000 ___HD () C:\Documents and Settings\All Users\Application Data\CanonIJFAX
2014-08-18 13:14 - 2009-03-13 08:59 - 00000000 ____D () C:\WINDOWS\twain_32
2014-08-18 13:14 - 2009-03-13 08:59 - 00000000 ____D () C:\WINDOWS\Media
2014-08-18 13:13 - 2014-08-18 13:12 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-08-18 12:33 - 2010-03-19 19:31 - 00001652 _____ () C:\Documents and Settings\All Users\Desktop\Canon My Printer.lnk
2014-08-18 11:38 - 2014-07-09 12:01 - 00000408 _____ () C:\Documents and Settings\Markie\Desktop\ASUS Router.lnk
2014-08-18 11:30 - 2014-08-18 11:30 - 00000000 ____T () C:\WINDOWS\system32\CNBJNP_180CAC32082E
2014-08-14 11:20 - 2014-08-14 11:20 - 00000000 ____D () C:\Program Files\Western Digital
2014-08-14 10:46 - 2014-08-14 10:46 - 00000000 ____D () C:\Program Files\Western Digital Corporation
2014-08-14 10:46 - 2014-08-14 10:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Western Digital Corporation
2014-08-14 08:35 - 2009-07-02 09:19 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-08-14 08:34 - 2013-07-20 03:00 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-14 08:34 - 2012-04-25 12:03 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
2014-08-14 08:24 - 2009-03-13 16:43 - 96303304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-14 08:21 - 2012-09-05 16:47 - 00699568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-08-14 08:21 - 2012-09-05 16:47 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-08-14 07:26 - 2014-08-14 07:26 - 00001542 _____ () C:\Documents and Settings\All Users\Desktop\iTunes.lnk
2014-08-14 07:26 - 2014-08-14 07:26 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
2014-08-14 07:26 - 2014-08-14 07:25 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-08-14 07:26 - 2010-06-20 17:17 - 00000000 ____D () C:\Program Files\iTunes
2014-08-14 07:25 - 2014-08-14 07:25 - 00000000 ____D () C:\Program Files\iPod
2014-08-14 07:25 - 2009-09-09 14:39 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-13 10:08 - 2009-04-12 20:20 - 00000067 _____ () C:\Documents and Settings\Markie\default.pls
2014-08-12 10:11 - 2013-10-02 15:32 - 00000719 _____ () C:\Documents and Settings\All Users\Desktop\VLC media player.lnk
2014-08-11 18:04 - 2012-05-03 13:26 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-08-11 17:43 - 2009-10-04 12:35 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-08-11 13:49 - 2014-08-11 13:48 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\TP-LINK
2014-08-11 13:48 - 2014-08-11 13:48 - 00376832 _____ () C:\WINDOWS\system32\AegisI5Installer.exe
2014-08-11 13:48 - 2014-08-11 13:48 - 00021361 _____ (Cisco Systems, Inc.) C:\WINDOWS\system32\Drivers\AegisP.sys
2014-08-11 13:48 - 2014-08-11 13:48 - 00001908 _____ () C:\Documents and Settings\All Users\Desktop\TP-LINK Wireless Configuration Utility.lnk
2014-08-11 13:48 - 2014-08-11 13:48 - 00000000 ____D () C:\Program Files\TP-LINK
2014-08-11 13:48 - 2014-05-02 11:49 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\TP-LINK
2014-08-11 13:48 - 2010-01-18 12:14 - 00000000 ____D () C:\temp
2014-08-11 13:48 - 2009-03-14 08:28 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-08-08 20:00 - 2014-06-12 12:41 - 00000520 _____ () C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job
2014-08-08 15:00 - 2014-03-30 16:33 - 00000218 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-08-06 12:59 - 2014-08-06 12:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-08-06 12:42 - 2014-08-06 12:42 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Java
2014-08-06 12:41 - 2014-08-06 12:42 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-08-06 12:41 - 2014-08-06 12:42 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-08-06 12:41 - 2014-08-06 12:42 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe

Some content of TEMP:
====================
C:\Documents and Settings\Markie\Local Settings\temp\PCloudCleanerUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-09-2014
Ran by Markie at 2014-09-03 08:39:50
Running from C:\Documents and Settings\Markie\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {7591DB91-41F0-48A3-B128-1A293FD8233D}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4th split 1.1.8.0 (HKLM\...\4th split_is1) (Version: 1.1.8.0 - Sergey S. Tkachenko (4th february))
7-Zip 9.22beta (HKLM\...\7-Zip) (Version:  - )
Acronis Disk Director Suite (HKLM\...\{2300EE96-0A41-4FAB-BD03-989EC44577A0}) (Version: 10.0.2160 - Acronis)
ActiveLink Connect (HKCU\...\ActiveLink Connect) (Version: 5.5.5.16275 - Koninklijke Philips Electronics N.V.)
ActiveLink Connect (Version: 5.5.5.16275 - Koninklijke Philips Electronics N.V.) Hidden
Adobe Acrobat 8 Professional - English, Français, Deutsch (Version: 8.3.1 - Adobe Systems) Hidden
Adobe Acrobat 8.3.1 - CPSID_83708 (HKLM\...\Adobe Acrobat 8 Professional - English, Français, Deutsch_831) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Advertising Center (Version: 0.0.0.1 - Nero AG) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
Any Video Converter 3.5.8 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Download Master Utility (HKLM\...\{450298F3-CEC9-4E06-B3FD-911F0937DDF7}) (Version: 2.0.4.2 - ASUS)
AutoCAD 2005 - English (HKLM\...\{5783F2D7-0301-0409-0002-0060B0CE6BBA}) (Version: 16.1.63.10 - Autodesk)
avast! Free Antivirus (HKLM\...\avast) (Version: 9.0.2021 - AVAST Software)
Avery Template - U_0332_01_L (HKLM\...\{A760067A-C07E-1033-0000-A764AC000007}) (Version: 1.0.0.0 - Avery)
Avery Wizard 4.0 (HKLM\...\{7196E6BD-4B65-43F9-9D30-73A8E58D0E84}) (Version: 4.0.103 - Avery)
Avidemux 2.5 (HKLM\...\Avidemux 2.5) (Version: 2.5.2.5660 - )
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
BASIC Stamp Editor v2.5.2 (HKLM\...\{C2D47964-0E8D-4803-9F4A-BF5DC3D5A069}) (Version: 2.5.2 - Parallax Inc.)
BitTorrent (HKLM\...\BitTorrent) (Version: 7.0.0 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Advanced Control Suite (HKLM\...\{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.68.05 - Broadcom Corporation)
Broadcom ASF Management Applications (HKLM\...\{071B9AFA-EBE8-4ABF-8F4A-9F92612F517E}) (Version: 8.17.03 - Broadcom)
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.22.11 - Broadcom Corporation)
Calculator Powertoy for Windows XP (HKLM\...\{B37C842A-B624-46B8-A727-654E72F1C91A}) (Version: 1.00.0001 - Microsoft Corporation)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Utilities Solution Menu (HKLM\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM\...\{307ECD26-43D7-4AD4-82CF-794B63EDF096}) (Version: 1.0.141 - Citrix)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HDA D110 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3) (Version:  - )
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
DanCap (HKLM\...\{C574855D-F512-4830-9F4C-9D6E4C324B38}) (Version: 1.0.0 - Danfoss)
Data Access Objects (DAO) 3.0 (HKLM\...\Data Access Objects (DAO)) (Version:  - )
Data Lifeguard Diagnostic for Windows 1.27 (HKLM\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Dell Driver Download Manager - 1  (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.)
Dell Driver Download Manager (HKCU\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
Dell Support 3.2.1 (HKLM\...\{7A35F91E-1D16-454F-A248-B9B782A2327C}) (Version: 5.5.2094 - Dell)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.10.0.8 - Dell)
DesignPro 5.4 Limited Edition (HKLM\...\InstallShield_{71F6DF7D-B639-4FAD-BA93-E6DF267AA44D}) (Version: 5.2.1201 - Avery Dennison)
DesignPro 5.4 Limited Edition (Version: 5.2.1201 - Avery Dennison) Hidden
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DIY PACK 25A (HKLM\...\DIYPACK25A_is1) (Version:  - DIY Electronics (HK) Ltd)
DNA (HKCU\...\BitTorrent DNA) (Version: 2.2.4 (16502) - BitTorrent Inc.)
DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version:  - )
DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version:  - DVD Shrink)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.18.47 - Dell Inc.)
EAGLE 6.4.0 (HKLM\...\EAGLE 6.4.0) (Version: 6.4.0 - CadSoft Computer GmbH)
Eagle3D 1.05 (HKLM\...\Eagle3D_is1) (Version:  - Matthias Weißer)
EPS Viewer (HKLM\...\{32E05824-A0AC-4DFE-B965-5F52C28FBE9F}_is1) (Version:  - IdeaMK)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
Ext2Fsd 0.51 (HKLM\...\Ext2Fsd_is1) (Version: 0.51 - Matt Wu)
ffdshow [rev 3026] [2009-07-05] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Free Studio version 2014 (HKLM\...\Free Studio_is1) (Version: 6.3.5.623 - DVDVideoSoft Ltd.)
Gerbtool (HKLM\...\{8887A57B-EDF9-4714-A9EB-FE5FB8D4B340}) (Version: 8.3.18 - Electronics Workbench)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
GoToMeeting 6.0.0.1259 (HKCU\...\GoToMeeting) (Version: 6.0.0.1259 - CitrixOnline)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.05) (Version: 9.05 - Artifex Software Inc.)
GpsGate (HKLM\...\GpsGate) (Version:  - )
gpsim 0.25.0 (HKLM\...\gpsim) (Version: 0.25.0 - www.dattalo.com)
gputils (HKLM\...\gputils) (Version:  - gputils.sourceforge.net)
Great Cow BASIC V0.9 (HKLM\...\Great Cow BASIC_is1) (Version:  - Hugh Considine)
Great Cow Graphical BASIC 0.9 (HKLM\...\Great Cow Graphical BASIC_is1) (Version:  - Hugh Considine)
GuideCylinderSelectionVer.3.0 (HKLM\...\{5790BB6B-AECF-4D70-B029-F2B401BA0343}) (Version: 3.0.00 - SMC Corporation)
GUIPDFTK (HKLM\...\GUIPDFTK) (Version:  - )
Haali Media Splitter (HKLM\...\HaaliMkx) (Version:  - )
HandBrake 0.9.9.1 (HKLM\...\HandBrake) (Version: 0.9.9.1 - )
Hidden Utilities XP (HKLM\...\{CB497C77-03C6-4131-8452-FD58E872EBB4}) (Version: 2.0.0 - Camtech)
HiJackThis (HKLM\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HijackThis 1.99.1 (HKLM\...\HijackThis) (Version: 1.99.1 - Soeperman Enterprises Ltd.)
HouseLinc (HKLM\...\{DBB563F2-DCE4-461C-AFDA-B3D6B3BCA65A}) (Version: 2.10.25.0 - SmartLabs)
IcoFX 1.6 (HKLM\...\IcoFX_is1) (Version:  - )
Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation)
ImagXpress (Version: 7.0.74.0 - Nero AG) Hidden
ImTOO iPhone Transfer (HKLM\...\ImTOO iPhone Transfer) (Version: 3.3.0.1104 - ImTOO)
Inkscape 0.48.2 (HKLM\...\Inkscape) (Version: 0.48.2 - )
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
iTunes (HKLM\...\{86D04316-F49A-4AF2-B3F1-A1E943886CE7}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Java Auto Updater (Version: 2.8.20.26 - Oracle Corporation) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JukeboxAutomator (HKLM\...\{0584B0A7-4557-4FB1-AB89-18AC4FB837D1}) (Version: 0.4.10090 - alfa konsult)
LizardTech DjVu Control (autoinstall) (HKLM\...\DjVu) (Version:  - )
Logitech Harmony Remote Software (x86) (HKLM\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
Logitech Harmony Remote Software 7 (HKLM\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech Harmony Remote Software 7 (Version: 7.7.0.0 - Logitech) Hidden
Logitech Unifying Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.70.1044 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version:  - )
magicJack (HKCU\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Matroska Muxer (HKLM\...\{A5AA201F-4AE5-4A10-9136-A5A831665E4E}_is1) (Version:  - )
MetaFox 1.1.8 (HKLM\...\MetaFox_is1) (Version: 1.1.8 - )
MicroCode Studio (HKLM\...\MicroCode Studio_is1) (Version: 4.0.0.0 - Mecanique UK)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft ActiveSync (HKLM\...\{99052DB7-9592-4522-A558-5417BBAD48EE}) (Version: 4.5.5096.0 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{13CD417D-F1F1-4AC4-945D-FDDEB884756F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft English TTS Engine (Version: 2.0.1000.0 - Microsoft) Hidden
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office 2003 Web Components (HKLM\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Access 2003 Runtime (HKLM\...\{901C0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Accounting 2009 (HKLM\...\Microsoft Office Accounting 2009) (Version: 4.0.3610.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 (Version: 4.0.3610.0 - Microsoft Corporation) Hidden
Microsoft Office Accounting 2009 Equifax Addin (HKLM\...\{C6C148EC-55FB-4FDF-AD4F-ECEA579D040D}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 Fixed Asset Manager (HKLM\...\{53276F5A-85AB-4BEF-BAA2-2490975DC006}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 PayPal Addin (HKLM\...\{DC0C35E4-CD3D-4F12-95BB-7C74D9467BD7}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting 2009 Tax Integration Add-in (HKLM\...\{D9AE6BE1-5847-4962-86B0-2A290B7E6C43}) (Version: 4.0.1930.0 - Microsoft Corporation)
Microsoft Office Accounting ADP Payroll Addin (HKLM\...\{5FA793A6-0071-42C1-9355-8F69A428C44F}) (Version: 0.0.0.0 - ADP)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2003 (HKLM\...\{90AF0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8305.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Producer for Microsoft Office PowerPoint 2007 (HKLM\...\{B47A9C26-F1D1-4498-A337-6C4C58F2E5E8}) (Version: 3.0.3002.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Streets & Trips 2007 (HKLM\...\{C82185E8-C27B-4EF4-2007-4444BC2C2B6D}) (Version: 14.0.09.1100 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable Package (Version: 1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ Run Time  Lib Setup (HKLM\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft Visual J# 2.0 Redistributable Package (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Windows XP Video Decoder Checkup Utility (HKLM\...\DECCHECK) (Version:  - )
Miro Video Converter (HKLM\...\Miro Video Converter) (Version: 0.8.0 - Participatory Culture Foundation)
MKVToolNix 5.5.0 (HKLM\...\MKVToolNix) (Version: 5.5.0 - Moritz Bunkus)
MobileMe Control Panel (HKLM\...\{926BD0E8-24A3-41D2-AF9B-340F1A37ED12}) (Version: 3.1.8.0 - Apple Inc.)
Moveslink for Movestick Mini (HKLM\...\{4D036ACA-DFDF-41B2-A680-E0D736F3E947}) (Version: 1.2.40 - Suunto)
Mozilla Firefox 31.0 (x86 en-US) (HKLM\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPLAB Tools v8.53 (HKLM\...\InstallShield_{EA2F25DC-552B-4C83-B577-C0417CD8DD5E}) (Version: 8.53 - Microchip Technology Inc.)
MPLAB Tools v8.53 (Version: 8.53 - Microchip Technology Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)
MSXML4 (HKLM\...\{71C3EFAF-40B2-44A1-9503-02830101AF12}) (Version: 1.0.0.0 - )
Multisim 8 (HKLM\...\{98E28570-B754-40B0-8B14-E242CB879EC5}) (Version: 8.3.30 - Electronics Workbench)
Multisim 8 (Version: 8.0.24 - Electronics Workbench) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
myiHome v5.2.0 (HKLM\...\myiHome_is1) (Version:  - Syabas Technology Sdn. Bhd.)
Nero 7 Ultra Edition (HKLM\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
Nero ControlCenter (Version: 9.0.0.1 - Nero AG) Hidden
Nero StartSmart (Version: 9.4.11.100 - Nero AG) Hidden
NeroBurningROM (Version: 9.4.13.100 - Nero AG) Hidden
NeroExpress (Version: 9.4.13.100 - Nero AG) Hidden
NeroLiveGadget (Version: 1.2.7.100 - Nero AG) Hidden
neroxml (Version: 1.0.0 - Nero AG) Hidden
Next DVD Ripper 2.8.0 (HKLM\...\{B5A9BE1B-BDFE-4655-86BE-51D28E915A84}_is1) (Version:  - NextVideoSoft, Inc.)
NirSoft ShellExView (HKLM\...\NirSoft ShellExView) (Version:  - )
NirSoft SmartSniff (HKLM\...\NirSoft SmartSniff) (Version:  - )
Notepad++ (HKLM\...\Notepad++) (Version: 6.1.2 - )
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.103 - Panda Security)
PaperPort (HKLM\...\{71C97545-E547-4A8B-B0C8-61FF853270AC}) (Version: 9.02.0827 - ScanSoft, Inc.)
Personal Video Database 0.9.9.14 (HKLM\...\Personal Video Database_is1) (Version:  - Nostradamus)
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PIC Simulator IDE (HKLM\...\PIC Simulator IDE) (Version:  - )
PICAXE VSM (HKLM\...\{E3EA8CA5-2455-4A4B-B350-03A890C5A5BA}) (Version: 1.00.4000 - Revolution Education Ltd)
PICkit 2 v2.61 (HKLM\...\{2818ADC7-C1FB-40A8-BE6B-36B62682E9E8}) (Version: 2.61.00 - Microchip)
PixiePack Codec Pack (HKLM\...\{621FCD24-4498-4324-A81E-07D331376EDF}) (Version: 0.10.4 - None)
POIConverter (HKLM\...\POIConverter) (Version: 4.08 - Richard Davies)
POV-Ray for Windows v3.62 (HKLM\...\{D0CE053E-0E5E-4C12-9BAE-D0F36021E911}) (Version: 3.62 - Persistence of Vision Raytracer Pty. Ltd.)
PPM ME12 Version 1.56 (HKLM\...\{D78FAC90-5F66-4067-BAD5-C76F3422A807}_is1) (Version:  - Darkwood)
PPTools - Remove ALL (HKLM\...\PPTools - Remove ALL) (Version:  - )
PPTools (Uninstall ALL) (HKLM\...\PPTools FIXLINKS_PRO) (Version: 2.0 - Rindsberg Photography, Inc. dba PPTools)
Private Internet Access Support Files (HKLM\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
Programming Editor (HKLM\...\{FE2AB5A7-2952-49EA-A90B-BCE864CDC3DE}) (Version: 5.2.11 - Revolution Education Ltd)
Proteus 7 Professional (HKLM\...\{13C4E8F0-B747-4C7C-9090-884832F9F90A}) (Version: 7.07.0201 - Labcenter Electronics)
PS3Muxer 1.30 (HKLM\...\{49A1D307-D9D3-493C-BA62-8D13581F99C1}_is1) (Version:  - clark15b@doom9)
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 8.3.11 - Dell Computer Corporation)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Real Pic Simulator (remove only) (HKLM\...\Real Pic Simulator) (Version:  - )
Remote Control USB Driver (HKLM\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Renold Chain Drive Selector 3.20.14 (HKLM\...\Renold Chain Drive Selector 3.20.14_is1) (Version:  - Renold Germany)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
SAPI Wrapper (Version: 1.0.0.0 - Microsoft Corporation) Hidden
SDFormatter (HKLM\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association)
SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.0 - Seagate Technology)
SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version:  - Seagate Technology)
Segoe UI (Version: 14.0.4327.805 - Microsoft Corp) Hidden
SigmaTel Audio (HKLM\...\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}) (Version: 5.10.5210.0 - SigmaTel)
SolidWorks eDrawings 2013 (HKLM\...\{67B54121-76BB-4F42-975E-F8155E5EF490}) (Version: 13.2.110 - Dassault Systèmes SolidWorks Corp.)
SoundTrax (Version: 4.4.23.0 - Nero AG) Hidden
SourceBoost IDE V6.97 (HKLM\...\SourceBoost IDE_is1) (Version:  - Pavel Baranov)
Splitter Pack 1.1 (HKLM\...\{6C9A5ED4-4CD5-4083-A03F-CBC764C53241}_is1) (Version:  - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
SureThing CD Labeler Deluxe 4 (HKLM\...\MVApplication1) (Version:  - )
Swiff Player 1.5 (HKLM\...\Swiff Player_is1) (Version: 1.54 - GlobFX Technologies)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Transmission Remote GUI 4.0.2 (HKLM\...\transgui_is1) (Version:  - Yury Sidorov)
Trend Micro RUBotted 2.0 Beta (HKLM\...\{54D4EAF5-4C80-4878-B4AC-5AE454A02E3C}_is1) (Version: 2.0.0.1034 - Trend Micro, Inc.)
TTS Wrapper (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Tweak UI (HKLM\...\Tweak UI 2.10) (Version:  - )
Ultiboard 8 (HKLM\...\{4D764A51-73E7-43A3-9D7D-8CA1B6A62B0C}) (Version: 8.3.19 - Electronics Workbench)
Ultiboard 8 (Version: 8.3.19 - Electronics Workbench) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Windows (KB971513) (HKLM\...\KB971513) (Version:  - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2632503) (HKLM\...\KB2632503-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB971930) (HKLM\...\KB971930-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB973874) (HKLM\...\KB973874-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976662) (HKLM\...\KB976662-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB976749) (HKLM\...\KB976749-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB980182) (HKLM\...\KB980182-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB982664) (HKLM\...\KB982664-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2616676-v2) (HKLM\...\KB2616676-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB943729) (HKLM\...\KB943729) (Version:  - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955704) (HKLM\...\KB955704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC Streamer 4.15 (HKLM\...\VLC Streamer_is1) (Version:  - )
VOB2MPG v3 (HKLM\...\{EC6B304A-044A-46AE-B761-D1202720D93A}) (Version: 3.0.0520 - BadgerIT)
WD Drive Manager (x86) (HKLM\...\{813EE1F0-D251-4F98-AC91-9B98CF22717E}) (Version: 2.115 - Western Digital)
Web BRAdmin (HKLM\...\{C221F359-D738-4D58-8419-B7DD51C5E6DC}) (Version: 1.59.0002 - Brother)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\498B9978CE49397903524B0761200F43EC650044) (Version: 07/12/2010 2.08.02 - FTDI)
Windows Driver Package - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\67170FB0228B69BCCBEF8CE14A76953A5505D8EA) (Version: 07/12/2010 2.08.02 - FTDI)
Windows Driver Package - mikroElektronika (USB18PRG) ClassName  (05/15/2007 6.0.6000.16386) (HKLM\...\546AD70ECFACF0F2701DB2569EA9CBA07EFEA05B) (Version: 05/15/2007 6.0.6000.16386 - mikroElektronika)
Windows Driver Package - Parallax Inc CDM Driver Package - Bus & VCP Driver (07/12/2010 2.08.02) (HKLM\...\F8DC9DFED0912C7E47EB1446EF7E3C53D3A0942D) (Version: 07/12/2010 2.08.02 - Parallax Inc)
Windows Driver Package - Ross-Tech USB Driver Package (06/16/2010 2.06.02) (HKLM\...\B4DFFB06B716298277125094C48185BFE8B5A7E1) (Version: 06/16/2010 2.06.02 - Ross-Tech)
Windows Driver Package - Suunto (libusb0) Suunto  (10/02/2010 1.2.2.0) (HKLM\...\4E5E6491582172E255196D3F11B77725E6681767) (Version: 10/02/2010 1.2.2.0 - Suunto)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live Writer (Version: 14.0.8089.0726 - Microsoft Corporation) Hidden
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (Version: 9.00.2980 - Microsoft Corporation) Hidden
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows PowerShell™ 1.0 MUI pack (HKLM\...\KB926141) (Version: 2 - Microsoft Corporation)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows Share Manager (HKLM\...\{8A6AA24D-71B5-47FE-BDFF-D9304753D8E2}) (Version: 1.2 - Windows Share Manager)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinTopo (HKLM\...\WinTopo) (Version:  - )
WinZip 11.2 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240B2}) (Version: 11.3.8261 - WinZip Computing, S.L. )
XPS Essentials Pack (HKLM\...\{6A69D94E-C569-4154-9643-72E94D1DDFDA}) (Version: 1.0.6000 - Microsoft Corporation)
XPS Essentials Pack 1.0 (Version:  - Microsoft Corporation) Hidden
Xvid 1.2.2 (HKLM\...\Xvid_is1) (Version: 1.2.2 - Koepi's build)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{0000002F-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{0002E005-0000-0000-C000-000000000046}\InprocServer32 -> C:\WINDOWS\system32\OLE32.DLL (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{0BE35203-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{0BE35204-8F91-11CE-9DE3-00AA004BB851}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{1365A45F-0C8F-4806-A26A-6B22AD37EC66}\localserver32 -> C:\Program Files\AutoCAD 2005\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{46763EE0-CAB2-11CE-8C20-00AA0051E5D4}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{648A5600-2C6E-101B-82B6-000000000014}\InprocServer32 -> C:\WINDOWS\system32\mscomm32.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{72B8D742-7E31-43b2-BC14-4EBB151B7A15}\InprocServer32 ->  No File
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{7EBDAAE0-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{7EBDAAE1-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{7EBDAAE2-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\WINDOWS\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\1259\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{8E75D913-3D21-11D2-85C4-080009A0C626}\localserver32 -> C:\Program Files\AutoCAD 2005\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{B196B286-BAB4-101A-B69C-00AA00341D07}\InprocServer32 -> C:\WINDOWS\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2005\acadficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1220945662-1532298954-1417001333-1003_Classes\CLSID\{FC280999-88C6-4499-9622-3B795A8B4A5F}\localserver32 -> C:\Program Files\AutoCAD 2005\acad.exe (Autodesk, Inc.)

==================== Restore Points  =========================

27-08-2014 16:29:56 System Checkpoint
28-08-2014 18:25:13 System Checkpoint
29-08-2014 18:29:32 System Checkpoint
30-08-2014 23:56:31 System Checkpoint
01-09-2014 00:38:29 System Checkpoint
02-09-2014 00:43:17 System Checkpoint
03-09-2014 01:03:36 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 07:00 - 2013-10-16 14:10 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\My Dell\uaclauncher.exe
Task: C:\WINDOWS\Tasks\Spybot - Search & Destroy -  Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
Task: C:\WINDOWS\Tasks\Spybot - Search & Destroy Updater -  Scheduled Task.job => C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-03-13 17:35 - 2010-10-29 10:14 - 00025088 _____ () C:\WINDOWS\System32\WLTRYSVC.EXE
2009-03-13 17:35 - 2010-10-29 10:14 - 00761856 _____ () C:\WINDOWS\System32\bcm1xsup.dll
2012-03-09 11:37 - 2014-07-10 10:44 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-03 04:38 - 2014-09-03 04:38 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\14090300\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-29 16:53 - 2010-08-24 19:06 - 00085840 _____ () C:\Program Files\Trend Micro\RUBotted\hc_help.dll
2009-01-10 17:15 - 2009-01-10 17:15 - 00159744 _____ () C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll
2009-01-10 17:14 - 2009-01-10 17:14 - 00023552 _____ () C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll
2009-07-08 07:07 - 2007-07-20 16:56 - 00098304 _____ () C:\Program Files\Dell\QuickSet\dadkeyb.dll
2009-03-13 17:35 - 2010-10-29 10:14 - 00143360 _____ () C:\WINDOWS\system32\preflib.dll
2009-07-08 07:07 - 2005-10-13 13:53 - 00090223 _____ () C:\Program Files\Dell\QuickSet\preflibcl.dll
2013-11-28 09:30 - 2014-07-10 10:44 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-04-25 11:24 - 2013-12-24 17:14 - 00642016 _____ () C:\Program Files\BillP Studios\WinPatrol\sqlite3.dll
2009-12-08 15:54 - 2009-12-08 15:54 - 02011648 _____ () C:\Program Files\Suunto\Moveslink for Movestick Mini\QtCore4.dll
2009-09-29 13:43 - 2009-09-29 13:43 - 07462912 _____ () C:\Program Files\Suunto\Moveslink for Movestick Mini\QtGui4.dll
2009-09-29 13:31 - 2009-09-29 13:31 - 00337408 _____ () C:\Program Files\Suunto\Moveslink for Movestick Mini\QtXml4.dll
2009-09-29 13:32 - 2009-09-29 13:32 - 00877056 _____ () C:\Program Files\Suunto\Moveslink for Movestick Mini\QtNetwork4.dll
2014-08-11 13:48 - 2013-04-08 15:29 - 00846848 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-08-11 13:48 - 2013-03-12 20:48 - 01411072 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2014-08-11 13:48 - 2013-04-02 11:34 - 00193024 _____ () C:\Program Files\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2014 08:17:43 AM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Net.WebException</Type><Message><![CDATA[The remote name could not be resolved: 'ftp.dell.com']]></Message><Source><![CDATA[System]]></Source><StackTrace><![CDATA[   at System.Net.WebClient.OpenRead(Uri address)
   at eSupport.Common.Client.Service.Core.ConfigurationInformation.SynchronizeOSInfoConfig()]]></StackTrace><SysInfo STag="9SBJ1C1" SMBIOSMajVer="2" SMBIOSMinVer="4" SMBIOSBIOSVer="A10" SMBIOSPresent="True" Rel_Date="20080516000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Latitude D620" Ident_Num="MARKDELL" TimeZone="(GMT-06:00) Central Time (US & Canada)" OSName="Microsoft Windows XP Professional"/><Method>Synchronize OS INFO failed</Method></Exception>

Error: (09/03/2014 08:07:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 436: ERROR: read_msg errno 10053 (An established connection was aborted by the software in your host machine.)

Error: (09/03/2014 08:07:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: mDNSPlatformReadTCP - recv: 10053

Error: (09/03/2014 07:59:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application FRST.exe, version 31.8.2014.2, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/02/2014 09:51:34 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 1116954496.

Error: (09/02/2014 09:51:23 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/27/2014 01:21:59 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Unexpected end of file has occurred. The following elements are not closed: Config. Line 1, position 440.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlTextReaderImpl.Throw(Exception e)
   at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
   at System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String arg)
   at System.Xml.XmlTextReaderImpl.ThrowUnclosedElements()
   at System.Xml.XmlTextReaderImpl.ParseElementContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.LoadNode(Boolean skipOverWhitespace)
   at System.Xml.XmlLoader.LoadDocSequence(XmlDocument parentDoc)
   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   at System.Xml.XmlDocument.Load(XmlReader reader)
   at System.Xml.XmlDocument.LoadXml(String xml)
   at eSupport.Common.Client.Service.Core.ConfigurationInformation.LoadConfig()]]></StackTrace><SysInfo STag="9SBJ1C1" SMBIOSMajVer="2" SMBIOSMinVer="4" SMBIOSBIOSVer="A10" SMBIOSPresent="True" Rel_Date="20080516000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Latitude D620" Ident_Num="MARKDELL" TimeZone="(GMT-06:00) Central Time (US & Canada)" OSName="Microsoft Windows XP Professional"/><Method>LoadConfig</Method></Exception>

Error: (08/27/2014 01:11:20 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Exception</Type><Message><![CDATA[Signture Mismatch]]></Message><Source><![CDATA[]]></Source><StackTrace><![CDATA[]]></StackTrace><SysInfo STag="9SBJ1C1" SMBIOSMajVer="2" SMBIOSMinVer="4" SMBIOSBIOSVer="A10" SMBIOSPresent="True" Rel_Date="20080516000000.000000+000" DSDVersion="5.10.0.8" Vendor="Dell Inc." PName="Latitude D620" Ident_Num="MARKDELL" TimeZone="(GMT-06:00) Central Time (US & Canada)" OSName="Microsoft Windows XP Professional"/><Method>AuthenticationHandler.Authenticate</Method><Service>clientservice</Service><Arguments>QueryString Signature:IG3w0TM6DWtx3zW78p1Jw202c5rrbAaqPpzMVYNXuss;DSD Signature:2OPbCyzac8ly7GGZ9NOvbbwgeQbJVQyDxCIV3cuZ7+M;</Arguments><UserAgent>Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0</UserAgent></Exception>

Error: (08/27/2014 01:10:34 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Exception</Type><Message><![CDATA[Signture Mismatch]]></Message><Source><![CDATA[]]></Source><StackTrace><![CDATA[]]></StackTrace><SysInfo STag="9SBJ1C1" SMBIOSMajVer="2" SMBIOSMinVer="4" SMBIOSBIOSVer="A10" SMBIOSPresent="True" Rel_Date="20080516000000.000000+000" DSDVersion="5.10.0.8" Vendor="Dell Inc." PName="Latitude D620" Ident_Num="MARKDELL" TimeZone="(GMT-06:00) Central Time (US & Canada)" OSName="Microsoft Windows XP Professional"/><Method>AuthenticationHandler.Authenticate</Method><Service>clientservice</Service><Arguments>QueryString Signature:IG3w0TM6DWtx3zW78p1Jw202c5rrbAaqPpzMVYNXuss;DSD Signature:2OPbCyzac8ly7GGZ9NOvbbwgeQbJVQyDxCIV3cuZ7+M;</Arguments><UserAgent>Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0</UserAgent></Exception>

Error: (08/27/2014 00:05:19 PM) (Source: Dell System Detect) (EventID: 0) (User: )
Description: <Exception><Type>System.Xml.XmlException</Type><Message><![CDATA[Unexpected end of file has occurred. The following elements are not closed: Config. Line 1, position 440.]]></Message><Source><![CDATA[System.Xml]]></Source><StackTrace><![CDATA[   at System.Xml.XmlTextReaderImpl.Throw(Exception e)
   at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
   at System.Xml.XmlTextReaderImpl.Throw(Int32 pos, String res, String arg)
   at System.Xml.XmlTextReaderImpl.ThrowUnclosedElements()
   at System.Xml.XmlTextReaderImpl.ParseElementContent()
   at System.Xml.XmlTextReaderImpl.Read()
   at System.Xml.XmlLoader.LoadNode(Boolean skipOverWhitespace)
   at System.Xml.XmlLoader.LoadDocSequence(XmlDocument parentDoc)
   at System.Xml.XmlLoader.Load(XmlDocument doc, XmlReader reader, Boolean preserveWhitespace)
   at System.Xml.XmlDocument.Load(XmlReader reader)
   at System.Xml.XmlDocument.LoadXml(String xml)
   at eSupport.Common.Client.Service.Core.ConfigurationInformation.LoadConfig()]]></StackTrace><SysInfo STag="9SBJ1C1" SMBIOSMajVer="2" SMBIOSMinVer="4" SMBIOSBIOSVer="A10" SMBIOSPresent="True" Rel_Date="20080516000000.000000+000" DSDVersion="" Vendor="Dell Inc." PName="Latitude D620" Ident_Num="MARKDELL" TimeZone="(GMT-06:00) Central Time (US & Canada)" OSName="Microsoft Windows XP Professional"/><Method>LoadConfig</Method></Exception>


System errors:
=============
Error: (09/03/2014 08:10:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PCASp50 NDIS Protocol Driver service failed to start due to the following error:
%%2

Error: (09/02/2014 07:17:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Adobe Flash Player Update Service service failed to start due to the following error:
%%1053

Error: (09/02/2014 07:17:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.

Error: (09/02/2014 06:44:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (09/02/2014 06:44:49 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (09/02/2014 06:44:43 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service gupdate with arguments "/comsvc"
in order to run the server:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (08/27/2014 02:12:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PCASp50 NDIS Protocol Driver service failed to start due to the following error:
%%2

Error: (08/27/2014 11:47:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PCASp50 NDIS Protocol Driver service failed to start due to the following error:
%%2

Error: (08/27/2014 09:52:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The System Restore Service service terminated with the following error:
%%2

Error: (08/27/2014 09:52:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The PCASp50 NDIS Protocol Driver service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (03/11/2014 04:29:25 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 581694 seconds with 32160 seconds of active time.  This session ended with a crash.

Error: (10/17/2013 08:31:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 108975 seconds with 14460 seconds of active time.  This session ended with a crash.

Error: (09/21/2013 10:52:03 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6680.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 262 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (07/31/2013 03:29:17 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 546742 seconds with 81420 seconds of active time.  This session ended with a crash.

Error: (07/13/2013 01:22:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 95149 seconds with 7440 seconds of active time.  This session ended with a crash.

Error: (07/09/2013 10:36:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 701596 seconds with 47940 seconds of active time.  This session ended with a crash.

Error: (05/27/2013 09:38:59 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 263207 seconds with 3780 seconds of active time.  This session ended with a crash.

Error: (04/17/2013 11:01:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 581895 seconds with 39120 seconds of active time.  This session ended with a crash.

Error: (02/15/2013 09:06:25 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 171519 seconds with 8220 seconds of active time.  This session ended with a crash.

Error: (12/17/2012 11:57:57 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3755 seconds with 2700 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Genuine Intel® CPU T2400 @ 1.83GHz
Percentage of memory in use: 24%
Total physical RAM: 3318.05 MB
Available physical RAM: 2496.41 MB
Total Pagefile: 4679.88 MB
Available Pagefile: 3905.02 MB
Total Virtual: 2047.88 MB
Available Virtual: 1958.54 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:298.09 GB) (Free:132.83 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: A4D8A4D8)
Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:47 AM

Posted 04 September 2014 - 12:59 PM

Hi MrMark52,
 
Yes, hardware can often cause the 100% issue as if the fan is blocked then the CPU has to work harder and can often be close to overheating. I don't see any malware, but there is a lot of files running on startup which can cause a computer to be slower than it should be.
 

 

Please download Autoruns.
 
Open Downloads in your browser and click on the Autoruns download.
 
Click on Run to initiate the installation.
 
When Autoruns loads you will see an image similar to the one below.
 
autorunsscreen_zps2ac55e2e.png
 
Click on File, then click on Save.
 
Choose Desktop as the destination, then click on the down arrow in the Save as type: box and click on Text (*.txt), then click on Save.
 
There will be a Text icon on the desktop titled AutoRuns, click on it to open the log.
 
Copy the log and paste it in your next post.
 
xXToffeeXx~

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 MrMark52

MrMark52
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 04 September 2014 - 01:13 PM

Thanks xxToffeexx!

 

Yeah, hardware can never be ruled out - and it's a catch-22 as to if the issue is hardware or software. Probably more often it's software. In my case I totally expected the new fan and cleaned heat sink to solve the problem, but it didn't seem to have any affect. I put th eold fan back in, and was amazed at the difference from the get-go. WHat's wierd is, both times I've open this machine up, I have a heck of a time getting it to boot against th ememory. I don't have to take the memory out to work on the fan, yet something happens that causes some heartburn for it until I pull out and reseat several times. Then all is good. I suspect that that may be the overall issue in some way, especially now that the fan issue is all cleaned up.

 

Logs below - and again, Thanks for yuor help!

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "8/27/2014 2:03 PM"
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"    "11/21/2013 11:56 AM"
+ "Apoint"    "Alps Pointing-device Driver"    "Alps Electric Co., Ltd."    "c:\program files\apoint\apoint.exe"    "10/7/2005 12:13 AM"
+ "AppleSyncNotifier"    "AppleSyncNotifier"    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applesyncnotifier.exe"    "10/6/2011 3:36 AM"
+ "APSDaemon"    "Apple Push"    "Apple Inc."    "c:\program files\common files\apple\apple application support\apsdaemon.exe"    "7/30/2014 5:24 PM"
+ "AvastUI.exe"    "avast! Antivirus"    "AVAST Software"    "c:\program files\avast software\avast\avastui.exe"    "6/26/2014 6:45 AM"
+ "Broadcom Wireless Manager UI"    "DW WLAN Card Wireless Network Tray Applet"    "Dell Inc."    "c:\windows\system32\wltray.exe"    "10/28/2010 12:18 AM"
+ "Dell QuickSet"    "QuickSet"    "Dell Inc."    "c:\program files\dell\quickset\quickset.exe"    "7/20/2007 4:55 PM"
+ "HotKeysCmds"    "hkcmd Module"    "Intel Corporation"    "c:\windows\system32\hkcmd.exe"    "3/30/2007 3:00 PM"
+ "IgfxTray"    "igfxTray Module"    "Intel Corporation"    "c:\windows\system32\igfxtray.exe"    "3/30/2007 3:00 PM"
+ "IJNetworkScannerSelectorEX"    "Canon IJ Network Scanner Selector EX"    "CANON INC."    "c:\program files\canon\ij network scanner selector ex\cnmnsst.exe"    "8/30/2012 8:29 PM"
+ "iTunesHelper"    "iTunesHelper"    "Apple Inc."    "c:\program files\itunes\ituneshelper.exe"    "8/1/2014 5:48 PM"
+ "OSSelectorReinstall"    ""    ""    "c:\program files\common files\acronis\acronis disk director\oss_reinstall.exe"    "2/26/2007 6:03 AM"
+ "Persistence"    "persistence Module"    "Intel Corporation"    "c:\windows\system32\igfxpers.exe"    "3/30/2007 2:59 PM"
+ "QuickTime Task"    "QuickTime Task"    "Apple Inc."    "c:\program files\quicktime\qttask.exe"    "1/13/2014 8:15 PM"
+ "SigmatelSysTrayApp"    "Sigmatel Audio system tray application"    "SigmaTel, Inc."    "c:\program files\sigmatel\c-major audio\wdm\stsystra.exe"    "5/10/2007 11:09 AM"
+ "SunJavaUpdateSched"    "Java Update Scheduler"    "Oracle Corporation"    "c:\program files\common files\java\java update\jusched.exe"    "7/30/2014 10:17 PM"
+ "Trend Micro RUBotted V2.0 Beta"    "Trend Micro RUBotted tool"    "Trend Micro Inc."    "c:\program files\trend micro\rubotted\rubottedgui.exe"    "7/25/2013 5:10 AM"
+ "WD Drive Manager"    "WD Drive Manager"    "WDC"    "c:\program files\western digital\wd drive manager\wdbtnmgrui.exe"    "6/26/2009 5:56 PM"
"C:\Documents and Settings\All Users\Start Menu\Programs\Startup"    ""    ""    ""    "8/11/2014 1:48 PM"
+ "Digital Line Detect.lnk"    "Digital Line Detection"    "BVRP Software"    "c:\program files\digital line detect\dlg.exe"    "10/29/2003 3:23 AM"
+ "Moveslink for Movestick Mini.lnk"    ""    ""    "c:\windows\installer\{4d036aca-dfdf-41b2-a680-e0d736f3e947}\_22a9010b636af7a61d8e03.exe"    "3/19/2013 8:42 AM"
+ "TP-LINK Wireless Configuration Utility.lnk"    ""    ""    "c:\program files\tp-link\tp-link wireless configuration utility\twcu.exe"    "4/8/2013 2:25 AM"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"    ""    ""    ""    "9/4/2014 8:33 AM"
+ "Address Book 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 1:30 PM"
+ "Browsing Enhancements"    ""    ""    "c:\program files\pixiepack codec pack\installerhelper.exe"    "9/19/2007 3:32 AM"
+ "Java (Sun)"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 1:30 PM"
+ "Microsoft Outlook Express 6"    "Outlook Express Setup Library"    "Microsoft Corporation"    "c:\program files\outlook express\setup50.exe"    "4/13/2008 1:30 PM"
+ "PixiePack Codec Pack 0.10.4"    ""    ""    "c:\program files\pixiepack codec pack\installerhelper.exe"    "9/19/2007 3:32 AM"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""    "5/16/2008 12:21 AM"
+ "Akamai NetSession Interface"    "Akamai NetSession Client"    "Akamai Technologies, Inc."    "c:\documents and settings\markie\local settings\application data\akamai\netsession_win.exe"    "4/17/2014 3:53 PM"
+ "ALconnect"    "ActiveLink Connect Application"    "Koninklijke Philips Electronics N.V."    "c:\documents and settings\markie\application data\directlife\alconnect\alconnect.exe"    "8/31/2012 3:26 AM"
+ "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"    "Nero Home"    "Nero AG"    "c:\program files\common files\ahead\lib\nmbgmonitor.exe"    "6/27/2007 8:03 AM"
+ "cdloader"    "magicJack (cdloader2)"    "magicJack L.P."    "c:\documents and settings\markie\application data\mjusbsp\cdloader2.exe"    "12/12/2007 6:34 AM"
+ "DellSystemDetect"    "Dell System Detect"    "Dell"    "c:\documents and settings\markie\local settings\apps\2.0\5kzkx0w5.9vo\t7w9z775.nh4\dell..tion_0f612f649c4a10af_0005.000a_17ece8424e43daec\dellsystemdetect.exe"    "8/19/2014 9:36 AM"
+ "Download Master"    "ASUS DM2"    "ASUSTeK COMPUTER INC."    "c:\program files\asus\download master utility\dm2.exe"    "10/9/2013 4:36 AM"
+ "H/PC Connection Agent"    "ActiveSync Connection Manager"    "Microsoft Corporation"    "c:\program files\microsoft activesync\wcescomm.exe"    "11/13/2006 3:57 PM"
+ "SUPERAntiSpyware"    "SUPERAntiSpyware Application"    "SUPERAntiSpyware"    "c:\program files\superantispyware\superantispyware.exe"    "8/11/2014 1:21 PM"
+ "WinPatrol"    "WinPatrol Background Change Detector"    "BillP Studios"    "c:\program files\billp studios\winpatrol\winpatrol.exe"    "1/23/2014 9:14 PM"
"HKLM\SOFTWARE\Microsoft\Windows CE Services\AutoStartOnConnect"    ""    ""    ""    "9/17/2010 6:25 AM"
+ "CEAppMgr"    "Application Manager"    "Microsoft Corporation"    "c:\program files\microsoft activesync\ceappmgr.exe"    "11/13/2006 3:56 PM"
+ "NeroMobileAd"    "Nero Mobile Advertisment"    "Nero AG"    "c:\program files\nero\nero 7\nero mobile\neromobilead.exe"    "8/28/2006 4:12 AM"
"HKLM\SOFTWARE\Classes\Protocols\Filter"    ""    ""    ""    "11/16/2012 7:31 AM"
+ "text/xml"    "Microsoft Office XML MIME Filter"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"    "2/26/2009 11:00 AM"
"HKLM\SOFTWARE\Classes\Protocols\Handler"    ""    ""    ""    "6/11/2014 3:07 AM"
+ "ms-help"    "Microsoft® Help Data Services Module"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\help\hxds.dll"    "11/7/2012 5:30 AM"
+ "ms-itss"    "Microsoft® InfoTech Storage System Library"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\information retrieval\msitss.dll"    "4/19/2000 8:47 PM"
+ "mso-offdap"    "Microsoft Office XP Web Components"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\10\owc10.dll"    "5/14/2009 9:43 PM"
+ "mso-offdap11"    "Microsoft Office Web Components 2003"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\web components\11\owc11.dll"    "3/24/2009 7:45 PM"
"HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components"    ""    ""    ""    "9/13/2012 10:51 AM"
+ "0"    ""    ""    "File not found: About:Home"    ""
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""    "6/18/2014 9:16 AM"
+ "SABShellExecuteHook Class"    "ShellExecuteHook"    "SuperAdBlocker.com"    "c:\program files\superantispyware\sasseh.dll"    "7/18/2011 6:22 PM"
+ "Windows Desktop Search Namespace Manager"    "Windows Search Namespace Manager"    "Microsoft Corporation"    "c:\program files\windows desktop search\msnlnamespacemgr.dll"    "5/25/2009 12:41 AM"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""    "8/12/2014 9:21 PM"
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"    "4/18/2011 1:34 PM"
+ "Adobe.Acrobat.ContextMenu"    ""    ""    ""    "6/23/2009 1:54 PM"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"    "6/26/2014 6:32 AM"
+ "Cover Designer"    ""    ""    ""    "10/27/2009 11:23 AM"
+ "NBShellHook Class"    ""    ""    ""    "10/27/2009 11:22 AM"
+ "Notepad++"    ""    ""    ""    "5/10/2012 10:09 AM"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"    "6/6/2014 1:40 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "4/3/2008 10:45 PM"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""    "8/12/2014 9:21 PM"
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"    "6/26/2014 6:32 AM"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes anti-malware\mbamext.dll"    "4/9/2014 6:20 PM"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"    "6/6/2014 1:40 PM"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""    "8/12/2014 9:21 PM"
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"    "4/18/2011 1:34 PM"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"    "6/6/2014 1:40 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "4/3/2008 10:45 PM"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""    "10/10/2012 4:33 PM"
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"    "4/18/2011 1:34 PM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "4/3/2008 10:45 PM"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""    "3/23/2009 4:11 PM"
+ "igfxcui"    "igfxpph Module"    "Intel Corporation"    "c:\windows\system32\igfxpph.dll"    "3/30/2007 2:59 PM"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""    "2/27/2014 9:30 AM"
+ "Haali Column Provider"    ""    ""    "c:\program files\haali\matroskasplitter\mmfinfo.dll"    "1/10/2009 5:15 PM"
+ "NeroDigitalColumnHandler Class"    "Nero Digital Shell Extension"    "Nero AG"    "c:\program files\common files\ahead\lib\nerodigitalext.dll"    "11/15/2005 5:07 AM"
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"    "5/11/2013 4:34 AM"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""    "7/11/2014 1:07 PM"
+ "Adobe.Acrobat.ContextMenu"    ""    ""    ""    "6/23/2009 1:54 PM"
+ "avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"    "6/26/2014 6:32 AM"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes anti-malware\mbamext.dll"    "4/9/2014 6:20 PM"
+ "NBShellHook Class"    ""    ""    ""    "10/27/2009 11:22 AM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "4/3/2008 10:45 PM"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""    "10/10/2012 4:33 PM"
+ "NBShellHook"    ""    ""    ""    "10/27/2009 11:22 AM"
+ "WinZip"    "WinZip Shell Extension DLL"    "WinZip Computing, S.L."    "c:\program files\winzip\wzshlstb.dll"    "4/3/2008 10:45 PM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"    ""    ""    ""    "2/5/2012 4:11 PM"
+ "00avast"    "avast! Shell Extension"    "AVAST Software"    "c:\program files\avast software\avast\ashshell.dll"    "6/26/2014 6:32 AM"
+ "AutoCAD Digital Signatures Icon Overlay Handler"    "AcSignIcon Module"    "Autodesk"    "c:\windows\system32\acsignicon.dll"    "2/25/2004 3:52 AM"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""    "8/26/2014 9:16 AM"
+ "Adobe PDF Conversion Toolbar Helper"    "Adobe PDF Toolbar for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll"    "8/30/2011 3:26 PM"
+ "avast! Online Security"    "IE Webrep plugin"    "AVAST Software"    "c:\program files\avast software\avast\aswwebrepie.dll"    "6/25/2014 11:16 AM"
+ "Java™ Plug-In 2 SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre1.8.0_20\bin\jp2ssv.dll"    "7/30/2014 8:51 PM"
+ "Java™ Plug-In SSV Helper"    "Java™ Platform SE binary"    "Oracle Corporation"    "c:\program files\java\jre1.8.0_20\bin\ssv.dll"    "7/30/2014 8:50 PM"
+ "Spybot-S&D IE Protection"    "SBSD IE Protection"    "Safer Networking Limited"    "c:\program files\spybot - search & destroy\sdhelper.dll"    "6/19/1992 5:22 PM"
+ "Windows Live ID Sign-in Helper"    "Microsoft® Windows Live ID Login Helper"    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"    "8/18/2009 1:28 PM"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"    ""    ""    ""    "5/29/2014 11:31 AM"
+ "Adobe PDF"    "Adobe PDF Toolbar for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\adobe\acrobat 8.0\acrobat\acroiefavclient.dll"    "8/30/2011 3:26 PM"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"    ""    ""    ""    "8/21/2014 3:11 PM"
+ "&Blog This in Windows Live Writer"    "Windows Live Writer Blog This Extension"    "Microsoft Corporation"    "c:\program files\windows live\writer\writerbrowserextension.dll"    "7/26/2009 10:12 PM"
+ "Create Mobile Favorite"    "ActiveSync Favorite Synchronization"    "Microsoft Corporation"    "c:\program files\microsoft activesync\inetrepl.dll"    "11/13/2006 3:55 PM"
+ "Create Mobile Favorite..."    "ActiveSync Favorite Synchronization"    "Microsoft Corporation"    "c:\program files\microsoft activesync\inetrepl.dll"    "11/13/2006 3:55 PM"
+ "Spybot - Search & Destroy Configuration"    "SBSD IE Protection"    "Safer Networking Limited"    "c:\program files\spybot - search & destroy\sdhelper.dll"    "6/19/1992 5:22 PM"
+ "Windows Messenger"    "Windows Messenger"    "Microsoft Corporation"    "c:\program files\messenger\msmsgs.exe"    "4/13/2008 1:34 PM"
"Task Scheduler"    ""    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 14.0 r0"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "8/1/2014 7:00 PM"
+ "AppleSoftwareUpdate.job"    "Apple Software Update"    "Apple Inc."    "c:\program files\apple software update\softwareupdate.exe"    "6/1/2011 7:46 PM"
+ "avast! Emergency Update.job"    "avast! Emergency Update"    "AVAST Software"    "c:\program files\avast software\avast\avastemupdate.exe"    "6/26/2014 6:31 AM"
+ "GoogleUpdateTaskMachineCore.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "2/15/2012 9:43 PM"
+ "GoogleUpdateTaskMachineUA.job"    "Google Installer"    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "2/15/2012 9:43 PM"
+ "PCDoctorBackgroundMonitorTask.job"    "PC-Doctor Module"    "PC-Doctor, Inc."    "c:\program files\my dell\uaclauncher.exe"    "1/10/2014 3:42 AM"
+ "Spybot - Search & Destroy -  Scheduled Task.job"    "Spybot - Search & Destroy"    "Safer Networking Limited"    "c:\program files\spybot - search & destroy\spybotsd.exe"    "6/19/1992 5:22 PM"
+ "Spybot - Search & Destroy Updater -  Scheduled Task.job"    "Updater for Spybot-S&D"    "Safer Networking Limited"    "c:\program files\spybot - search & destroy\sdupdate.exe"    "6/19/1992 5:22 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "9/3/2014 2:50 PM"
+ "!SASCORE"    "SUPERAntiSpyware Core Service"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sascore.exe"    "7/22/2014 6:47 PM"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"    "8/1/2014 7:00 PM"
+ "Apple Mobile Device"    "Provides the interface to Apple mobile devices."    "Apple Inc."    "c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe"    "2/11/2014 8:26 AM"
+ "ASFIPmon"    "Monitors and propagates changes in the IP settings of ASF-enabled Broadcom network interfaces."    "Broadcom Corporation"    "c:\program files\broadcom\asfipmon\asfipmon.exe"    "10/18/2005 7:11 PM"
+ "Autodesk Licensing Service"    "Anchor service for Autodesk products licensed with SafeCast"    "Autodesk, Inc."    "c:\program files\common files\autodesk shared\service\adskscsrv.exe"    "11/7/2003 5:17 AM"
+ "avast! Antivirus"    "Manages and implements avast! antivirus services for this computer. This includes the real-time shields, the virus chest and the scheduler."    "AVAST Software"    "c:\program files\avast software\avast\avastsvc.exe"    "6/26/2014 6:37 AM"
+ "Bonjour Service"    "Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence."    "Apple Inc."    "c:\program files\bonjour\mdnsresponder.exe"    "8/31/2011 12:40 AM"
+ "Crypkey License"    "CrypKey NT Service"    "CrypKey (Canada) Ltd."    "c:\windows\system32\crypserv.exe"    "5/23/2007 1:29 PM"
+ "FLEXnet Licensing Service"    "This service performs licensing functions on behalf of FLEXnet enabled products."    "Macrovision Europe Ltd."    "c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"    "11/27/2007 2:30 PM"
+ "gupdate"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "2/15/2012 9:43 PM"
+ "gupdatem"    "Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it."    "Google Inc."    "c:\program files\google\update\googleupdate.exe"    "2/15/2012 9:43 PM"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\1050\intel 32\idrivert.exe"    "10/22/2004 3:24 AM"
+ "iPod Service"    "iPod hardware management services"    "Apple Inc."    "c:\program files\ipod\bin\ipodservice.exe"    "8/1/2014 5:48 PM"
+ "JavaQuickStarterService"    "Prefetches JRE files for faster startup of Java applets and applications"    "Oracle Corporation"    "c:\program files\java\jre7\bin\jqs.exe"    "7/25/2014 1:26 PM"
+ "LVPrcSrv"    "Injector service"    "Logitech Inc."    "c:\program files\common files\logishrd\lvmvfm\lvprcsrv.exe"    "10/7/2009 3:26 AM"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"    "7/16/2014 10:01 PM"
+ "MSSQL$MSSMLBIZ"    "Provides storage, processing and controlled access of data and rapid transaction processing."    "Microsoft Corporation"    "c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe"    "12/10/2010 5:23 PM"
+ "NBService"    "Nero BackItUp Service is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP."    "Nero AG"    "c:\program files\nero\nero 7\nero backitup\nbservice.exe"    "6/29/2007 11:40 AM"
+ "NICCONFIGSVC"    "Configure your Internal Network Card power management settings."    "Dell Inc."    "c:\program files\dell\quickset\nicconfigsvc.exe"    "7/20/2007 4:53 PM"
+ "NMIndexingService"    "Nero Home"    "Nero AG"    "c:\program files\common files\ahead\lib\nmindexingservice.exe"    "6/27/2007 7:50 AM"
+ "odserv"    "Run portions of Microsoft Office Diagnostics."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\office12\odserv.exe"    "7/20/2011 12:12 AM"
+ "ose"    "Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\source engine\ose.exe"    "10/26/2006 4:00 PM"
+ "RoxLiveShare9"    "Allows remote users to view through WEB browsers your authorized multimedia content managed by Roxio Media Manager9."    ""    "File not found: C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe"    ""
+ "rpcapd"    "Allows to capture traffic on this machine from a remote machine."    "Riverbed Technology, Inc."    "c:\program files\winpcap\rpcapd.exe"    "2/28/2013 8:28 PM"
+ "RUBotSrv"    "Trend Micro RUBotted Service"    "Trend Micro Inc."    "c:\program files\trend micro\rubotted\rubotsrv.exe"    "7/25/2013 5:09 AM"
+ "SQLBrowser"    "Provides SQL Server connection information to client computers."    "Microsoft Corporation"    "c:\program files\microsoft sql server\90\shared\sqlbrowser.exe"    "12/10/2010 2:40 PM"
+ "SQLWriter"    "Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure."    "Microsoft Corporation"    "c:\program files\microsoft sql server\90\shared\sqlwriter.exe"    "12/10/2010 2:39 PM"
+ "WDBtnMgrSvc.exe"    "Provides functionality for Western Digital disk drives."    "WDC"    "c:\program files\western digital\wd drive manager\wdbtnmgrsvc.exe"    "6/26/2009 5:56 PM"
+ "wlidsvc"    "Enables Windows Live ID authentication."    "Microsoft Corporation"    "c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"    "8/18/2009 1:28 PM"
+ "wltrysvc"    "Provides automatic configuration for the 802.11 adapter using the Broadcom supplicant."    ""    "c:\windows\system32\wltrysvc.exe"    "10/27/2010 11:56 PM"
+ "WMPNetworkSvc"    "Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play"    "Microsoft Corporation"    "c:\program files\windows media player\wmpnetwk.exe"    "1/30/2009 8:46 PM"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""    "9/3/2014 2:50 PM"
+ "AegisP"    "AEGIS Protocol (IEEE 802.1x) v3.7.5.0"    "Cisco Systems, Inc."    "c:\windows\system32\drivers\aegisp.sys"    "7/12/2007 2:57 PM"
+ "ApfiltrService"    "Alps Touch Pad Driver"    "Alps Electric Co., Ltd."    "c:\windows\system32\drivers\apfiltr.sys"    "9/28/2005 6:57 AM"
+ "APPDRV"    "App Support Driver"    "Dell Inc"    "c:\windows\system32\drivers\appdrv.sys"    "6/30/2004 10:39 AM"
+ "aswHwid"    "avast! HardwareID"    ""    "c:\windows\system32\drivers\aswhwid.sys"    "6/26/2014 6:31 AM"
+ "aswMonFlt"    "avast! mini-filter driver (aswMonFlt)"    "AVAST Software"    "c:\windows\system32\drivers\aswmonflt.sys"    "6/26/2014 6:32 AM"
+ "AswRdr"    "Avast! WFP Redirect Driver"    "AVAST Software"    "c:\windows\system32\drivers\aswrdr.sys"    "6/26/2014 6:32 AM"
+ "aswRvrt"    "avast! Revert"    ""    "c:\windows\system32\drivers\aswrvrt.sys"    "6/26/2014 6:35 AM"
+ "aswSnx"    "Avast! Virtualization Driver"    "AVAST Software"    "c:\windows\system32\drivers\aswsnx.sys"    "6/26/2014 6:33 AM"
+ "aswSP"    "avast! Self Protection"    "AVAST Software"    "c:\windows\system32\drivers\aswsp.sys"    "6/26/2014 6:45 AM"
+ "aswTdi"    "aswTdi"    "AVAST Software"    "c:\windows\system32\drivers\aswtdi.sys"    "6/26/2014 6:32 AM"
+ "aswVmm"    "avast! VM Monitor"    ""    "c:\windows\system32\drivers\aswvmm.sys"    "6/26/2014 6:35 AM"
+ "b57w2k"    "Broadcom NetXtreme Gigabit Ethernet NDIS5.1 Driver."    "Broadcom Corporation"    "c:\windows\system32\drivers\b57xp32.sys"    "10/17/2005 5:31 PM"
+ "BASFND"    "Broadcom NetDetect Driver."    "Broadcom Corporation"    "c:\program files\broadcom\asfipmon\basfnd.sys"    "4/24/2003 6:16 PM"
+ "BCM43XX"    "Broadcom 802.11 Network Adapter wireless driver"    "Broadcom Corporation"    "c:\windows\system32\drivers\bcmwl5.sys"    "8/25/2009 9:38 PM"
+ "bnsdusb"    ""    ""    "File not found: system32\DRIVERS\bnsdusb.sys"    ""
+ "catchme"    ""    ""    "File not found: C:\DOCUME~1\Markie\LOCALS~1\Temp\catchme.sys"    ""
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"    ""
+ "cmvad"    ""    ""    "File not found: system32\drivers\cmudaxv.sys"    ""
+ "cpudrv"    ""    ""    "c:\program files\systemrequirementslab\cpudrv.sys"    "8/11/2009 11:38 AM"
+ "DSproct"    "Process Trigger Driver"    "GTek Technologies Ltd."    "c:\program files\dell support\gtaction\triggers\dsproct.sys"    "1/10/2006 4:05 AM"
+ "Ext2Fsd"    "Ext2 File System Driver for Windows"    "www.ext2fsd.com"    "c:\windows\system32\drivers\ext2fsd.sys"    "7/8/2011 12:24 PM"
+ "fanio"    "I8k Fan I/O"    "Christian Diefer"    "c:\windows\system32\drivers\fanio.sys"    "2/16/2007 4:05 AM"
+ "FTDIBUS"    "FTDIBUS USB Driver"    "FTDI Ltd."    "c:\windows\system32\drivers\ftdibus.sys"    "10/22/2009 10:11 AM"
+ "FTSER2K"    "FTDIBUS Serial Device Driver"    "FTDI Ltd."    "c:\windows\system32\drivers\ftser2k.sys"    "10/22/2009 10:09 AM"
+ "GEARAspiWDM"    "CD DVD Filter"    "GEAR Software Inc."    "c:\windows\system32\drivers\gearaspiwdm.sys"    "5/3/2012 2:55 PM"
+ "giveio"    ""    ""    "c:\windows\system32\giveio.sys"    "4/3/1996 9:33 PM"
+ "grmnusb"    "grmnusb.sys"    "GARMIN Corp."    "c:\windows\system32\drivers\grmnusb.sys"    "4/17/2009 3:48 PM"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0a"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"    "5/26/2005 10:46 AM"
+ "HSF_DPV"    "HSF_DP driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsf_dpv.sys"    "7/22/2005 1:02 PM"
+ "HSFHWAZL"    "HSF_HWAZL WDM driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsfhwazl.sys"    "7/22/2005 1:01 PM"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"    ""
+ "ialm"    "Intel Graphics Miniport Driver"    "Intel Corporation"    "c:\windows\system32\drivers\igxpmp32.sys"    "3/30/2007 4:34 PM"
+ "imagedrv"    "NERO IMAGEDRIVE SCSI miniport"    "Ahead Software AG"    "c:\windows\system32\drivers\imagedrv.sys"    "11/12/2004 9:34 PM"
+ "imagesrv"    "Nero Image Server"    "Ahead Software AG"    "c:\windows\system32\drivers\imagesrv.sys"    "11/12/2004 9:35 PM"
+ "Lavasoft Kernexplorer"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys"    ""
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"    ""
+ "LVPr2Mon"    "Logitech ProcMon Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lvpr2mon.sys"    "10/7/2009 3:26 AM"
+ "mbamchameleon"    "Malwarebytes Chameleon Protection Driver"    "Malwarebytes Corporation"    "c:\windows\system32\drivers\mbamchameleon.sys"    "5/27/2014 9:31 PM"
+ "mcdbus"    "MagicISO SCSI Host Controller"    "MagicISO, Inc."    "c:\windows\system32\drivers\mcdbus.sys"    "2/24/2009 5:42 AM"
+ "mdmxsdk"    "Diagnostic Interface DRIVER"    "Conexant"    "c:\windows\system32\drivers\mdmxsdk.sys"    "3/17/2004 2:04 PM"
+ "NAL"    "Intel® Network Adapter Diagnostic Driver"    "Intel Corporation "    "c:\windows\system32\drivers\iqvw32.sys"    "10/23/2012 3:48 AM"
+ "NPF"    "npf.sys (NT5/6 x86) Kernel Driver"    "Riverbed Technology, Inc."    "c:\windows\system32\drivers\npf.sys"    "2/28/2013 8:28 PM"
+ "oneuport"    "USB Compound device driver"    ""    "c:\windows\system32\drivers\oneuport.sys"    "1/17/2005 6:35 AM"
+ "PCASp50"    ""    ""    "File not found: system32\drivers\PCASp50.sys"    ""
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"    ""
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"    ""
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"    ""
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"    ""
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"    ""
+ "PID_0928"    "Logitech Video Driver"    "Logitech Inc."    "c:\windows\system32\drivers\lv561av.sys"    "4/30/2009 5:43 PM"
+ "PORTIO"    ""    ""    "File not found: C:\Program Files\PICPgm\PortIO.sys"    ""
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"    "8/17/2001 3:49 PM"
+ "RimUsb"    ""    ""    "File not found: System32\Drivers\RimUsb.sys"    ""
+ "RimVSerPort"    "RIM Virtual Serial Driver"    "Research in Motion Ltd"    "c:\windows\system32\drivers\rimserial.sys"    "11/24/2008 12:02 PM"
+ "RT-USB"    "RossTech USB Driver"    "Ross-Tech LLC"    "c:\windows\system32\drivers\rt-usb.sys"    "3/30/2010 9:28 AM"
+ "RTL8192cu"    "Realtek RTL8192C USB NDIS Driver"    "Realtek Semiconductor Corporation                           "    "c:\windows\system32\drivers\rtl8192cu.sys"    "3/25/2011 2:52 AM"
+ "SASDIFSV"    "SASDIFSV.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasdifsv.sys"    "7/21/2011 6:03 PM"
+ "SASKUTIL"    "SASKUTIL.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\saskutil.sys"    "7/12/2011 3:24 PM"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"    "9/13/2006 8:18 AM"
+ "Ser2pl"    "USB-to-Serial Cable Driver"    "Prolific Technology Inc."    "c:\windows\system32\drivers\ser2pl.sys"    "6/16/2005 10:20 PM"
+ "snapman"    "Acronis Snapshot API"    "Acronis"    "c:\windows\system32\drivers\snapman.sys"    "10/6/2006 8:44 AM"
+ "StarOpen"    ""    ""    "c:\windows\system32\drivers\staropen.sys"    "6/27/2006 2:15 PM"
+ "STHDA"    "NDRC"    "SigmaTel, Inc."    "c:\windows\system32\drivers\sthda.sys"    "5/10/2007 11:00 AM"
+ "tap0901"    "TAP-Win32 Virtual Network Driver"    "The OpenVPN Project"    "c:\windows\system32\drivers\tap0901.sys"    "11/24/2011 1:50 PM"
+ "tbhsd"    "Tunebite High-Speed Dubbing"    "RapidSolution Software AG"    "c:\windows\system32\drivers\tbhsd.sys"    "12/10/2007 11:28 AM"
+ "USBAAPL"    "Apple Mobile Device USB Driver"    "Apple, Inc."    "c:\windows\system32\drivers\usbaapl.sys"    "11/27/2012 6:37 PM"
+ "vcdrom"    "Driver for Virtual CD-ROMs"    "Microsoft Corporation"    "c:\downloads\microsoft\virtual cd\vcdrom.sys"    "12/19/2001 2:44 PM"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"    ""
+ "winachsf"    "HSF_CNXT driver"    "Conexant Systems, Inc."    "c:\windows\system32\drivers\hsf_cnxt.sys"    "7/22/2005 1:00 PM"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""    "5/29/2014 4:49 PM"
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 7:09 PM"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"    "1/29/2010 9:36 AM"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"    "10/3/2008 5:42 AM"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"    "8/18/2001 12:35 AM"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"    "6/17/2010 9:03 AM"
+ "VIDC.FFDS"    ""    ""    "c:\windows\system32\ff_vfw.dll"    "7/5/2009 1:05 PM"
+ "VIDC.I420"    "Helix I420 YUV Codec"    "www.helixcommunity.org"    "c:\windows\system32\i420vfw.dll"    "1/25/2004 11:18 AM"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/18/2001 12:33 AM"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"    "8/18/2001 12:33 AM"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 7:10 PM"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 7:10 PM"
+ "vidc.XVID"    ""    ""    "c:\windows\system32\xvidvfw.dll"    "6/7/2009 9:24 AM"
+ "vidc.yv12"    "Helix YV12 YUV Codec"    "www.helixcommunity.org"    "c:\windows\system32\yv12vfw.dll"    "1/25/2004 11:18 AM"
"HKLM\Software\Classes\Filter"    ""    ""    ""    "9/26/2009 1:25 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 7:10 PM"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 7:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 7:10 PM"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"    "4/13/2008 7:10 PM"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""    "7/7/2014 4:35 PM"
+ "9x8Resize"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "9x8Resize"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "aac_parser"    ""    ""    "File not found: C:\WINDOWS\system32\aac_parser.ax"    ""
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"    "10/3/2008 5:42 AM"
+ "Allocator Fix"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "Allocator Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "AsyncEx"    ""    ""    "c:\program files\diskinternals\fatrecovery\bs_load.di"    "6/19/1992 5:22 PM"
+ "Audio Destination"    "WAVDest Filter (Sample)"    "Microsoft Corporation"    "c:\program files\google\google earth\client\wavdest.ax"    "10/7/2013 2:33 PM"
+ "Audio Source"    "Windows Media Preview Object"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmprevu.dll"    "12/11/2002 8:34 PM"
+ "Bitmap"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "Bitmap"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "CoreAAC Audio Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\CoreAAC.ax"    ""
+ "CoreAVC Video Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\AVCDX.ax"    ""
+ "Dirac Source"    ""    ""    "File not found: C:\WINDOWS\system32\DiracSplitter.ax"    ""
+ "Dirac Splitter"    ""    ""    "File not found: C:\WINDOWS\system32\DiracSplitter.ax"    ""
+ "Dirac Video Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\DiracSplitter.ax"    ""
+ "DirectVobSub"    ""    ""    "File not found: C:\Program Files\FreeTime\FormatFactory\FFModules\AviSynthPlugins\vsfilter.dll"    ""
+ "DirectVobSub (auto-loading version)"    ""    ""    "File not found: C:\Program Files\FreeTime\FormatFactory\FFModules\AviSynthPlugins\vsfilter.dll"    ""
+ "DV Scenes"    "DV-Timecode based Scenechange Detection"    "Nero AG"    "c:\program files\nero\nero 7\nero vision\nvdv.dll"    "11/2/2006 8:59 AM"
+ "DV Source Filter"    "DV-Timecode based Scenechange Detection"    "Nero AG"    "c:\program files\nero\nero 7\nero vision\nvdv.dll"    "11/2/2006 8:59 AM"
+ "ffdshow DXVA Video Decoder"    ""    ""    "File not found: C:\Program Files\FreeTime\FormatFactory\FFModules\Filters\ffdshow\ffdshow.ax"    ""
+ "FLV4 Video Decoder"    "FLV Splitter"    "Gabest"    "c:\windows\system32\flvsplitter.ax"    "11/15/2008 11:57 AM"
+ "Frame Eater"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "Frame Eater"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "GDCL WMV/WMA Parser"    "DirectShow WMV/WMA Parser"    "GDCL (www.gdcl.co.uk)"    "c:\program files\diskinternals\fatrecovery\bs_wm.di"    "10/17/2005 7:54 AM"
+ "HighMAT and MPV Navigator Filter"    "MPV Playback Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"    "11/30/2006 10:57 AM"
+ "HighMAT/MPV Navigation Client Filter"    "MPV Playback Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\hmnavigator.ax"    "11/30/2006 10:57 AM"
+ "Indeo Video ® 5.1 Progressive Download Source"    "Intel Indeo® video IVF Source Filter 5.10"    "Intel Corporation"    "c:\windows\system32\ivfsrc.ax"    "4/13/2008 7:10 PM"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"    "4/13/2008 7:09 PM"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 7:10 PM"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"    "4/13/2008 7:10 PM"
+ "LAV Audio Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\HLaudio.dll"    ""
+ "LAV Splitter"    ""    ""    "File not found: C:\WINDOWS\system32\HLsplit.dll"    ""
+ "LAV Splitter Source"    ""    ""    "File not found: C:\WINDOWS\system32\HLsplit.dll"    ""
+ "LAV Video Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\HLvideo.dll"    ""
+ "Matroska Muxer"    "Matroska Muxer"    "Gabest"    "c:\windows\system32\matroskamuxer.ax"    "8/16/2004 8:41 AM"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"    "6/15/2010 11:11 AM"
+ "MPEG-2 PSI Reader Filter"    "Mpeg2PsiReader"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\mpeg2psireader.ax"    "4/27/2007 6:05 AM"
+ "MPEG-2 Stream Reader Filter"    "Mpeg2StreamReader"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\mpeg2streamreader.ax"    "1/30/2007 8:23 AM"
+ "NeAudio2"    "Nero Audio Decoder 2"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudio2.ax"    "6/25/2007 7:22 AM"
+ "Nero Audible Decoder"    "Nero Audible Decoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudible.ax"    "6/25/2007 8:15 AM"
+ "Nero Audio CD Filter"    "Nero Audio CD Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudcd.ax"    "4/2/2007 9:25 AM"
+ "Nero Audio CD Navigator"    "Nero Audio CD Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neaudcd.ax"    "4/2/2007 9:25 AM"
+ "Nero Audio Source"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"    "6/25/2007 7:12 AM"
+ "Nero Audio Stream Renderer"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"    "6/25/2007 7:12 AM"
+ "Nero Audio Stream Renderer"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"    "6/25/2007 7:12 AM"
+ "Nero AV Synchronizer"    "Audio/Video Synchronizer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neavsync.ax"    "6/25/2007 7:19 AM"
+ "Nero Deinterlace"    "Deinterlacing Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedeinterlace.ax"    "6/25/2007 7:30 AM"
+ "Nero Digital AVC Audio Encoder"    "AAC LC/HE Audio Encoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendaud.ax"    "6/25/2007 7:32 AM"
+ "Nero Digital AVC File Writer"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"    "6/25/2007 7:32 AM"
+ "Nero Digital AVC Muxer"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"    "6/25/2007 7:32 AM"
+ "Nero Digital AVC Null Renderer"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"    "6/25/2007 7:32 AM"
+ "Nero Digital AVC Subpicture Enc"    "NeroDigital File Format Muxer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendmux.ax"    "6/25/2007 7:32 AM"
+ "Nero Digital AVC Video Enc"    "MPEG4 and H.264 (AVC) Video Encoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nendvid.ax"    "6/25/2007 7:32 AM"
+ "Nero Digital Parser"    "NeroDigital / mp4 / avi / mov parser"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\ndparser.ax"    "6/25/2007 7:23 AM"
+ "Nero DV Splitter"    "DV Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedvsplitter.ax"    "6/25/2007 7:58 AM"
+ "Nero DVD Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideo.ax"    "6/28/2007 8:19 AM"
+ "Nero DVD Navigator"    "DVD Navigator Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nedvd.ax"    "6/25/2007 7:57 AM"
+ "Nero ES Video Reader"    "NeroDigital / mp4 / avi / mov parser"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\ndparser.ax"    "6/25/2007 7:23 AM"
+ "Nero File Source"    "Nero SVCD source filter"    "Nero AG "    "c:\program files\common files\ahead\dsfilter\nefilesrc.ax"    "6/25/2007 7:10 AM"
+ "Nero File Source (Async.)"    "Nero Home"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nefilesourceasync.ax"    "5/30/2007 4:50 AM"
+ "Nero File Source / Splitter"    "Push Mode VOB Source Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nefsource.ax"    "6/25/2007 7:58 AM"
+ "Nero FLV Splitter"    "Nero FLV Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neflvsplitter.ax"    "6/25/2007 7:31 AM"
+ "Nero Format Converter"    "Frame rate / Color space converter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neroformatconv.ax"    "6/25/2007 7:24 AM"
+ "Nero Frame Capture"    "Direct Show frame grabber filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\necapture.ax"    "6/25/2007 7:23 AM"
+ "Nero FTC"    "Frame Time Corrector Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neftc.ax"    "3/24/2006 10:28 AM"
+ "Nero InteractiveGraphics Decoder"    "Graphics Decoder Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"    "6/25/2007 8:00 AM"
+ "Nero MP3 Encoder"    "MP3 Encoding Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nemp3encoder.ax"    "6/25/2007 8:18 AM"
+ "Nero MP4 Splitter"    "MP4 Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nemp4splitter.ax"    "6/25/2007 8:01 AM"
+ "Nero Mpeg2 Encoder"    "MPEG 1/2 encoder filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevcr.ax"    "6/25/2007 7:11 AM"
+ "Nero Ogg Splitter"    "Ogg Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neoggsplitter.ax"    "6/25/2007 8:01 AM"
+ "Nero Overlay Mixer"    "Overlay Mixer Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neoverlaymixer.ax"    "6/25/2007 7:59 AM"
+ "Nero Photo Source"    "Nero Home"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nephotosource.ax"    "5/30/2007 4:48 AM"
+ "Nero PresentationGraphics Decoder"    "Graphics Decoder Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nebdgraphic.ax"    "6/25/2007 8:00 AM"
+ "Nero PS Muxer"    ""    ""    "c:\program files\common files\ahead\dsfilter\nepsmuxer.ax"    "6/25/2007 7:58 AM"
+ "Nero QuickTime™ Audio Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neqtdec.ax"    "6/25/2007 7:29 AM"
+ "Nero QuickTime™ Video Decoder"    "QuickTime™ Decoder Wrapper"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neqtdec.ax"    "6/25/2007 7:29 AM"
+ "Nero Resize"    "Resizing Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\neresize.ax"    "6/25/2007 7:30 AM"
+ "Nero Sample Queue"    "Sample Queue Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesamplequeue.ax"    "5/5/2006 9:10 AM"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"    "6/25/2007 7:10 AM"
+ "Nero Scene Change Detector"    "Scene Change Detector"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nescenedetector.ax"    "6/25/2007 7:10 AM"
+ "Nero Smart3D Text Effect Filter"    "Nero 3D DirectShow Filter"    "Nero AG"    "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"    "11/30/2006 7:48 AM"
+ "Nero Smart3D Transition Effect Filter"    "Nero 3D DirectShow Filter"    "Nero AG"    "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"    "11/30/2006 7:48 AM"
+ "Nero Smart3D Video Effect Filter"    "Nero 3D DirectShow Filter"    "Nero AG"    "c:\program files\common files\ahead\lib\nsg_dxfilter.dll"    "11/30/2006 7:48 AM"
+ "Nero Sound Processor"    "Nero Sound Processor"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesoundproc.ax"    "6/25/2007 8:16 AM"
+ "Nero Splitter"    "Splitter Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesplitter.ax"    "6/25/2007 7:58 AM"
+ "Nero Stream Buffer Sink"    "Nero Stream Buffer Engine"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesbe.ax"    "6/25/2007 8:00 AM"
+ "Nero Stream Buffer Source"    "Nero Stream Buffer Engine"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesbe.ax"    "6/25/2007 8:00 AM"
+ "Nero Stream Control"    "Transport Stream Controller Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nestreamcontrol.ax"    "2/24/2006 5:09 AM"
+ "Nero Subpicture Decoder"    "Nero Subpicture Decoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesubpicture.ax"    "6/25/2007 7:29 AM"
+ "Nero Subtitle"    "Subtitle Mixer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesubtitle.ax"    "6/25/2007 7:31 AM"
+ "Nero Thumbnail Decoder"    "Thumbnail Decoder Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nebdthumbnail.ax"    "6/25/2007 8:01 AM"
+ "Nero Vcd Navigator"    "Nero Vcd Navigator Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevcd.ax"    "6/25/2007 7:59 AM"
+ "Nero Video Analyzer"    "Nero Video Analyzer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideoanalyzer.ax"    "6/25/2007 7:30 AM"
+ "Nero Video Decoder"    "MPEG-1/2/4 & AVC video decoder w/ DxVA"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideo.ax"    "6/28/2007 8:19 AM"
+ "Nero Video Decoder HD"    "Nero HD Video Decoder"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideohd.ax"    "6/28/2007 8:30 AM"
+ "Nero Video Processor"    "Resize / Deinterlace / Color Correction / Film Effect / Frame Capture Filter"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerovideoproc.ax"    "6/25/2007 7:24 AM"
+ "Nero Video Renderer"    "Nero Video Renderer"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nevideorenderer.ax"    "6/25/2007 7:28 AM"
+ "Nero Video Source"    "Nero Library"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nerender.ax"    "6/25/2007 7:12 AM"
+ "NeSoundSwitch"    "Nero Sound Switcher"    "Nero AG"    "c:\program files\common files\ahead\dsfilter\nesoundswitch.ax"    "6/25/2007 7:22 AM"
+ "Photo Story 3 Source Filter"    "Photo Story 3 for Windows"    "Microsoft Corp."    "c:\program files\photo story 3 for windows\pssourcefilter3.dll"    "9/17/2004 8:02 PM"
+ "Plus! Photo Story 3 WAV Dest"    "Photo Story 3 for Windows"    "Microsoft Corp."    "c:\program files\photo story 3 for windows\wavdest3.dll"    "9/17/2004 8:02 PM"
+ "RadLight APE DirectShow Filter"    ""    ""    "File not found: C:\WINDOWS\system32\RLAPEDec.ax"    ""
+ "RadLight MPC DirectShow Filter"    ""    ""    "File not found: C:\WINDOWS\system32\RLMPCDec.ax"    ""
+ "RadLight Ogg Splitter"    ""    ""    "File not found: C:\WINDOWS\system32\RLOgg.ax"    ""
+ "RadLight Speex Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\RLSpeexDec.ax"    ""
+ "RadLight Theora Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\RLTheoraDec.ax"    ""
+ "RadLight Vorbis Decoder"    ""    ""    "File not found: C:\WINDOWS\system32\RLVorbisDec.ax"    ""
+ "Record Queue"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "Record Queue"    "WME Record Queue"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmedque.dll"    "12/11/2002 8:34 PM"
+ "Record Queue"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "ShotDetect"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "ShotDetect"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "Stetch"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "Subtitle Source"    ""    ""    "File not found: C:\WINDOWS\system32\DVobSub.ax"    ""
+ "TAK SourceFilter"    ""    ""    "File not found: C:\WINDOWS\system32\TAKDSDecoder.ax"    ""
+ "Video Source"    "Windows Media Preview Object"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmprevu.dll"    "12/11/2002 8:34 PM"
+ "VTS Reader"    "VTS Reader Filter"    "Gabest"    "c:\windows\system32\vtsreader.ax"    "9/18/2007 9:28 AM"
+ "Web Stram Source"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"    "8/18/2001 12:35 AM"
+ "WM VIH2 Fix"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMEnc Screen Capture Filter"    "WMESrcWp Module"    "Microsoft Corporation"    "c:\program files\windows media components\encoder\wmesrcwp.dll"    "12/11/2002 8:34 PM"
+ "WMT Audio Analyzer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Audio Analyzer"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "WMT Black Frame Generator"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT DirectX Transform Wrapper"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT DV Extract Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT FormatConversion"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Import Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Import Filter"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "WMT Interlacer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Log Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT MuxDeMux Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Sample Info Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Screen capture Filter"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "WMT Screen capture Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Switch Filter"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Virtual Renderer"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Virtual Source"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "WMT Volume"    "Filters"    "Microsoft Corporation"    "c:\program files\microsoft producer 3\filters.dll"    "2/13/2009 12:13 PM"
+ "WMT Volume"    "Movie Maker Filters"    "Microsoft Corporation"    "c:\program files\movie maker\wmm2filt.dll"    "4/13/2008 7:11 PM"
+ "Xvid MPEG-4 Video Decoder"    ""    ""    "c:\windows\system32\xvid.ax"    "6/7/2009 9:25 AM"
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify"    ""    ""    ""    "8/27/2014 2:03 PM"
+ "igfxcui"    "igfxdev Module"    "Intel Corporation"    "c:\windows\system32\igfxdev.dll"    "3/30/2007 2:59 PM"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"    ""    ""    ""    "10/11/2011 12:37 PM"
+ "mdnsNSP"    "Bonjour Namespace Provider"    "Apple Inc."    "c:\program files\bonjour\mdnsnsp.dll"    "8/31/2011 12:44 AM"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"    ""    ""    ""    "7/11/2013 7:15 PM"
+ "Adobe PDF Port"    "Acrobat ® PDF Port"    "Adobe Systems Incorporated."    "c:\windows\system32\adobepdf.dll"    "9/29/2006 2:56 AM"
+ "Canon BJ FAX Language Monitor MX920 series"    "Canon Inkjet Fax Driver"    "CANON INC."    "c:\windows\system32\cncalbl.dll"    "9/20/2012 11:37 PM"
+ "Canon BJ Language Monitor MP640 series"    "IJ Language Monitor"    "CANON INC."    "c:\windows\system32\cnmlma2.dll"    "5/22/2009 12:18 PM"
+ "Canon BJ Language Monitor MX920 series"    "IJ Language Monitor"    "CANON INC."    "c:\windows\system32\cnmlmbl.dll"    "9/21/2012 10:54 AM"
+ "Canon BJNP Port"    "Canon IJ Network 32bit comm Module"    "CANON INC."    "c:\windows\system32\cnmnppm.dll"    "7/30/2012 6:47 PM"
+ "EPSON Stylus Photo R280 Series 32MonitorBA"    "EPSON Bi-directional Monitor"    "SEIKO EPSON CORPORATION"    "c:\windows\system32\e_flbcka.dll"    "12/8/2006 12:50 AM"
"HKLM\SYSTEM\CurrentControlSet\Control\NetworkProvider\Order"    ""    ""    ""    "3/13/2009 5:35 PM"
+ "BCMLogon"    "DW WLAN Card Logon Provider"    "Dell Inc."    "c:\windows\system32\bcmlogon.dll"    "10/27/2010 11:57 PM"
 



#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:47 AM

Posted 05 September 2014 - 10:13 AM

Hi MrMark52,

 

Hmm, very strange. We have a hardware forum, maybe some of them will have a better idea about what's going on.

 

--------------

 

Please re-open autoruns, press Ctrl and F together and type Adobe ARM. Press Find Next and a line will be highlighted. Remove the check from the box, and repeat the steps for the ones listed below:

AppleSyncNotifier

Dell QuickSet

HotKeysCmds

IgfxTray

Persistence

QuickTime Task

SigmatelSysTrayApp

WD Drive Manager

Digital Line Detect.lnk

 

Any improvement on startup time?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:47 AM

Posted 18 September 2014 - 10:21 AM

Hi MrMark52,

 

Did you complete those steps?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#10 MrMark52

MrMark52
  • Topic Starter

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:47 PM

Posted 18 September 2014 - 10:35 AM

xxToffeexx,

 

Thanks for the bump - yes, I did. Boot speed had not been my key issue, but it did improve.

 

But, my high CPU usage did go away, if now I could just remember what I did to make that happen :-( . The machine has been working better than ever, almost as good as it did when I first put into service about 5 years ago. CPU load typically remains around 5-10% with occasional spikes to 80-90%. ANd I have not seen it at 100% since I did what I did.

 

Thanks much for all your help though. You confirmed it wasn't something new as whatever I did to fix it had been a probelm for a much longer period of time now.

 

If, when I remember what I did, I'll PM you so you can add to this thread. It would be important for others to know. In the meantime, you can close this thread.

 

And again, thanks for yur help!!

 

Mark



#11 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:47 AM

Posted 18 September 2014 - 02:14 PM

Hi MrMark52,

 

Yeah, it happens, would be useful to know, but sometimes you never find out. Good to hear everything is working out well, and you are welcome :)

 

I'll close the topic as resolved now.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#12 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,041 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:47 AM

Posted 18 September 2014 - 02:14 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users