Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Leftover drivers compromising Safe Mode - Need help reviewing FRST logs


  • This topic is locked This topic is locked
9 replies to this topic

#1 midimusicman79

midimusicman79

  • Members
  • 726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:12:32 AM

Posted 04 February 2015 - 10:32 AM

Hi all!

 

I am starting a new topic as instructed here: http://www.bleepingcomputer.com/forums/t/565527/problem-running-xp-in-safe-mode-drivers-listed-for-safeboot/

 

After having ran approximately 40 anti-spyware programs, IMHO my computer is close to spyware-free, having eliminated somewhat 300-400 threats totally. :whistle: The most obvious symptoms have been successfully resolved (esp. my WLAN having trouble initializing), however...

 

Now I am having a problem running Microsoft Windows XP Professional SP3 in Safe Mode. After a few minutes the computer shuts itself down without any error message. And after a manual cold start (30 seconds), the following pops up on the screen: "CPU Overtemperature failing. Press F1 to resume." And after this, Windows starts normally. :huh:

 

I therefore ran FRST in an attempt to document this problem, logs are below: :busy:

 

I am aware of CleanHlp and CleanHlp.sys both belonging to EAM, which I successfully tried out a couple of months ago, however WdfLoadGroup seems to be Microsoft-related.

 

Please review my logs and create a fixlist which I can use with FRST in order to fix this problem, and whatever other entries you may notice as malicious, unnecessary or wrong and therefore should be removed.

 

Thank you very much in advance for the help!

 

Regards,

midimusicman79

 

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-01-2015
Ran by Torbjoern Martin (administrator) on EGEN-6B8E11F08C on 31-01-2015 15:45:16
Running from C:\Documents and Settings\Torbjoern Martin\Desktop
Loaded Profiles: Torbjoern Martin (Available profiles: Torbjoern Martin & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Norwegian (Book Language)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\cisvc.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Microsoft Corporation) C:\WINDOWS\system32\tcpsvcs.exe
(Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Creative Technology Ltd) C:\WINDOWS\CTHELPER.EXE
() C:\WINDOWS\system32\TaskSwitch.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
() C:\Program Files\USB TV\EM28XX\BDARemote.exe
() C:\Program Files\CMS Peripherals\BounceBack Professional\BBLauncher.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Sonic Solutions) C:\Program Files\Common Files\Sonic Shared\CineTray.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [CTHelper] => C:\WINDOWS\CTHELPER.EXE [16384 2005-12-08] (Creative Technology Ltd)
HKLM\...\Run: [CoolSwitch] => C:\WINDOWS\system32\taskswitch.exe [45632 2002-03-19] ()
HKLM\...\Run: [ISUSPM Startup] => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [OpwareSE2] => C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [49152 2003-05-08] (ScanSoft, Inc.)
HKLM\...\Run: [mspwr] => C:\WINDOWS\system32\PuXpMan2.exe
HKLM\...\Run: [NSLauncher] => C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [Adobe Photo Downloader] => C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47392 2010-04-13] (Apple Inc.)
HKLM\...\Run: [DVD- and CD-sharing] => C:\Program Files\DVD- and CD-sharing\ODSAgent.exe [619832 2008-02-20] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\Program Files\Common Files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [RemoteControl] => [X]
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [Creative Detector] => "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [] => [X]
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [TrendSecure Remote File Lock] => C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe [423248 2008-03-06] (Trend Micro Inc.)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2006-11-15] (Microsoft Corporation)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
Startup: C:\Documents and Settings\All Users\Start menu\Programs\Start-up\BDARemote.lnk
ShortcutTarget: BDARemote.lnk -> C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
Startup: C:\Documents and Settings\All Users\Start menu\Programs\Start-up\BounceBack Launcher.lnk
ShortcutTarget: BounceBack Launcher.lnk -> C:\Program Files\CMS Peripherals\BounceBack Professional\BBLauncher.exe ()
Startup: C:\Documents and Settings\All Users\Start menu\Programs\Start-up\Sonic CinePlayer Quick Launch.lnk
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
Startup: C:\Documents and Settings\All Users\Start menu\Programs\Start-up\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
BHO: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Logon Assistant for Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKU\S-1-5-21-1060284298-2147125267-725345543-1003 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15026/CTSUEng.cab
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://scan.safety.live.com/resource/download/scanner/wlscbase5059.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://plugin.driveragent.com/files/driveragent.cab
DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} http://apps.corel.com/nos_dl_manager/plugin/IENetOpPlugin.ocx
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15026/CTPID.cab
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 130.67.15.198 193.213.112.4 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default
FF Homepage: https://www.google.com/intl/en/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_296.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\book-NO.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yellow pages-NO.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\qxl-NO.xml
FF Extension: WOT - C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-11]
FF Extension: Ghostery - C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default\Extensions\firefox@ghostery.com.xpi [2014-12-27]
FF Extension: Adblock Plus - C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-22]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-21]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-08-28] (Apple Inc.)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed]
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
S4 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
S4 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [553288 2014-09-01] (Apple Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-18] (Oracle Corporation)
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [293144 2014-03-24] (Logitech, Inc.)
S3 LPDSVC; C:\WINDOWS\system32\tcpsvcs.exe [19456 2004-08-04] (Microsoft Corporation)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-27] (Mozilla Foundation)
R2 MSFtpsvc; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2009-06-22] (Microsoft Corporation) [File not signed]
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2009-06-22] (Microsoft Corporation) [File not signed]
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S3 p2pgasvc; C:\WINDOWS\system32\p2pgasvc.dll [105472 2008-04-14] (Microsoft Corporation)
S3 PortReporter; C:\Program Files\PortReporter\portreporter.exe [90183 2004-03-30] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [212480 2007-02-08] (Nokia.) [File not signed]
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [914944 2006-11-15] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 A5AGU; C:\WINDOWS\System32\DRIVERS\A5AGU.sys [347648 2006-09-21] (D-Link Corporation)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [5685 2005-12-22] () [File not signed]
S3 ATHFMWDL; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys [43392 2005-07-26] (Windows ® 2000 DDK provider) [File not signed]
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-02-04] (ATI Technologies Inc.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [340704 2005-11-10] (Creative Technology Ltd)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2013-05-10] (Phoenix Technologies) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [176448 2014-10-10] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [39464 2014-10-10] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [63160 2014-10-10] (ESET)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [754176 2005-12-08] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [154112 2005-12-08] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [179712 2005-12-08] (Creative Technology Ltd)
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28312 2014-03-19] (Logitech, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [108632 2015-01-27] () [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [91776 2009-06-22] (Microsoft Corporation) [File not signed]
S3 msgame; C:\WINDOWS\System32\DRIVERS\msgame.sys [35200 2001-08-17] (Microsoft Corporation)
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 PfDetNT; C:\WINDOWS\system32\drivers\PfModNT.sys [8192 2005-12-08] (Creative Technology Ltd.)
R2 portD; C:\WINDOWS\System32\DRIVERS\portd2k.sys [14976 2004-02-23] (CMS Peripherals, Inc.) [File not signed]
S3 RDID1032; C:\WINDOWS\System32\Drivers\rdwm1032.sys [43900 2002-12-18] (Roland Corporation) [File not signed]
R0 SI3132; C:\WINDOWS\System32\DRIVERS\SI3132.sys [80424 2007-10-03] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [19240 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\WINDOWS\System32\DRIVERS\SiRemFil.sys [15400 2007-10-03] (Silicon Image, Inc)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2006-06-06] (EnTech Taiwan) [File not signed]
S3 YMIDUSB; C:\WINDOWS\System32\Drivers\ymidusb.sys [16640 2006-12-21] (Yamaha Corporation) [File not signed]
S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [245248 2006-05-23] (Marvell)
U1 eamon; system32\DRIVERS\eamon.sys [X]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840 2012-08-21] (GEAR Software Inc.)
S4 IntelIde; No ImagePath
U5 LHidKe; C:\Windows\System32\Drivers\LHidKe.sys [27136 2006-07-19] (Logitech Inc.) [File not signed]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\WINDOWS\System32\DRIVERS\A5AGU.sys 6E0A62F76886F7C0807B2DCEE0524EFF
C:\WINDOWS\System32\DRIVERS\ACPI.sys 7E3B0F07B0DCB6155FD4EAF4047F0C72
C:\WINDOWS\system32\Drivers\ACPIEC.sys EAB54EA21AB7EA92FB9975C02779080B
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\drivers\AsIO.sys 19A1DAC5BC607C212E8A94C05886ED52
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\Drivers\ATHFMWDL.sys 8B56BAC1AF3A59D665D7A5D1BB5624F0
C:\WINDOWS\System32\DRIVERS\ati2mtag.sys C0B86ECB324E50F6BBD529F9D5C6B24B
C:\WINDOWS\System32\DRIVERS\atinavt2.sys BEFB648D5A40B816D66283B571BBE38A
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\WINDOWS\System32\drivers\ctac32k.sys 3CFB715F2E3B0E475E984F78CDFADA57
C:\WINDOWS\System32\drivers\ctaud2k.sys B640816F7D3FFEAAEFEA831242FE5E8C
C:\WINDOWS\System32\drivers\ctdvda2k.sys C4333325D325EFA668888D0D3177C6FF
C:\WINDOWS\System32\drivers\ctprxy2k.sys A9F9A48406E99134CD3879B410E9139D
C:\WINDOWS\System32\drivers\ctsfm2k.sys FCBB8EA6FE935D2C531D3A4DEE9F985B
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys F1F9E49B764C96902ECCABEF144E7CC7
C:\WINDOWS\System32\drivers\dmio.sys 12CA201C2B40D8A8B1687164E2DD1D9A
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\system32\Drivers\DrvAgent32.sys 651554E483712B708EDE864D0CA1AA73
C:\WINDOWS\System32\DRIVERS\e1e5132.sys F239EC59B4A30266A4A7B081A5DEE0FC
C:\WINDOWS\System32\DRIVERS\eamonm.sys 687CCC438AA414AE22EEA081F98DC645
C:\WINDOWS\System32\DRIVERS\ehdrv.sys 340870877DBE2A6D848537FC6AC2BA2F
C:\WINDOWS\System32\drivers\emupia2k.sys 05377DDEDF219D9BD3102BD9FBDC3EAE
C:\WINDOWS\System32\DRIVERS\epfw.sys 372AA9B1146D66E5D6B65844D9416778
C:\WINDOWS\System32\DRIVERS\Epfwndis.sys 2515C0EABDC262DB8D1907FB3953FDAB
C:\WINDOWS\System32\DRIVERS\epfwtdi.sys B06BF1B26612540B9414BD4307A191D6
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys A3D6EF42350586396D613081E20D750C
C:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys F49589D9B1B3229EB3E761E569B20ACA
C:\WINDOWS\System32\DRIVERS\gameenum.sys 065639773D8B03F33577F6CDAEA21063
C:\WINDOWS\System32\giveio.sys 77EBF3E9386DAA51551AF429052D88D0
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\drivers\ha10kx2k.sys 5DA1AF9485B591E4406924803969CCF0
C:\WINDOWS\System32\drivers\hap16v2k.sys 9F7EEC8D49279052E4D70971246AC7CD
C:\WINDOWS\System32\drivers\hap17v2k.sys C34FBFCF18332927C9D7DFB44F1CC84F
C:\WINDOWS\System32\DRIVERS\HidBatt.sys 748031FF4FE45CCC47546294905FEAB8
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 07D2C69BF1230998553EA5FC62E4DA9D
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\intelppm.sys 694E25EFDC04BFC2803B718CD01B71AD
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 165255B09753CD0900287C6722B53E8A
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 403A9D3C56617C49EFCB5F2897F500D7
C:\WINDOWS\System32\DRIVERS\kbdhid.sys AD4760546EF72CEE55E12F91DC444847
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys D1968DEA7BAFF4A917858C384339CEC8
C:\WINDOWS\System32\Drivers\LBeepKE.sys 8ABFD7FB22CBE8D6066EEE2CF352B0BB
C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys B9E077D03FCCD05A8829DC5E0653E60B
C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys FBB88DD2236B263FF412AA7067BDFEE6
C:\WINDOWS\System32\Drivers\LUsbFilt.Sys EEB18645DB3CA244F09821C7D7EC8A6B
C:\WINDOWS\system32\drivers\mbamchameleon.sys 6F080D07EC100DA4166573CEB287426A
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys EFC09980C68BE2DD0BC3076AAA567D67
C:\WINDOWS\System32\DRIVERS\mouclass.sys F54DE35966BD4F6D7D751642DED032DB
C:\WINDOWS\System32\DRIVERS\mouhid.sys 2C8ACE099162A015D464C9A427148651
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\MPE.sys C0F8E0C2C3C0437CF37C6781896DC3EC
C:\WINDOWS\system32\drivers\mqac.sys EEE50BF24CAEEDB515A8F3B22756D3BB
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\DRIVERS\msgame.sys 082A950191DDE602BBEA8EF4E5900251
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\System32\drivers\msmpu401.sys CA3E22598F411199ADC2DFEE76CD0AE0
C:\WINDOWS\System32\DRIVERS\ASACPI.sys D48659BB24C48345D926ECB45C1EBDF5
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\System32\drivers\nmwcd.sys 696B37EA78F9D9767A2F18BA0304A51A
C:\WINDOWS\System32\drivers\nmwcdc.sys BBB6010FC01D9239D88FCDF133E03FF0
C:\WINDOWS\System32\drivers\nmwcdcj.sys 4C3726467D67483F054C88F058E9C153
C:\WINDOWS\System32\drivers\nmwcdcm.sys 4C3726467D67483F054C88F058E9C153
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\System32\drivers\ctoss2k.sys 3649EEFA90990249267DD6C7808CBC86
C:\WINDOWS\System32\DRIVERS\parport.sys 1AA2E7C0F517B16C6D53093F6EF4D707
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 12297B25CCC4D89D9D2E794A8FD6EE3D
C:\WINDOWS\System32\DRIVERS\pci.sys 5AF0A66BBBBB8D44A308141F529EA5E0
C:\WINDOWS\System32\DRIVERS\pciide.sys C9EF84891A111F6F5EBB758A29252E54
C:\WINDOWS\system32\Drivers\Pcmcia.sys 339B6DA5D9E01E04F39A5E93612D5C5A
C:\WINDOWS\system32\drivers\PfModNT.sys DB64E50CFEA80077E47C282BCE2C1813
C:\WINDOWS\System32\DRIVERS\portd2k.sys 97152B53B88C82564CAE86FE16635BDC
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\Drivers\rdwm1032.sys CBCCC79FD9AB75487508C59863BE702D
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys 99C7D4742BE0415D084126EC3462B454
C:\WINDOWS\system32\drivers\RMCast.sys 96F7A9A7BF0C9C0440A967440065D33C
C:\WINDOWS\System32\DRIVERS\sbp2port.sys B244960E5A1DB8E9D5D17086DE37C1E4
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys D579FAB95D55A3459547D3EF116821D7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SI3132.sys 0B9B5C6DF6226497EF4819B6E1B2EFD5
C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys AD29A80543C63E5B3588D118FB327E22
C:\WINDOWS\System32\DRIVERS\SiRemFil.sys B19EFE5E45AE31F3C3E4C4F0F9DA3C49
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\speedfan.sys DC8D2952FB6FFBAEC67BD1B93A34DF11
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys A10A8FFFBC556480027FB5AADAE4FE1A
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\System32\DRIVERS\tcpip6.sys 4E53BBCC4BE37D7A4BD6EF1098C89FF7
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\System32\DRIVERS\tunmp.sys 8F861EDA21C05857EB8197300A92501C
C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS E266683FC95ABDEC17CD378564E1B54B
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 9D61102F5BACD5A26FCAA0DE95E5909E
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\DRIVERS\Wdf01000.sys FD47474BD21794508AF449D9D91AF6E6
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys 50EB9E21963B4F06FD010D007D54351B
C:\WINDOWS\System32\DRIVERS\wudfrd.sys 6E209664BDEA8A15B5E8E480D6C607C2
C:\WINDOWS\System32\Drivers\ymidusb.sys 48D2CA257A22481F830D9CE434E3827A
C:\WINDOWS\System32\DRIVERS\yk51x86.sys 228D0403F0210D6D67A9ACF907597EFE

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 15:45 - 2015-01-31 15:45 - 00036515 _____ () C:\Documents and Settings\Torbjoern Martin\Desktop\FRST.txt
2015-01-31 12:11 - 2015-01-31 12:11 - 00000000 ____D () C:\WINDOWS\CSC
2015-01-30 15:13 - 2015-01-30 15:16 - 00000000 ____D () C:\System Cleaner
2015-01-29 12:19 - 2015-01-29 12:19 - 00000000 ____D () C:\Documents and Settings\All Users\Program Data\Malwarebytes
2015-01-29 12:17 - 2015-01-29 14:11 - 00000000 ____D () C:\Documents and Settings\All Users\Program Data\Malwarebytes' Anti-Malware (portable)
2015-01-29 12:17 - 2015-01-29 12:17 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-27 11:42 - 2015-01-27 11:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-24 16:03 - 2015-01-24 16:03 - 00000907 ____N () C:\Documents and Settings\Torbjoern Martin\Desktop\Shortcut to BlueScreenView.exe.lnk
2015-01-24 15:45 - 2015-01-24 15:44 - 00094208 ____N () C:\WINDOWS\Minidump\Mini012415-01.dmp
2015-01-24 15:25 - 2015-01-27 12:17 - 00108632 ____N () C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-23 09:59 - 2015-01-23 09:59 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Program Data\9-lab
2015-01-04 16:16 - 2015-01-09 16:02 - 00000151 ____N () C:\Documents and Settings\Torbjoern Martin\Desktop\Cookies-Numbers.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-31 15:45 - 2014-11-18 11:53 - 00000000 ____D () C:\FRST
2015-01-31 15:45 - 2009-04-29 13:05 - 00000442 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{99082F30-1C10-41B8-85EC-F9979A0249DE}.job
2015-01-31 15:45 - 2006-06-05 13:19 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Desktop
2015-01-31 15:45 - 2006-06-05 13:19 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Local Settings\Temp
2015-01-31 15:44 - 2014-12-22 15:50 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Desktop\FRST-OlderVersion
2015-01-31 15:44 - 2014-11-18 11:46 - 01122304 _____ (Farbar) C:\Documents and Settings\Torbjoern Martin\Desktop\FRST.exe
2015-01-31 15:38 - 2012-03-30 10:33 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-31 14:45 - 2006-06-05 13:17 - 00031810 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-31 12:35 - 2006-06-05 13:13 - 01940215 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-31 12:33 - 2014-03-12 10:53 - 00000242 _____ () C:\WINDOWS\Tasks\Notification about End of Support for Microsoft Windows XP – logon.job
2015-01-31 12:33 - 2004-08-04 13:00 - 00012674 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-31 12:32 - 2006-06-05 13:19 - 00000286 ___SH () C:\Documents and Settings\Torbjoern Martin\ntuser.ini
2015-01-31 12:29 - 2006-06-05 14:55 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-01-31 12:26 - 2006-06-05 15:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-31 12:26 - 2006-06-05 15:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-01-31 12:24 - 2006-06-05 13:17 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-30 16:10 - 2006-06-05 22:02 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-01-30 15:50 - 2014-05-19 15:00 - 00000000 ____D () C:\Documents and Settings\All Users\Program Data\CanonIJPLM
2015-01-30 14:23 - 2013-11-21 15:19 - 00000000 __RHD () C:\Documents and Settings\Torbjoern Martin\Latest
2015-01-30 14:16 - 2013-10-29 15:54 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\My Documents\Downloads
2015-01-30 12:17 - 2006-06-10 14:22 - 00002491 _____ () C:\Documents and Settings\Torbjoern Martin\Desktop\Microsoft Office Excel 2003.lnk
2015-01-29 12:05 - 2014-07-14 10:44 - 00000000 ____D () C:\WINDOWS\ERDNT
2015-01-29 12:01 - 2006-06-05 15:01 - 00207437 _____ () C:\WINDOWS\setupact.log
2015-01-28 16:05 - 2007-06-23 15:13 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2015-01-28 16:05 - 2007-06-23 15:13 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2015-01-28 10:34 - 2014-06-11 12:20 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-28 10:34 - 2006-08-03 06:47 - 00000000 ____D () C:\WINDOWS\BounceBack
2015-01-27 12:38 - 2012-03-30 10:33 - 00701616 ____N (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-01-27 12:38 - 2011-05-21 11:02 - 00071344 ____N (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-27 12:32 - 2006-06-05 15:02 - 00000000 ____D () C:\Program Files
2015-01-24 15:45 - 2006-06-08 22:16 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-24 13:42 - 2006-06-05 22:02 - 00085800 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\GDIPFONTCACHEV1.DAT
2015-01-24 13:30 - 2006-06-05 15:01 - 00303624 ____N () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-24 13:27 - 2014-07-08 15:00 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-24 13:27 - 2006-06-05 13:19 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin
2015-01-24 13:27 - 2006-06-05 13:17 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-24 13:27 - 2006-06-05 13:17 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-24 13:26 - 2006-06-05 13:11 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-24 13:25 - 2006-06-05 15:02 - 00000000 ___RD () C:\Documents and Settings\All Users\Start menu\Programs
2015-01-23 10:09 - 2006-06-05 15:02 - 00000000 ____D () C:\Documents and Settings\All Users\Desktop
2015-01-16 12:58 - 2013-07-10 13:45 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 12:49 - 2006-06-05 20:24 - 110348472 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-08 15:00 - 2014-03-12 10:53 - 00000236 ____N () C:\WINDOWS\Tasks\Notification about End of Support for Microsoft Windows XP – monthly.job

==================== Files in the root of some directories =======

2008-04-12 17:53 - 2014-01-07 13:31 - 0262966 ____N () C:\Documents and Settings\Torbjoern Martin\Program Data\NMM-MetaData.db
2009-10-29 15:00 - 2009-10-29 15:00 - 0000760 ____N () C:\Documents and Settings\Torbjoern Martin\Program Data\setup_ldm.iss
2014-06-16 13:53 - 2014-06-16 13:55 - 0000000 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\ars.cache
2014-06-16 13:53 - 2014-06-16 13:55 - 0000000 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\census.cache
2006-06-07 18:57 - 2014-11-30 16:03 - 0030720 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-10 14:29 - 2013-07-10 14:48 - 0000305 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\DelUnist.bat
2006-06-05 21:14 - 2006-06-05 21:14 - 0000139 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\fusioncache.dat
2014-06-16 08:34 - 2014-06-16 08:34 - 0000036 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\housecall.guid.cache

Some content of TEMP:
====================
C:\Documents and Settings\Torbjoern Martin\Local Settings\Temp\AdobeUpdater12345.exe
C:\Documents and Settings\Torbjoern Martin\Local Settings\Temp\uninstall.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

Addition log:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-01-2015
Ran by Torbjoern Martin at 2015-01-31 15:46:38
Running from C:\Documents and Settings\Torbjoern Martin\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security 8.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal Firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.296 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Norsk (HKLM\...\{AC76BA86-7AD7-1044-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
Adobe® Photoshop® Album Starter Edition 3.0 (HKLM\...\{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}) (Version: 3.0.1 - Adobe Systems, Inc.)
Adobe® Photoshop® Album Starter Edition 3.0.1 (HKLM\...\{C9618743-1A5C-461E-91C4-E013A3D70F3C}) (Version: 3.0.1 - Adobe Systems, Inc.)
Alt-Tab Task Switcher Powertoy for Windows XP (HKLM\...\{A7050037-F0EA-4BAB-BCD5-FC05507D6147}) (Version: 1.00.0001 - Microsoft Corporation)
Apple Mobile Device Support (HKLM\...\{C0CC75CD-F5B7-46AD-B016-17C0F5171718}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Apple Program Support (HKLM\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
ArcSoft PhotoStudio 5.5 (HKLM\...\{85309D89-7BE9-4094-BB17-24999C6118FC}) (Version:  - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 2.01 (HKLM\...\Ashampoo Photo Optimizer 2_is1) (Version: 2.0.1 - ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer 3.02 (HKLM\...\Ashampoo Photo Optimizer 3_is1) (Version: 3.0.2 - ashampoo GmbH & Co. KG)
Ashampoo PowerUp 3.23 (HKLM\...\Ashampoo PowerUp 3_is1) (Version: 3.2.3 - Ashampoo GmbH & Co. KG)
ASUSUpdate (HKLM\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version:  - )
ATI - Uninstallation Tool for the Software (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
ATI AVIVO Codecs (HKLM\...\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}) (Version: 10.0.0.40103 - ATI Technologies Inc.)
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.593.100-100210a-095952E-ATI - )
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BounceBack Professional (HKLM\...\{95632566-071E-4A02-92C1-4BD907065736}) (Version: 6.0 - )
User Registration for Canon MG7100 series (HKLM\...\User Registration for Canon MG7100 series) (Version:  - ‭Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.1.0 - Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MG7100 series On-screen Manual (HKLM\...\Canon MG7100 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MP Navigator 2.0 (HKLM\...\MP Navigator 2.0) (Version:  - )
Canon MP800 (HKLM\...\{04F9B09E-CDB5-46fc-AC30-2E7E7C7A8A34}) (Version:  - )
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Canon Utilities Easy-PhotoPrint (HKLM\...\Easy-PhotoPrint) (Version:  - )
ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden
ccc-core-static (Version: 2007.0202.1923.34565 - ATI) Hidden
ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden
CD-LabelPrint (HKLM\...\MediaNavigation.CDLabelPrint) (Version:  - )
Compatibility Pack for 2007 Office (HKLM\...\{90120000-0020-0414-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cool Edit 96 (HKLM\...\Cool Edit 96) (Version:  - )
CoolMon (HKLM\...\CoolMon) (Version:  - )
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creative Audio Console (HKLM\...\AudioConSole) (Version:  - )
Creative MediaSource (HKLM\...\{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}) (Version: 3.00 - )
Cubasis VST 4 (HKLM\...\Cubasis VST 4) (Version:  - )
Digital File Check (HKLM\...\{3FC93D65-51AC-492F-9414-26442BE521A1}) (Version: 1.5 - DtecNet Software)
DriverAgent by eSupport.com (HKLM\...\DriverAgent_is1) (Version:  - Copyright © 2013 eSupport.com, Inc • All Rights Reserved)
DTS Neo:6 Settings (HKLM\...\DTS Console) (Version:  - )
DVD- and CD-sharing (HKLM\...\{514FBEC8-E8CE-4F6F-A17F-2789E8DE8D69}) (Version: 1.0.1.4 - Apple Inc.)
Easy-WebPrint (HKLM\...\Easy-WebPrint) (Version:  - )
EAX Unified (HKLM\...\EAX Unified) (Version:  - )
eMedia Bass Method (HKLM\...\{9521E662-CA9E-11D8-AF05-0050708557B4}) (Version:  - eMedia Bass Method)
eMedia Blues Guitar Legends (HKLM\...\eMedia Blues Guitar Legends) (Version:  - )
eMedia Guitar Method (HKLM\...\{B3B4E8E4-E2A4-11D6-8D31-00105A629F49}) (Version:  - eMedia Guitar Method)
eMedia Guitar Songs (HKLM\...\eMedia Guitar Songs) (Version:  - )
eMedia Intermediate Guitar Method (HKLM\...\eMedia Intermediate Guitar Method) (Version:  - )
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Smart Security (HKLM\...\{AD6C2EE6-F584-4E8A-B3A7-093772D1FF3E}) (Version: 8.0.304.1 - ESET, spol s r. o.)
Evolution Software Installer v1.00 (HKLM\...\Evolution Software Installer v1.00) (Version:  - )
Evolution Sys Ex Librarian (HKLM\...\Evolution Sys Ex Librarian) (Version:  - )
Home Media Server 4.1.4.0067 (HKLM\...\Home Media Server 4.1.4.0067) (Version:  - Universal Electronics, Inc.)
Hotfix 2050 for SQL Server 2000 ENU (KB948110) (HKLM\...\KB948110(ENU)) (Version: 1 - Microsoft Corporation)
Hotfix 2055 for SQL Server 2000 ENU (KB960082) (HKLM\...\KB960082(ENU)) (Version: 1 - Microsoft Corporation)
Hotfix for Windows Internet Explorer 7 (KB947864) (HKLM\...\KB947864-IE7) (Version: 1 - Microsoft Corporation)
Hotfix for Windows Media Player 11 (KB939683) (HKLM\...\KB939683) (Version:  - Microsoft Corporation)
Hotfix for Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix for Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix for Windows XP (KB961118) (HKLM\...\KB961118) (Version: 1 - Microsoft Corporation)
Hotfix for Windows XP (KB970653-v3) (HKLM\...\KB970653-v3) (Version: 3 - Microsoft Corporation)
Hotfix for Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Hotfix for Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix for Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
Intel® PRO Network Connections (HKLM\...\{205C26CB-6D52-458C-A87F-1EE77F9625C6}) (Version:  - Intel)
iTunes (HKLM\...\{F32DC846-4457-40A8-BECA-BCC0E960BC53}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
jlGui3.0 (HKLM\...\jlGui3.0) (Version: 3.0.0.0 - JavaZOOM)
Junk E-mail Reporting Tool (HKLM\...\{B72B06E0-0C54-495F-896F-E3ED2905624D}) (Version: 8.0.680.0 - Microsoft Corporation)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Updater (HKLM\...\{53735ECE-E461-4FD0-B742-23A352436D3A}) (Version: 1.70 - Firmanavn)
Media Library Management Wizard (HKLM\...\mplibwiz.inf) (Version:  - )
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Norwegian Language Pack (HKLM\...\{3EAC35F4-FF26-4123-9404-0B5B93DAB570}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - NOR (HKLM\...\{39368310-D834-3445-992D-9E253730F55F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - NOR (HKLM\...\{3EEA7006-6D7C-33AE-8BF0-25ABF1FE9DB3}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile NOR Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile NOR Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider-Package (HKLM\...\KB909520) (Version:  - Microsoft Corporation)
Microsoft Calculator Plus (HKLM\...\{7716F5E9-FD9A-4CEC-9041-2E84BF8DB083}) (Version: 1.0.0 - Microsoft)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{91110414-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.5 (HKLM\...\Wudf01005) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XML Parser SDK (HKLM\...\{2E819828-BC8D-4177-BEBB-425FAFF89E6B}) (Version: 8.70.1104.04 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{BA165460-FCF7-4D6C-A7A2-F2321700720F}) (Version: 3.0.1.1 - Apple Inc.)
Movie Maker Background Music Files (HKLM\...\mmmusic) (Version:  - )
Movie Maker Sound Effects (HKLM\...\mmsounds) (Version:  - )
Movie Maker Title Images (HKLM\...\mmtitle) (Version:  - )
Mozilla Firefox 35.0.1 (x86 nb-NO) (HKLM\...\Mozilla Firefox 35.0.1 (x86 nb-NO)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
MSXML 6.0 SDK (HKLM\...\{DF67E8C2-1D4C-44E1-93DC-7E26E2D74D00}) (Version: 6.00.3883.8 - Microsoft Corporation)
Netscape Navigator (9.0.0.6) (HKLM\...\Netscape Navigator (9.0.0.6)) (Version: 9.0.0.6 (en-US) - Netscape)
Nokia Connectivity Cable Driver (HKLM\...\{972B1D9B-0EAD-49E8-B7D6-3B83FD5665B1}) (Version: 6.83.9.0 - Nokia)
Nokia Lifeblog 2.5 (HKLM\...\{E94603CA-2996-4154-8EE2-A5FCD4BFB500}) (Version: 2.5.224 - Nokia)
Nokia NSeries Application Installer (HKLM\...\{FD349381-D79C-4E5C-8980-015DFFB962D5}) (Version: 6.82.15 - Nokia)
Nokia NSeries Content Copier (HKLM\...\{F779EC8D-6703-4C4A-817C-37B07898E647}) (Version: 6.82.15 - Nokia)
Nokia NSeries Multimedia Player (HKLM\...\{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}) (Version: 6.82.15 - Nokia)
Nokia NSeries Music Manager (HKLM\...\{F89E5AD8-AE47-49B5-B9F9-C498791E6255}) (Version: 6.82.15 - Nokia)
Nokia NSeries One Touch Access (HKLM\...\{F4EE8763-EAA8-4BC1-8594-8501F5F00414}) (Version: 6.82.15 - Nokia)
Nokia NSeries System Utilities (HKLM\...\{96E94E18-54D6-42C1-8FC4-24DACEDC3395}) (Version: 6.82.16 - Nokia)
Nokia Nseries Video Manager (HKLM\...\{2D21ECE3-8EC1-4315-AE4E-1970FB3AF17A}) (Version: 1.1.9 - Nokia)
Nokia Software Launcher (HKLM\...\{A8C856AD-63CD-4613-AA29-E6C85607EA06}) (Version: 1.6.80 - Nokia)
Nokia Software Updater (HKLM\...\{3186AEAE-E104-424D-9152-1BF6A4404758}) (Version: 01.03.085.28569 - Nokia Corporation)
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Linspire Inc.)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OmniPage SE 2.0 (HKLM\...\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}) (Version: 2.00.0004 - ScanSoft, Inc.)
Update for Microsoft Office Outlook 2003 med Business Contact Manager (HKLM\...\{BA68600E-96D9-4E92-80F2-26B9681B5A74}) (Version: 2.0.4324.0 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB976749) (HKLM\...\KB976749-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2492386) (HKLM\...\KB2492386) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2808679) (HKLM\...\KB2808679) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB943729) (HKLM\...\KB943729) (Version:  - Microsoft Corporation)
Update for Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951618-v2) (HKLM\...\KB951618-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
PC Connectivity Solution (HKLM\...\{6094AB91-4CC8-498E-9DFF-134CC0B159DE}) (Version: 6.43.14.0 - Nokia)
Personal License Update Wizard for Windows Media Player (HKLM\...\drmtool.inf) (Version:  - )
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.5 - Microsoft Corporation)
Plus! MP3 Audio Converter LE (HKLM\...\audcle) (Version:  - )
PR-Parser (HKLM\...\{49B94F32-23BF-4DA8-B271-C523384E6830}) (Version: 1.0.0 - Microsoft)
Logon Assistant for Windows Live (HKLM\...\{B965A150-17AB-4EB1-AD98-33149DDBD928}) (Version: 5.000.818.6 - Microsoft Corporation)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Safety Copying of Personal Folders for Microsoft Outlook (HKLM\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Security Update for Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2838727) (HKLM\...\KB2838727-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2846071) (HKLM\...\KB2846071-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2862772) (HKLM\...\KB2862772-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2870699) (HKLM\...\KB2870699-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2879017) (HKLM\...\KB2879017-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2888505) (HKLM\...\KB2888505-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2898785) (HKLM\...\KB2898785-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2909921) (HKLM\...\KB2909921-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2925418) (HKLM\...\KB2925418-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2936068) (HKLM\...\KB2936068-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB2964358) (HKLM\...\KB2964358-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB928090) (HKLM\...\KB928090-IE7) (Version: 20070117.120000 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB929969) (Version: 20061222.120000 - Microsoft Corporation) Hidden
Security Update for Windows Internet Explorer 7 (KB931768) (HKLM\...\KB931768-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB933566) (HKLM\...\KB933566-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB937143) (HKLM\...\KB937143-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB938127) (HKLM\...\KB938127-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB939653) (HKLM\...\KB939653-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB942615) (HKLM\...\KB942615-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB944533) (HKLM\...\KB944533-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB950759) (HKLM\...\KB950759-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB953838) (HKLM\...\KB953838-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB956390) (HKLM\...\KB956390-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB958215) (HKLM\...\KB958215-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB960714) (HKLM\...\KB960714-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB961260) (HKLM\...\KB961260-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB963027) (HKLM\...\KB963027-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB969897) (HKLM\...\KB969897-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB972260) (HKLM\...\KB972260-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB974455) (HKLM\...\KB974455-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB976325) (HKLM\...\KB976325-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB978207) (HKLM\...\KB978207-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Internet Explorer 7 (KB982381) (HKLM\...\KB982381-IE7) (Version: 1 - Microsoft Corporation)
Security Update for Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB2834904) (HKLM\...\KB2834904_WM11) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB2834904-v2) (HKLM\...\KB2834904-v2_WM11) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB911564) (Version:  - Microsoft Corporation) Hidden
Security Update for Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB973540) (HKLM\...\KB973540_WM9L) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player 10 (KB911565) (Version:  - Microsoft Corporation) Hidden
Security Update for Windows Media Player 10 (KB917734) (Version:  - Microsoft Corporation) Hidden
Security Update for Windows Media Player 11 (KB936782) (HKLM\...\KB936782_WMP11) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player 11 (KB954154) (HKLM\...\KB954154_WM11) (Version:  - Microsoft Corporation)
Security Update for Windows Media Player 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version:  - Microsoft Corporation)
Security Update for Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2124261) (HKLM\...\KB2124261) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2290570) (HKLM\...\KB2290570) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2491683) (HKLM\...\KB2491683) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Security Update for Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Security Update for Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2705219-v2) (HKLM\...\KB2705219-v2) (Version: 2 - Microsoft Corporation)
Security Update for Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2723135-v2) (HKLM\...\KB2723135-v2) (Version: 2 - Microsoft Corporation)
Security Update for Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Security Update for Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2876315) (HKLM\...\KB2876315) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2883150) (HKLM\...\KB2883150) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2909212) (HKLM\...\KB2909212) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2916036) (HKLM\...\KB2916036) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2922229) (HKLM\...\KB2922229) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2929961) (HKLM\...\KB2929961) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB2930275) (HKLM\...\KB2930275) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB913433) (HKLM\...\KB913433) (Version:  - Microsoft Corporation)
Security Update for Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB923689) (HKLM\...\KB923689) (Version:  - Microsoft Corporation)
Security Update for Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Security Update for Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB951376) (HKLM\...\KB951376) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Security Update for Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB953155) (HKLM\...\KB953155) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB957095) (HKLM\...\KB957095) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB958690) (HKLM\...\KB958690) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB961371) (HKLM\...\KB961371) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB961373) (HKLM\...\KB961373) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB968537) (HKLM\...\KB968537) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB969898) (HKLM\...\KB969898) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB970483) (HKLM\...\KB970483) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB973346) (HKLM\...\KB973346) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB975254) (HKLM\...\KB975254) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB976323) (HKLM\...\KB976323) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB977165) (HKLM\...\KB977165) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB977816) (HKLM\...\KB977816) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB978338) (HKLM\...\KB978338) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Security Update for Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Skins (Version: 2007.0202.1923.34565 - ATI) Hidden
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
Sonic CinePlayer DVD Pack (HKLM\...\{D4576E0D-2295-4B8E-B663-B68086B00EE5}) (Version: 2.3.1 - Sonic Solutions)
Sound Studio Gold (HKLM\...\Sound Studio Gold) (Version:  - )
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Language Package for Microsoft .NET Framework 3.5 SP1 - NOR (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - nor) (Version:  - Microsoft Corporation)
SQLXML 3.0 SP3 (HKLM\...\{19ABFD8F-CB86-4965-9282-047FC27084F1}) (Version: 3.30.3457.0 - Microsoft Corporation)
Sun Download Manager 2.0 (web) (HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Sun Download Manager 2.0 (web)) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Jazz Midi Sequencer (HKLM\...\jazz-bin-v30o-win32.exe) (Version:  - )
Trend Micro - Remote File Lock (HKLM\...\TrendSecure Remote File Lock) (Version:  - )
Tweaking.com - Windows Repair (All in One) (HKLM\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.10.2 - Tweaking.com)
UrlScan 2.5 (HKLM\...\IisUrlScan) (Version:  - )
USB Video Driver (HKLM\...\{2758691A-2CDE-4942-A4AC-0E8F61FE2067}) (Version: 1.00 - EETI)
VideoLAN VLC media player 0.8.6d (HKLM\...\VLC media player) (Version: 0.8.6d - VideoLAN Team)
VirusTotal Uploader 2.2 (HKLM\...\VTUploader) (Version:  - )
WaveLab Lite (HKLM\...\WaveLab Lite) (Version:  - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Driver Package - Nokia (WUDFRd) WPD  (03/19/2007 6.83.31.1) (HKLM\...\F064B256B4A20996EA9E333B5E0F14B61AB3333D) (Version: 03/19/2007 6.83.31.1 - Nokia)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20061107.210142 - Microsoft Corporation)
Windows Live Safety Scanner (HKLM\...\Windows Live Safety Scanner) (Version:  - )
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows Media Bonus Pack for Windows XP (HKLM\...\WMBK2) (Version:  - )
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Media Player Playlist Import to Excel Wizard (HKLM\...\mpxlswiz.inf) (Version:  - )
Windows Media Player Skin Importer (HKLM\...\wa2wmp) (Version:  - )
Windows Media Player Tray Control (HKLM\...\mpxptray.inf) (Version:  - )
Windows Rights Management-Client with Service Pack 2 (HKLM\...\{99803B9C-9FE5-40DD-A928-A65EFFCBF7ED}) (Version: 5.2.95 - Microsoft)
Windows Rights Management-Client with SP2 with Backwards Compatibility (HKLM\...\{EC905264-BCFE-423B-9C42-C3A106266790}) (Version: 5.2.95 - Microsoft)
Windows Search 4.0 (HKLM\...\KB940157) (Version: 04.00.6001.503 - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.052804 - Microsoft Corporation)
Windows Driver Pack - Advanced Micro Devices, Inc. (USB28xxBGA) Media  (08/31/2007 5.7.0831.0) (HKLM\...\9722CA1E8F72F362E93CBEC75A707FDABFC8D880) (Version: 08/31/2007 5.7.0831.0 - Advanced Micro Devices, Inc.)
Windows Driver Pack - eMPIA Technology Inc, (emAudio) MEDIA  (08/31/2007 5.7.0831.0) (HKLM\...\69083DC58646DE46A09847A522A1CC487F918039) (Version: 08/31/2007 5.7.0831.0 - eMPIA Technology Inc,)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
XML Paper Specification Shared Components Language Pack 1.0 (Version:  - Microsoft Corporation) Hidden
XML Paper Specification Shared Components Pack 1.0 (Version:  - Microsoft Corporation) Hidden
xp-AntiSpy 3.96-8 (HKLM\...\xp-AntiSpy) (Version:  - Christian Taubenheim)
XQDC X-Setup Pro 9.1.100 (HKLM\...\xqdcXSP_is1) (Version: 9.1.100 - XQDC Ltd.)
YAMAHA Musicsoft Downloader 5 (HKLM\...\{6D3C6846-CDB6-418F-8FDB-DA21FE064F86}) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.135\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.99\p (the data entry has 17 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.57\p (the data entry has 17 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.69\p (the data entry has 17 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.79\p (the data entry has 17 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.23.9\ps (the data entry has 16 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{59CC0C20-679B-11D2-88BD-0800361A1803}\InprocServer32 -> C:\Program Files\Common Files\Microsoft Shared\MSDN\CookDoc.dll ()
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.145\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.123\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.153\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.149\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{97090E2F-3062-4459-855B-014F0D3CDBB1}\InprocServer32 -> C:\Program Files\Windows Desktop Search\deskbar.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.22.3\ps (the data entry has 16 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Programdata\Google\Update\1.3.21.165\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.115\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.65\p (the data entry has 17 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.22.5\ps (the data entry has 16 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.21.111\ (the data entry has 18 more characters).
CustomCLSID: HKU\S-1-5-21-1060284298-2147125267-725345543-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\Google\Update\1.3.24.7\ps (the data entry has 16 more characters).

==================== Restore Points  =========================

29-01-2015 12:01:18 SysStat-2
30-01-2015 13:03:59 Controll Point for System
30-01-2015 16:10:24 SysStat-1

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{99082F30-1C10-41B8-85EC-F9979A0249DE}.job => C:\WINDOWS\system32\msfeedssync.exe
Task: C:\WINDOWS\Tasks\Notification about End of Support for Microsoft Windows XP – monthly.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Notification about End of Support for Microsoft Windows XP – logon.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 ____N () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-19 15:44 - 2013-05-14 10:50 - 00140936 ____N () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2008-04-10 16:57 - 2008-03-06 21:50 - 00218448 ____N () C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FileLockUI.dll
2002-03-19 16:30 - 2002-03-19 16:30 - 00045632 ____N () C:\WINDOWS\system32\taskswitch.exe
2014-07-23 14:04 - 2007-06-26 11:22 - 00081997 ____N () C:\Program Files\USB TV\EM28XX\BDARemote.exe
2004-08-04 13:00 - 2008-04-14 17:22 - 00014336 ____N () C:\WINDOWS\system32\msdmo.dll
2006-08-03 06:44 - 2004-08-23 00:03 - 00098304 ____N () C:\Program Files\CMS Peripherals\BounceBack Professional\BBLauncher.exe
2006-08-03 06:45 - 2004-08-22 23:39 - 00065536 ____N () C:\Program Files\CMS Peripherals\BounceBack Professional\DevClass.dll
2009-11-24 12:36 - 2009-11-24 12:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\36140592.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\36140592.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WdfLoadGroup => ""=""

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

========================= Accounts: ==========================

Administrator (S-1-5-21-1060284298-2147125267-725345543-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-1060284298-2147125267-725345543-1006 - Limited - Enabled)
Guest (S-1-5-21-1060284298-2147125267-725345543-501 - Limited - Enabled)
Help Assistant (S-1-5-21-1060284298-2147125267-725345543-1000 - Limited - Disabled)
IUSR_EGEN-6B8E11F08C (S-1-5-21-1060284298-2147125267-725345543-1004 - Limited - Enabled)
IWAM_EGEN-6B8E11F08C (S-1-5-21-1060284298-2147125267-725345543-1005 - Limited - Enabled)
SUPPORT_388945a0 (S-1-5-21-1060284298-2147125267-725345543-1002 - Limited - Disabled)
Torbjoern Martin (S-1-5-21-1060284298-2147125267-725345543-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Torbjoern Martin

==================== Faulty Device Manager Devices =============

Name: Intel® PRO/1000 PM Network Connection
Description: Intel® PRO/1000 PM Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: e1express
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Multimedia Controller
Description: Multimedia Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Mass Storage Controller
Description: Mass Storage Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller
Description: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Marvell
Service: yukonwxp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: _NEC DVD_RW ND-3550A
Description: CD-ROM-Station
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM-Stations)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: _NEC DVD_RW ND-3550A
Description: CD-ROM-Station
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM-Stations)
Service: cdrom
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® PRO/1000 PM Network Connection - Miniport for Package Scheduler
Description: Miniport for Package Scheduler
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Marvell Yukon 88E8001/8003/8010 PCI Gigabit Ethernet Controller - Miniport for Package Scheduler
Description: Miniport for Package Scheduler
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Nokia N95 8GB
Description: Nokia N95 8GB
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (01/30/2015 04:05:08 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Error in memory area 737503439.

Error: (01/30/2015 04:04:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Faulting program rstrui.exe, versjon 5.1.2600.5512, faulting module hungapp, version 0.0.0.0, faulting address 0x00000000.

Error: (01/30/2015 01:49:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Faulting program SS2.exe, versjon 1.0.0.1, faulting module hungapp, version 0.0.0.0, faulting address 0x00000000.

Error: (01/25/2015 00:41:50 PM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN)
Description: Cannot open service.

Error: (01/24/2015 01:42:32 PM) (Source: Windows Search Service) (EventID: 3024) (User: )
Description: Cannot start the update because there is no access to the content sources. Fix the errors and try to update again. Context: Windows-program, SystemIndex-catalog.

Error: (01/24/2015 01:32:49 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Cannot initialize the program. Context: Windows-program, Details: Cannot read the content index. (0xc0041800)

Error: (01/24/2015 01:32:49 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Cannot initialize the gatherer-object. Context: Windows-program, SystemIndex-catalog, Details: Cannot read the content index. (0xc0041800)

Error: (01/24/2015 01:32:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Cannot initialize the plugin-module <Search.TripoliIndexer>. Context: Windows-program, SystemIndex-catalog, Details: Cannot read the content index. (0xc0041800)

Error: (01/24/2015 01:32:48 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has encountered broken data files in the index. The service will try to fix this problem automatically by trying to rebuild the index. Context: Windows-program, SystemIndex-catalog, Details: 0xc0041801 (0xc0041801)

Error: (01/11/2015 09:08:12 AM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN)
Description: Cannot open service.


System errors:
=============
Error: (01/31/2015 00:13:01 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following start-up- or system start driver(s) could not be loaded:
AsIO
eamonm
ehdrv
Fips
intelppm

Error: (01/31/2015 00:13:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The service World Wide Web Publishing is dependant on the service IIS Admin, which could not be started because of the error
%%1068

Error: (01/31/2015 00:13:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The service Simple Mail Transport Protocol (SMTP) is dependant on the service IIS Admin, which could not be started because of the error
%%1068

Error: (01/31/2015 00:13:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The service Message Queuing Triggers is dependant on the service Message Queuing, which could not be started because of the error
%%1068

Error: (01/31/2015 00:13:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The service Message Queuing is dependant on the service Distributed Transaction Coordinator, which could not be started because of the error
%%1068

Error: (01/31/2015 00:13:01 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The service FTP Publishing is dependant on the service IIS Admin, which could not be started because of the error
%%1068

Error: (01/31/2015 00:12:54 PM) (Source: DCOM) (EventID: 10005) (User: NT-MYNDIGHET)
Description: DCOM recieved the error "%%1084" while trying to start the service EventSystem with argument ""
in order to be able to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (01/30/2015 04:10:23 PM) (Source: 0) (EventID: 9) (User: )
Description:

Error: (01/30/2015 04:10:08 PM) (Source: 0) (EventID: 9) (User: )
Description:

Error: (01/30/2015 04:09:53 PM) (Source: 0) (EventID: 9) (User: )
Description:


Microsoft Office Sessions:
=========================
Error: (01/30/2015 04:05:08 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: 737503439

Error: (01/30/2015 04:04:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rstrui.exe5.1.2600.5512hungapp0.0.0.000000000

Error: (01/30/2015 01:49:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SS2.exe1.0.0.1hungapp0.0.0.000000000

Error: (01/25/2015 00:41:50 PM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN)
Description:

Error: (01/24/2015 01:42:32 PM) (Source: Windows Search Service) (EventID: 3024) (User: )
Description: Context: Windows-program, SystemIndex-Catalog.

Error: (01/24/2015 01:32:49 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Context: Windows-program, Details: Cannot read the content index. (0xc0041800)

Error: (01/24/2015 01:32:49 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Context: Windows-program, SystemIndex-Catalog, Details: Cannot read the content index. (0xc0041800)

Error: (01/24/2015 01:32:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Context: Windows-program, SystemIndex-Catalog, Details: Cannot read the content index. (0xc0041800)
Search.TripoliIndexer

Error: (01/24/2015 01:32:48 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Context: Windows-program, SystemIndex-Catalog, Details: 0xc0041801 (0xc0041801)

Error: (01/11/2015 09:08:12 AM) (Source: WmiAdapter) (EventID: 4099) (User: BUILTIN)
Description:


==================== Memory info ===========================

Processor:  Intel® Pentium® D CPU 3.20GHz
Percentage of memory in use: 38%
Total physical RAM: 2047.04 MB
Available physical RAM: 1261.57 MB
Total Pagefile: 3944.27 MB
Available Pagefile: 3295.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1927.34 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:217.04 GB) (Free:184.84 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (KINGSTON) (Removable) (Total:0.93 GB) (Free:0.37 GB) FAT
Drive k: (Ekstra_Volum) (Fixed) (Total:232.88 GB) (Free:231.3 GB) NTFS
Drive l: (BB) (Fixed) (Total:232.88 GB) (Free:166.89 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: D31E44D3)
Partition 1: (Active) - (Size=217 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=15.8 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 232.9 GB) (Disk ID: 831E17DF)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=42)

========================================================
Disk: 2 (Size: 954.9 MB) (Disk ID: 68F7643C)
Partition 1: (Not Active) - (Size=955 MB) - (Type=06)

========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 8E41838A)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================


Edited by midimusicman79, 05 February 2015 - 09:28 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,729 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:32 PM

Posted 09 February 2015 - 10:35 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/565658 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:12:32 AM

Posted 10 February 2015 - 10:13 AM

Hi again, all!
 

Thanks for the reply! :)

 

Yes, I still need help. The problem situation is still the same: :unsure:

 

After having ran approximately 40 anti-spyware programs, IMHO my computer is close to spyware-free, having eliminated somewhat 300-400 threats totally. :whistle: The most obvious symptoms have been successfully resolved (esp. my WLAN having trouble initializing), however...

 

Now I am having a problem running Microsoft Windows XP Professional SP3 in Safe Mode. After a few minutes the computer shuts itself down without any error message. And after a manual cold start (30 seconds), the following pops up on the screen: "CPU Overtemperature failing. Press F1 to resume." And after this, Windows starts normally. :huh:

 

I therefore immediately decided to run FRST in an attempt to diagnose this problem; logs are below: :busy:

 

FRST found several leftover Safe Mode drivers; 36140592.sys, which IMO could be malware-associated, but I am aware of CleanHlp and CleanHlp.sys both belonging to EAM, which I successfully tried out a couple of months ago, however WdfLoadGroup seems to be Microsoft-related.

 

Please review my logs and create a fixlist which I can use with FRST in order to fix this problem, and whatever other entries you may notice as malicious, unnecessary or wrong and therefore should be removed.

 

I have my original Windows CD available, which is a newly created edition with SP3, and which I have burned myself a couple of months ago.

 

Thank you very much in advance for the help!

 

Regards,
midimusicman79

 

 

(As requested, below is a FRST log; and an Addition log is attached:)

 

FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-02-2015
Ran by Torbjoern Martin (administrator) on EGEN-6B8E11F08C on 10-02-2015 11:52:58
Running from C:\Documents and Settings\Torbjoern Martin\Desktop
Loaded Profiles: Torbjoern Martin (Available profiles: Torbjoern Martin & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Norwegian (Book Language)
Internet Explorer Version 7 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\ati2evxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\cisvc.exe
(Creative Technology Ltd) C:\WINDOWS\system32\CTSVCCDA.EXE
(Creative Technology Ltd) C:\WINDOWS\CTHELPER.EXE
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\WINDOWS\system32\TaskSwitch.exe
(Macrovision Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
(Apple Inc.) C:\Program Files\QuickTime\QTTask.exe
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Ruiware LLC) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\TrendSecure\TSCFPlatformCOMSvr.exe
() C:\Program Files\USB TV\EM28XX\BDARemote.exe
() C:\Program Files\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files\CMS Peripherals\BounceBack Professional\BBLauncher.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Sonic Solutions) C:\Program Files\Common Files\Sonic Shared\CineTray.exe
(Microsoft Corporation) C:\Program Files\Windows Desktop Search\WindowsSearch.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Microsoft Corporation) C:\WINDOWS\system32\tcpsvcs.exe
(Microsoft Corporation) C:\WINDOWS\system32\snmp.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
(Microsoft Corporation) C:\WINDOWS\system32\cidaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM\...\Run: [CTHelper] => C:\WINDOWS\CTHELPER.EXE [16384 2005-12-08] (Creative Technology Ltd)
HKLM\...\Run: [CoolSwitch] => C:\WINDOWS\system32\taskswitch.exe [45632 2002-03-19] ()
HKLM\...\Run: [ISUSPM Startup] => "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [OpwareSE2] => C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [49152 2003-05-08] (ScanSoft, Inc.)
HKLM\...\Run: [mspwr] => C:\WINDOWS\system32\PuXpMan2.exe
HKLM\...\Run: [NSLauncher] => C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe [3100672 2007-09-07] ()
HKLM\...\Run: [Adobe Photo Downloader] => C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [57344 2005-06-06] (Adobe Systems Incorporated)
HKLM\...\Run: [AppleSyncNotifier] => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [47392 2010-04-13] (Apple Inc.)
HKLM\...\Run: [DVD- and CD-sharing] => C:\Program Files\DVD- and CD-sharing\ODSAgent.exe [619832 2008-02-20] (Apple Inc.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [2303256 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5088456 2014-10-01] (ESET)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
Winlogon\Notify\LBTWlgn: c:\Program Files\Common Files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [RemoteControl] => [X]
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [Creative Detector] => "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [] => [X]
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [TrendSecure Remote File Lock] => C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe [423248 2008-03-06] (Trend Micro Inc.)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [204288 2006-11-15] (Microsoft Corporation)
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
Startup: C:\Documents and Settings\All Users\Start-menu\Programs\Start-up\BDARemote.lnk
ShortcutTarget: BDARemote.lnk -> C:\Program Files\USB TV\EM28XX\BDARemote.exe ()
Startup: C:\Documents and Settings\All Users\Start-menu\Programs\Start-up\BounceBack Launcher.lnk
ShortcutTarget: BounceBack Launcher.lnk -> C:\Program Files\CMS Peripherals\BounceBack Professional\BBLauncher.exe ()
Startup: C:\Documents and Settings\All Users\Start-menu\Programs\Start-up\Sonic CinePlayer Quick Launch.lnk
ShortcutTarget: Sonic CinePlayer Quick Launch.lnk -> C:\Program Files\Common Files\Sonic Shared\CineTray.exe (Sonic Solutions)
Startup: C:\Documents and Settings\All Users\Start-menu\Programs\Start-up\Windows Search.lnk
ShortcutTarget: Windows Search.lnk -> C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
BHO: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Logon Assistant for Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
Toolbar: HKU\S-1-5-21-1060284298-2147125267-725345543-1003 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} http://www.creative.com/su/ocx/15026/CTSUEng.cab
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} http://office.microsoft.com/officeupdate/content/opuc3.cab
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} http://scan.safety.live.com/resource/download/scanner/wlscbase5059.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} http://office.microsoft.com/officeupdate/content/opuc4.cab
DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} http://www.creative.com/register/OCXs/CtORWebClientNoMFC.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} http://plugin.driveragent.com/files/driveragent.cab
DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} http://apps.corel.com/nos_dl_manager/plugin/IENetOpPlugin.ocx
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://www.creative.com/su/ocx/15026/CTPID.cab
Handler: ipp - No CLSID Value -
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
ShellExecuteHooks: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [304128 2009-05-24] (Microsoft Corporation)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 130.67.15.198 193.213.112.4 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default
FF Homepage: https://www.google.com/intl/en/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\book-NO.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yellowpages-NO.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\qxl-NO.xml
FF Extension: WOT - C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-11]
FF Extension: Ghostery - C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default\Extensions\firefox@ghostery.com.xpi [2014-12-27]
FF Extension: Adblock Plus - C:\Documents and Settings\Torbjoern Martin\Program Data\Mozilla\Firefox\Profiles\1ajtphld.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-22]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2015-01-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-01-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-02-21]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 6to4; C:\WINDOWS\System32\6to4svc.dll [100864 2010-02-12] (Microsoft Corporation)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-08-28] (Apple Inc.)
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [602112 2010-02-11] (ATI Technologies Inc.) [File not signed]
S2 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [593920 2010-02-10] () [File not signed]
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [390504 2011-08-30] (Apple Inc.)
R2 Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.EXE [44032 1999-12-13] (Creative Technology Ltd) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1349576 2014-10-01] (ESET)
S4 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
S4 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [553288 2014-09-01] (Apple Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre7\bin\jqs.exe [182696 2014-10-18] (Oracle Corporation)
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [293144 2014-03-24] (Logitech, Inc.)
S3 LPDSVC; C:\WINDOWS\system32\tcpsvcs.exe [19456 2004-08-04] (Microsoft Corporation)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S3 MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-01-27] (Mozilla Foundation)
R2 MSFtpsvc; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 MSMQ; C:\WINDOWS\system32\mqsvc.exe [4608 2009-06-22] (Microsoft Corporation) [File not signed]
R2 MSMQTriggers; C:\WINDOWS\system32\mqtgsvc.exe [117248 2009-06-22] (Microsoft Corporation) [File not signed]
S3 ose; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S3 p2pgasvc; C:\WINDOWS\system32\p2pgasvc.dll [105472 2008-04-14] (Microsoft Corporation)
S3 PortReporter; C:\Program Files\PortReporter\portreporter.exe [90183 2004-03-30] () [File not signed]
S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [212480 2007-02-08] (Nokia.) [File not signed]
R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15360 2008-04-14] (Microsoft Corporation)
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [914944 2006-11-15] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 A5AGU; C:\WINDOWS\System32\DRIVERS\A5AGU.sys [347648 2006-09-21] (D-Link Corporation)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [5685 2005-12-22] () [File not signed]
S3 ATHFMWDL; C:\WINDOWS\System32\Drivers\ATHFMWDL.sys [43392 2005-07-26] (Windows ® 2000 DDK provider) [File not signed]
R3 ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [3565056 2010-02-11] (ATI Technologies Inc.) [File not signed]
R3 ATIAVAIW; C:\WINDOWS\System32\DRIVERS\atinavt2.sys [170496 2009-02-04] (ATI Technologies Inc.) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
S3 ctdvda2k; C:\WINDOWS\System32\drivers\ctdvda2k.sys [340704 2005-11-10] (Creative Technology Ltd)
S3 DrvAgent32; C:\WINDOWS\system32\Drivers\DrvAgent32.sys [23456 2013-05-10] (Phoenix Technologies) [File not signed]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [191928 2014-10-10] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [135296 2014-10-10] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [176448 2014-10-10] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [39464 2014-10-10] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [63160 2014-10-10] (ESET)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
R0 giveio; C:\WINDOWS\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 ha10kx2k; C:\WINDOWS\System32\drivers\ha10kx2k.sys [754176 2005-12-08] (Creative Technology Ltd)
R3 hap16v2k; C:\WINDOWS\System32\drivers\hap16v2k.sys [154112 2005-12-08] (Creative Technology Ltd)
S3 hap17v2k; C:\WINDOWS\System32\drivers\hap17v2k.sys [179712 2005-12-08] (Creative Technology Ltd)
R3 LUsbFilt; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [28312 2014-03-19] (Logitech, Inc.)
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [108632 2015-01-27] () [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
R3 MQAC; C:\WINDOWS\system32\drivers\mqac.sys [91776 2009-06-22] (Microsoft Corporation) [File not signed]
S3 msgame; C:\WINDOWS\System32\DRIVERS\msgame.sys [35200 2001-08-17] (Microsoft Corporation)
S3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 PfDetNT; C:\WINDOWS\system32\drivers\PfModNT.sys [8192 2005-12-08] (Creative Technology Ltd.)
R2 portD; C:\WINDOWS\System32\DRIVERS\portd2k.sys [14976 2004-02-23] (CMS Peripherals, Inc.) [File not signed]
S3 RDID1032; C:\WINDOWS\System32\Drivers\rdwm1032.sys [43900 2002-12-18] (Roland Corporation) [File not signed]
R0 SI3132; C:\WINDOWS\System32\DRIVERS\SI3132.sys [80424 2007-10-03] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [19240 2007-10-03] (Silicon Image, Inc)
R0 SiRemFil; C:\WINDOWS\System32\DRIVERS\SiRemFil.sys [15400 2007-10-03] (Silicon Image, Inc)
R0 speedfan; C:\WINDOWS\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R1 Tcpip6; C:\WINDOWS\System32\DRIVERS\tcpip6.sys [226880 2010-02-11] (Microsoft Corporation)
S3 TVICHW32; C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [23600 2006-06-06] (EnTech Taiwan) [File not signed]
S3 YMIDUSB; C:\WINDOWS\System32\Drivers\ymidusb.sys [16640 2006-12-21] (Yamaha Corporation) [File not signed]
S3 yukonwxp; C:\WINDOWS\System32\DRIVERS\yk51x86.sys [245248 2006-05-23] (Marvell)
U1 eamon; system32\DRIVERS\eamon.sys [X]
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [26840 2012-08-21] (GEAR Software Inc.)
S4 IntelIde; No ImagePath
U5 LHidKe; C:\Windows\System32\Drivers\LHidKe.sys [27136 2006-07-19] (Logitech Inc.) [File not signed]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

========================== Drivers MD5 =======================

C:\WINDOWS\System32\DRIVERS\A5AGU.sys 6E0A62F76886F7C0807B2DCEE0524EFF
C:\WINDOWS\System32\DRIVERS\ACPI.sys 7E3B0F07B0DCB6155FD4EAF4047F0C72
C:\WINDOWS\system32\Drivers\ACPIEC.sys EAB54EA21AB7EA92FB9975C02779080B
C:\WINDOWS\System32\drivers\aec.sys 8BED39E3C35D6A489438B8141717A557
C:\WINDOWS\System32\drivers\afd.sys 1E44BC1E83D8FD2305F8D452DB109CF9
C:\WINDOWS\System32\DRIVERS\arp1394.sys B5B8A80875C1DEDEDA8B02765642C32F
C:\WINDOWS\System32\drivers\AsIO.sys 19A1DAC5BC607C212E8A94C05886ED52
C:\WINDOWS\System32\DRIVERS\asyncmac.sys B153AFFAC761E7F5FCFA822B9C4E97BC
C:\WINDOWS\System32\DRIVERS\atapi.sys 9F3A2F5AA6875C72BF062C712CFA2674
C:\WINDOWS\System32\Drivers\ATHFMWDL.sys 8B56BAC1AF3A59D665D7A5D1BB5624F0
C:\WINDOWS\System32\DRIVERS\ati2mtag.sys C0B86ECB324E50F6BBD529F9D5C6B24B
C:\WINDOWS\System32\DRIVERS\atinavt2.sys BEFB648D5A40B816D66283B571BBE38A
C:\WINDOWS\System32\DRIVERS\atmarpc.sys 9916C1225104BA14794209CFA8012159
C:\WINDOWS\System32\DRIVERS\audstub.sys D9F724AA26C010A217C97606B160ED68
C:\WINDOWS\system32\Drivers\Beep.sys DA1F27D85E0D1525F6621372E7B685E9
C:\WINDOWS\system32\Drivers\cbidf2k.sys 90A673FC8E12A79AFBED2576F6A7AAF9
C:\WINDOWS\System32\DRIVERS\CCDECODE.sys 0BE5AEF125BE881C4F854C554F2B025C
C:\WINDOWS\system32\Drivers\Cdaudio.sys C1B486A7658353D33A10CC15211A873B
C:\WINDOWS\system32\Drivers\Cdfs.sys C885B02847F5D2FD45A24E219ED93B32
C:\WINDOWS\System32\DRIVERS\cdrom.sys 1F4260CC5B42272D71F79E570A27A4FE
C:\WINDOWS\System32\DRIVERS\compbatt.sys 6E4C9F21F0FAE8940661144F41B13203
C:\WINDOWS\System32\drivers\ctac32k.sys 3CFB715F2E3B0E475E984F78CDFADA57
C:\WINDOWS\System32\drivers\ctaud2k.sys B640816F7D3FFEAAEFEA831242FE5E8C
C:\WINDOWS\System32\drivers\ctdvda2k.sys C4333325D325EFA668888D0D3177C6FF
C:\WINDOWS\System32\drivers\ctprxy2k.sys A9F9A48406E99134CD3879B410E9139D
C:\WINDOWS\System32\drivers\ctsfm2k.sys FCBB8EA6FE935D2C531D3A4DEE9F985B
C:\WINDOWS\System32\DRIVERS\disk.sys 044452051F3E02E7963599FC8F4F3E25
C:\WINDOWS\System32\drivers\dmboot.sys F1F9E49B764C96902ECCABEF144E7CC7
C:\WINDOWS\System32\drivers\dmio.sys 12CA201C2B40D8A8B1687164E2DD1D9A
C:\WINDOWS\System32\drivers\dmload.sys E9317282A63CA4D188C0DF5E09C6AC5F
C:\WINDOWS\System32\drivers\DMusic.sys 8A208DFCF89792A484E76C40E5F50B45
C:\WINDOWS\System32\drivers\drmkaud.sys 8F5FCFF8E8848AFAC920905FBD9D33C8
C:\WINDOWS\system32\Drivers\DrvAgent32.sys 651554E483712B708EDE864D0CA1AA73
C:\WINDOWS\System32\DRIVERS\e1e5132.sys F239EC59B4A30266A4A7B081A5DEE0FC
C:\WINDOWS\System32\DRIVERS\eamonm.sys 687CCC438AA414AE22EEA081F98DC645
C:\WINDOWS\System32\DRIVERS\ehdrv.sys 340870877DBE2A6D848537FC6AC2BA2F
C:\WINDOWS\System32\drivers\emupia2k.sys 05377DDEDF219D9BD3102BD9FBDC3EAE
C:\WINDOWS\System32\DRIVERS\epfw.sys 372AA9B1146D66E5D6B65844D9416778
C:\WINDOWS\System32\DRIVERS\Epfwndis.sys 2515C0EABDC262DB8D1907FB3953FDAB
C:\WINDOWS\System32\DRIVERS\epfwtdi.sys B06BF1B26612540B9414BD4307A191D6
C:\WINDOWS\system32\Drivers\Fastfat.sys 38D332A6D56AF32635675F132548343E
C:\WINDOWS\System32\DRIVERS\fdc.sys 92CDD60B6730B9F50F6A1A0C1F8CDC81
C:\WINDOWS\system32\Drivers\Fips.sys A3D6EF42350586396D613081E20D750C
C:\WINDOWS\System32\DRIVERS\flpydisk.sys 9D27E7B80BFCDF1CDD9B555862D5E7F0
C:\WINDOWS\System32\drivers\fltmgr.sys B2CF4B0786F8212CB92ED2B50C6DB6B0
C:\WINDOWS\system32\Drivers\Fs_Rec.sys 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A
C:\WINDOWS\System32\DRIVERS\ftdisk.sys F49589D9B1B3229EB3E761E569B20ACA
C:\WINDOWS\System32\DRIVERS\gameenum.sys 065639773D8B03F33577F6CDAEA21063
C:\WINDOWS\System32\giveio.sys 77EBF3E9386DAA51551AF429052D88D0
C:\WINDOWS\System32\DRIVERS\msgpc.sys 0A02C63C8B144BD8C86B103DEE7C86A2
C:\WINDOWS\System32\drivers\ha10kx2k.sys 5DA1AF9485B591E4406924803969CCF0
C:\WINDOWS\System32\drivers\hap16v2k.sys 9F7EEC8D49279052E4D70971246AC7CD
C:\WINDOWS\System32\drivers\hap17v2k.sys C34FBFCF18332927C9D7DFB44F1CC84F
C:\WINDOWS\System32\DRIVERS\HidBatt.sys 748031FF4FE45CCC47546294905FEAB8
C:\WINDOWS\System32\DRIVERS\hidusb.sys CCF82C5EC8A7326C3066DE870C06DAF1
C:\WINDOWS\System32\Drivers\HTTP.sys F80A415EF82CD06FFAF0D971528EAD38
C:\WINDOWS\System32\DRIVERS\i8042prt.sys 07D2C69BF1230998553EA5FC62E4DA9D
C:\WINDOWS\System32\DRIVERS\imapi.sys 083A052659F5310DD8B6A6CB05EDCF8E
C:\WINDOWS\System32\DRIVERS\intelppm.sys 694E25EFDC04BFC2803B718CD01B71AD
C:\WINDOWS\System32\drivers\ip6fw.sys 3BB22519A194418D5FEC05D800A19AD0
C:\WINDOWS\System32\DRIVERS\ipfltdrv.sys 731F22BA402EE4B62748ADAF6363C182
C:\WINDOWS\System32\DRIVERS\ipinip.sys B87AB476DCF76E72010632B5550955F5
C:\WINDOWS\System32\DRIVERS\ipnat.sys CC748EA12C6EFFDE940EE98098BF96BB
C:\WINDOWS\System32\DRIVERS\ipsec.sys 23C74D75E36E7158768DD63D92789A91
C:\WINDOWS\System32\DRIVERS\irenum.sys C93C9FF7B04D772627A3646D89F7BF89
C:\WINDOWS\System32\DRIVERS\isapnp.sys 165255B09753CD0900287C6722B53E8A
C:\WINDOWS\System32\DRIVERS\kbdclass.sys 403A9D3C56617C49EFCB5F2897F500D7
C:\WINDOWS\System32\DRIVERS\kbdhid.sys AD4760546EF72CEE55E12F91DC444847
C:\WINDOWS\System32\drivers\kmixer.sys 692BCF44383D056AED41B045A323D378
C:\WINDOWS\system32\Drivers\KSecDD.sys B467646C54CC746128904E1654C750C1
C:\WINDOWS\System32\DRIVERS\L8042Kbd.sys D1968DEA7BAFF4A917858C384339CEC8
C:\WINDOWS\System32\Drivers\LBeepKE.sys 8ABFD7FB22CBE8D6066EEE2CF352B0BB
C:\WINDOWS\System32\DRIVERS\LHidFilt.Sys B9E077D03FCCD05A8829DC5E0653E60B
C:\WINDOWS\System32\DRIVERS\LMouFilt.Sys FBB88DD2236B263FF412AA7067BDFEE6
C:\WINDOWS\System32\Drivers\LUsbFilt.Sys EEB18645DB3CA244F09821C7D7EC8A6B
C:\WINDOWS\system32\drivers\mbamchameleon.sys 6F080D07EC100DA4166573CEB287426A
C:\WINDOWS\system32\Drivers\mnmdd.sys 4AE068242760A1FB6E1A44BF4E16AFA6
C:\WINDOWS\system32\Drivers\Modem.sys EFC09980C68BE2DD0BC3076AAA567D67
C:\WINDOWS\System32\DRIVERS\mouclass.sys F54DE35966BD4F6D7D751642DED032DB
C:\WINDOWS\System32\DRIVERS\mouhid.sys 2C8ACE099162A015D464C9A427148651
C:\WINDOWS\system32\Drivers\MountMgr.sys A80B9A0BAD1B73637DBCBBA7DF72D3FD
C:\WINDOWS\System32\DRIVERS\MPE.sys C0F8E0C2C3C0437CF37C6781896DC3EC
C:\WINDOWS\system32\drivers\mqac.sys EEE50BF24CAEEDB515A8F3B22756D3BB
C:\WINDOWS\System32\DRIVERS\mrxdav.sys 11D42BB6206F33FBB3BA0288D3EF81BD
C:\WINDOWS\System32\DRIVERS\mrxsmb.sys 7D304A5EB4344EBEEAB53A2FE3FFB9F0
C:\WINDOWS\system32\Drivers\Msfs.sys C941EA2454BA8350021D774DAF0F1027
C:\WINDOWS\System32\DRIVERS\msgame.sys 082A950191DDE602BBEA8EF4E5900251
C:\WINDOWS\System32\drivers\MSKSSRV.sys D1575E71568F4D9E14CA56B7B0453BF1
C:\WINDOWS\System32\drivers\MSPCLOCK.sys 325BB26842FC7CCC1FCCE2C457317F3E
C:\WINDOWS\System32\drivers\MSPQM.sys BAD59648BA099DA4A17680B39730CB3D
C:\WINDOWS\System32\DRIVERS\mssmbios.sys AF5F4F3F14A8EA2C26DE30F7A1E17136
C:\WINDOWS\System32\drivers\MSTEE.sys E53736A9E30C45FA9E7B5EAC55056D1D
C:\WINDOWS\System32\drivers\msmpu401.sys CA3E22598F411199ADC2DFEE76CD0AE0
C:\WINDOWS\System32\DRIVERS\ASACPI.sys D48659BB24C48345D926ECB45C1EBDF5
C:\WINDOWS\system32\Drivers\Mup.sys DE6A75F5C270E756C5508D94B6CF68F5
C:\WINDOWS\System32\DRIVERS\NABTSFEC.sys 5B50F1B2A2ED47D560577B221DA734DB
C:\WINDOWS\system32\Drivers\NDIS.sys 1DF7F42665C94B825322FAE71721130D
C:\WINDOWS\System32\DRIVERS\NdisIP.sys 7FF1F1FD8609C149AA432F95A8163D97
C:\WINDOWS\System32\DRIVERS\ndistapi.sys 0109C4F3850DFBAB279542515386AE22
C:\WINDOWS\System32\DRIVERS\ndisuio.sys F927A4434C5028758A842943EF1A3849
C:\WINDOWS\System32\DRIVERS\ndiswan.sys EDC1531A49C80614B2CFDA43CA8659AB
C:\WINDOWS\system32\Drivers\NDProxy.sys 2F597BB467E05B1FE3830EABD821B8E0
C:\WINDOWS\System32\DRIVERS\netbios.sys 5D81CF9A2F1A3A756B66CF684911CDF0
C:\WINDOWS\System32\DRIVERS\netbt.sys 74B2B2F5BEA5E9A3DC021D685551BD3D
C:\WINDOWS\System32\DRIVERS\nic1394.sys E9E47CFB2D461FA0FC75B7A74C6383EA
C:\WINDOWS\System32\drivers\nmwcd.sys 696B37EA78F9D9767A2F18BA0304A51A
C:\WINDOWS\System32\drivers\nmwcdc.sys BBB6010FC01D9239D88FCDF133E03FF0
C:\WINDOWS\System32\drivers\nmwcdcj.sys 4C3726467D67483F054C88F058E9C153
C:\WINDOWS\System32\drivers\nmwcdcm.sys 4C3726467D67483F054C88F058E9C153
C:\WINDOWS\system32\Drivers\Npfs.sys 3182D64AE053D6FB034F44B6DEF8034A
C:\WINDOWS\system32\Drivers\Ntfs.sys 78A08DD6A8D65E697C18E1DB01C5CDCA
C:\WINDOWS\system32\Drivers\Null.sys 73C1E1F395918BC2C6DD67AF7591A3AD
C:\WINDOWS\System32\DRIVERS\nwlnkflt.sys B305F3FAD35083837EF46A0BBCE2FC57
C:\WINDOWS\System32\DRIVERS\nwlnkfwd.sys C99B3415198D1AAB7227F2C88FD664B9
C:\WINDOWS\System32\DRIVERS\ohci1394.sys CA33832DF41AFB202EE7AEB05145922F
C:\WINDOWS\System32\drivers\ctoss2k.sys 3649EEFA90990249267DD6C7808CBC86
C:\WINDOWS\System32\DRIVERS\parport.sys 1AA2E7C0F517B16C6D53093F6EF4D707
C:\WINDOWS\system32\Drivers\PartMgr.sys BEB3BA25197665D82EC7065B724171C6
C:\WINDOWS\system32\Drivers\ParVdm.sys 12297B25CCC4D89D9D2E794A8FD6EE3D
C:\WINDOWS\System32\DRIVERS\pci.sys 5AF0A66BBBBB8D44A308141F529EA5E0
C:\WINDOWS\System32\DRIVERS\pciide.sys C9EF84891A111F6F5EBB758A29252E54
C:\WINDOWS\system32\Drivers\Pcmcia.sys 339B6DA5D9E01E04F39A5E93612D5C5A
C:\WINDOWS\system32\drivers\PfModNT.sys DB64E50CFEA80077E47C282BCE2C1813
C:\WINDOWS\System32\DRIVERS\portd2k.sys 97152B53B88C82564CAE86FE16635BDC
C:\WINDOWS\System32\DRIVERS\raspptp.sys EFEEC01B1D3CF84F16DDD24D9D9D8F99
C:\WINDOWS\System32\DRIVERS\psched.sys 09298EC810B07E5D582CB3A3F9255424
C:\WINDOWS\System32\DRIVERS\ptilink.sys 80D317BD1C3DBC5D4FE7B1678C60CADD
C:\WINDOWS\System32\DRIVERS\rasacd.sys FE0D99D6F31E4FAD8159F690D68DED9C
C:\WINDOWS\System32\DRIVERS\rasl2tp.sys 11B4A627BC9614B885C4969BFA5FF8A6
C:\WINDOWS\System32\DRIVERS\raspppoe.sys 5BC962F2654137C9909C3D4603587DEE
C:\WINDOWS\System32\DRIVERS\raspti.sys FDBB1D60066FCFBB7452FD8F9829B242
C:\WINDOWS\System32\DRIVERS\rdbss.sys 7AD224AD1A1437FE28D89CF22B17780A
C:\WINDOWS\System32\Drivers\rdwm1032.sys CBCCC79FD9AB75487508C59863BE702D
C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 4912D5B403614CE99C28420F75353332
C:\WINDOWS\System32\DRIVERS\rdpdr.sys 15CABD0F7C00C47C70124907916AF3F1
C:\WINDOWS\system32\Drivers\RDPWD.sys 43AF5212BD8FB5BA6EED9754358BD8F7
C:\WINDOWS\System32\DRIVERS\redbook.sys 99C7D4742BE0415D084126EC3462B454
C:\WINDOWS\system32\drivers\RMCast.sys 96F7A9A7BF0C9C0440A967440065D33C
C:\WINDOWS\System32\DRIVERS\sbp2port.sys B244960E5A1DB8E9D5D17086DE37C1E4
C:\WINDOWS\System32\DRIVERS\secdrv.sys ==> MD5 is legit
C:\WINDOWS\System32\DRIVERS\serenum.sys 0F29512CCD6BEAD730039FB4BD2C85CE
C:\WINDOWS\System32\DRIVERS\serial.sys D579FAB95D55A3459547D3EF116821D7
C:\WINDOWS\system32\Drivers\Sfloppy.sys 8E6B8C671615D126FDC553D1E2DE5562
C:\WINDOWS\System32\DRIVERS\SI3132.sys 0B9B5C6DF6226497EF4819B6E1B2EFD5
C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys AD29A80543C63E5B3588D118FB327E22
C:\WINDOWS\System32\DRIVERS\SiRemFil.sys B19EFE5E45AE31F3C3E4C4F0F9DA3C49
C:\WINDOWS\System32\DRIVERS\SLIP.sys 866D538EBE33709A5C9F5C62B73B7D14
C:\WINDOWS\System32\speedfan.sys DC8D2952FB6FFBAEC67BD1B93A34DF11
C:\WINDOWS\System32\drivers\splitter.sys AB8B92451ECB048A4D1DE7C3FFCB4A9F
C:\WINDOWS\System32\DRIVERS\sr.sys A10A8FFFBC556480027FB5AADAE4FE1A
C:\WINDOWS\System32\DRIVERS\srv.sys 47DDFC2F003F7F9F0592C6874962A2E7
C:\WINDOWS\System32\DRIVERS\StreamIP.sys 77813007BA6265C4B6098187E6ED79D2
C:\WINDOWS\System32\DRIVERS\swenum.sys 3941D127AEF12E93ADDF6FE6EE027E0F
C:\WINDOWS\System32\drivers\swmidi.sys 8CE882BCC6CF8A62F2B2323D95CB3D01
C:\WINDOWS\System32\drivers\sysaudio.sys 8B83F3ED0F1688B4958F77CD6D2BF290
C:\WINDOWS\System32\DRIVERS\tcpip.sys 9AEFA14BD6B182D61E3119FA5F436D3D
C:\WINDOWS\System32\DRIVERS\tcpip6.sys 4E53BBCC4BE37D7A4BD6EF1098C89FF7
C:\WINDOWS\system32\Drivers\TDPIPE.sys 6471A66807F5E104E4885F5B67349397
C:\WINDOWS\system32\Drivers\TDTCP.sys C56B6D0402371CF3700EB322EF3AAF61
C:\WINDOWS\System32\DRIVERS\termdd.sys 88155247177638048422893737429D9E
C:\WINDOWS\System32\DRIVERS\tunmp.sys 8F861EDA21C05857EB8197300A92501C
C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS E266683FC95ABDEC17CD378564E1B54B
C:\WINDOWS\system32\Drivers\Udfs.sys 5787B80C2E3C5E2F56C2A233D91FA2C9
C:\WINDOWS\System32\DRIVERS\update.sys 402DDC88356B1BAC0EE3DD1580C76A31
C:\WINDOWS\System32\drivers\usbaudio.sys 65898A183FBF1D1F7759D5CCB364DCD4
C:\WINDOWS\System32\DRIVERS\usbccgp.sys 1B611611C28D2DF25BC057D79C6F13FC
C:\WINDOWS\System32\DRIVERS\usbehci.sys 4BAC8DF07F1D8434FC640E677A62204E
C:\WINDOWS\System32\DRIVERS\usbhub.sys 1AB3CDDE553B6E064D2E754EFE20285C
C:\WINDOWS\System32\DRIVERS\usbprint.sys A717C8721046828520C9EDF31288FC00
C:\WINDOWS\System32\DRIVERS\usbscan.sys F8EDE2B6928970DCE3D5614C27D9E7F6
C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS A32426D9B14A089EAA1D922E0C5801A9
C:\WINDOWS\System32\DRIVERS\usbuhci.sys 26496F9DEE2D787FC3E61AD54821FFE6
C:\WINDOWS\System32\drivers\vga.sys 0D3A8FAFCEACD8B7625CD549757A7DF1
C:\WINDOWS\system32\Drivers\VolSnap.sys 9D61102F5BACD5A26FCAA0DE95E5909E
C:\WINDOWS\System32\DRIVERS\wanarp.sys E20B95BAEDB550F32DD489265C1DA1F6
C:\WINDOWS\System32\DRIVERS\Wdf01000.sys FD47474BD21794508AF449D9D91AF6E6
C:\WINDOWS\System32\drivers\wdmaud.sys 6768ACF64B18196494413695F0C3A00F
C:\WINDOWS\System32\drivers\ws2ifsl.sys 6ABE6E225ADB5A751622A9CC3BC19CE8
C:\WINDOWS\System32\DRIVERS\WSTCODEC.SYS C98B39829C2BBD34E454150633C62C78
C:\WINDOWS\System32\DRIVERS\WudfPf.sys 50EB9E21963B4F06FD010D007D54351B
C:\WINDOWS\System32\DRIVERS\wudfrd.sys 6E209664BDEA8A15B5E8E480D6C607C2
C:\WINDOWS\System32\Drivers\ymidusb.sys 48D2CA257A22481F830D9CE434E3827A
C:\WINDOWS\System32\DRIVERS\yk51x86.sys 228D0403F0210D6D67A9ACF907597EFE

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 11:52 - 2015-02-10 11:53 - 00036479 _____ () C:\Documents and Settings\Torbjoern Martin\Desktop\FRST.txt
2015-02-06 16:06 - 2015-02-06 16:06 - 00000191 _____ () C:\Documents and Settings\Torbjoern Martin\Desktop\BleepingComputer-Forum-Post.txt
2015-01-31 15:46 - 2015-02-06 12:09 - 00069182 _____ () C:\Documents and Settings\Torbjoern Martin\Desktop\Addition_old.txt
2015-01-31 15:45 - 2015-02-05 11:47 - 00044755 _____ () C:\Documents and Settings\Torbjoern Martin\Desktop\FRST_old.txt
2015-01-31 12:11 - 2015-01-31 12:11 - 00000000 ____D () C:\WINDOWS\CSC
2015-01-30 15:13 - 2015-01-30 15:16 - 00000000 ____D () C:\System Cleaner
2015-01-29 12:19 - 2015-01-29 12:19 - 00000000 ____D () C:\Documents and Settings\All Users\Program Data\Malwarebytes
2015-01-29 12:17 - 2015-01-29 14:11 - 00000000 ____D () C:\Documents and Settings\All Users\Program Data\Malwarebytes' Anti-Malware (portable)
2015-01-29 12:17 - 2015-01-29 12:17 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-27 11:42 - 2015-01-27 11:43 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-24 16:03 - 2015-01-24 16:03 - 00000907 ____N () C:\Documents and Settings\Torbjoern Martin\Desktop\Shortcut to BlueScreenView.exe.lnk
2015-01-24 15:45 - 2015-01-24 15:44 - 00094208 ____N () C:\WINDOWS\Minidump\Mini012415-01.dmp
2015-01-24 15:25 - 2015-01-27 12:17 - 00108632 ____N () C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-23 09:59 - 2015-01-23 09:59 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Program Data\9-lab

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-10 11:53 - 2014-11-18 11:53 - 00000000 ____D () C:\FRST
2015-02-10 11:53 - 2006-06-05 13:19 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Local Settings\Temp
2015-02-10 11:52 - 2006-06-05 13:19 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Desktop
2015-02-10 11:52 - 2006-06-05 13:13 - 01063490 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-10 11:51 - 2014-12-22 15:50 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\Desktop\FRST-OlderVersion
2015-02-10 11:51 - 2014-11-18 11:46 - 01124352 _____ (Farbar) C:\Documents and Settings\Torbjoern Martin\Desktop\FRST.exe
2015-02-10 11:50 - 2009-04-29 13:05 - 00000442 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{99082F30-1C10-41B8-85EC-F9979A0249DE}.job
2015-02-10 11:38 - 2012-03-30 10:33 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-10 11:38 - 2006-06-05 14:55 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2015-02-10 11:36 - 2004-08-04 13:00 - 00012674 _____ () C:\WINDOWS\system32\wpa.dbl
2015-02-10 11:34 - 2006-06-05 15:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-02-10 11:34 - 2006-06-05 15:05 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-02-10 11:33 - 2014-03-12 10:53 - 00000242 _____ () C:\WINDOWS\Tasks\Notification about End of Support for Microsoft Windows XP – logon.job
2015-02-10 11:33 - 2006-06-05 13:17 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-09 18:14 - 2007-06-23 15:13 - 00001080 _____ () C:\WINDOWS\system32\settingsbkup.sfm
2015-02-09 18:14 - 2007-06-23 15:13 - 00001080 _____ () C:\WINDOWS\system32\settings.sfm
2015-02-09 18:14 - 2006-06-05 22:02 - 00524288 _____ () C:\WINDOWS\system32\config\ACEEvent.evt
2015-02-09 18:14 - 2006-06-05 13:19 - 00000286 ___SH () C:\Documents and Settings\Torbjoern Martin\ntuser.ini
2015-02-09 18:14 - 2006-06-05 13:17 - 00031810 _____ () C:\WINDOWS\SchedLgU.Txt
2015-02-08 15:50 - 2013-11-21 15:19 - 00000000 __RHD () C:\Documents and Settings\Torbjoern Martin\Latest
2015-02-08 15:00 - 2014-03-12 10:53 - 00000236 _____ () C:\WINDOWS\Tasks\Notification about End of Support for Microsoft Windows XP – monthly.job
2015-02-05 15:38 - 2012-03-30 10:33 - 00701616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-02-05 15:38 - 2011-05-21 11:02 - 00071344 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-01-30 15:50 - 2014-05-19 15:00 - 00000000 ____D () C:\Documents and Settings\All Users\Program Data\CanonIJPLM
2015-01-30 14:16 - 2013-10-29 15:54 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin\My Documents\Downloads
2015-01-30 12:17 - 2006-06-10 14:22 - 00002491 _____ () C:\Documents and Settings\Torbjoern Martin\Desktop\Microsoft Office Excel 2003.lnk
2015-01-29 12:05 - 2014-07-14 10:44 - 00000000 ____D () C:\WINDOWS\ERDNT
2015-01-29 12:01 - 2006-06-05 15:01 - 00207437 _____ () C:\WINDOWS\setupact.log
2015-01-28 10:34 - 2014-06-11 12:20 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-28 10:34 - 2006-08-03 06:47 - 00000000 ____D () C:\WINDOWS\BounceBack
2015-01-27 12:32 - 2006-06-05 15:02 - 00000000 ____D () C:\Program Files
2015-01-24 15:45 - 2006-06-08 22:16 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-24 13:42 - 2006-06-05 22:02 - 00085800 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\GDIPFONTCACHEV1.DAT
2015-01-24 13:30 - 2006-06-05 15:01 - 00303624 ____N () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-24 13:27 - 2014-07-08 15:00 - 00000000 ____D () C:\Documents and Settings\Administrator
2015-01-24 13:27 - 2006-06-05 13:19 - 00000000 ____D () C:\Documents and Settings\Torbjoern Martin
2015-01-24 13:27 - 2006-06-05 13:17 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2015-01-24 13:27 - 2006-06-05 13:17 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-24 13:26 - 2006-06-05 13:11 - 00000000 ____D () C:\WINDOWS\Registration
2015-01-24 13:25 - 2006-06-05 15:02 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-menu\Programs
2015-01-23 10:09 - 2006-06-05 15:02 - 00000000 ____D () C:\Documents and Settings\All Users\Desktop
2015-01-16 12:58 - 2013-07-10 13:45 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-16 12:49 - 2006-06-05 20:24 - 110348472 ____N (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2008-04-12 17:53 - 2014-01-07 13:31 - 0262966 ____N () C:\Documents and Settings\Torbjoern Martin\Program Data\NMM-MetaData.db
2009-10-29 15:00 - 2009-10-29 15:00 - 0000760 ____N () C:\Documents and Settings\Torbjoern Martin\Program Data\setup_ldm.iss
2014-06-16 13:53 - 2014-06-16 13:55 - 0000000 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\ars.cache
2014-06-16 13:53 - 2014-06-16 13:55 - 0000000 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\census.cache
2006-06-07 18:57 - 2014-11-30 16:03 - 0030720 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-10 14:29 - 2013-07-10 14:48 - 0000305 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\DelUnist.bat
2006-06-05 21:14 - 2006-06-05 21:14 - 0000139 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\fusioncache.dat
2014-06-16 08:34 - 2014-06-16 08:34 - 0000036 ____N () C:\Documents and Settings\Torbjoern Martin\Local Settings\Program Data\housecall.guid.cache

Some content of TEMP:
====================
C:\Documents and Settings\Torbjoern Martin\Local Settings\Temp\AdobeUpdater12345.exe
C:\Documents and Settings\Torbjoern Martin\Local Settings\Temp\uninstall.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

 

 

Attached File  Addition.txt   68.2KB   2 downloads


Edited by midimusicman79, 11 February 2015 - 07:29 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:32 PM

Posted 11 February 2015 - 12:08 PM

Greetings and :welcome: to BleepingComputer,
My name is xXToffeeXx, but feel free to call me Toffee if it is easier for you. I will be helping you with your malware problems.
 
A few points to cover before we start:

  • Do not run any tools without being instructed to as this makes my job much harder in trying to figure out what you have done.
  • Make sure to read my instructions fully before attempting a step.
  • If you have problems or questions with any of the steps, feel free to ask me. I will be happy to answer any questions you have.
  • Please follow the topic by clicking on the "Follow this topic" button, and make sure a tick is in the "receive notifications" and is set to "Instantly". Any replies should be made in this topic by clicking the "Reply to this topic" button.
  • Important information in my posts will often be in bold, make sure to take note of these.
  • I will attempt to reply as soon as possible, and normally within 24 hours of your reply. If this is not possible or I have a delay then I will let you know.
  • I will bump a topic after 3 days of no activity, and then will give you another 2 days to reply before a topic is closed. If you need more time than this please let me know.
  • Lets get going now :thumbup2:

==========================
 
Hi midimusicman79,

Please download and install Speccy to provide us with information about your computer.  Clicking on this link will automatically initiate the download. 
 
When Speccy opens you will see a screen similar to the one below.
 
speccy9_zps2d9cdedc.png
 
There members here who will not download anything to their computer unless the know exactly what it contains.  Please use the instruction below to produce the Speccy link.
 
Click on File which is outlined in red in the screen above, and then click on Publish Snapshot.
 
The following screen will appear, click on Yes.
 
speccy7_zpsfa02105f.png
 
The following screen will appear, click on Copy to Clipboard.
 
speccy3_zps1791b093.png
 
In your next post right click inside the Reply to Topic box, then click on Paste.  This will load a link to the Speccy log.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#5 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:12:32 AM

Posted 12 February 2015 - 09:16 AM

Hi, xXToffeeXx! :hello:

 

Thanks for the prompt reply! :)

 

I downloaded and ran Speccy as per instructions; here are the results:

 

http://speccy.piriform.com/results/DsiBBFrhuMKwEyBIjirkEWq

 

What is next? I.e. fixlist.txt?

 

Regards,

midimusicman79


MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#6 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:32 PM

Posted 14 February 2015 - 04:42 PM

Hi midimusicman79,

 

Please download RealTemp from here:

  • Select the mirror closest to you when prompted.
  • This will download a zip file, you will need to extract it.
  • Double click on RealTemp.exe, a window will open.
  • Please take a screenshot of what it shows and then upload this to your next post.

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#7 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:12:32 AM

Posted 17 February 2015 - 07:49 AM

Hi again, xXToffeeXx.

 

I downloaded, extracted and ran RealTemp as requested, and the result is attached:

 

Attached File  RealTemp-Error-Message1.PNG   7.41KB   0 downloads

 

I am curious as to what your next step is.

 

Regards,

midimusicman79


MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#8 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:32 PM

Posted 17 February 2015 - 02:06 PM

Hi midimusicman79,
 
Is this a custom built PC or have you replaced your CPU? Have you cleaned the insides of the computer recently?
 
The problem seems like it could be an overheating CPU, rather than malware related.
 
xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#9 midimusicman79

midimusicman79
  • Topic Starter

  • Members
  • 726 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norway
  • Local time:12:32 AM

Posted 19 February 2015 - 09:33 AM

Hi again, xXToffeeXx!

 

Yes, this is a custom built PC, which was built by a Norwegian computer manufacturer, i.e. not by me. :lol:

But no, I have not replaced my CPU. (And BTW / FYI, the age of the PC is approximately 9.5 years.)

 

No, I have not cleaned the insides of the computer recently, however I have recently checked the case for dust, and remarkably enough, there is just a small amount of such. And in any case, I also have a spray box with compressed air.

 

Now, as to the Safe Mode problem, I have actually made quite some progress; here goes: :busy:

  1. I checked the BIOS settings and set Onboard PCIEX GbE LAN to Disabled, as I never use Ethernet, but prefer WLAN.
  2. I installed a missing display driver, namely ATI T200 Unified AVStream Driver, which popped up in a Found New Hardware Wizard on reboot.
  3. I downloaded and ran Microsoft Fix It 50267 in order to reset the hosts file back to default, since FRST reported it missing in its default location.
  4. Via the alternative software download site AlternativeTo.net I downloaded and ran CPUID HWMonitor in order to check the CPU temperature during idle running of Windows, and it reports about min. 58 ºC / 135 ºF and max. 87 ºC / 187 ºF. See attached screenshot.
  5. Ran FRST again with self created Fixlist.txt. See Fixlog.txt pasted below.
  6. Restarted the PC in Safe Mode, and ran Trend Micro System Cleaner successfully.
  7. Started automatically the service Remote Access Auto Connection Manager in order to resolve the several %%1068 errors in the Event Log Errors - System Errors section in Addition log.

Obviously, it seems like the CPU temperature is high during the bootup of Windows, but settles down to medium during idle running of Windows. So, therefore postponing running the PC in Safe Mode resolves the problem.

 

Thank you for your help. Problem resolved. :thumbup2: Feel free to optionally close topic. :)

 

Regards,

midimusicman79

 

 

Attached File  CPUID-HWMonitor-System-Temperature1.PNG   25.07KB   0 downloads

 

 

FRST Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 15-02-2015
Ran by Torbjoern Martin at 2015-02-18 11:48:26 Run:1
Running from C:\Documents and Settings\Torbjoern Martin\Desktop
Loaded Profiles: Torbjoern Martin (Available profiles: Torbjoern Martin & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start

HKLM\...\Run: [mspwr] => C:\WINDOWS\system32\PuXpMan2.exe
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [RemoteControl] => [X]
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\...\Run: [] => [X]
Handler: ipp - No CLSID Value -
S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [108632 2015-01-27] () [File not signed]
U1 eamon; system32\DRIVERS\eamon.sys [X]
S4 gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
S4 gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [136176 2011-05-11] (Google Inc.)
S4 IntelIde; No ImagePath
C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
C:\WINDOWS\system32\drivers\mbamchameleon.sys
2015-01-29 12:17 - 2015-01-29 12:17 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-24 15:25 - 2015-01-27 12:17 - 00108632 ____N () C:\WINDOWS\system32\Drivers\mbamchameleon.sys
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\36140592.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\36140592.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
Reboot:

End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\mspwr => value deleted successfully.
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\RemoteControl => value deleted successfully.
HKU\S-1-5-21-1060284298-2147125267-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKCR\PROTOCOLS\Handler\ipp" => Key deleted successfully.
mbamchameleon => Service deleted successfully.
eamon => Error deleting Service
gupdate => Service deleted successfully.
gupdatem => Service deleted successfully.
IntelIde => Service deleted successfully.
C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys => Moved successfully.
C:\WINDOWS\system32\drivers\mbamchameleon.sys => Moved successfully.
"C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys" => File/Directory not found.
"C:\WINDOWS\system32\Drivers\mbamchameleon.sys" => File/Directory not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\36140592.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\36140592.sys" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp" => Key deleted successfully.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys" => Key deleted successfully.


The system needed a reboot.

==== End of Fixlog 11:48:26 ====


Edited by midimusicman79, 20 February 2015 - 06:17 AM.

MS Win 10 Pro 64-bit, EAM Pro/EEK, MB 3 Free, WPP, SWB Free, CryptoPrevent Free, NVT OSA and Unchecky, WFW, FFQ with CanDef, uBO, Ghostery, Grammarly Free and HTTPS Ew. Acronis TI 2018, K. Sw. Upd. AM-tools: 9-lab RT BETA, AdwCleaner, Auslogics AM, aswMBR, Avira PCC, BD ART, catchme, Cezurity AV, CCE, CKS, ClamWin P., Crystal Sec., DDS, DWCI, EMCO MD, eScan MWAV, ESS/EOS, FGP, FMTB, FRST, F-SOS, FSS, FreeFixer, GMP, GMER, hP BETA, HJT, Inherit, JRT, K. avz4, KVRT, K. TDSSKiller, LSP-Fix, MB 3 Free, MBAR BETA, MA Stinger, NMC, NoBot, NPE, NSS, NVT MRF (NMRF), OTL, PCC, QD, RCS, RSIT, RKill, Rs, SC, SR, SAP, SVRT, SAS, SL, TMHC, TSA ART, UHM, Vba32 AR, VRS, WR (AiO), Xvirus PG, ZAM, ZHPC, ZHPD and Zoek. I have 23 Years of PC Experience. Bold = effective.


#10 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,085 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:11:32 PM

Posted 20 February 2015 - 03:46 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users