Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Sluggish, can't find malware, Vista OS, OTL log include

Started by BeckyH , Jun 15 2011 09:26 AM

  • Please log in to reply

#46
RKinner
Posted 19 June 2011 - 09:27 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
OK. They don't make it easy. This worked for me: Right click on Repository and select Properties then Security then Advanced then Effective Permissions. Hit Select. Type in the box where it says Enter the object name: administrators
then hit Check Names. OK. Click on Full Control and then OK.
  • 0

Advertisements

#47
RKinner
Posted 19 June 2011 - 09:49 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I found a 64bit version of beep.sys:

http://dllexedown.co...d=3978&page=223

The actual download is hiding under 'Down' after 'Download :'

It says it is for Win 7 but that's more or less Vista SP3 so should work.

Ron
  • 0

#48
BeckyH
Posted 19 June 2011 - 10:45 AM

BeckyH

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts
it till tells me permission denied...I followed the steps exactly like you said...after i click ok it goes back to the window where the select button is and Administrators appears in the box beside Select...in the menu underneath every box is checked but the apply button is inactive...I clicked ok and it goes back to main screen..when I tried to repeat it, it was as though I had done nothing...there was no boxes checked, nothing in the text box beside Select or anything...
  • 0

#49
BeckyH
Posted 19 June 2011 - 10:54 AM

BeckyH

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts
oh and the beep file still isn't showing under the nonplug and play drivers..even though the new one is showing where you told me to paste it...just finished that...
  • 0

#50
RKinner
Posted 19 June 2011 - 04:57 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Get SystemLook from
http://jpshortstuff..../SystemLook.exe
Download, Save and right click and Run As Administrator

Copy the content of the following box into the main textfield:

:filefind
*beep.sys*

Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

Ron
  • 0

#51
BeckyH
Posted 19 June 2011 - 07:21 PM

BeckyH

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts
SystemLook 04.09.10 by jpshortstuff
Log created at 21:14 on 19/06/2011 by Owner
Administrator - Elevation successful
WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results.

========== filefind ==========

Searching for "*beep.sys*"
C:\Users\Owner\Desktop\beep.sys --a---- 6656 bytes [16:49 19/06/2011] [16:49 19/06/2011] 16A47CE2DECC9B099349A5F840654746
C:\WINDOWS\SysNative\drivers\beep.sys --a---- 6144 bytes [23:23 20/01/2008] [16:51 19/06/2011] 67E506B75BD5326A3EC7B70BD014DFB6

-= EOF =-


As I said, it appears in the system file where you told me to put it, but it don't appear under the non plug and play drivers (if I am reading that right)
I have also tried every combo I can think of under the sun to get it to allow me to change that file name you told me earlier and nothing has worked....
  • 0

#52
RKinner
Posted 19 June 2011 - 08:13 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I've put out a request for a copy of beep.sys from a 64 bit Vista SP1 on our internal forum. I'm sure someone will have it.

We could try to use OTL to rename the folder.


Copy the text between the lines of stars by highlighting and Ctrl + c


********************************************************************

:files
C:\Windows\System32\Wbem\Repository

:Commands
[Reboot]


*******************************************************************

then Rightclick on OTL and select Run As Administrator to start. Under the Custom Scans/Fixes box at the bottom, paste (ctrl +v) the text. Verify that you got it all and Then click the RUN FIX button (NOT THE QUICK SCAN button!) at the top
Let the program run unhindered, OTL will reboot the PC when it is done.

I don't know for sure that this will work. OTL has an internal list of files and folders that it shouldn't mess with. If it doesn't work it will tell us but shouldn't hurt anything.

A side effect of this procedure will be that the Security Center won't see Avast any more. We will need to uninstall Avast then reinstall for it to be recognized.
  • 0

#53
BeckyH
Posted 20 June 2011 - 07:20 AM

BeckyH

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts
ok I ran than and if it was supposed to rename the repository file..it didn't...it it was supposed to change something so I could rename the repository file it didn't...and it didn't change avasti the best I can see...I disabled avasti before I ran it (I was supposed to wasn't I?) and it only took a min or so and then rebooted...
I then reenabled avasti and it updated the virus def.
  • 0

#54
RKinner
Posted 20 June 2011 - 08:38 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Probably means it didn't work. It wasn't going to rename it just move it to c:\_OTL\ which would have the same effect. Let's look at Vino's again. First clear your logs then reboot then run Vino.

Ron
  • 0

#55
RKinner
Posted 20 June 2011 - 12:14 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
I've gotten the big gurus interested in your system. They tell me there is no beep.sys on any of the 64 bit Vistas they have. So the question is now why is it looking for it. They suggested we do a search of the registry for beep and see hwat comes up. We can do it easily with OTL. Just may take a while.

Copy the next 2 lines:

HKEY_LOCAL_MACHINE\software|beep /rs
HKEY_LOCAL_MACHINE\System|beep /rs

Right click on OTL and Run As Administrator and paste the above into the Custom Scans/Fixes box then hit the SCAN NOW button

It should take about 30 minutes or so.

Copy and Paste the log.

Ron
  • 0

Advertisements

#56
BeckyH
Posted 20 June 2011 - 09:03 PM

BeckyH

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts
try closer to 2 hours LOL

but here it is...
OTL logfile created on: 6/20/2011 8:21:57 PM - Run 3
OTL by OldTimer - Version 3.2.24.1 Folder = C:\Users\Owner\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19088)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.90 Gb Total Physical Memory | 1.23 Gb Available Physical Memory | 31.62% Memory free
8.02 Gb Paging File | 5.18 Gb Available in Paging File | 64.51% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 221.65 Gb Total Space | 81.45 Gb Free Space | 36.75% Space Free | Partition Type: NTFS
Drive D: | 11.24 Gb Total Space | 1.45 Gb Free Space | 12.91% Space Free | Partition Type: NTFS

Computer Name: BECKY | User Name: Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/06/17 13:05:53 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
PRC - [2011/05/10 08:10:58 | 003,459,712 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/04/14 12:25:41 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2010/04/15 13:54:02 | 000,031,232 | ---- | M] () -- C:\Users\Owner\AppData\Local\Knowledge Networks\PanelApp\PanelApp.exe


========== Modules (SafeList) ==========

MOD - [2011/06/17 13:05:53 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
MOD - [2011/05/10 08:10:55 | 000,199,792 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\snxhk.dll
MOD - [2010/08/31 11:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\WINDOWS\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011/05/10 08:10:57 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/06/03 20:43:18 | 000,239,104 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_6ef279c8\stacsv64.exe -- (STacSV)
SRV:64bit: - [2009/03/27 18:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)
SRV:64bit: - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\DriverStore\FileRepository\stwrt64.inf_6ef279c8\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2008/01/20 22:51:26 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysNative\inetsrv\inetinfo.exe -- (IISADMIN)
SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2010/10/14 17:27:38 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/04/21 13:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/04/21 13:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/04/15 14:02:50 | 000,091,136 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Knowledge Networks\PanelApp\PanelSvc.exe -- (PanelSvc)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/30 01:40:16 | 001,043,584 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009/04/11 02:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/04/25 19:15:26 | 000,361,808 | ---- | M] () [Auto | Running] -- C:\WINDOWS\SMINST\BLService.exe -- (Recovery Service for Windows)
SRV - [2007/01/04 17:38:08 | 000,024,652 | ---- | M] (Viewpoint Corporation) [Auto | Running] -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\WINDOWS\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/10 07:59:48 | 000,064,344 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/07/06 00:23:48 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/07/06 00:23:48 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\BCMWL664.SYS -- (BCM43XV)
DRV:64bit: - [2010/02/25 15:19:02 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WpdUsb.sys -- (WpdUsb)
DRV:64bit: - [2009/07/21 14:03:34 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/03 20:43:18 | 000,486,400 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009/05/25 06:51:00 | 000,207,872 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/12/30 12:18:40 | 000,068,608 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\enecir.sys -- (enecir)
DRV:64bit: - [2008/10/28 09:33:30 | 008,039,808 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/07/17 12:38:16 | 000,143,248 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2008/06/04 13:55:16 | 000,129,536 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®
DRV:64bit: - [2008/01/31 19:23:14 | 000,195,120 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2008/01/20 22:46:57 | 001,523,712 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VSTDPV6.SYS -- (HSF_DPV)
DRV:64bit: - [2008/01/20 22:46:57 | 000,724,480 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VSTCNXT6.SYS -- (winachsf)
DRV:64bit: - [2008/01/20 22:46:57 | 000,286,720 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\VSTAZL6.SYS -- (HSFHWAZL)
DRV:64bit: - [2008/01/20 22:46:57 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2008/01/20 22:46:55 | 000,111,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2006/10/09 22:09:03 | 000,742,696 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\nvm60x64.sys -- (NVENETFD)
DRV:64bit: - [2006/09/18 17:36:24 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\WINDOWS\SysNative\wbem\ntfs.mof -- (Ntfs)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = http://aol.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Fast Browser Search"
FF - prefs.js..browser.search.defaulturl: "http://www.fastbrows...?s=DEF&v=19&q="
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://aol.com/"


FF - HKLM\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/06/17 21:17:26 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/05/14 00:51:46 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/16 09:13:35 | 000,000,000 | ---D | M]

[2009/03/20 19:30:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Extensions
[2011/06/02 10:08:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2av9j7tm.Charlie\extensions
[2011/05/06 15:58:13 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\2av9j7tm.Charlie\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/03 22:09:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4czq74lk.Candy\extensions
[2011/05/06 11:26:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\4czq74lk.Candy\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/06/16 08:37:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\64tmwv5x.default\extensions
[2010/10/03 23:07:02 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\64tmwv5x.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/11/10 13:07:13 | 000,000,000 | ---D | M] (Ancestry.com Advanced Image Viewer) -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\64tmwv5x.default\extensions\[email protected]
[2010/02/19 06:39:42 | 000,000,923 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\64tmwv5x.default\searchplugins\conduit.xml
[2009/11/17 14:14:50 | 000,005,413 | ---- | M] () -- C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\64tmwv5x.default\searchplugins\fast-browser-search.xml
[2011/06/16 08:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/03/22 21:33:40 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{23975c36-bc72-b8ae-b22a-c7f9768a02be}
File not found (No name found) --
[2011/06/17 21:17:26 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2011/06/04 21:36:38 | 000,000,000 | ---D | M] (Panel Application Bho) -- C:\USERS\OWNER\APPDATA\LOCAL\KNOWLEDGE NETWORKS\PANELAPP\FF
() (No name found) -- C:\USERS\OWNER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\64TMWV5X.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2011/04/14 12:26:02 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\components\Scriptff.dll
[2009/11/19 18:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
[2011/02/02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/11/19 18:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
[2010/01/01 04:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\searchplugins\bing.xml

O1 HOSTS File: ([2011/06/18 17:26:11 | 000,000,027 | ---- | M]) - C:\WINDOWS\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (Google Inc.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [PanelApp] C:\Users\Owner\AppData\Local\Knowledge Networks\PanelApp\PanelApp.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O15 - HKCU\..Trusted Domains: internet ([]about in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]http in Trusted sites)
O15 - HKCU\..Trusted Domains: mcafee.com ([]https in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support....veX/MSDcode.cab (Microsoft Data Collection Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 24.159.64.23 24.178.162.3 97.81.22.195
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Users\Owner\Pictures\zilla yawning.jpg
O24 - Desktop BackupWallPaper: C:\Users\Owner\Pictures\zilla yawning.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/06/19 12:49:54 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Users\Owner\Desktop\beep.sys
[2011/06/18 18:17:53 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011/06/18 17:26:39 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2011/06/18 17:02:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative
[2011/06/17 21:18:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2011/06/17 21:18:42 | 000,287,576 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2011/06/17 21:18:42 | 000,022,360 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2011/06/17 21:18:38 | 000,031,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr.sys
[2011/06/17 21:18:37 | 000,053,592 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2011/06/17 21:18:36 | 000,600,920 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2011/06/17 21:18:33 | 000,253,888 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2011/06/17 21:18:33 | 000,064,344 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2011/06/17 21:17:21 | 000,199,304 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2011/06/17 21:17:21 | 000,040,112 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2011/06/17 21:17:01 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2011/06/17 21:17:01 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2011/06/17 17:03:21 | 001,832,544 | ---- | C] (McAfee, Inc.) -- C:\Users\Owner\Desktop\MCPR.exe
[2011/06/17 13:05:52 | 000,579,072 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/06/16 22:48:08 | 004,130,419 | R--- | C] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2011/06/16 14:01:09 | 000,061,440 | ---- | C] ( ) -- C:\Users\Owner\Desktop\VEW.exe
[2011/06/16 12:46:30 | 002,497,536 | ---- | C] (Topala Software Solutions) -- C:\Users\Owner\Desktop\siw.exe
[2011/06/16 12:29:33 | 003,412,856 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Users\Owner\Desktop\procexp.exe
[2011/06/16 11:33:29 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011/06/16 11:31:05 | 000,581,120 | ---- | C] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2011/06/16 11:21:31 | 001,441,584 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller.exe
[2011/06/16 09:24:44 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2011/06/16 09:24:44 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2011/06/16 09:24:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2011/06/16 09:24:26 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2011/06/16 09:24:10 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/06/16 08:37:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/06/15 18:21:13 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011/06/15 18:20:28 | 000,710,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/06/15 18:20:24 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/06/15 18:20:20 | 000,243,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/06/15 18:20:18 | 000,252,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/06/15 18:20:16 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/06/15 18:20:16 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/06/15 18:20:15 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/06/15 18:20:14 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/06/15 18:20:12 | 001,538,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/06/15 18:20:11 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/06/15 18:20:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/06/15 18:20:10 | 000,479,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/06/15 18:20:05 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/06/15 18:20:05 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/06/15 18:20:04 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/06/15 18:20:03 | 000,206,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/06/15 18:20:03 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/06/15 18:20:02 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/06/15 18:20:02 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/06/15 18:20:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/06/15 18:20:01 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/06/15 18:20:01 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/06/15 18:20:01 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/06/15 18:20:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/06/15 18:20:00 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/06/15 18:19:59 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/06/15 18:19:59 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/06/15 18:19:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/06/15 10:25:53 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\Owner\Documents\OTL.exe
[2011/06/13 17:54:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/06/13 17:54:08 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/06/13 17:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/06/12 16:33:24 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Auslogics
[2011/06/12 16:33:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
[2011/06/12 16:32:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
[2011/06/04 18:42:58 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Knowledge Networks
[2011/06/04 18:42:56 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Knowledge Networks
[2011/06/04 18:42:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Knowledge Networks
[2011/05/26 18:34:49 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\WeatherBug
[2011/05/26 18:34:18 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\WeatherBug
[2011/05/26 18:32:27 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WeatherBug
[2011/05/26 18:32:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AWS
[2011/05/25 17:01:21 | 000,000,000 | ---D | C] -- C:\Users\Owner\Documents\My Recorded Scripts
[2011/05/25 17:01:19 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Local\Nemex
[2011/05/25 16:59:22 | 000,000,000 | ---D | C] -- C:\Users\Owner\AppData\Roaming\Mouse Recorder Pro
[2011/05/25 16:59:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Recorder Pro 2
[2011/05/25 16:59:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nemex
[2009/08/17 13:31:14 | 003,063,561 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MobileTV.exe
[2009/08/17 13:31:13 | 002,989,660 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\DVD.exe
[2009/08/17 13:31:12 | 002,864,396 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\MPV.exe
[2009/08/17 13:31:11 | 002,331,174 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Karaoke.exe
[2009/08/17 13:31:10 | 002,231,606 | ---- | C] (Macromedia, Inc.) -- C:\ProgramData\Games.exe
[9 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/06/20 20:50:30 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/06/20 20:29:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2902236165-3934322-1294904898-1000UA.job
[2011/06/20 19:29:03 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2902236165-3934322-1294904898-1000Core.job
[2011/06/20 19:10:58 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/06/20 19:10:58 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/06/20 14:51:10 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011/06/20 13:10:56 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/06/20 13:10:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/06/19 21:13:14 | 000,075,264 | ---- | M] () -- C:\Users\Owner\Desktop\SystemLook.exe
[2011/06/19 12:49:55 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Users\Owner\Desktop\beep.sys
[2011/06/19 05:23:31 | 000,688,780 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/06/19 05:23:31 | 000,132,454 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/06/19 05:23:30 | 000,833,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/06/18 20:56:32 | 000,080,384 | ---- | M] () -- C:\Users\Owner\Desktop\MBRCheck.exe
[2011/06/18 18:09:15 | 553,717,841 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/06/18 17:26:11 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/06/18 16:59:18 | 004,130,419 | R--- | M] (Swearware) -- C:\Users\Owner\Desktop\ComboFix.exe
[2011/06/18 16:37:03 | 000,581,120 | ---- | M] (AVAST Software) -- C:\Users\Owner\Desktop\aswMBR.exe
[2011/06/17 21:18:43 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/17 21:18:33 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011/06/17 17:03:24 | 001,832,544 | ---- | M] (McAfee, Inc.) -- C:\Users\Owner\Desktop\MCPR.exe
[2011/06/17 14:42:01 | 058,064,040 | ---- | M] () -- C:\Users\Owner\Desktop\setup_av_free.exe
[2011/06/17 13:05:53 | 000,579,072 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Desktop\OTL.exe
[2011/06/17 07:34:43 | 000,920,384 | ---- | M] () -- C:\Users\Owner\Desktop\Norton_Removal_Tool.exe
[2011/06/16 18:41:49 | 000,002,242 | ---- | M] () -- C:\Users\Owner\Desktop\beep.zip
[2011/06/16 14:50:02 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2011/06/16 14:01:11 | 000,061,440 | ---- | M] ( ) -- C:\Users\Owner\Desktop\VEW.exe
[2011/06/16 12:46:32 | 002,497,536 | ---- | M] (Topala Software Solutions) -- C:\Users\Owner\Desktop\siw.exe
[2011/06/16 12:29:44 | 003,412,856 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Users\Owner\Desktop\procexp.exe
[2011/06/16 11:21:31 | 001,441,584 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Owner\Desktop\tdsskiller.exe
[2011/06/16 09:13:36 | 000,001,877 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/06/16 06:25:59 | 000,403,568 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/06/15 10:25:54 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\Owner\Documents\OTL.exe
[2011/06/14 20:32:23 | 000,002,039 | ---- | M] () -- C:\Users\Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/06/14 20:32:22 | 000,002,077 | ---- | M] () -- C:\Users\Owner\Desktop\Google Chrome.lnk
[2011/06/14 10:00:23 | 000,000,290 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2011/06/13 17:54:10 | 000,000,908 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/12 16:33:14 | 000,001,041 | ---- | M] () -- C:\Users\Owner\Desktop\Auslogics Disk Defrag.lnk
[2011/06/08 19:36:09 | 000,000,842 | ---- | M] () -- C:\Users\Owner\Desktop\GiftBox+.lnk
[2011/05/29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/05/29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/05/28 02:26:33 | 000,243,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2011/05/28 02:24:36 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011/05/28 02:24:33 | 000,710,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2011/05/28 02:24:04 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2011/05/28 02:23:47 | 001,538,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011/05/28 02:23:30 | 000,219,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011/05/28 02:23:30 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2011/05/28 02:23:29 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2011/05/28 02:23:29 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2011/05/28 02:23:28 | 000,252,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2011/05/28 02:07:19 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2011/05/28 02:04:59 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011/05/28 02:04:56 | 000,602,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2011/05/28 02:04:30 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2011/05/28 02:04:17 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011/05/28 02:04:03 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011/05/28 02:04:03 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2011/05/28 02:04:03 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2011/05/28 02:04:02 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2011/05/28 02:04:02 | 000,055,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2011/05/28 01:33:37 | 000,479,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2011/05/28 01:10:26 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2011/05/28 00:53:37 | 000,162,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2011/05/28 00:53:19 | 000,070,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2011/05/28 00:52:45 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2011/05/28 00:33:03 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2011/05/28 00:32:51 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2011/05/28 00:32:15 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2011/05/25 16:59:20 | 000,000,942 | ---- | M] () -- C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk
[2011/05/25 16:59:20 | 000,000,880 | ---- | M] () -- C:\Users\Public\Desktop\Mouse Recorder Play.lnk
[2011/05/23 10:05:14 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForOwner.job
[9 C:\Users\Owner\Documents\*.tmp files -> C:\Users\Owner\Documents\*.tmp -> ]
[1 C:\Users\Owner\AppData\Local\*.tmp files -> C:\Users\Owner\AppData\Local\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/06/19 21:13:13 | 000,075,264 | ---- | C] () -- C:\Users\Owner\Desktop\SystemLook.exe
[2011/06/18 20:56:31 | 000,080,384 | ---- | C] () -- C:\Users\Owner\Desktop\MBRCheck.exe
[2011/06/17 21:18:43 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2011/06/17 21:18:33 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2011/06/17 14:36:49 | 058,064,040 | ---- | C] () -- C:\Users\Owner\Desktop\setup_av_free.exe
[2011/06/17 07:34:42 | 000,920,384 | ---- | C] () -- C:\Users\Owner\Desktop\Norton_Removal_Tool.exe
[2011/06/16 18:41:46 | 000,002,242 | ---- | C] () -- C:\Users\Owner\Desktop\beep.zip
[2011/06/16 11:33:18 | 553,717,841 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011/06/16 09:24:44 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2011/06/16 09:24:44 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011/06/16 09:24:44 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011/06/16 09:24:44 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/06/16 09:24:43 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011/06/13 17:54:10 | 000,000,908 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/06/12 16:33:14 | 000,001,041 | ---- | C] () -- C:\Users\Owner\Desktop\Auslogics Disk Defrag.lnk
[2011/05/25 16:59:20 | 000,000,942 | ---- | C] () -- C:\Users\Public\Desktop\Mouse Recorder Pro 2.lnk
[2011/05/25 16:59:20 | 000,000,880 | ---- | C] () -- C:\Users\Public\Desktop\Mouse Recorder Play.lnk
[2011/02/14 12:48:46 | 000,208,138 | ---- | C] () -- C:\Windows\hpoins43.dat
[2010/04/05 13:29:33 | 000,771,602 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/02/01 10:04:26 | 000,023,114 | ---- | C] () -- C:\Windows\hpqins15.dat
[2010/01/29 17:11:51 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl43.dat
[2009/09/15 21:00:34 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/09/15 20:59:32 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/09/15 20:58:45 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 21:55:55 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/05/04 19:52:40 | 000,000,290 | ---- | C] () -- C:\ProgramData\hpqp.ini
[2009/03/08 21:09:18 | 000,000,074 | ---- | C] () -- C:\Windows\MPLAYER.INI
[2009/01/18 19:05:45 | 000,024,576 | ---- | C] () -- C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/15 15:17:47 | 000,000,732 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps64.dat
[2009/01/09 12:59:21 | 000,000,680 | ---- | C] () -- C:\Users\Owner\AppData\Local\d3d9caps.dat
[2009/01/02 17:31:14 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/09/02 12:19:34 | 002,026,604 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2008/09/02 12:19:34 | 000,445,796 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2008/08/04 05:57:37 | 000,101,632 | ---- | C] () -- C:\Windows\hpqins13.dat
[2008/08/04 04:29:11 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2008/06/12 14:49:22 | 000,147,172 | ---- | C] () -- C:\Windows\SysWow64\igfcg550.bin
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

========== Custom Scans ==========


< >

< HKEY_LOCAL_MACHINE\software|beep /rs >
HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows\\Beep: #USR:Control Panel\Sound

< HKEY_LOCAL_MACHINE\System|beep /rs >
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Settings\\EnablePcBeepAtCd: 01 [binary data]
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Settings\filter\Speaker\\PcBeepVolume: -393216
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\PcBeepWave
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\PcBeepTopology
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\\FriendlyName: PcBeep Mixer
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},2: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},7: 1
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},0: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},4: IDT Audio Effects
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},9: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\PcBeepWave
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\PcBeepTopology
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\\FriendlyName: PcBeep Mixer
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},2: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},7: 1
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},0: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},4: IDT Audio Effects
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},9: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\PcBeepWave
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\MediaCategories\{88C02F6A-D1E7-4fe3-A506-9E0AE51D7820}\\Name: PC Beep
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\MediaCategories\{981DFEA6-27DB-11d3-99FC-00500483AC28}\\Name: Beep Mix
HKEY_LOCAL_MACHINE\System\ControlSet001\Control\Print\\BeepEnabled: 0
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep\\ErrorControl: 1
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep\\Group: Base
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep\\Start: 1
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep\\Tag: 2
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep\\Type: 1
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Settings\\EnablePcBeepAtCd: 01 [binary data]
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Settings\filter\Speaker\\PcBeepVolume: -393216
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\PcBeepWave
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\PcBeepTopology
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\\FriendlyName: PcBeep Mixer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},2: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},7: 1
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},0: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},4: IDT Audio Effects
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},9: PcBeep
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\PcBeepWave
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\PcBeepTopology
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\\FriendlyName: PcBeep Mixer
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},2: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},7: 1
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},0: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},4: IDT Audio Effects
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},9: PcBeep
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\PcBeepWave
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\MediaCategories\{88C02F6A-D1E7-4fe3-A506-9E0AE51D7820}\\Name: PC Beep
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\MediaCategories\{981DFEA6-27DB-11d3-99FC-00500483AC28}\\Name: Beep Mix
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Print\\BeepEnabled: 0
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Beep\\ErrorControl: 1
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Beep\\Group: Base
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Beep\\Start: 1
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Beep\\Tag: 2
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Beep\\Type: 1
HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Beep\\ErrorControl: 1
HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Beep\\Group: Base
HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Beep\\Start: 1
HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Beep\\Tag: 2
HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Beep\\Type: 1
HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Beep\\ErrorControl: 1
HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Beep\\Group: Base
HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Beep\\Start: 1
HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Beep\\Tag: 2
HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Beep\\Type: 1
HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Beep\\ErrorControl: 1
HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Beep\\Group: Base
HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Beep\\Start: 1
HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Beep\\Tag: 2
HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Beep\\Type: 1
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Settings\\EnablePcBeepAtCd: 01 [binary data]
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}\0000\Settings\filter\Speaker\\PcBeepVolume: -393216
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\PcBeepWave
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{65e8773e-8f56-11d0-a3b9-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{65e8773e-8f56-11d0-a3b9-00a0c9223196}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\PcBeepTopology
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\\FriendlyName: PcBeep Mixer
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},2: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},7: 1
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},0: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},4: IDT Audio Effects
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},9: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\PcBeepWave
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{6994ad04-93ef-11d0-a3cc-00a0c9223196}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\PcBeepTopology
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\\FriendlyName: PcBeep Mixer
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},2: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\EP\0\\{1DA5D803-D492-4EDD-8C23-E0C0FFEE7F0E},7: 1
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},0: {00000000-0000-0000-0000-000000000000}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},4: IDT Audio Effects
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{dda54a40-1e4c-11d1-a050-405705c10000}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{dda54a40-1e4c-11d1-a050-405705c10000}\#PcBeepTopology\Device Parameters\FX\0\\{D04E05A6-594B-4FB6-A80D-01AF5EED7D1D},9: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\\SymbolicLink: \\?\HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\PcBeepWave
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\Device Parameters\\CLSID: {17CCA71B-ECD7-11D0-B908-00A0C9223196}
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\DeviceClasses\{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\##?#HDAUDIO#FUNC_01&VEN_111D&DEV_76B2&SUBSYS_103C30F7&REV_1003#4&2CA905B1&0&0001#{eb115ffc-10c8-4964-831d-6dcb02e6f23f}\#PcBeepWave\Device Parameters\\FriendlyName: PcBeep
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\MediaCategories\{88C02F6A-D1E7-4fe3-A506-9E0AE51D7820}\\Name: PC Beep
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\MediaCategories\{981DFEA6-27DB-11d3-99FC-00500483AC28}\\Name: Beep Mix
HKEY_LOCAL_MACHINE\System\ControlSet005\Control\Print\\BeepEnabled: 0
HKEY_LOCAL_MACHINE\System\ControlSet005\Services\Beep\\ErrorControl: 1
HKEY_LOCAL_MACHINE\System\ControlSet005\Services\Beep\\Group: Base
HKEY_LOCAL_MACHINE\System\ControlSet005\Services\Beep\\Start: 1
HKEY_LOCAL_MACHINE\System\ControlSet005\Services\Beep\\Tag: 2
HKEY_LOCAL_MACHINE\System\ControlSet005\Services\Beep\\Type: 1

========== Alternate Data Streams ==========

@Alternate Data Stream - 169 bytes -> C:\ProgramData\Temp:07BF512B
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:EA031481

< End of report >
  • 0

#57
RKinner
Posted 20 June 2011 - 10:34 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Guru says it looks like your audio driver is a bit out of date for win 64 but we can stop the error with OTL:

Copy the text in the code box:

:reg

[-HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Beep]
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Beep]
[-HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Beep]
[-HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Beep]
[-HKEY_LOCAL_MACHINE\System\ControlSet004\Services\Beep]
[-HKEY_LOCAL_MACHINE\System\ControlSet005\Services\Beep]

Run OTl by right click and Run As Administrator and paste the above into the Custom Scans/Fixes box then RUN FIX.

Then clear your events as we did before then reboot and run Vino's Event Viewer as we did before and post your logs.
  • 0

#58
BeckyH
Posted 21 June 2011 - 09:37 AM

BeckyH

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts
dumb question, but how did I clear the events?

Edited by BeckyH, 21 June 2011 - 09:37 AM.

  • 0

#59
RKinner
Posted 21 June 2011 - 10:34 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
Right click on (My) Computer and select Manage (Continue) Then the Event Viewer. Next select Windows Logs. Right click on System and Clear Log, Clear. Repeat for Application. Reboot.

Then run Vino's:
1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Double-click VEW.exe
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.
  • 0

#60
BeckyH
Posted 21 June 2011 - 12:13 PM

BeckyH

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 146 posts
Vino's Event Viewer v01c run on Windows Vista in English
Report run at 21/06/2011 2:10:11 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/06/2011 5:53:42 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 21/06/2011 5:51:18 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 3 user registry handles leaked from \Registry\User\S-1-5-21-2902236165-3934322-1294904898-1000_Classes:
Process 2172 (\Device\HarddiskVolume1\WINDOWS\System32\spoolsv.exe) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\MuiCache
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000_CLASSES\Wow6432Node
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000_CLASSES\Wow6432Node


Log: 'Application' Date/Time: 21/06/2011 5:51:16 PM
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards. DETAIL - 33 user registry handles leaked from \Registry\User\S-1-5-21-2902236165-3934322-1294904898-1000:
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Control Panel\International
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Control Panel\International
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\Shell\MuiCache
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\SystemCertificates\TrustedPeople
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Internet Explorer\Desktop\General
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\SystemCertificates\My
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\SystemCertificates\Disallowed
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{352fbe64-d927-11dd-8590-806e6f6e6963}
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{352fbe64-d927-11dd-8590-806e6f6e6963}
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{352fbe69-d927-11dd-8590-806e6f6e6963}
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{352fbe69-d927-11dd-8590-806e6f6e6963}
Process 4552 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{352fbe65-d927-11dd-8590-806e6f6e6963}
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\CPC\Volume\{352fbe65-d927-11dd-8590-806e6f6e6963}
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\SystemCertificates\CA
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\SystemCertificates\SmartCardRoot
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Policies\Microsoft\SystemCertificates
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Policies\Microsoft\SystemCertificates
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Policies\Microsoft\SystemCertificates
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Policies\Microsoft\SystemCertificates
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\SystemCertificates\Root
Process 5488 (<Unknown>) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\Notepad
Process 3696 (\Device\HarddiskVolume1\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE) has opened key \REGISTRY\USER\S-1-5-21-2902236165-3934322-1294904898-1000\Software\Microsoft\SystemCertificates\trust


Vino's Event Viewer v01c run on Windows Vista in English
Report run at 21/06/2011 2:09:29 PM

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/06/2011 5:53:54 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID {C97FCC79-E628-407D-AE68-A06AD6D8B4D1} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 21/06/2011 5:51:30 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 21/06/2011 5:51:29 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped. Module Path: C:\Windows\System32\bcmihvsrv64.dll
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP