[Macboatmaster]

Laurie.
Pleased the softphone aspect is fixed.

You did well there, replacing all your drivers with those from the Acer site.
I have not given up by any means.
Normally I tell people I am working with when I am going to be offline for more than just the one day, but I had no chance when Sunday arrived and more urgent matters took me away from home for four days or so.


Would you please do this

Please click http://www.trendmicr.../HijackThis.exe to download and install HijackThis.
Create a Startup List

• Open HiJackThis
• Click on the "Config..." button on the bottom right
• Click on the tab "Misc Tools"
• Check off the 2 boxes next to the Box that says "Generate StartupList log"
• Click on the button "Generate StartupList log"
• Copy and past the StartupList from the notepad into your next post

The log will be saved in Notepad. Copy and paste the log in your next reply.

IMPORTANT: Do not fix anything


Then please go back to HiJack and this time, click Main Menu at the bottom, then click Miscellaneous tools which is top right, then click Open uninstall Manager, click Save List.
Copy and paste the list please.

PLEASE copy and paste both as actual open lists, not an attachment which I have to open.

NOTE - I am asking for a HiJack ONLY for the startup items and the list of installed programs.
PLEASE DO NOT attach a general scan result. That is NOT allowed in this forum.

[Advertisements]

I have just examined your PcPitstop results from the other site on which you have been receiving help.
There are a number of issues revealed there, not least of which is your use of the Uniblue Registry cleaner.
My strong advice and indeed the advice we all offer on GeekstoGo is DO NOT USE any of these sort of programs.
They are generally useless and frequently cause far more problems than they solve.
Changes to the registry should only ever be made by an expert who knows exactly what he is doing and through the regedit procedure.
More importantly, they should never bemade until a complete registry backup has been made by using ERUNT for example and never trusted to some sort of automated program which purports to be capable of cleaning and defragmenting the registry automatically.
The bottom line is that the registry NEVER needs cleaning or defragmenting.
At the end of my signature notes you will find
http://miekiemoes.bl...weaking_13.html
If you wish confirmation of what I have said, read the opinion of an expert.


That all said, please send me another Pitstop on this site., so that I may compare what we have NOW with what you had then.
Additionally please stay with me on GeesktoGo and only work with another site if you decide to leave Geeks on this issue.
The choice is of course yours but for your own benefit do not try and follow two advisors suggestions on different sites at the same time.
Please note that I have noticed that the thread on the other site has not been responded to since 30 Aug.
I am not therefore suggesting that you are running two together NOW.

Edited by Macboatmaster, 10 September 2011 - 07:34 AM.

[Macboatmaster]

I have just examined your PcPitstop results from the other site on which you have been receiving help.
There are a number of issues revealed there, not least of which is your use of the Uniblue Registry cleaner.
My strong advice and indeed the advice we all offer on GeekstoGo is DO NOT USE any of these sort of programs.
They are generally useless and frequently cause far more problems than they solve.
Changes to the registry should only ever be made by an expert who knows exactly what he is doing and through the regedit procedure.
More importantly, they should never bemade until a complete registry backup has been made by using ERUNT for example and never trusted to some sort of automated program which purports to be capable of cleaning and defragmenting the registry automatically.
The bottom line is that the registry NEVER needs cleaning or defragmenting.
At the end of my signature notes you will find
http://miekiemoes.bl...weaking_13.html
If you wish confirmation of what I have said, read the opinion of an expert.


That all said, please send me another Pitstop on this site., so that I may compare what we have NOW with what you had then.
Additionally please stay with me on GeesktoGo and only work with another site if you decide to leave Geeks on this issue.
The choice is of course yours but for your own benefit do not try and follow two advisors suggestions on different sites at the same time.
Please note that I have noticed that the thread on the other site has not been responded to since 30 Aug.
I am not therefore suggesting that you are running two together NOW.

Edited by Macboatmaster, 10 September 2011 - 07:34 AM.

[LAFitz]

So there's still hope? Thanks again Mac.

Here are the results of the StartUpList Log followed by the Uninstall Manager Save List as per your instructions. The first is quite long but it's what the process produced. I hope I haven't violated the posting rules....

StartupList report, 9/10/2011, 10:23:51 AM
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Laurie\Desktop\HijackThis.EXE
Detected: Windows XP SP3 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.17099)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Anti-Mal\Emsisoft\a2service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Anti-Mal\Online Armor\OAcat.exe
C:\Program Files\Anti-Mal\Online Armor\oasrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Anti-Mal\Online Armor\OAui.exe
C:\Program Files\Anti-Mal\Online Armor\OAhlp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\DriverMax\devices.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Documents and Settings\Laurie\Application Data\mjusbsp\magicJack.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Firefox\firefox.exe
C:\Program Files\Firefox\plugin-container.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\MS Office\2010\Office10\WINWORD.EXE
C:\Documents and Settings\Laurie\Desktop\HijackThis.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Documents and Settings\Laurie\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Microsoft Office.lnk = C:\Program Files\MS Office\2010\Office10\OSA.EXE

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

@OnlineArmor GUI = "C:\Program Files\Anti-Mal\Online Armor\OAui.exe"
PC Pitstop Optimize Reminder = C:\Program Files\PCPitstop\Optimize3\Reminder-Optimize3.exe
Talk = "C:\Program Files\NCH Software\Talk\talk.exe" -logon
SynTPEnh = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
googletalk = C:\Program Files\Google\Google Talk\googletalk.exe /autostart
AzMixerSel = C:\Program Files\Realtek\Audio\Drivers\AzMixerSel.exe
Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
Persistence = C:\WINDOWS\system32\igfxpers.exe
RTHDCPL = RTHDCPL.EXE
SoundMan = SOUNDMAN.EXE
AlcWzrd = ALCWZRD.EXE
Alcmtr = ALCMTR.EXE

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

msnmsgr = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
EPSON TX220 Series = C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDL.EXE /FU "C:\WINDOWS\TEMP\E_S49.tmp" /EF "HKCU"
X-Lite 4 = "C:\Program Files\X-Lite 4\X-Lite4.exe" -bootload
uTorrent = "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
Uniblue RegistryBooster 2009 = C:\Program Files\RegBooster\RegistryBooster.exe /S
Google Update = "C:\Documents and Settings\Laurie\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
DriverMax_RESTART = "C:\Program Files\DriverMax\devices.exe" -RESTART
DriverMax = "C:\Program Files\DriverMax\devices.exe" -agent
cdloader = "C:\Documents and Settings\Laurie\Application Data\mjusbsp\cdloader2.exe" MAGICJACK

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
*No values found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\WINDOWS\system32\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] *
StubPath = C:\WINDOWS\system32\ieudinit.exe

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP

[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub

[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89820200-ECBD-11cf-8B85-00AA005B4383}] *
StubPath = C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\WINDOWS\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\ssstars.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\WINDOWS\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'

Registry check passed

--------------------------------------------------

Enumerating Browser Helper Objects:

AcroIEHelperStub - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
(no name) - (no file) - {5C255C8A-E604-49b4-9D64-90988571CECB}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - C:\Program Files\Java\jre6\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
JQSIEStartDetectorImpl - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - {E7E6F031-17CE-4C07-BC86-EABFE594F69C}

--------------------------------------------------

Enumerating Task Scheduler jobs:

ConfigExec.job
DataUpload.job
GoogleUpdateTaskUserS-1-5-21-602162358-57989841-299502267-1003Core.job
GoogleUpdateTaskUserS-1-5-21-602162358-57989841-299502267-1003UA.job
talkSevenDays.job
talkShakeIcon.job

--------------------------------------------------

Enumerating Download Program Files:

[PCPitstop Utility]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\PCPitstop.dll
CODEBASE = http://www.pcpitstop...t/PCPitStop.CAB

[MUWebControl Class]
InProcServer32 = C:\WINDOWS\system32\muweb.dll
CODEBASE = http://www.update.mi...b?1313548687687

[Java Plug-in 1.6.0_27]
InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/...indows-i586.cab

[Java Plug-in 1.6.0_27]
InProcServer32 = C:\Program Files\Java\jre6\bin\jp2iexp.dll
CODEBASE = http://java.sun.com/...indows-i586.cab

[Java Plug-in 1.6.0_27]
CODEBASE = http://java.sun.com/...indows-i586.cab

[PCPitstop Exam]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\pcpitstop2.dll
CODEBASE = http://utilities.pcp.../pcpitstop2.dll

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\mswsock.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\rsvpsp.dll
Protocol #5: C:\WINDOWS\system32\rsvpsp.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll
Protocol #11: C:\WINDOWS\system32\mswsock.dll
Protocol #12: C:\WINDOWS\system32\mswsock.dll
Protocol #13: C:\WINDOWS\system32\mswsock.dll
Protocol #14: C:\WINDOWS\system32\mswsock.dll
Protocol #15: C:\WINDOWS\system32\mswsock.dll
Protocol #16: C:\WINDOWS\system32\mswsock.dll
Protocol #17: C:\WINDOWS\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

a2acc: \??\C:\PROGRAM FILES\ANTI-MAL\EMSISOFT\a2accx86.sys (manual start)
Emsisoft Anti-Malware 5.1 - Service: "C:\Program Files\Anti-Mal\Emsisoft\a2service.exe" (autostart)
a2injectiondriver: \??\C:\Program Files\Anti-Mal\Emsisoft\a2dix86.sys (system)
a-squared Malware-IDS utility driver: \??\C:\Program Files\Anti-Mal\Emsisoft\a2util32.sys (system)
Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
Microsoft Embedded Controller Driver: system32\DRIVERS\ACPIEC.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
Ambfilt: system32\drivers\Ambfilt.sys (manual start)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Atheros AR5008 Wireless Network Adapter Service: system32\DRIVERS\athw.sys (manual start)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (manual start)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
Standard IDE/ESDI Hard Disk Controller: system32\DRIVERS\atapi.sys (system)
ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start)
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Audio Stub Driver: system32\DRIVERS\audstub.sys (manual start)
Belarc SMBios Access: \SystemRoot\System32\Drivers\BANTExt.sys (system)
Background Intelligent Transfer Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Intel® WiMAX Link Enumerator: system32\DRIVERS\bpenum.sys (manual start)
Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Closed Caption Decoder: system32\DRIVERS\CCDECODE.sys (manual start)
CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
.NET Runtime Optimization Service v2.0.50727_X86: C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Microsoft .NET Framework NGEN v4.0.30319_X86: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (autostart)
Microsoft AC Adapter Driver: system32\DRIVERS\CmBatt.sys (manual start)
Microsoft Composite Battery Driver: system32\DRIVERS\compbatt.sys (system)
COM+ System Application: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (autostart)
cpudrv: \??\C:\Program Files\SystemRequirementsLab\cpudrv.sys (manual start)
Creative Service for CDROM Access: C:\WINDOWS\system32\CTsvcCDA.exe (disabled)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Disk Driver: system32\DRIVERS\disk.sys (system)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Wired AutoConfig: %SystemRoot%\System32\svchost.exe -k dot3svc (manual start)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
Kernel Services for DSF: system32\DRIVERS\dsfksvcs.sys (system)
root enumerated bus driver: system32\DRIVERS\dsfroot.sys (system)
SmartCard Reader ABN AMRO e.dentifier2: system32\DRIVERS\aabed2.sys (manual start)
Extensible Authentication Protocol Service: %SystemRoot%\System32\svchost.exe -k eapsvcs (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM+ Event System: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
FltMgr: system32\DRIVERS\fltMgr.sys (system)
Windows Presentation Foundation Font Cache 3.0.0.0: C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (manual start)
Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system)
Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start)
Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
HID Input Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start)
Health Key and Certificate Management Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
DSF ACPI Redirection Module: SYSTEM32\DRIVERS\HRMACPI.SYS (manual start)
DSF General Configuration Space Redirection Module: SYSTEM32\DRIVERS\HRMCFGSPC.SYS (manual start)
DSF Interrupt Redirection Module: SYSTEM32\DRIVERS\HRMINTS.SYS (manual start)
DSF IO Port Redirection Module: SYSTEM32\DRIVERS\HRMPORTS.SYS (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (system)
ialm: system32\DRIVERS\igxpmp32.sys (manual start)
Windows CardSpace: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
IIS Admin: C:\WINDOWS\system32\inetsrv\inetinfo.exe (autostart)
CD-Burning Filter Driver: system32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: C:\WINDOWS\system32\imapi.exe (manual start)
Service for Realtek HD Audio (WDM): system32\drivers\RtkHDAud.sys (manual start)
Intel Processor Driver: system32\DRIVERS\intelppm.sys (system)
IPv6 Windows Firewall Driver: system32\DRIVERS\Ip6Fw.sys (manual start)
IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
IPSEC driver: system32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system)
Java Quick Starter: "C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf" (autostart)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system)
Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
Kensington MouseWorks Mouse filter driver: system32\DRIVERS\KMW_SYS.sys (manual start)
NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller: system32\DRIVERS\l1c51x86.sys (manual start)
Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Microsoft Automated Troubleshooting Service: "C:\Program Files\Microsoft Fix it Center\Matsvc.exe" (manual start)
Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Monfilt: system32\drivers\Monfilt.sys (manual start)
Mouse Class Driver: system32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start)
WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
NABTS/FEC VBI Codec: system32\DRIVERS\NABTSFEC.sys (manual start)
Network Access Protection Agent: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft TV/Video Connection: system32\DRIVERS\NdisIP.sys (manual start)
Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
NetBios over Tcpip: system32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (manual start)
Net Logon: %SystemRoot%\system32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Net.Tcp Port Sharing Service: "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" (manual start)
Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
NMSAccess: C:\Program Files\CDBurnerXP\NMSAccessU.exe (autostart)
NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start)
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
Online Armor Helper Service: "C:\Program Files\Anti-Mal\Online Armor\OAcat.exe" (autostart)
OADriver: \??\C:\WINDOWS\system32\drivers\OADriver.sys (system)
Online Armor helper driver: \??\C:\WINDOWS\system32\drivers\oahlp32.sys (system)
OAmon: \??\C:\WINDOWS\system32\drivers\OAmon.sys (system)
OAnet: \??\C:\WINDOWS\system32\drivers\OAnet.sys (system)
Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (autostart)
PCI Bus Driver: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
PCPitstop Scheduling: C:\Program Files\PCPitstop\PCPitstopScheduleService.exe (manual start)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
Paramount Software Snapshot Filter: system32\DRIVERS\pssnap.sys (system)
Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start)
Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Remote Access PPPOE Driver: system32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system)
Macrium Reflect Image Mounting Service: "C:\Program Files\BU-Macrium\ReflectService.exe" (manual start)
Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (disabled)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: system32\DRIVERS\secdrv.sys (autostart)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
BDA Slip De-Framer: system32\DRIVERS\SLIP.sys (manual start)
Simple Mail Transfer Protocol (SMTP): C:\WINDOWS\system32\inetsrv\inetinfo.exe (autostart)
USB HID Layer: SYSTEM32\DRIVERS\SOFTHIDUSBK.SYS (manual start)
Generic USB device: SYSTEM32\DRIVERS\SOFTUSBK.SYS (manual start)
Generic USB Test Hub: SYSTEM32\DRIVERS\SOFTUSBTESTHUB.SYS (manual start)
Wireless adapter devices: SYSTEM32\DRIVERS\SOFTWADP.SYS (manual start)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Filter Driver: system32\DRIVERS\sr.sys (system)
System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Srv: system32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
BDA IPSink: system32\DRIVERS\StreamIP.sys (manual start)
Online Armor: C:\Program Files\Anti-Mal\Online Armor\oasrv.exe (autostart)
Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{EBF2665C-4D8D-4EE8-AA13-81F4E8191299} (manual start)
Synaptics TouchPad Driver: system32\DRIVERS\SynTP.sys (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start)
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Anchorfree HSS Adapter: system32\DRIVERS\taphss.sys (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Microcode Update Driver: system32\DRIVERS\update.sys (manual start)
Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
USB Audio Driver (WDM): system32\drivers\usbaudio.sys (manual start)
Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
Microsoft USB Standard Hub Driver: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
USB Scanner Driver: system32\DRIVERS\usbscan.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
USB Video Device (WDM): System32\Drivers\usbvideo.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
World Wide Web Publishing: %SystemRoot%\system32\inetsrv\inetinfo.exe (autostart)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
WD SCSI Pass Thru driver: system32\DRIVERS\wdcsam.sys (manual start)
Wdf01000: system32\DRIVERS\Wdf01000.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start)
WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Microsoft Windows Management Interface for ACPI: system32\DRIVERS\wmiacpi.sys (system)
WMI Performance Adapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
Windows Presentation Foundation Font Cache 4.0.0.0: C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (manual start)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Generic wireless USB device: SYSTEM32\DRIVERS\WSOFTUSBK.SYS (manual start)
World Standard Teletext Codec: system32\DRIVERS\WSTCODEC.SYS (manual start)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 38,152 bytes



µTorrent
ABN AMRO e.dentifier2 software
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.1.0)
Adobe Shockwave Player 11.6
Android SDK Tools
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
Belarc Advisor 8.2
Broadcom Driver v5.10.79.14_Foxconn Installation Program
CCleaner
CDBurnerXP
Creative MediaSource 5
Debugging Tools for Windows (x86)
Device Simulation Framework 1.0.1
Driver Sweeper version 3.1.0
DriverMax 5
Emsisoft Anti-Malware 5.1
EPSON Scan
EPSON TX220 Series Printer Uninstall
Google Talk (remove only)
Google Talk Plugin
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB961118)
Intel® Graphics Media Accelerator Driver
Java DB 10.6.2.1
Java™ 6 Update 27
Java™ SE Development Kit 6 Update 27
Junk Mail filter update
Macrium Reflect - Free Edition
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Automated Troubleshooting Services Shim
Microsoft Fix it Center
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft National Language Support Downlevel APIs
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Office XP Professional with FrontPage
Microsoft Silverlight
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Microsoft Windows Driver Kit 7.1.0.7600
MozBackup 1.5.1
Mozilla Firefox (3.6.22)
MSVCRT
MyPCDrivers 4.1
Online Armor 5.0
PC Pitstop Optimize3 3.0
readme
Realtek High Definition Audio Driver
Revo Uninstaller 1.92
ScreenShot V1.1.0.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Windows Internet Explorer 7 (KB2544521)
Security Update for Windows Internet Explorer 7 (KB2559049)
Security Update for Windows Internet Explorer 7 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2124261)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2290570)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2559049)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953155)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB970483)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB976323)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Segoe UI
SES Driver
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Tweak UI
Uniblue RegistryBooster 2009
Uniblue RegistryBooster 2009
Unlocker 1.9.1
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB961503)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
VLC media player 1.1.11
wdtfbinaries_ia64fre
wdtfbinaries_x64fre
wdtfbinaries_x86fre
Windows Internet Explorer 7
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Live Upload Tool
Windows PowerShell™ 1.0
WinRAR 4.01 (32-bit)
X-Lite 4


Report generated in 0.859 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only

[Macboatmaster]

One of the issues revealed on Pitstop is your abnormally slow disk speed. In simple terms the speed at which it can read data from files.
Please check that DMA mode is enabled.
To enable DMA mode using the Device Manager

• Open Device Manager.
• Double-click IDE ATA/ATAPI Controllers to display the list of controllers and channels.
• Right-click the icon for the channel to which the device is connected, select Properties, and then click the Advanced Settings tab.
• In the Current Transfer Mode drop-down box, select DMA if Available if the current setting is "PIO Only."
  If the drop-down box already shows "DMA if Available" but the current transfer mode is PIO, then the user must toggle the settings. That is:
• Change the selection from "DMA if available" to PIO only, and click OK.
• Then repeat the steps above to change the selection to DMA if Available.

Then please in Device Manager open the entry for diskdrives and then the entry for your hard disk on the Policies tab, check that write-caching is enabled.
There should be a check mark in that box.
If not click to check and click OK.
The of couse exit Device Manager and the ystem Properties with Apply and Ok as required.
Reboot and try again please.

[LAFitz]

Try as I might, I am unable to enable DMA. Again, I followed your directions precisely but after rebooting, a check of the settings for the "Primary IDE Channel" shows current transfer mode as PIO which is grayed out. There are also two other items under IDE ATA/ATAPI Controllers: "Secondary IDE Channel" and "Standard Duel Channel PCI IDE Controller" - but the former shows "DMA if Available" but Current Tranfer Mode as "Not Applicable" and the latter doesn't have Advanced Settings. I vaguely remember trying to toggle to DMA before but was similarly unable to do so. Could it be possible that my machine doesn't have DMA installed?

Laurie

[Macboatmaster]

I have had a look at the full specifications for the Aspire One AD250 and it should certainly be on DMA Mode.
Concern yourself please with the Primary Ide channel

Please go back and on the Primary Ide channel advanced settings which shows CURRENT transfer mode PIO, above that is Transfer Mode, and the clicking the arrow to the right of that entry - what is shown then please and can that be changed to DMA if available.
A screenshot may help me.
with that window open press Print Screen key.
Then Start, programs, accessories, Paint and on the edit tab click paste.
The image will appear on paint.
Click the File tab and save as.
It will as always in Paint default to Bitmap. That is too large to attach please save as JPEG.
On your reply post, click Use full editor and click to attach files and proceed from there.

Windows will in certain cirumstances and after so many errors are encountered reset to PIO.
It is then sometimes necessary to approach in a different manner.
HOWEVER going back to the Primary IDE channel, please click the driver tab and select update driver.
On this one you may safely allow Windows to handle the matter automatically.

Now go as on my previous please and examine the hard disk settings.

Also could you please send as per my post re the Uniblue and Pitstop.You may have missed this one as it was between you sending HiJack and this isssue.

NB May I just stress this again please.
If the drop-down box already shows "DMA if Available" but the current transfer mode is PIO, then the user must toggle the settings. That is:

• Change the selection from "DMA if available" to PIO only, and click OK.
• Then repeat the steps above to change the selection to DMA if Available.

Edited by Macboatmaster, 10 September 2011 - 10:47 AM.

[LAFitz]

Re: NB May I just stress this again please. If the drop-down box already shows "DMA if Available" but the current transfer mode is PIO, then the user must toggle the settings. That is:

* Change the selection from "DMA if available" to PIO only, and click OK.
* Then repeat the steps above to change the selection to DMA if Available.

Done twice with the same result! Attached please find 4 images of the Primary Channel: IDE-1 = as I first found them; IDE 2 = after toggle to PIO only; IDE 3 = after toggle back to DMA if available; and IDE 4 = after reboot. By the way, I did check disk caching before closing Device Manager however, I was not presented with the "Apply" option when finishing this operation as you expected (...of couse exit Device Manager and the system Properties with Apply and Ok as required).

Further I can't find your post: "...re the Uniblue and Pitstop.You may have missed this one as it was between you sending HiJack and this issue" so I'm not sure what you're asking for. Please resend and I will do it tomorrow first thing as I'm getting ready to leave right now.

[Macboatmaster]

No images attached.
Have you proceeded please to

Windows will in certain cirumstances and after so many errors are encountered reset to PIO.
It is then sometimes necessary to approach in a different manner.
HOWEVER going back to the Primary IDE channel, please click the driver tab and select update driver.
On this one you may safely allow Windows to handle the matter automatically.

If you have, I have just been consulting with a colleague and he has provided a link to an excellent article on DMA mode problems.
Please do not be concerned that it deals primarily with the optical drive you will see that it also addresses the hard drive aspect.
Would you please work your way through this when you return.

http://forum.digital...sary-61905.html

It is an excellent article with detailed images.
This was going to be my next step, but the article is far more explanative than I could have made my post.

I will add the post number of the one you missed shortly. - now as below.

Post 17 refers and finally I am still examining your HiJack. Thanks for being so great to work with.

Edited by Macboatmaster, 10 September 2011 - 12:44 PM.

[LAFitz]

Sorry 'bout that. I only realized I forgot the attachment after locking the door on my way out...so here they are. More tomorrow...

Laurie

Attached Thumbnails

• 
• 
• 
• 

[LAFitz]

RE: Post #17

> Uniblue: I did not know that. The Registry Booster has been summarily removed from my machine never to be used again!

> What the tech: I started with them but became irritated when I started receiving inane suggestions such as "Have you tried using a headset?" from people who appeared not to have read my or anybody else's posts. But then I found you and GeekstoGo...and I'm one happy camper!

> PCPitstop: I'll send results in next post.

[LAFitz]

RE: PC Pitstop --> Can you remind me how to produce a log of the Optimize scan? I'm able to run it and produce an online results report but can see no way to save it in a text doc that I can send to you.

RE: Guide to DMA at http://forum.digital...ary-61905.html. I'm flummoxed! I have followed your colleague's illustrated instructions to the letter including uninstalling Primary Channel and then rebooting twice...but am still unable to change Current Transfer Mode to DMA. PIO stubbornly remains. So what do I do now?

I must admit, I'm ready to throw this [bleep] thing out the window especially because I have a month long business trip coming up on Wednesday and won't have any time after then to spend on it. On the other hand, I desperately need it for my work.

Laurie

[Macboatmaster]

RE: PC Pitstop --> Can you remind me how to produce a log of the Optimize scan? I'm able to run it and produce an online results report but can see no way to save it in a text doc that I can send to you.

Please do NOT use the Optimize from PC Pitstop.
Please use this, it is the Overdrive.
Here is the procedure.
2. Run this please. Send me the url, that is the web address of the results page.
When you are on the results simply copy and paste the address bar.

I want you to run the overdrive test. Please do not download the suggested drivers from the results.
I merely want to see what it says.
Please Run the PCPitstop.com OverDrive Full Tests

Here's how:

You must use your Internet Explorer for this procedure. (doesn't work so well in Firefox or others). If your machine is running Vista or Windows 7, you must Select IE to "Run as Administrator". After completing PCPitstop OverDrive you can close your IE browser and re-open it Normally so that you are no longer running as administrator.

Go to: http://www.pcpitstop.com
Click on "Free Computer Check-up" listed below PC Pitstop OverDrive which is the top left of the eight small boxes - NOT the optimize scan to the right of the screen.. We DO NOT at GeekstoGo recommend the optimize. The Overdrive scan makes NO changes to your computer.
RUN the test ANON
That is at the end of the page that opens - when you click the Overdrive test
If you do not wish to create a free user account, you can still run overdrive anonymously

The Full Tests take about 2 1/2 - 3 minutes on most machines.
When complete, a Results - Summary - Recommended Fixes will be displayed.

Please post the URL internet address, from your Results, back here into this Topic Thread so that we can review the configuration and present performance levels of your machine.

Note: During the graphics 2D and graphics 3D testing, your screen will display some rapidly moving objects.
If you are sensitive to visual flashing, it may cause dizziness. Therefore, look away from the screen during that portion of the testing.

After reviewing the results we will be more informed and may be able to provide better recommendations for you to work towards improving your machine's performance.

While PCPitstop does offer a variety of Paid Products, the PCPitstop OverDrive testing is FREE. Please ignore the references to Paid Products. We prefer to provide manual solution instructions that you can apply directly to your machine.

Edited by Macboatmaster, 11 September 2011 - 11:27 AM.

[Macboatmaster]

Re the DMA mode.
Restart the computer and immediately after the post screen keep tapping F2 key.
This should get you into the BIOS setup.
There you will find on one of the screens, the headings for the screen will very likely be across the top bar a scren providing reference to the Hard drive.
You click on that entry and there , you may be able to change a setting to enable DMA.

If you can, please do so and then to save that setting it is normally F10 to save and exit.

PLEASE do not make any other changes, unless you are sure of the consequences.
If I can find the actual BIOS screen you will need I will post the image.

[LAFitz]

Here it is Mac. My fingers are crossed!

http://www.pcpitstop...?conid=24532659

Laurie

[Macboatmaster]

I do not know if you intentionally selected these items, but you have them installed and only just in the last couple of hours.
You do not want them and in the case of the Anti-virus and spyware, you have by installing them placed your security at risk.
You should NEVER run more than one anti-virus.
They will very likely conflict, they will slow your system down and may indeed result in less protection, not more.
PC Pitstop Exterminate2 2.0
(2.0.0.1) PC Pitstop LLC 9/11/11 PC Pitstop Exterminate2 2.0
(2.0.0.1) PC Pitstop LLC 9/11/11 PC Pitstop Driver Alert2 2.0.0.0
(2.0.0.0) PC Pitstop LLC 9/11/11
PC Pitstop DiskMD 3
(3.0.0.2) PC Pitstop 9/11/11
Please uninstall them using Add/Remove programs in Control Panel.

Also please uninstall
PC Pitstop Optimize3 3.0
(3.0.0.42) PC Pitstop 8/30/11

and
Driver Sweeper version 3.1.0
(3.1.0) Phyxion.net 8/28/11

Belarc Advisor 8.2
(8.2.4.0) Belarc Inc. 8/27/11

I notice that you have Macrium Reflect installed, this is used to create backups using compressed data.
There is nothing wrong with the program at all, would you please however confirm that the audio files you are playing with the stange muffled sounds are NOT also compressed files and that you have NOT compressed the hard drive.
That is on Start and open My Computer, right click the hard drive and click Properties. On the General tab, there is a facility to - compress data - please assure me that you have not done so. I do not think you have from what I am seeing but would appreciate the reassurance.

You also have this installed
Unlocker 1.9.1
(1.9.1) Cedrick Collomb 8/17/11The program can cause problems, as it will allow you to delete items essential for windows operation, when that delete would normally be blocked by XP. Be very careful in its use.

You also have this
MyPCDrivers 4.1 MyPCDrivers 8/17/11These sort of programs can frequently offer the wrong driver. Drivers should only ever be obtained from the computer manufacturers site - Acer or the site of the item being updated if for instance you had a usb wirless adaptor etc.
It is alright to use the scan as a way of checking what they think, but never accept their offering.



You already have Emisoft Anti-virus and also Online Armor Firewall.so that is why you must uninstall that PC Pitstop anti-virus etc.

My nest post deals with the actual issue of the Sound.

Edited by Macboatmaster, 11 September 2011 - 05:55 PM.